Woody Leonhard's no-bull news, tips and help for Windows and Office
Home icon Home icon Home icon Email icon RSS icon
  • Windows 7, 8.1 patches are up

    Posted on January 10th, 2017 at 13:05 woody 145 comments

    OK, not exactly. Other than MSRT, there are no patches for 8.1, and only one small security patch (plus a Flash patch) for Win7.

    This month only we’re getting old-fashioned Security Bulletins (such as they are) plus the new Security Updates Guide.

    MS17-001 for Edge only – “important” (which means it isn’t really important)

    MS17-002 – Word 2016 and SharePoint Enterprise 2016 – critical

    MS17-003 – Flash Player but only on 8.1 and 10 – critical

    MS 17-004 – Only on Vista and Win7 – important

    Windows 7Β 

    January 10, 2017β€”KB3212642 (Security-only update)
    This update includes only security fixes. No new operating system features are being introduced in this update.

    January 10, 2017β€”KB3212646 (Monthly Rollup)
    Includes the Security-only update above, plus the non-security stuff in last month’s Dec. 13 Monthly Rollup.

    Windows 8.1

    “There are no security fixes or quality improvements for release on January 10, 2017. As such, there is no Security-only update nor Monthly Rollup release for this month.”

    That’s the lightest Patch Tuesday I’ve ever seen.

    Reminder: We’re still on MS-DEFCON 2. Wait to see what happens to everybody else.

    If that helped, take a second to support AskWoody on Patreon

    145 Responses to “Windows 7, 8.1 patches are up”

    1. Skip H says:

      Just updating WSUS Offline with version 10.9.

      It included KB3212646 (full rollup), dated 1-7-2017.

      This latest version of WSUS Offline has the option to download the “security only” updates, instead of the “quality rollups” updates.

      I’m re-installing a fresh copy of Win7x64 Pro for a customer, so will use the “quality” updates, as the customer will be on automatic update mode.

      When I do updates this way, the process of going from a fresh install of Windows 7×64 Pro to a fully patched (no extra MS software, like Office) system usually takes about 4 hours, never uses the Control Panel app of Windows Update until all patches have been installed by WSUS Offline, and is done with the system NOT hooked to the Internet until WSUS Offline is done installing the batch downloaded patches.

      Then running WU from Control Panel might find a few other “important” patches (and 70-80 “optional” ones), but does that in 5-10 minutes.

      • zero2dash says:

        Thanks for the heads up, I was wondering if WSUS Offline would ever update to pull ‘Security only’ instead of the rollups. Looks like I’ll start using that one again myself. Thanks!

    2. T says:

      Just the one security update for windows 7? When was the last time that happened? Have microsoft already given up on 7? I should be relieved there is only 1 update i suppose but i can’t shake the feeling it’s further corner cutting from them, i mean there have always always been at least an update for internet explorer but now there isn’t? My default reaction to whatever microsoft does these days is one of suspicion and not trust.

      • abbodi86 says:

        Where have you been in the last few months? πŸ™‚
        Windows 7 had been receiving one security update since October, sometimes one more update for .NET Framework

        • T says:

          No no, i’m not talking about the security only update that collects all of this months security patches into 1 update. I’m talking about the fact there is only 1 security patch for lsass and nothing else. Not even a security patch for internet explorer.

        • ch100 says:

          It is called OCD in relation to Windows Update. There are few others of us affected πŸ™‚

        • abbodi86 says:

          I see πŸ™‚
          but the lack of security patches is for all, not just Windows 7

          it’s holidays, they did not feel urgent need to fix all security issues πŸ˜€

    3. Ulysses says:

      “That’s the lightest Patch Tuesday I’ve ever seen.”

      Lol, no doubt some PHBs have slammed the brakes after the recent slew of college-dropout workmanship.

