Fog Creek Software
Discussion Board




Windows Update Rant

Grrrr.... How am I supposed to bring a fresh-winxp-install up to date through WindowsUpdate if I can't even survive the download?


the obvious answer is downloading (at least) Service Pack 1 at another pc, burn it to a cd, and then install it on the fresh machine.

man, this took me so much time. Am I missing something? it really feels like a race between me and 'the virusses'. Who gets there faster wins: WindowsUpdate or <insert random virus name>?

Guyon Morée
Monday, June 28, 2004

"How am I supposed to bring a fresh-winxp-install up to date through WindowsUpdate if I can't even survive the download?"

Exactly.  A boatload of smart people (55,000) haven't figured this out yet.

Thanks Microsoft
Monday, June 28, 2004

The best way around it is to install a very restrictive software firewall before you do the update. It should pretty much do the following:

* Act like a decent application firewall: stop anyone except normal services and windows update from making a call.

* Block any incoming traffic except SSH/SCP/Terminal Services

overweightnerd
Monday, June 28, 2004

I don't understand this problem.  Are your machines really hit that fast by viruses?  I have never, ever experienced this issue.

muppet from madebymonkeys.net
Monday, June 28, 2004

Notes on previous post:

*In the case of Terminal Services, don't run one yet.

* To make a software firewall available to you asap, always burn it onto an emergency toolkit cd.

overweightnerd
Monday, June 28, 2004

Download most important updated to HD and burn to a CD-RW disk.

somemorone
Monday, June 28, 2004

Not tried, but I think this should work:
- install while network disconnected
- configure Windows XP's builtin firewall with the most restrictive settings
- download updates (I think you can download them somewhere, so you can run them later)
- disconnect network
- install downloaded updates

Another options is to put the machine behind one of those small hardware routers.

vrt3
Monday, June 28, 2004

Buy a router.

Linksys Evangelist
Monday, June 28, 2004

This is the third imperative to buy a damned firewall, or at least a hardware router with NAT. What are the wired ones - $40 or less in some case?

I second, third, etc the comments that I've never-ever-ever had problems with machines being compromised while installing patches.

Bored Bystander
Monday, June 28, 2004

I always install like so:

1. Format HD
2. install XP without installing modem
3. manually install modem and enable XP firewall
4. install SP1 from CD
5. install IE 6.0 SP1
6. install all updates from update CD
(i.e. download the updates and burn them to a CD then copy them to WUTemp directory and run Windows update)
7. done.


Monday, June 28, 2004

>> I don't understand this problem.  Are your machines really hit that fast by viruses?

Yes, if your "subnet" is already infested, it takes minutes. See my own story:

http://discuss.fogcreek.com/joelonsoftware/default.asp?cmd=show&ixPost=88385

After I reinstalled and had the firewall set up first, it reported port scans within minutes.

Alex
Monday, June 28, 2004

Once the vuruses/trojans are  inside your network you can be infested in a manner of seconds.

Stephen Jones
Monday, June 28, 2004

Well, I guess it was just bad-luck I guess that I got hit that many times while updating. Really, it forced me to reboot while still in the middle of downloading an update/sp.

Guyon Morée
Monday, June 28, 2004



I keep an eye on my hardware firewall logs...

It's amazing to not that I *STILL* see Code Red, Nimda, numerous Netsky's, Beagle's, etc.

There are boxes that have compromised for *YEARS* and still no one is fixing them.  It's sickening.

KC
Monday, June 28, 2004

Buy one of those computer magazines with the CDs on the front. They normally include Windows XP SP1 and an updated IE 6.

Matthew Lock
Monday, June 28, 2004

THis is not a bad download, has everything you will need in one package, I keep the latest handy on a CD.

http://www.neowin.net/forum/index.php?showforum=89

Mad Bill
Tuesday, June 29, 2004

*  Recent Topics

*  Fog Creek Home