Become a Patron of Ask Leo! and go ad-free!
Transcript
Brick Risk
Hi everyone, Leo Notenboom for askleo.com.
So, in the last week, in addition to the Spectre and Meltdown problems that we’ve been hearing and talking about, there comes news that some of the updates to specifically mitigate against those problems can brick certain machines.
So what does it mean to brick a machine? Well, that’s fairly straightforward; it basically turns your machine into nothing better than a brick. It’s large, it’s rectangular, it’s heavy; you can stack things on it but it’s not really good for much of anything else.
Once your machine has been bricked, in the case of a PC, you’ll need to, then, boot from something else, be it a new installation media, a recovery disk or something like that, in order to repair or replace the operating system that’s been damaged on the machine.
So obviously, it’s a bad thing. It’s not something you want to have happen by any stretch. And that Microsoft Updates can cause this, yes, it’s a bad thing. That should not happen; it should never happen but it did. My understanding is that it actually affects relatively few machines. Only machines that are based on AMD technology and I’m not even sure it’s all of the AMD CPUs but the bottom line is it can affect some people.
Now, in reading about this in the press, what I keep running across is something that I disagree with and something, it’s the reason I’m talking to you today. The advice that most tech pundits are giving is that you, meaning everyone, should hold off on Windows Updates until this gets resolved.
That’s not something I agree with. My approach is slightly different. If you know me, you can probably guess what it’s based on, but the bottom line is we’ve got an announced vulnerability that we now know how to exploit. The malware is coming; we know that and we’ve got fixes that work for the vast majority of people (I’m not saying everybody but for the vast majority) and the recommendation is that we don’t take those fixes because there are a few machines that might adversely impacted.
I think the priorities are wrong. I think that’s the wrong approach to dealing with this. I honestly believe that it’s a very small number of machines, number of individuals who are impacted by this bricking scenario. Not to minimize what they are going to have to go through, but there’s a better way.
The scenario that I more strongly suggest is this: Back up first. Seriously, take an image backup of your machine prior to installing Windows Updates. If you’re already doing this nightly with a combination of full or incremental or whatever backup scenarios you’re running that result in the equivalent of an image backup taken every night, you actually don’t have to do anything else.
Once you take the image backup, you’re safe. You’ve got a place to go back to should something go wrong. Now, if you take the Windows Update with all of the patches for the Spectre and Meltdown vulnerability and whatever else it happens to include, then either of two things are going to happen: It’s going to work. For most people, yeah, it’s just going to work. Nothings going wrong and as a result, you’re going to be protected from the latest round of vulnerabilities.
For some small percentage of people, you’re going to break your machine, but now, because you’ve got a backup that you took immediately prior to doing the update, you’ve got recourse. After you’ve determined your machine is affected by this, and has been turned into a brick, restore from the backup. All that really means is booting from the rescue or recovery media that your backup software uses, and then using the backup software to restore the image of your machine taken prior to the updates to the machine.
Then, reboot your machine. Your machine will be up and running again and you’ll know, yeah, don’t take those Windows Updates, they hurt when you take them. The right thing for you to do if you’re one of those few people that are impacted by this is to then pay attention to news reports or your computer manufacturer or Windows or Microsoft or whomever to understand when the patches will be safe for you to take and then, well you know what, back up again and take those patches.
The bottom line is holding everyone back from taking updates because a few might be impacted, wrong priority. I think it’s much more important that the vast majority of people take the updates and get themselves protected and then at the same time make sure we’ve got a safety net in place for people who might run into a problem.
Like I said, they aren’t going to be many of them.
So, what do you think? What are you doing about Spectre and Meltdown? This is not the place to complain Microsoft botched update. There’s plenty of that going on. Absolutely, that should not have happened but complaining about it actually doesn’t do anything. It’s not in your control. What they’ve done, they’ve done and it’s up to us now to deal with it and this is why I’m talking about this strategy of backing up and updating as an approach to dealing with it. How are you dealing with it?
