Microsoft Support says Security Patches will not make your PC more secure!

[cutting_edgetech]

I have been unable to connect to Microsoft update server for 3 months now, and when I install the MS rollup updates the OS still reports those updates have not been installed so it's impossible to keep up with what patches have already been installed. I have been having major problems with MS update since Windows 10 was released, but it was not until 3 months ago that I could not connect to MS Update Server at all.

Well, I contact Microsoft Support today after trying every possible fix for the past several months, and I speak with a support agent named Namrata Sarki. I explain to her that I have tried all possible solutions, and I have 8 Windows 7X64 machines that would not update with Windows 7 installed. I also explain to her that I have tried reformatting each machine, and none of them will update after a fresh installation of Windows. She then runs all her remote test, and then informs me that it is a problem with their update server so I will not be able to do anything about it. She proceeds to inform me that I will have to wait for a fix, and that many Windows 7 users have the same problem (which I already knew). She then informs me I should not trouble shoot the PC any further in case I want to call back about the issue in the future even though she already informed me they would have to fix the problem. I then explain to her that I need to use this PC for my College Classes which are all online, and that i'm a Network & Database Security major so all my work is on the computer. She then informs me to use this freshly formatted unpatched computer to do all the things I normally would. I then inform her I don't feel comfortable surfing the internet, etc.. with an unpatched computer, and she informs me that it will not affect the Security of my computer. I inform her that I know it will, and she says that's a common misconception. I then inform her that her claims are false, and that her recommendations are not acceptable to me.

Well, to make a long story short, we kept going around in circles until I convinced her to bump my ticket up to the next level of support, and she says it is going to be expedited. She informed me I should receive a call around 11:00 am tomorrow. I'm still amazed at her claims that not installing Security patches does not affect Security in any way.

I only updated two of the 8 computers I own to Windows 10 because the update process failed on the ones I wanted to upgrade, and I needed at least 1 Windows 7 Computer for school. I gave 1 of the Windows 10 upgraded computers to my parents, and the motherboard went bad on the other. The rest of my Windows 7 computers are not patched since I cannot connect to Microsoft's update server to update them as well. I'm now stuck without a safe, or usable computer since some software requires OS updates.

Has Microsoft's blunt disregard for not fixing Windows 7 update feature caused problems for anyone else on this forum? What do you think about Microsoft Support's claim that Security Patches do not help make one's computer more secure?

 

[hjlbx]

If security updates are not important, then why does Microsoft spend many millions of dollars per year to create fixes and push them ?

It's a monumental task involving thousands of Microsoft employees and an expansive infrastructure - both of which are no trivial expense.

The vast majority of M$ security patches address OS and application vulnerabilities. If those vulnerabilities still exist on a system, then it requires the execution of exploiting code.

If you don't connect outbound and don't download and\or run unknown\untrusted files, then there it is almost a certainty that nothing will happen to your system. But who uses their system like that ?

If you surf the net and use unpatched Internet Explorer or Edge, an exploit (execution of malicious code) might occur when you visit a website. Not to mention Flash - which Windows Update is needed to update. And, further, not to mention other product security updates for Office, Silverlight, Skype, etc.

So, I don't know how the tech could rationally state that security patches are not needed\do not make the system more secure.

Scandalous...

 

[Terry Ganzi]

This is certainly a ploy by Microsoft to get people to move to windows 10. Have you ever heard of the saying ( there is more than one way to skin a cat) will it have been put in to effect for windows 7 users.

 

[Cats-4_Owners-2]

@cutting_edgetech, like you I do not believe support agent Namrata Sarki's claim that failure to update security patches will have no effect upon security. Who are they trying to kid!?
Answer: Us

I agree with hjlbx & Terry Ganzi.

My wife recently purchased a not so new (refurbished) Dell Lap top. It was purchased through a reputable dealer, and included Windows 7 SP 1 OS. For years, actually since mid 2013, the favorite Windows OS in our home was Windows 7. Before updating two of our three systems to Windows 10, 7 SP 1 had always been the most responsive with 2.3 GHz & 4 GB RAM. Furthermore, our new/old re-visitation to Windows 7 on the the old Dell worked well in every way except one. This was whilst attempting to update security patches. Stuck in a constant & never ending loop, updates were never able to download or complete. The lap top's screen brightness, or lack thereof, was my wife's only other complaint; but it was for these (2) reasons the Dell was shipped back, and subsequently approved for a full refund. It may not be mere coincidence Windows 7 is no longer being thoughtfully maintained as it is on it's way out, symbolically paddling out to where XP has headed without the hope of returning (To all those still using XP, please, don't mind my symbolism!) I have heard tell that Windows 8.1 has given similar problems to one friend in particular which, in my mind leaves Windows 10 as the sole option, and only OS choice with a viable and lengthy future.
Hm, I happen to be writing this from linux lubuntu. It feels good to be able to still choose.

