Become a Patron of Ask Leo! and go ad-free!
Transcript
Brick Risk
Hi everyone, Leo Notenboom for askleo.com.
So, in the last week, in addition to the Spectre and Meltdown problems that weāve been hearing and talking about, there comes news that some of the updates to specifically mitigate against those problems can brick certain machines.
So what does it mean to brick a machine? Well, thatās fairly straightforward; it basically turns your machine into nothing better than a brick. Itās large, itās rectangular, itās heavy; you can stack things on it but itās not really good for much of anything else.
Once your machine has been bricked, in the case of a PC, youāll need to, then, boot from something else, be it a new installation media, a recovery disk or something like that, in order to repair or replace the operating system thatās been damaged on the machine.
So obviously, itās a bad thing. Itās not something you want to have happen by any stretch. And that Microsoft Updates can cause this, yes, itās a bad thing. That should not happen; it should never happen but it did. My understanding is that it actually affects relatively few machines. Only machines that are based on AMD technology and Iām not even sure itās all of the AMD CPUs but the bottom line is it can affect some people.
Now, in reading about this in the press, what I keep running across is something that I disagree with and something, itās the reason Iām talking to you today. The advice that most tech pundits are giving is that you, meaning everyone, should hold off on Windows Updates until this gets resolved.
Thatās not something I agree with. My approach is slightly different. If you know me, you can probably guess what itās based on, but the bottom line is weāve got an announced vulnerability that we now know how to exploit. The malware is coming; we know that and weāve got fixes that work for the vast majority of people (Iām not saying everybody but for the vast majority) and the recommendation is that we donāt take those fixes because there are a few machines that might adversely impacted.
I think the priorities are wrong. I think thatās the wrong approach to dealing with this. I honestly believe that itās a very small number of machines, number of individuals who are impacted by this bricking scenario. Not to minimize what they are going to have to go through, but thereās a better way.
The scenario that I more strongly suggest is this: Back up first. Seriously, take an image backup of your machine prior to installing Windows Updates. If youāre already doing this nightly with a combination of full or incremental or whatever backup scenarios youāre running that result in the equivalent of an image backup taken every night, you actually donāt have to do anything else.
Once you take the image backup, youāre safe. Youāve got a place to go back to should something go wrong. Now, if you take the Windows Update with all of the patches for the Spectre and Meltdown vulnerability and whatever else it happens to include, then either of two things are going to happen: Itās going to work. For most people, yeah, itās just going to work. Nothings going wrong and as a result, youāre going to be protected from the latest round of vulnerabilities.
For some small percentage of people, youāre going to break your machine, but now, because youāve got a backup that you took immediately prior to doing the update, youāve got recourse. After youāve determined your machine is affected by this, and has been turned into a brick, restore from the backup. All that really means is booting from the rescue or recovery media that your backup software uses, and then using the backup software to restore the image of your machine taken prior to the updates to the machine.
Then, reboot your machine. Your machine will be up and running again and youāll know, yeah, donāt take those Windows Updates, they hurt when you take them. The right thing for you to do if youāre one of those few people that are impacted by this is to then pay attention to news reports or your computer manufacturer or Windows or Microsoft or whomever to understand when the patches will be safe for you to take and then, well you know what, back up again and take those patches.
The bottom line is holding everyone back from taking updates because a few might be impacted, wrong priority. I think itās much more important that the vast majority of people take the updates and get themselves protected and then at the same time make sure weāve got a safety net in place for people who might run into a problem.
Like I said, they arenāt going to be many of them.
So, what do you think? What are you doing about Spectre and Meltdown? This is not the place to complain Microsoft botched update. Thereās plenty of that going on. Absolutely, that should not have happened but complaining about it actually doesnāt do anything. Itās not in your control. What theyāve done, theyāve done and itās up to us now to deal with it and this is why Iām talking about this strategy of backing up and updating as an approach to dealing with it. How are you dealing with it?