    4. Bill Ingram says:

      WOW! So far for Windows 8.1, only the ‘Critical’ Flash Player patch (IE 10 & 11; I use Firefox like you say, boss) & the ‘Important’ MSRT. I say “so far”; what’s to keep the ‘Softies from changing their hive mind & rolling something out before February’s Patch Tuesday?!

    5. Cindy says:

      I so far seen that I’ve got KB3212646 (Monthly Rollup) and KB890830 (Malicious Software Removal Tool) ready to install, but I don’t have the other update, KB3212642 (Security-only update) in there ready to install. In fact, I cannot see that update anywhere in my Win 7

    6. Ann in Keizer says:

      So the December updates for Windows 7/8.1 are still at Defcon 2, and the January updates are available. When December gets back to Defcon 3, can I just install those and uncheck the later ones?

      I’m not too worried because I don’t use Edge or IE, and I have Flash disabled in Chrome. Also, I don’t have MS Office. In fact, my PC is basically an Internet terminal. But I still want to keep it working and secure through 2020!

    7. Yuhong Bao says:

      MS17-004 is patching a denial of service attack on LSASS, which is probably not important for most home users. MS17-001 is a bit more important as it assigns data: URLs the proper origin in Edge.

      • Jolande says:

        After installing KB3212646 the sign-in button appeared after every reboot, eventhough I have no password on my system. And I had problems with other programms like Google Chrome. I deleted the update and everything is fine again. So I’m going to wait a while now.

    8. BobbyB says:

      Do I take it we can consider Win8.1 a stable version now ? CBB perhaps πŸ˜‰

    9. ch100 says:

      So after Microsoft’s long break, we have a holiday too in January.

    10. OscarL says:

      KB3212642, according to Microsoft, is for Windows 7 32 bits. My machine runs Win 7 64 bits. Should I apply this update as well?
      Thanks.

      • woody says:

        Wait.

        There is not one good reason to install any of today’s updates. Wait to see if any problems crop up.

      • Sam H says:

        The Windows Update Catalog provides different versions of KB3212642 for 32-bit and 64-bit versions of Windows 7. The 32-bit version is 3.5 MB in size, while the 64-bit version is 6.2 MB. Make sure you see the “for x64-based Systems” in the catalog title.

    11. Cavalary says:

      So basically if you’re a home user on Win7, little reason to bother at all this month?
      Very very odd not to see at least an IE update. When did that last happen?

      • woody says:

        It’s all unprecedented, in my experience, at least since Patch Tuesdays started – what, 15 years ago?

        • ch100 says:

          Because IE11 has reached such a stage when there are no more (known) vulnerabilities.
          What is so unexpected?! πŸ™‚

        • Bill says:

          I can remember one other month without an IE rollup, three or four years ago, I think.

          The Security Bulletins may be skimpy, but my WSUS is absolutely slammed. I’ve had about a thousand new patches in the last two weeks. Mostly language packs and other trash for FeatureOnDemand.

          • ch100 says:

            Do you synchronise Language Packs in WSUS?
            No wonder the WSUS gets slammed πŸ™‚

            • Bill says:

              I don’t, and have no control over what I filter. My “company” upstream does that for me, poorly.

              • ch100 says:

                I think I know what you meant. They are not the Language Packs as such, but what comes in FeatureOnDemand on WSUS, I have recently looked through those options in WSUS for Win 10 and Win 2016. They should rather be part of the build, because those options tend to change when a new build is released and few weeks after if there are any fixes or additions, like the PanEuropean fonts.
                If you don’t have control… well, you just don’t. It is probably a practical way for the WSUS admins to push whatever they consider required, without considering the consequences for the users who receive the updates.

    12. messager7777777 says:

      Fyi, when I checked the Security Updates Guide/SUG about 2 weeks ago, there was no security updates displayed b4 Sep 2016. Today, when I check again, there was none for b4 Aug 2016 = M$ just added the Aug 2016 security updates to the SUG.
      WTH is happening.?
      .
      Seems, most Win 7 security updates from b4 Oct 2016, can only be installed via Windows Updates, ie cannot be manually installed via M$ Update Catalog(except for the rollups from May 2016 onward, Servicing Stack updates, Windows Update Agent/Client updates, IE updates, etc). What if M$ Windows Update is not working properly or completely broken.?