 

[DJ Panda]

Either this person doesn't know what they are talking about or MS is getting desperate in upgrading people to W10. I mean you have 8 machines. Thats like $1600 dollars together. Without security updates people would get infected a lot easier as with exploits and such.

 

[cutting_edgetech]

This is certainly a ploy by Microsoft to get people to move to windows 10. Have you ever heard of the saying ( there is more than one way to skin a cat) will it have been put in to effect for windows 7 users.

That's exactly what I have been thinking all along! Microsoft can not convince me that they have been unable to fix this problem which has been ongoing for months, and seems to affect Millions of users.

 

[cutting_edgetech]

@cutting_edgetech, like you I do not believe support agent Namrata Sarki's claim that failure to update security patches will have no effect upon security. Who are they trying to kid!?
Answer: Us

I agree with hjlbx & Terry Ganzi.

My wife recently purchased a not so new (refurbished) Dell Lap top. It was purchased through a reputable dealer, and included Windows 7 SP 1 OS. For years, actually since mid 2013, the favorite Windows OS in our home was Windows 7. Before updating two our of our three systems to Windows 10, 7 SP 1 had always been the most responsive with 2.3 GHz & 4 GB RAM. Furthermore, our new/old re-visitation to Windows 7 on the the old Dell worked well in every way except one. This was whilst attempting to update security patches. Stuck in a constant & never ending loop, updates were never able to download or complete. The lap top's screen brightness, or lack thereof, was my wife's only other complaint; but it was for these (2) reasons the Dell was shipped back, and subsequently approved for a full refund. It may not be mere coincidence Windows 7 is no longer being thoughtfully maintained as it is on it's way out, symbolically paddling out to where XP has headed without the hope of returning (To all those still using XP, please, don't mind my symbolism!) I have heard tell that Windows 8.1 has given similar problems to one friend in particular which, in my mind leaves Windows 10 as the sole option, and only OS choice with a viable and lengthy future.
Hm, I happen to be writing this from linux lubuntu. It feels good to be able to choose.

Many Enterprise, and Educational users still use Windows 7. The College I go to uses Windows 7. I need Windows 7 for my classes for that very reasons.

 

[cutting_edgetech]

If security updates are not important, then why does Microsoft spend many millions of dollars per year to create fixes and push them ?

It's a monumental task involving thousands of Microsoft employees and an expansive infrastructure - both of which are no trivial expense.

The vast majority of M$ security patches address OS and application vulnerabilities. If those vulnerabilities still exist on a system, then it requires the execution of exploiting code.

If you don't connect outbound and don't download and\or run unknown\untrusted files, then there it is almost a certainty that nothing will happen to your system. But who uses their system like that ?

If you surf the net and use unpatched Internet Explorer or Edge, an exploit (execution of malicious code) might occur when you visit a website. Not to mention Flash - which Windows Update is needed to update. And, further, not to mention other product security updates for Office, Silverlight, Skype, etc.

So, I don't know how the tech could rationally state that security patches are not needed\do not make the system more secure.

Scandalous...

I'm amazed that she continued trying to convince me that patches are not important after I informed her I was a Network & Database Security Major.

 

[Logethica]

I know that my answer will probably be in disagreement with the views of the majority,but I agree with what Namrata Sarki of M$ support stated...... M$ security updates do not increase security.
I think that if a lie is told often enough then it will be considered the truth.
IMO way too much emphasis is placed on the security value of M$ patches/updates...
I would suggest that over 99.99% of attacks on home-users PCs will not be related to the vulnerabilities that M$ patches.
These vulnerabilities would be exploited as possible attack vectors at a National/International level rather than Home-level ,and even taking this into account... Does one not think that ATMs,Traffic Light/Security Camera control systems,& Government Departments would have adopted the very latest OS +instant installation of patches as a matter of absolute priority if the security level attained as a result of doing so was that much greater?
If the public are told that these updates/patches MUST be installed as a matter of security then they are far more likely to do so..
It reminds me of when we were told in the UK a few years ago that it was wrong to leave electrical gadgets on "standby" as all of those little red lights were burning valuable electricity..
Yet..when one went out at night one would see countless 200 watts bulbs of traffic systems in constant operation without any traffic to respond to them.If there had been truth in the claim then there would have been a push to convert traffic-light systems into roundabout systems as an energy saving policy.
If the "logic" that we are told applies to the "small picture" does not apply to the "big picture" then it ceases to be "logic" at all!