Is this the approach youāre using? Are you taking the updates? Are you holding off on the updates and how safe do you feel? Let me know in the comments down below. As always, this video is on a page out at askleo.com. Hereās a link to it. Itās where all the comments are moderated; all the comments are read. We have the most lively discussion there without having any of the trolls. So, until next time, Iām Leo Notenboom for askleo.com. Remember, have fun, stay safe and especially before you take this last round of Windows Updates, donāt forget to back up. Take care.
Hi Leo, as always thanks for your wonderful advice. Now, did skip into another universe where we have a choice on ātaking updatesā in WX, and no, not via wifi. What is this you speak of. If you get an update that bricks you, then reimage, then how do you block that update or choose to stop any or all updates. Thank You in advance, Chris.
Iāll assume youāre referring to Windows 10. And yes, indeed, delaying Windows Updates isnāt easy, but there are hacks out there. And no, the problem is that I donāt know of a way to block a SINGLE update ā all I know to do is to turn off Windows Updates completely, which avoids ALL updates. Thatās why Iām so loathe to do this.
I have a slightly different, but related problem. I generally leave my computer running when I leave it for the day. It will be fine for two or three days without problem, but then it will lock up and become somewhat of a brick. Neither the keyboard nor the mouse respond and not even the three fingered salute evokes any response. Not even the on/off button works. The only way to get a response is to unplug the machine, wait a bit and play with the on/off button. At some point, it will restart with no apparent loss of data or other damage.
P.S. Iām running Windows 10 on an Intel machine with all updates current. Itās been happening for several months now.
I have 3 AMD machines and they all took the updates without a glitch. As for backups. There are many things which can brick a machine including malware, head crashes and more. A recent system image backup is the closest thing to a silver bullet against those.
I do the nightly backups. I tried to take the updates on my Intel i7 machine but they do not work. I click to install and the status bar makes it most of the way to the end and then hangs. I left it running all night once and it never finished. Each time I try, I end up having to reboot and Windows thankfully returns to the restore point it created.
The AMD processors listed on their web site ā https://www.amd.com/en/corporate/speculative-execution ā suggest the following AMD CPUs are at risk to boot failures:
Opteron
Athlon
Turion X2 Ultra
But note that Microsoft now [16 Jan] claims to have āturned offā the updates for these chips so yopu should be able to try and update without apparent risk!
Julian
I use Win 7 & do not have updates installed automatically but choose to be notified of them & do them myself. I use Webroot anti virus & it is one of the few that has not issued the patch yet, however when I checked this monthās Microsoft updates the only one that appeared was the Malicious tool one which I did download, so apparently Microsoft is not giving me the updates until my Webroot issues itās update/patch. Needless to say, because of this I will not renew Webroot since it is one of only a couple anti virus programs that is lagging in fixing this current problem.
The Windows 10 update on January 6 bricked my desktop. I had to restore it from a backup. I donāt know for sure what caused the event, but the system was not recognizing a USB flash drive when I plugged it in, so I did a restart to see of the computer would get back on trackā¦ but it wouldnāt reboot. My systems is running pretty much 24/7. And this is the SECOND time they bricked my desktop in two years and I had to do a reset of my laptop the week before! I get the feeling that those with real skills in both Redmond and Cupertino have retiredā¦ It seems Iāve had more issued with Apple product updates as wellā¦
As the owner of a PC with AMD Athlon processors I have become the victim of this mess. I have avoided too much mess by not restarting the machine ā simply shutting it down which seems to not install the downloaded update. I did try restarting a couple of times and ended up with the ābrickā but fortunately I was able to get the machine restarted using a repair disc which rolled back the update. Unfortunately this also left the update in the directory ready to reinstall if I had to restart (which is occasionaly required by other application modifications) and so on round the loop. I have to say though, in the light of the article in this weekās newsletter, that the only way to restart the brick with the repair disc on board was to simply kill the power. I assume that as this was the only way, and as the machine had not in fact properly rebooted, the normal risks would not be present!
I had heard that Microsoft had stopped sending the update to AMD machines but I already had it. Fortunately (I think) following advice on the web I have been able to delete the Software Downloads and that seems to have now cleared the decks and I assume I am waiting for a future Microsoft download when they and AMD haved sorted things out. Windows Update is currently showing that my machine is āup to dateā.