    13. Squall says:

      I was worried about only seeing the monthly rollup and the MSRT this month… glad that’s all I should be seeing. And as you said, Woody, this is the lightest Patch Tuesday I’ve ever seen since I actually started paying attention to these things.

    14. Rob says:

      Windows 7 & 8.1 users:

      For those who do not visit here regularly,
      December 2016 patches for Win 7 & 8.1 are safe to install for respective Groups A and B.

      All January 2017 patches for Win 7 & 8.1 are on HOLD..wait until the go-ahead is given via DEF-CON indicator.

      Jeez it’s that simple!

    15. Jonathan Seymour says:

      The Security Monthly Quality Update for Windows 7 (KB3212646) (both x86 and X64) has been revised with today’s date (11th Jan 2017). Apparently the list of updates it replaces has been amended.

      One odd thing with this update; anyone else experiencing extreme slowness in IE11 when viewing the KB article for this update (https://support.microsoft.com/en-us/kb/3212646)? It works fine in Chrome, but on PCs with and without KB3122646 installed, that KB causes the IE11 tab showing it to run VERY slowly. Other KB articles work fine!

      • BobbyB says:

        Hmm does here to but it is a “humoungus” web page that gives Firefox & IE11 a bit of a hard time as well as a script error on Firefox. Also a “nag Msg” about Edge on Firefox again, not my favourite right now after its little snooping activities got revealed to me yesterday. Then again it really isnt my favourite as its just not ready for the “big time” yet.

      • ch100 says:

        Confirm that the updates for Word 2016 and Windows 7/2008R2 were all revised. Also a patch which belongs to the Office 2016 suite for Sharepoint Enterprise 2016 was revised too.

        • woody says:

          But only the metadata, yes?

          The patches themselves are all the same. I hope.

          • ch100 says:

            It looks like it is so. The supersedence list has changed and for the Word 2016 patch there seems to be a new title, or at least this is what MS says. The supersedence list update should probably be seen in the context of expiring tens of older patches.
            They are not re-offered, but for people who follow your MS-DEFCON advice, few revisions next day after release should not matter, right? πŸ™‚

      • ch100 says:

        Also lots of expired older updates for Windows 7 which were probably due to be expired for a while, to alleviate the supersedence issue.
        KB3150513 for Windows 10 1511 is expired too.
        Remember this patch which updates definitions for KB2952664 on Windows 7.
        The functionality of KB2952664 for Windows 7 is built-in Windows 10.

      • abbodi86 says:

        Too much files/info listed in the article
        it’s slow for me on all Browsers
        the list of files should had been gathered as downloadable .csv, as always
        but it seems the article is filled by some intern MS employee πŸ˜€

        • ch100 says:

          InfoWorld.com used to have slow browsing for the same reason. It seems to be better now, or maybe Firefox got better at handling that sort of design. πŸ™‚

    16. DonnaT says:

      Hi I have these updates in my WU:
      β€’ Dec 2016 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.62.
      β€’ 30 individual Security Update for MS .NET Framework 3.5.1 from 2011 – 2016 are those included in the Dec rollup noted above?
      β€’ Dec 2016 Security Monthly Quality Rollup for Win7
      β€’ Security Update for MS XML Core…SP2 KB954430 ???
      β€’ 11 Security updates for Win7 from 2014 – 2015
      β€’ Update for Win 7 KB971033
      β€’ Win7 SP1 KB976932
      β€’ Windows Malicious SW removal tool

      I received advice (from another forum) to install .NET framework/security updates (not Dec quality rollup) but still have these questions and am just looking for more feedback/input. I appreciate everyone’s help/input.

