InformAction Forums

Absolutely, you are correct. I was just putting that suggestion out there for those who would rather not deal with it at all

I don't know when the following first became available, but it eliminates the need to search for appropriate updates that was described in my OP.

MS has a monthly bulletin listing *all* of the Patch Tuesday updates, for all OS and versions. (2000, XP, Vista, 7, Server 03 and 08). The April one was at ,
so I'm going to go out on a limb and guess that the 11 May bulletin will be at Safe bet?

If not, it shouldn't be hard to search MS Support for its monthly title, viz:

Microsoft Security Bulletin Summary for May 2010

for each month.

You just visit this page. locate your OS and version, and it tells you which updates apply -- and which *don't*, which is nice. You can click the MS10-XXX bulletin number to get the tech details, to make sure that they're not foisting another backdoor into FX on you, and/or just click the links below each "severity rating", which will take you to a page where you can download the installer executables directly.

For example, in April, for my system, XP, there was this: (partial only, to save space)
Note that we're told that MS10-25 doesn't apply to XP. Nice.

So, having vetted which of the recommended ones you want, which I used to do anyway even with "automatic update", click the links below them to go to the page and download. I wasn't even prompted for validation despite using Fx. I think that they don't require it for security-related patches any more, on the grounds that we're all better off if even pirated copies are properly patched. But if needed, they'll prompt you to download a copy of the validation tool, GenuineCheck.exe, which will give you a validation code. I keep that on a USB flash drive so that it doesn't clutter up the machine. But it seems to be required only for non-security-related items nowadays.

Download all applicable ones before starting to install, then you can disconnect from the Net, shut off other apps (including firewall and antivirus, usually regarded as "best practice" for installing new sw) and run each of the installers. Some will require a restart. Uncheck the box that says "Restart now", and click Finish. When you've run them all, then you have to restart only once, instead of eight or nine times.

They will create a new Restore Point for you before they install themselves, if you have System Restore enabled. (I don't, in favor of frequent data and full-disk-image backups, but that's another story.)

I find that the whole process is as fast or faster than when I used Automatic Update to "notify, but don't download" updates, and vetted each suggested update. The individual installer exe's seem to download very quickly, extract almost instantly when double-clicked, and install in just a second or two. And you've saved the time of having MS Update scan your machine, which sometimes seemed quite lengthy, with the whole world hitting them on the same day.

IMHO, there is now definitely no reason for even moderately tech-inclined users ever to use Automatic Update, or to allow MS's ActiveX scanning tool inside their machine -- and now, the last remaining reason to use IE itself is gone. Good riddance, as far as this writer is concerned. (IE has been removed from this machine, actually.)

I regret not being able to be here more often, but would be interested in feedback from those who try it for this month's patches on Tuesday, 11 May.

Condensing the content of the above posts:

Every patch Tuesday (second Tuesday of the month, US time) go to

http://technet.microsoft.com/[i]en-us[/i]/security/bulletin/ms11-oct

but substitute the three-letter abbreviation for the current month. (nov, dec, jan, feb, etc.) And when 2012 arrives, change the 11 to 12, etc. Also, change the language part if not en-US. You will have to (temp) allow scripting from at least technet.microsoft.com. Allowing all of microsoft.com isn't necessary, except to have the download start automatically. Otherwise, we'll just click "Start Download" when we get to that point.

Expand "Executive Summaries" and see which ones are of interest. Expand "Affected Software and Download Locations" to ensure you get only those applicable to your platform.

Open in a new tab or window (to save the main page) the ones that affect your system, then under "Affected and Non-Affected Software", click your platform. This will take you to the download location. Download all installers. To save time, run them all before doing any required restart (so you don't have to restart after each individual one).

Done.

PS: If you are bothered by that "Validation" requirement, you can download the "tool" & run it sandboxed. It will still return a valid result (assuming your XP is valid) which you plug in to the web page to allow the download. (And of course, if you had the direct URL to the download, you can bypass "Validation" & the web page itself.)


PPS: MS must have just updated it's WGA again cause they just tried to foist it on me (through Automatic Updates). I graciously declined.

Good points, thanks.