Is this the approach you’re using? Are you taking the updates? Are you holding off on the updates and how safe do you feel? Let me know in the comments down below. As always, this video is on a page out at askleo.com. Here’s a link to it. It’s where all the comments are moderated; all the comments are read. We have the most lively discussion there without having any of the trolls. So, until next time, I’m Leo Notenboom for askleo.com. Remember, have fun, stay safe and especially before you take this last round of Windows Updates, don’t forget to back up. Take care.
Chris M
Hi Leo, as always thanks for your wonderful advice. Now, did skip into another universe where we have a choice on “taking updates” in WX, and no, not via wifi. What is this you speak of. If you get an update that bricks you, then reimage, then how do you block that update or choose to stop any or all updates. Thank You in advance, Chris.
Leo
I’ll assume you’re referring to Windows 10. And yes, indeed, delaying Windows Updates isn’t easy, but there are hacks out there. And no, the problem is that I don’t know of a way to block a SINGLE update – all I know to do is to turn off Windows Updates completely, which avoids ALL updates. That’s why I’m so loathe to do this.
JW Smith
I have a slightly different, but related problem. I generally leave my computer running when I leave it for the day. It will be fine for two or three days without problem, but then it will lock up and become somewhat of a brick. Neither the keyboard nor the mouse respond and not even the three fingered salute evokes any response. Not even the on/off button works. The only way to get a response is to unplug the machine, wait a bit and play with the on/off button. At some point, it will restart with no apparent loss of data or other damage.
JW Smith
P.S. I’m running Windows 10 on an Intel machine with all updates current. It’s been happening for several months now.
Mark Jacobs (Team Leo)
I have 3 AMD machines and they all took the updates without a glitch. As for backups. There are many things which can brick a machine including malware, head crashes and more. A recent system image backup is the closest thing to a silver bullet against those.
Professor Ronny
I do the nightly backups. I tried to take the updates on my Intel i7 machine but they do not work. I click to install and the status bar makes it most of the way to the end and then hangs. I left it running all night once and it never finished. Each time I try, I end up having to reboot and Windows thankfully returns to the restore point it created.
Julian Hicks
The AMD processors listed on their web site – https://www.amd.com/en/corporate/speculative-execution – suggest the following AMD CPUs are at risk to boot failures:
Opteron
Athlon
Turion X2 Ultra
But note that Microsoft now [16 Jan] claims to have ‘turned off’ the updates for these chips so yopu should be able to try and update without apparent risk!
Julian
AJ Smith
I use Win 7 & do not have updates installed automatically but choose to be notified of them & do them myself. I use Webroot anti virus & it is one of the few that has not issued the patch yet, however when I checked this month’s Microsoft updates the only one that appeared was the Malicious tool one which I did download, so apparently Microsoft is not giving me the updates until my Webroot issues it’s update/patch. Needless to say, because of this I will not renew Webroot since it is one of only a couple anti virus programs that is lagging in fixing this current problem.
Raymond Kaping
The Windows 10 update on January 6 bricked my desktop. I had to restore it from a backup. I don’t know for sure what caused the event, but the system was not recognizing a USB flash drive when I plugged it in, so I did a restart to see of the computer would get back on track… but it wouldn’t reboot. My systems is running pretty much 24/7. And this is the SECOND time they bricked my desktop in two years and I had to do a reset of my laptop the week before! I get the feeling that those with real skills in both Redmond and Cupertino have retired… It seems I’ve had more issued with Apple product updates as well…
Stephen C
As the owner of a PC with AMD Athlon processors I have become the victim of this mess. I have avoided too much mess by not restarting the machine – simply shutting it down which seems to not install the downloaded update. I did try restarting a couple of times and ended up with the ‘brick’ but fortunately I was able to get the machine restarted using a repair disc which rolled back the update. Unfortunately this also left the update in the directory ready to reinstall if I had to restart (which is occasionaly required by other application modifications) and so on round the loop. I have to say though, in the light of the article in this week’s newsletter, that the only way to restart the brick with the repair disc on board was to simply kill the power. I assume that as this was the only way, and as the machine had not in fact properly rebooted, the normal risks would not be present!