      β€’ I checked KB971033 but I don’t know if I should install it or not.
      β€’ KB976932 is Windows 7 Service Pack 1, which I already have. I don’t know why it is coming up, unless it’s different than what is on my computer. Publish date is 2/12/15. Should I install it?
      β€’ I assume I can click all updates to install at the same time? Or is there a sequence I should follow? I will choose the ones I want & hide the rest.

      I’m apprehensive about WU now, with good reason! I used to be a happy group A person πŸ™‚ Now, I’m questioning everything. I have restore point set up and data backup, just in case. I have to patch for security updates, I think it’s imp, but it’s uncomfortable to think that may cause damage.

      • PKCano says:

        First rule – do NOT install ANYTHING with a Jan 2017 date yet. WAIT until the DEFCON number goes up to 3 or above.

        Second rule – do NOT check anything that is not already checked. This includes the older (2014-2015) updates that are probably in the OPTIONAL list. In fact, it is a good rule not to install anything under OPTIONAL because they are unchecked to begin with – especially if it has Preview in the name.

        Third rule – The updates with a December date were approved for installation on 12/29/16 here
        https://www.askwoody.com/2016/ms-defcon-3-cautiously-update-windows-and-office/
        If you are in Group A (accept all MS has to offer), you install the December Security Monthly Quality ROLLUP KB3197869.
        If you are in group B (Security only patches) you need to download the Dec Security Only Quality UPDATE from the MS Update Catalog and install it manually.
        The links to the security patches are in the link above.

        Fourth Rule – those updates NOT CHECKED do not get installed. If you have installed the Security only update, when you run Windows Update, you UNCHECK the Monthly Rollup and install everything else that is ALREADY CHECKED dated before 2017 (Jan updates have not been approved yet). If the Monthly Rollup is not checked, it won’t get installed. DO NOT check anything that is not already checked.

        In general, the .NET, Office, Flash Player, IE, etc patches are OK to install – BUT NOT ON THE DAY THEY ARE RELEASED. MS releases patches on the second Tuesday – they may or may not be good. Wait until Woody sets DEFCON to 3 or above, indicating the patches won’t cause trouble, then install. Then go back to waiting.

        To see if you have SP1, click on the Start button, on the right RIGHT CLICK on Computer/My Computer and choose Properties. It will be at the top of the page.

          • DonnaT says:

            Thank you. I have some technical ability – but not enough to figure this out on my own. I am being overly-cautious bc I had problems with my new Dell for over a year. FINALLY got Dell to send me a replacement machine and now that my hardware issue is resolved, I am dealing with this WU issue!!! I just need it to work! Am afraid it’ll get broken again with a bad update (and of course snooping issue) – hence, my caution & concern:
            First rule – OK
            Second rule – OK
            Third rule – OK
            Fourth Rule – OK

            To see if you have SP1, click on the Start button, on the right RIGHT CLICK on Computer/My Computer and choose Properties. It will be at the top of the page. – I HAVE SP1. I DON’T KNOW WHY SP1 IS IN UPDATE LIST. I WAS GOING TO HIDE IT SO IT DOESN’T INSTALL???

            THAT LEAVES ME WITH THIS INSTALL LIST: DEC SECURITY & .NET FRAMEWORK, SECURITY UPDATES FOR .NET FRAMEWORK (ABOUT 30 FROM THE LAST FEW YEARS), 11 SECURITY UPDATES FROM 9/2014 – 9/2016 – I was going to install these.

            Questions:
            SECURITY UPDATE XML CORE SP2 KB954430 & KB9736788 – install?
            Activation services update KB971033 – install?

            And this one just came up – I don’t know if I should install it?
            Security & Quality, Nov 2016 Security Monthly Quality Rollup – KB3197868

            • woody says:

              If you see rollups in your Windows Update list, you have SP1. Don’t worry about it.

