Fall Creators Update 1709 issues

Discussion in 'Windows 10' started by WillAdams, Oct 21, 2017.

  1. thatcomicsguy

    thatcomicsguy Scribbler - Standard Member Senior Member

    Messages:
    2,838
    Likes Received:
    1,873
    Trophy Points:
    181
    After bricking my system trying to prevent Windows Update from running, I reverted to a clone I made a while back of the largely unmolested factory fresh HD which originally came with my Samsung Notebook 9 Pro.

    Interestingly, on this old version, Windows Update and the associated 'wuauserv' service don't appear to be able to pull themselves out of the Disabled state I put them in. So there's no invisible downloading here.

    On the version I messed up, I had installed a couple of security updates MS had frightened me into downloading; I strongly suspect those had something to do with overriding the user's ability to prevent MS from violating my computer. The OS version I got with my Samsung was, literally, the last version before turning into the kind you don't really own, but just sort of let MS run on your hardware and do whatever they like with, minus any sort of permission.

    I mean.., if some future update decides on a whim to load itself into your computer and only allow the viewing of inspirational social Marxist videos -or which shunts off all your emails and documents to the State for 'assessment', what are you going to be able to do about it?

    Exactly. MS crossed a line and barely anybody seems to have noticed. (Apple users were there years ago, of course, but what else would you expect from the creepy pod people?)

    So it looks like I'll be living in a previous version of Windows 10 while the rest of the world moves ahead (to meet and bow before their Robot Overlords).

    Good luck, everybody!

    (FWIW, before I rolled back, I think I'd figured out how to prevent updates. -I believe you can use the permissions and ownership feature to specifically tell svchost.exe to ignore commands/requests when they come from wuauserv. I was going to try that next, but like I said, the problem seems to have gone away.)

    If anybody wants to give it a try:

    1. Find Windows/System32/svchost.exe
    2. Right click on svchost.exe.
    3. Select "Properties"
    4. Select the "Security" tab
    5. At the bottom where it says, "For special permissions or advanced settings, click Advanced." Do that.
    6. Click, "Change" (after the "Owner: __________" line)
    7. Wait for a while. The computer is crunching.
    8. A box comes up which with the title, "Select User or Group" In the text area, type, "Administrators". Hit OK.

    You now have ownership of the file. You are now powerful.

    Be careful what you do with this power; I foolishly turned off the ability for any software to execute svchost.exe, and that locked up my computer so that the login screen would no longer load. (The front page login, along with a ton of other services, requires svchost.exe). So don't do that. If you don't have a clone of your original HD like I did, you've just turned your computer into a paperweight.

    But I think you can add a line explicitly telling svchost.exe to ignore requests from just wuausery, (the update service process name).

    If anybody gives it a try, post here and let me know if it works.
     
    Last edited: Mar 11, 2018
  2. Marty

    Marty Scribbler - Standard Member Senior Member

    Messages:
    2,468
    Likes Received:
    1,798
    Trophy Points:
    181
    It's a huge risk not to install the Meltdown and Spectre patches. Many proof-of-concept attack algorithms are widely publicized and MS is continually releasing new security patches to close up those vulnerabilities.

    Again, the goal is to selectively block updates you don't want, not disabling updates entirely. That is why I recommend the wushowhide tool (for now at least).
     
  3. thatcomicsguy

    thatcomicsguy Scribbler - Standard Member Senior Member

    Messages:
    2,838
    Likes Received:
    1,873
    Trophy Points:
    181
    I'm not buying into the fear.

    Why? Easy:

    From all reports, the only way to exploit Specter and Meltdown is for the attacker to get into your system and execute a program which they wrote.

    How is that at all different from any regular virus?

    The only new thing here is the specific method of exploit once they've gotten in. To put it bluntly, the patches everybody is scrambling to install only protect you after your condom has broken.

    So the first line of defense remains the same. Don't get infected.

    The biggest and most immediate vulnerability I can see comes with your browser (via Javascript). Updating your browser can prevent Javascript attacks. Okay. Done. That was easy.

