Posted on April 11th, 2017 at 14:57 Comment on the AskWoody Lounge
In today’s Security TechCenter release notes, there’s a sobering entry that looks like this:
If the PC uses an AMD Carrizo DDR4 processor, installing this update (KB 4015549 (the Win7 Monthly Rollup), KB 4015546 (the Win7 Security-Only patch), KB 4015550 (the Win8.1 Monthly Rollup), KB 4015547 (the Win8.1 Security-Only patch) will block downloading and installing future Windows updates.
Workaround / Resolution
Microsoft is working on a resolution and will provide an update in an upcoming release.
Sound familiar? On March 22 I wrote about Microsoft’s reprehensible approach to forcing Win7 and 8.1 off the newer 7th generation Kaby Lake/Ryzen processors.
Two days later I pointed folks to companies that are maintaining lists of supported PCs — ones that wouldn’t run afoul of the blocked updating. At the time I said:
I don’t know what Microsoft intends to do with AMD chips. The way the announcements stand, AMD Bristol Ridge PCs won’t have Win7 or 8.1 support, and there’s no magic list of manufacturers or machines that are exempt from the ruling.
Now it appears we have a real-world example of a supposedly-protected 6th generation chip, AMD’s Carrizo, which got zapped by the 7th generation police.
Microsoft’s own Lifecycle Policy FAQ says:
What is the support policy for prior generations of processors and chipsets on Windows 7 or Windows 8.1?
Windows 7 and Windows 8.1 will continue to be supported for security, reliability, and compatibility on prior generations of processors and chipsets under the standard lifecycle for Windows. This includes most devices available for purchase today by consumers or enterprises and includes generations of silicon such as AMD’s Carrizo [emphasis added] and Intel’s Broadwell and Haswell silicon generations.
Even more distressing: It looks like this obnoxious behavior extends to both the Monthly Rollup patches (which I expected) and to the Security-only patches (which I did not).
What a massive screw-up.
(Can anybody point me to a commercial machine that uses Carrizo with DDR4?)
Posted on April 11th, 2017 at 12:48 Comment on the AskWoody Lounge
There’s a massive list of updates to Vista, Win7 and 8.1 on the Windows Update page.
I don’t see any mention of Security Bulletins, but the Security Update Guide database list has been updated.
Win10 RTM (1507), 1511 (Fall Update), 1607 (Anniversary Update) and 1703 (Creators Update) have all been patched.
The documentation for Win10 Anniversary Update is weird, with two build numbers, and the difference between the builds hasn’t been explained as yet: April 11, 2017—KB4015217 (OS Build 14393.1066 and 14393.1083) https://support.microsoft.com/en-us/help/4015217/windows-10-update-kb4015217. Update: Looks like 14393.1083 is for HoloLens.
The Creators Update is now up to its fifth release: 15063.0 was the first released version on March 30. Then we saw 15063.11 on March 31, 15063.13 on April 3, and 15063.14 on April 5.
The latest Creators Update took a big jump in build numbers, to 15063.138. Look for April 11, 2017—KB4015583 (OS Build 15063.138) at https://support.microsoft.com/en-us/help/4015583/windows-10-update-kb4015583
If you haven’t figured out why you don’t want Creators Update just yet, look at this list from Microsoft: What’s new in the Windows 10 Creators Update
There’s a list of Office security patches here.
UPDATE: Great overview by Martin Brinkman at ghacks.net.
Still haven’t seen a wushowhide screenshot for “Feature update to Windows 10, version 1703”Windows News, Windows Patches/Security 14393.1066, 14393.1083, 15063.138, April 2017 Black Tuesday, KB 4015217, KB 4015583
Posted on April 11th, 2017 at 07:23 Comment on the AskWoody Lounge
Step-by-step instructions for blocking the next version of Win10.
InfoWorld Woody on Windows.