I had heard that Microsoft had stopped sending the update to AMD machines but I already had it. Fortunately (I think) following advice on the web I have been able to delete the Software Downloads and that seems to have now cleared the decks and I assume I am waiting for a future Microsoft download when they and AMD haved sorted things out. Windows Update is currently showing that my machine is ‘up to date’.
Mark Jacobs (Team Leo)
The main danger of pulling the plug or doing an abrupt shutdown is that you can lose data from open processes, If the machine is bricked, there’s no open processes to lose data from and any data which can be lost already is lost.
Iudith Mentzek
In my humble opinion, it looks like Microsoft entered a “pressure state” which was not exactly justified by the theoretical damage that the problem discovery
could have caused … and then they probably released the corrective updates far too fast, without having checked them thoroughly .
This is a precise recipe by which more damage can be caused than the one they try to avoid …
They should have had to release ALL these updates as “Optional”, so that to avoid installing them automatically,
which is the way most machines work by default.
Second, after the problem was discovered, there was an announcement that only Intel chips are affected, and NOT the AMD processors …
now I read that AMD users could be affected even more dramatically …
All in all, the fact that Microsoft should almost every day release some security-related update just proves that the whole thing is NOT working
exactly as it should …………
I think that, after all, all security breaches do require a kind of “cooperation from the user”, so I think that much more should be invested into
training/teaching users what to do and what not to do in their daily activity, rather than turning any home user into a “techie” that is supposed to control
what his OS is doing in the background ………….. this is far, far too much and is NOT justified in any way, by any obscure security problem !
Douglas A Wright
I’m a Linux user since 1993 but I work on Windows machines & am a loyal follower of Ask Leo. I’ve seen a few ‘bricks’ lately & I’m glad I’ve hammered home BACKUP! I do agree with you Leo, backup & keep patching.
JP
For people who use Webroot, they have a solution that allows the Microsoft Update to be installed. Details here:
https://answers.webroot.com/Webroot/ukp.aspx?pid=12&app=vw&vw=1&login=1&json=1&solutionid=2837
Gary Robillard
My Dell/Window 10 laptop turned into a brick this week. Can not power it on. This was preceded by not being able to turn on the WIFI.
I am currently on an HP/Vista that I haven’t used for a year or two. I have a Window 10 backup on Carbonate current to the WIFI Failure.
Any suggestions for bringing life back to my Dell laptop?
Leo
Restore from backup or reinstall Windows 10. Looks like those are about the only practical options.
JW Smith
If he can’t power it on, how’s he supposed to either restore from backup or reinstall Windows 10?
Leo
This type of “brick” can power on, it just can’t boot into the installed operating system. Hence you boot from your backup software’s recovery/emergency disk instead.
Tim Hohs
I’m running Win 10 on a Dell xps 8300, Intel i7-2600 cpu, with Defender running in the background. I was bricked and had to restore to an earlier date. So, I guess I don’t have the protection that update was designed to provide. I’m hoping the next update won’t brick me again.
James B
I remember when our choice in processors was a 386 chip running at a handful of speeds. Today I look at the charts to compare chips when purchasing a computer and I get lost in the long list of possibilities. Now add in the numerous combinations of devices that are attached to the computer, and it’s amazing that Microsoft can get this to work on most computers without a problem.
Mark Jacobs (Team Leo)
One reason Microsoft gets it to work is that computers and peripheral devices are designed to work on Windows not the other way around.
Bill
My symptoms were: stalling for multiple minutes and task mgr says 100% disk usage but no disk light or sound. Spent a week searching for answers then my backup image saved my bacon. I guess the week delay allowed for improvement in the updates.
back up, back up, back up.
Iudith Mentzel
I have a very simple question:
How can we know/check whether a machine HAD or HAD NOT already applied the problematic updates ?
I dare consider that such a problematic update should have appeared under a “singular”/”outstanding” name,
fully described and documented … and with complete warnings about what the side-effects might be
… well, except if the intention from the beginning was indeed to cause problems to innocent people …
Thus everybody would have been given the pros and cons to decide by himself whether he “prefers” to live
with the risks of the original problem versus those of the correction …
Thanks a lot again & Best Regards,
Iudith Mentzel
Leo
That’s actually in the Spectre/Meltdown article here: What Do I Need to Do About Spectre and Meltdown?
