If your computer holds the keys to the nuclear codes, then by all means install this update instantly. Unless, that is, you think you will be targeted by an overseas attacker with a malicious bootloader installer.
This month’s updates are a great example of why my patching advice differs for consumers and businesses.įor consumer patchers, whether using Windows 10 Home or Professional, I’m not convinced that you need to install KB5012170, Microsoft’s security update for Secure Boot DBX (the Secure Boot Forbidden Signature Database). Posted on Augat 02:45 CDT by Susan Bradley
Stay tuned, I’ll have more tips next week in the newsletter.
I recommend that you go to the Microsoft download site (for Windows 10) and the download site for Windows 11 and just save the file on a flash drive, a spare hard drive, or any place you will remember you’ve got it stored, which sometimes is the hardest part.Ĭlick that download now button and save it to a location.
What is an ISO? “The name ISO was taken from the name of the file system used by optical media, which is usually ISO 9660.” It’s the name for the digital download that you can use to install and more importantly for Windows 10, do a repair install of the operating system. Next I always recommend that you download an ISO. Run the tool and ensure you have your machine set to install 21H2 and nothing more than that at this time. There are two tasks for this weekend I’ll want you to do:įirstly use the Incontrol tool to ensure that your feature release is set to be on 21H2. I’ll be going into more detail next week about the steps I want you to take to get your machine ready for 22H2. Posted on Augat 23:40 CDT by Susan Bradley
Now then put your machine on metered network connection and use the tools to block KB5012170.īusinesses: In a network setting, note that even on virtual machines KB5012170 will be offered up.Īs always, thank you all for supporting the cause! Remember a mere $1 donation will give you access and if you donate $50 or more you’ll get a special code to enable text messages sent to your phone each time the Master Patch List gets updated and when I change the MS-DEFCON level. It gets set up via the setup process of a new computer. His laptop was basically ransomwared without the ability to pay the ransom (luckily his son-in-law knows a thing or two about deploying Windows).” Note I have never seen a windows patch turn on bitlocker. This happened to my father-in-law’s laptop and unfortunately the recovery key was not listed in his Microsoft account. This update on some systems triggers the request for a bitlocker recovery key and if you have no bloody clue….as in the case of Mike and his father-in-law “. But in some computer systems the “oobe” out of box set up sequence may turn on bitlocker and you don’t know it did, where the bitlocker recovery key is located or anything ABOUT bitlocker. Note that bitlocker is not bad, in fact my Dad has bitlocker enabled on his computer because he wants to ensure that should someone break into his house and steal his computer his sensitive data won’t be stolen as well.
You can easily turn it off from this interface. If it’s on and YOU don’t know where that recovery key is, click in this window to turn it off. To see if you do, click on start, then on search and type in bitlocker. If you haven’t installed KB5012170, first check to see if you have bitlocker enabled. If you’ve already installed KB5012170, and see no side effects, leave the patch installed and take no action. The second issue has to do with Secure boot patch KB5012170 failing to install. I still think that the patch will be installed, some small percent may see audio issues and then the known issue rollback will kick in, make sure you reboot a day or two after installing updates, and the problem will go away, but I don’t have a system impacted to test my theory. Note that even in the preview updates, this known issue is still being tracked. The Known issue rollback fix is offered up from Microsoft servers, but the code to trigger the known issue rollback (as I understand it) is only in the August and later updates. In a consumer setting, I have yet to figure out how the chicken will fix the egg. In a network setting the known issue rollback will kick in. If you are impacted, uninstall the update and put yourself back on hold. First audio issues in some (not a lot, but some) computers with Windows 10 KB5016616. Two concerning issues are still being tracked. I’ve updated the Master Patch List today for the preview releases as well as clarifying a couple of items.
Posted on Augat 08:00 CDT by Susan Bradley