 

[hjlbx]

<< Deliberately de-ranged avatar just for you @cutting_edgetech

 

[cutting_edgetech]

I know that my answer will probably be in disagreement with the views of the majority,but I agree with what Namrata Sarki of M$ support stated...... M$ security updates do not increase security.
I think that if a lie is told often enough then it will be considered the truth.
IMO way too much emphasis is placed on the security value of M$ patches/updates...
I would suggest that over 99.99% of attacks on home-users PCs will not be related to the vulnerabilities that M$ patches.
These vulnerabilities would be exploited as possible attack vectors at a National/International level rather than Home-level ,and even taking this into account... Does one not think that ATMs,Traffic Light/Security Camera control systems,& Government Departments would have adopted the very latest OS +instant installation of patches as a matter of absolute priority if the security level attained as a result of doing so was that much greater?
If the public are told that these updates/patches MUST be installed as a matter of security then they are far more likely to do so..
It reminds me of when we were told in the UK a few years ago that it was wrong to leave electrical gadgets on "standby" as all of those little red lights were burning valuable electricity..
Yet..when one went out at night one would see countless 200 watts bulbs of traffic systems in constant operation without any traffic to respond to them.If there had been truth in the claim then there would have been a push to convert traffic-light systems into roundabout systems as an energy saving policy.
If the "logic" that we are told applies to the "small picture" does not apply to the "big picture" then it ceases to be "logic" at all!

Even Crypto-Malware uses Exploits to target home users.

 

[cutting_edgetech]

<< Deliberately de-ranged avatar just for you @cutting_edgetech

Thanks! Means a lot. I'm feeling pretty down right now I have too many problems to concentrate on my classes.

 

[hjlbx]

Statistically, the likelihood of experiencing a successful exploit is less than 2 % of all users - all Windows versions.

So, really, it is nothing that should keep anyone up at night.

However, the tech's statement is intrinsically wrong.

 

[cutting_edgetech]

Statistically, the likelihood of experiencing a successful exploit is less than 2 % of all users - all Windows versions.

So, really, it is nothing that should keep anyone up at night.

However, the tech's statement is intrinsically wrong.

I'm not willing to chance it. I have 6 years of research data i'm working with, and many other files i'm not willing to lose. I work with these files often, and edit them during each session. I also use this computer for personal use, and don't want to loose my media files. The data is on external drives, but Crypto-Malware does not care.

 

[cutting_edgetech]

Well, guys I got to get off here. I need a break from computers. It's starting to give me a headache.

 

[Logethica]

We have to take into account a number of "Economic imperatives" here..
Firstly, the cyber security industry is a cash cow. Secondly, without "planned Obsolescence" an Economy will crash.
If one can convince the public that they are in danger,and that the snake oil of a new OS/patch,or spending millions as a nation on security software will prevent that danger, then the wheels of an Economy will keep turning..

It has been discussed many times,and by many members on MT, that social engineering/human exploits play the largest role in cyber-security breaches,yet even knowing this we place emphasis on the lowest % attack vectors such as the exploits that M$ patches...when there are countless sectors vital to security at National level that are 3 Operating systems behind the home-user.

 

[hjlbx]

I'm not willing to chance it. I have 6 years of research data i'm working with, and many other files i'm not willing to lose. I work with these files often, and edit them during each session. I also use this computer for personal use, and don't want to loose my media files. The data is on external drives, but Crypto-Malware does not care.

• Backup your data
• Disconnect your backup drive after backup

That's about all you can do at the moment.

 

[cutting_edgetech]

• Backup your data
• Disconnect your backup drive after backup

That's about all you can do at the moment.

I have a lot of data, and i'm out of space locally. I will have to wait until I can afford another drive. Most of my drives went bad; I made the mistake of getting Seagate drives that all failed after a few months of use.

 

[hjlbx]

I have a lot of data, and i'm out of space locally. I will have to wait until I can afford another drive. Most of my drives went bad; I made the mistake of getting Seagate drives that all failed after a few months of use.

You can get offline updates from a friend...

 

[hjlbx]

Does everyone know that M$ is no longer publishing and pushing customary\traditional updates for W7 and 8.1 -- that there will only be periodic updates forthcoming ?

They announced it a few months ago.