Mark Jacobs (Team Leo)
Right-click on the Windows icon and click “Settings”. Then click “Update and Security” if it’s up-to-date or not it will say it on that page. To find the version number of the latest up dare, click on “View installed update history”. There, it will show the updates and the dates they were updated. You can then go to the Microsoft update history page for your version of windows and compare your update with the latest available updates. To get there I’d suggest searching for “microsoft latest update windows 10” as the specific page is different for different versions of Windows 10.
As for warnings, when Microsoft releases an update, they have no idea what the potential issue would be. Their expectation is that it should work. Similar to car companies releasing a car which eventually needs to be recalled. The problems manifest themselves when the update is installed on millions of machines and a small percentage interact badly with the update.
J Kendzi
I had a problem after the Creators update where my laptop keyboard and trackpad stopped working. Not a huge problem since my logitec kb/mouse still worked. Restored to a backup re-upgraded, same problem. Went to Acer, I have an Acer E3-111. After reading posts on the support page I tried drivers that I’d never thought of.
My problem was solved with a serial bus updated driver. Performed the Win10 update again and the machine works great. Made another image backup for a new start over point!
Dale
This may sound as if it’s coming totally out of left field here but in my past life I was involved in the wireless communications world. Frequently when a carrier would issue a software update and attempt to push it out to the devices in the field I, and the people in my offices would notice a steep increase in the number of people calling in or coming in to the offices to complain of their phones suddenly ceasing to function properly or ceasing to function at all. What we eventually discovered was if end users would decline the update being pushed out to the field and would instead go through their phones settings/menu system to check for an update and then download the updates themselves the incidence of “bricking” would virtually disappear. I have no idea why that would have been the case but I am absolutely certain that it’s true. It wasn’t something we simply imagined; searching for and requesting updated software was far, far less likely to interfere in the performance of their equipment. Perhaps more people could try disabling the automatic Windows updates, and simply get their updates manually in order to reduce failure rates???
Dave Gross
Thanks Leo for your calm cool approach to these problems. Can you please explore a little more in depth the difference between “backup” and “full image” backup. My recent “brick” experience with three Intel machines runs counter to the AMD scenario. The only solution for these three machines was to re-install Windows 10. Backup of the data files was not an issue, all were intact, however, all third-party software that was installed before the update was removed. The original files of downloaded apps were still available but had to be re-installed. I’d suggest everyone make a list of the software along with product keys right away.
My understanding is that cloud-based storage like Carbonite will not store / re-store program files (exe). Is that true?
Secondly, what about the restore or “recovery” function included in the various MS Windows applications? They proved worthless in the latest bricking episodes.
I didn’t intend to become a “computer technician”. I don’t hang around tech forums looking at other people’s problems all day long. Computers today should be smart enough to be bulletproof by now don’t you think? Is there some software or group of software you can recommend that will perform the backup and or image backup that are simple to understand and use. The last time I did an “image” backup of a 1tb drive it took 2 days…
Thanks
DAve
Mark Jacobs (Team Leo)
That’s true, cloud-based storage like Carbonite will not back up program or system files. They only back up what they determine to be personal user files, not system files. And they would probably miss any user file any useful files which are in the AppData folder and some program proprietary folders.
Here are Glossary pages where Leo explains the terms “backup” and “image backup”
https://askleo.com/glossary/backup/
https://askleo.com/glossary/image-backup-2/
Steve Jones
Hi Leo
I have two older machines running Windows 7, and they have both had the Spectre and Meltdown updates applied.
I have read that such machines might be impacted without turning into bricks, and this seems to be the case with mine; they both show about a 40% reduction in download speed.
My question is this: is there likely to be a modification to those updates, which will lessen the impact on older machines, or am I faced with choosing between replacing the machines or living with the slowdown?
Thanks,
Steve
Leo
I think it’s too soon to tell. I’m sure that if faster, yet safe, patches become available then I’d expect them to be applied.
What’s odd here though is that your CPU speed should have little, if any impact on DOWNLOAD speed. That seems unrelated.