    So.., as per usual, the popular big-media hysteria is overblown as far as it concerns me and my personal computing practices. I've been nailed by virus attacks before, and probably will again. They might use Specter/Meltdown, or any one of the hundreds of other clever methods to screw me over. It doesn't matter. Once they're in, who cares what kind devious code they decide to ruin my day with? It still boils down to me having to re-build my OS and system and change all my passwords.

    So the solution just comes down to vigilance and not installing crapware.
     
  4. Marty

    Marty Scribbler - Standard Member Senior Member

    Messages:
    2,468
    Likes Received:
    1,798
    Trophy Points:
    181
    Naturally, I can't tell you how run your own computer, but I can tell you that Meltdown and Spectre are most certainly very different than regular viruses.

    Most importantly, they exploit hardware (low level memory) rather than software vulnerabilities. That means, unlike a virus, it can theoretically bypass every OS-level security check (ring 3 all the way to ring 0).

    Since you can't stop your processor from speculative execution, there can never be a bullet-proof software patch, only continual security updates as more attack algorithms are found.

    Relying just on having the latest browser is an extremely risky strategy, because you're betting everything that the Chrome devs will always stay one step ahead of any vulnerability discovered.

    Ideally, you want your most solid defenses as close to the hardware as possible: so chip microcode outweighs > OS patches outweighs > browser updates. All should eventually be applied.

    This is not scaremongering.

    It's literally game over if any hacker gains kernel-level access to your system. At that point, every program and every bit of data could be compromised without your knowledge. Everybody should take utmost precaution.
     
    Last edited: Mar 11, 2018
  5. Kumabjorn

    Kumabjorn ***** is back Senior Member

    Messages:
    3,858
    Likes Received:
    1,875
    Trophy Points:
    231
    Hey, Plan B works fine. It's bloody and messy and painful. Just like cleaning up after a virus attack.
     
  6. thatcomicsguy

    thatcomicsguy Scribbler - Standard Member Senior Member

    Messages:
    2,838
    Likes Received:
    1,873
    Trophy Points:
    181
    "It's literally game over if any hacker gains kernel-level access to your system."

    And that's different.., how, from any other time a hacker gains kernel-level access to my system?

    Get a hold of yourself, Hicks.

    Did you even read my post?
     
  7. Marty

    Marty Scribbler - Standard Member Senior Member

    Messages:
    2,468
    Likes Received:
    1,798
    Trophy Points:
    181
    It's different because it can gain kernel-level access without going through the OS security model—that's very different than a normal virus and far more dangerous.

    You don't have to believe me, but there's no need to get snarky.

    If you're going to persist without security updates, please check your system often using regularly-updated InSpectre tool.
     
  8. thatcomicsguy

    thatcomicsguy Scribbler - Standard Member Senior Member

    Messages:
    2,838
    Likes Received:
    1,873
    Trophy Points:
    181
    Oh, you know I will, Marty. I mean, think of the children!
     
  9. doobiedoobiedum

    doobiedoobiedum Scribbler - Standard Member

    Messages:
    573
    Likes Received:
    175
    Trophy Points:
    56
    Microsofts determination to kill off Adobe Flash Player support has meant that Flash Professional doesn't work anymore. I have one tablet which I tend to use for drawing in Flash and this was too full to download and install Fall Creator's Update until recently which was when I realised Flash wasn't working properly anymore.
    I also found that any vector drawing application such as Tupi Animation wasn't working properly either.

    I might take this machine back to Windows 7 Professional at some point. I've read elsewhere from people saying their livelihoods were being affected as they use Flash and similar for their living.
     
    thatcomicsguy likes this.
  10. WillAdams

    WillAdams Scribbler - Standard Member Senior Member

    Messages:
    798
    Likes Received:
    315
    Trophy Points:
    76
    stoneseeker, stormi and Marty like this.
Loading...
Similar Threads - Fall Creators Update
  1. Kumabjorn
    Replies:
    5
    Views:
    452

Share This Page