The main danger of pulling the plug or doing an abrupt shutdown is that you can lose data from open processes, If the machine is bricked, thereās no open processes to lose data from and any data which can be lost already is lost.
In my humble opinion, it looks like Microsoft entered a āpressure stateā which was not exactly justified by the theoretical damage that the problem discovery
could have caused ā¦ and then they probably released the corrective updates far too fast, without having checked them thoroughly .
This is a precise recipe by which more damage can be caused than the one they try to avoid ā¦
They should have had to release ALL these updates as āOptionalā, so that to avoid installing them automatically,
which is the way most machines work by default.
Second, after the problem was discovered, there was an announcement that only Intel chips are affected, and NOT the AMD processors ā¦
now I read that AMD users could be affected even more dramatically ā¦
All in all, the fact that Microsoft should almost every day release some security-related update just proves that the whole thing is NOT working
exactly as it should ā¦ā¦ā¦ā¦
I think that, after all, all security breaches do require a kind of ācooperation from the userā, so I think that much more should be invested into
training/teaching users what to do and what not to do in their daily activity, rather than turning any home user into a ātechieā that is supposed to control
what his OS is doing in the background ā¦ā¦ā¦ā¦.. this is far, far too much and is NOT justified in any way, by any obscure security problem !
Iām a Linux user since 1993 but I work on Windows machines & am a loyal follower of Ask Leo. Iāve seen a few ābricksā lately & Iām glad Iāve hammered home BACKUP! I do agree with you Leo, backup & keep patching.
For people who use Webroot, they have a solution that allows the Microsoft Update to be installed. Details here:
https://answers.webroot.com/Webroot/ukp.aspx?pid=12&app=vw&vw=1&login=1&json=1&solutionid=2837
My Dell/Window 10 laptop turned into a brick this week. Can not power it on. This was preceded by not being able to turn on the WIFI.
I am currently on an HP/Vista that I havenāt used for a year or two. I have a Window 10 backup on Carbonate current to the WIFI Failure.
Any suggestions for bringing life back to my Dell laptop?
Restore from backup or reinstall Windows 10. Looks like those are about the only practical options.
If he canāt power it on, howās he supposed to either restore from backup or reinstall Windows 10?
This type of ābrickā can power on, it just canāt boot into the installed operating system. Hence you boot from your backup softwareās recovery/emergency disk instead.
Iām running Win 10 on a Dell xps 8300, Intel i7-2600 cpu, with Defender running in the background. I was bricked and had to restore to an earlier date. So, I guess I donāt have the protection that update was designed to provide. Iām hoping the next update wonāt brick me again.
I remember when our choice in processors was a 386 chip running at a handful of speeds. Today I look at the charts to compare chips when purchasing a computer and I get lost in the long list of possibilities. Now add in the numerous combinations of devices that are attached to the computer, and itās amazing that Microsoft can get this to work on most computers without a problem.
One reason Microsoft gets it to work is that computers and peripheral devices are designed to work on Windows not the other way around.
My symptoms were: stalling for multiple minutes and task mgr says 100% disk usage but no disk light or sound. Spent a week searching for answers then my backup image saved my bacon. I guess the week delay allowed for improvement in the updates.
back up, back up, back up.
I have a very simple question:
How can we know/check whether a machine HAD or HAD NOT already applied the problematic updates ?
I dare consider that such a problematic update should have appeared under a āsingularā/āoutstandingā name,
fully described and documented ā¦ and with complete warnings about what the side-effects might be
ā¦ well, except if the intention from the beginning was indeed to cause problems to innocent people ā¦
Thus everybody would have been given the pros and cons to decide by himself whether he āprefersā to live
with the risks of the original problem versus those of the correction ā¦
Thanks a lot again & Best Regards,
Iudith Mentzel
Thatās actually in the Spectre/Meltdown article here: What Do I Need to Do About Spectre and Meltdown?
