John
asked on
Windows Updates
Today has brought out all the people who turned off Windows Updates.
1. What on earth were you thinking? Dumb idea in the extreme.
2. Why do you think Microsoft has enforced updates on Windows 10? Rhetorical question.
1. What on earth were you thinking? Dumb idea in the extreme.
2. Why do you think Microsoft has enforced updates on Windows 10? Rhetorical question.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
For other systems, Microsoft provides Windows 10 LTSB version
ASKER
I read about that here:
https://www.howtogeek.com/273824/windows-10-without-the-cruft-windows-10-ltsb-explained/
However, I don't think this obviates the need to do updates (not so far as I could see).
https://www.howtogeek.com/273824/windows-10-without-the-cruft-windows-10-ltsb-explained/
However, I don't think this obviates the need to do updates (not so far as I could see).
ASKER
People are crawling out of the woodwork today thinking something is new.
"I have Server 2003, what do I do?" Have you tried upgrading? "I have a Server 2003, what do I do?"
Sorry Charles Shultz, but your line ALWAYS fits.
"I have Server 2003, what do I do?" Have you tried upgrading? "I have a Server 2003, what do I do?"
Sorry Charles Shultz, but your line ALWAYS fits.
ASKER
It is Monday morning and I am back at clients after a week away at our cottage.
All Clients have Server 2012 R2 with one exception here: one Server 2008 which will be removed in about 6 months. All up to date.
All Clients have Windows 7 Pro or Windows 10 Pro.
All Clients have hosted email with top notch spam filtering.
All Clients have good firewalls, up to date.
This is a planned strategy over time and not happenstance.
Zero ransomware outbreaks.
All Clients have Server 2012 R2 with one exception here: one Server 2008 which will be removed in about 6 months. All up to date.
All Clients have Windows 7 Pro or Windows 10 Pro.
All Clients have hosted email with top notch spam filtering.
All Clients have good firewalls, up to date.
This is a planned strategy over time and not happenstance.
Zero ransomware outbreaks.
Congratulations John. I mean that.
On the flip side to that, I have a client who continues to run SBS2003 as his file server, It sits behind Hardware and Software firewalls that are both configured to lock down ports 445, 137, 138 & 139 from Internet access. Neither IIS or Terminal Services have been enabled on the server since it reached its end of life and further protection is also provided by antivirus and anti malware solutions monitoring 24/7. Incremental backups are automatically uploaded to a Cloud Storage server daily. Just to be on the safe side, I applied Microsoft's patch for the hell of it early this morning as well.
Surprisingly.. or perhaps not.. Zero ransomware outbreaks there too :)
On the flip side to that, I have a client who continues to run SBS2003 as his file server, It sits behind Hardware and Software firewalls that are both configured to lock down ports 445, 137, 138 & 139 from Internet access. Neither IIS or Terminal Services have been enabled on the server since it reached its end of life and further protection is also provided by antivirus and anti malware solutions monitoring 24/7. Incremental backups are automatically uploaded to a Cloud Storage server daily. Just to be on the safe side, I applied Microsoft's patch for the hell of it early this morning as well.
Surprisingly.. or perhaps not.. Zero ransomware outbreaks there too :)
ASKER
And what you say (well said) is that if we have a risky situation, we lock it down. Good news!
ASKER
There are tons more Windows machines than MAC machines. So no surprise Windows got hit (old systems).
But Apple today just issued a ton of updates for mobile and MAC computers. Apple people best upgrade too.
Our iPhones are on IOS 10.3.2 at this point
But Apple today just issued a ton of updates for mobile and MAC computers. Apple people best upgrade too.
Our iPhones are on IOS 10.3.2 at this point
i suspect you were not hit because they were not targeted
my pc's weren't as far as i can tell
my pc's weren't as far as i can tell
ASKER
The attack was more broad brush than targeted. I think really good spam filters played a big part.
ASKER
This has apparently run its course. Thanks for your input.
Thanks for opening the discussion John. Quite the popular topic at the time.
ASKER
Some that were in the "wait a period" camp who considered their reasoning valid <-- No issue with a short wait period.. For most users (90%) turning updates OFF is just silly. Unlike Nobus and myself who have good spam filters and know how to screen mail, the same users who turn updates off are largely the same users who open mail from complete strangers and then BAM! they lose their data.
I disapprove of Microsoft's enforcement of updates in Windows 10 <-- I think, on balance, it is a good policy. If one pays attention updates can be deferred. My ThinkPad is on V1703 and my ThinkCenter is on V1607 latest. I have deferred the V1703 feature update until Symantec fixes Endpoint to work with V1703
updates have been known to cause a lot of problems - and claim to avoid a lot too; so it looks like a choice between pest and cholera
We have had really very few update issues. Not enough to cause me not to do them. I understand this may be sensitive, but all our client computers and servers are all Lenovo. We have had some Backup Exec issues and some Symantec issues but no Window Update issues at this point.
(No, I'm not laughing at them) <-- Nor am I and I am out there trying to help them. But I very much am chiding their actions.,
Thanks again and we shall see what others say.