Right-click on the Windows icon and click āSettingsā. Then click āUpdate and Securityā if itās up-to-date or not it will say it on that page. To find the version number of the latest up dare, click on āView installed update historyā. There, it will show the updates and the dates they were updated. You can then go to the Microsoft update history page for your version of windows and compare your update with the latest available updates. To get there Iād suggest searching for āmicrosoft latest update windows 10ā as the specific page is different for different versions of Windows 10.
As for warnings, when Microsoft releases an update, they have no idea what the potential issue would be. Their expectation is that it should work. Similar to car companies releasing a car which eventually needs to be recalled. The problems manifest themselves when the update is installed on millions of machines and a small percentage interact badly with the update.
I had a problem after the Creators update where my laptop keyboard and trackpad stopped working. Not a huge problem since my logitec kb/mouse still worked. Restored to a backup re-upgraded, same problem. Went to Acer, I have an Acer E3-111. After reading posts on the support page I tried drivers that Iād never thought of.
My problem was solved with a serial bus updated driver. Performed the Win10 update again and the machine works great. Made another image backup for a new start over point!
This may sound as if itās coming totally out of left field here but in my past life I was involved in the wireless communications world. Frequently when a carrier would issue a software update and attempt to push it out to the devices in the field I, and the people in my offices would notice a steep increase in the number of people calling in or coming in to the offices to complain of their phones suddenly ceasing to function properly or ceasing to function at all. What we eventually discovered was if end users would decline the update being pushed out to the field and would instead go through their phones settings/menu system to check for an update and then download the updates themselves the incidence of ābrickingā would virtually disappear. I have no idea why that would have been the case but I am absolutely certain that itās true. It wasnāt something we simply imagined; searching for and requesting updated software was far, far less likely to interfere in the performance of their equipment. Perhaps more people could try disabling the automatic Windows updates, and simply get their updates manually in order to reduce failure rates???
Thanks Leo for your calm cool approach to these problems. Can you please explore a little more in depth the difference between ābackupā and āfull imageā backup. My recent ābrickā experience with three Intel machines runs counter to the AMD scenario. The only solution for these three machines was to re-install Windows 10. Backup of the data files was not an issue, all were intact, however, all third-party software that was installed before the update was removed. The original files of downloaded apps were still available but had to be re-installed. Iād suggest everyone make a list of the software along with product keys right away.
My understanding is that cloud-based storage like Carbonite will not store / re-store program files (exe). Is that true?
Secondly, what about the restore or ārecoveryā function included in the various MS Windows applications? They proved worthless in the latest bricking episodes.
I didnāt intend to become a ācomputer technicianā. I donāt hang around tech forums looking at other peopleās problems all day long. Computers today should be smart enough to be bulletproof by now donāt you think? Is there some software or group of software you can recommend that will perform the backup and or image backup that are simple to understand and use. The last time I did an āimageā backup of a 1tb drive it took 2 daysā¦
Thanks
DAve
Thatās true, cloud-based storage like Carbonite will not back up program or system files. They only back up what they determine to be personal user files, not system files. And they would probably miss any user file any useful files which are in the AppData folder and some program proprietary folders.
Here are Glossary pages where Leo explains the terms ābackupā and āimage backupā
https://askleo.com/glossary/backup/
https://askleo.com/glossary/image-backup-2/
Hi Leo
I have two older machines running Windows 7, and they have both had the Spectre and Meltdown updates applied.
I have read that such machines might be impacted without turning into bricks, and this seems to be the case with mine; they both show about a 40% reduction in download speed.
My question is this: is there likely to be a modification to those updates, which will lessen the impact on older machines, or am I faced with choosing between replacing the machines or living with the slowdown?
Thanks,
Steve
I think itās too soon to tell. Iām sure that if faster, yet safe, patches become available then Iād expect them to be applied.
Whatās odd here though is that your CPU speed should have little, if any impact on DOWNLOAD speed. That seems unrelated.
Microsoft is finally allowing all users to delay updates.
https://www.forbes.com/sites/gordonkelly/2019/04/17/microsoft-windows-10-problem-update-warning-upgrade-cost/