              You’re likely “Group A” – so just follow my advice (Check for updates set to “Never,” and “Give me Recommended Updates” checked), then run Windows Update. DON’T TOUCH ANYTHING – don’t check any boxes, don’t uncheck any boxes. Go ahead and install.

              Then wait until the MS-DEFCON level changes before installing the next month’s patches.

              • DonnaT says:

                ok. I am a Group B ‘wanna be’ πŸ˜‰ But I get very confused due to my lack of technical expertise, which makes me Group A.

                I will do as you suggest, except question on SP1 update – leave it or hide it?

                • woody says:

                  Follow PKCano’s advice….

                  • Terry Pickleson says:

                    One thing I’ve been wondering is the reasoning behind the whole “Don’t install anything that’s not checked off by default” philosophy. I mean is there any reason for that? Is it because the optional patches might break something? But don’t all updates carry that risk? I get the the telemetry and preview rollups, but why not hide those and install everything else?

                    • woody says:

                      If Microsoft doesn’t have enough confidence in a patch to mark it as “recommended,” I figure customers shouldn’t have to deal with its failures.

                      MS has a long history of rolling out perfectly useless (or downright destructive) “optional” updates.

                      • ch100 says:

                        In addition to what Woody explained, sometimes unticked updates are just throttled at the Microsoft servers and after a while they will come back as ticked. Sometimes the WindowsUpdate.log would offer the reason, but it is in cryptic language and not everyone understands that πŸ™‚
                        Office Updates released on first Tuesday of the month usually come unticked on Windows 7 but install on Windows 10. That one is a combination of throttling with the known Preview intended behaviour.
                        There is no single rule, but as it is generally adviced, if Microsoft pushes them as unticked, they generally don’t have such a priority to be installed that the user should override Microsoft’s intention, unless having a very clear reason.

                      • Terry Pickleson says:

                        I see.

            • PKCano says:

              I suspect the Dell replacement is recent if all those old updates are checked in the important list. So:

              For Group A (accept all MS offers)
              HIDE the Jan Security Monthly Quality ROLLUP. Install everything that is checked under the important list. When the computer reboots, wait 10 minutes, search for updates and install everything that is checked. Repeat this until there no more updates available.
              It the search takes over half an hour at any point, you will need to download two updates and manually install them, one at a time to fix it (be sure you get the one that says x64 if 64-bit is what you have):
              http://www.catalog.update.microsoft.com/Search.aspx?q=3020369
              and
              http://www.catalog.update.microsoft.com/Search.aspx?q=3172605
              When there are no more updates, unhide Jan ROLLUP KB3212646 – but DO NOT INSTALL IT YET. Wait for DEFCON to change to 3 or above.

              For Group B
              If searching for updates is slow, download the two patches above and manually install them. Be sure it says x64 if you have 64-bit.

              HIDE KB2952664, 3021917, 3068708, and 3080149 any time they show up in Windows Update – these contain telemetry.
              You will need to install all the other CHECKED patches in the important list EXCEPT EXCEPT EXCEPT the Security Monthly Quality ROLLUPS from Nov & Dec 2016 and Jan 2017 if you are in Group B.
              Do NOT make it a habit to HIDE the ROLLUPS, but to get caught up do this: HIDE the Jan 2017 ROLLUP, search for updates again (the Dec 2016 ROLLUP will show up), HIDE the Dec ROLLUP, search for updates again (the Nov 2016 ROLLUP will show up), HIDE the Nov 2016 ROLLUP, search for updates again (the Oct 2016 ROLLUP will show up). Now, install all the CHECKED updates under the important list. After the computer reboots, wait 10 minutes, then repeat the search/install/wait 10 min until there are no more patches.
              Now you need the Security Only Quality UPDATE for Nov & Dec 2016.
              Download KB3197867 (Nov) and KB3205394 (Dec) and manually install them. (Type the number in the MS Catalog search box)
              Do another Win Update search/install/wait until there are no more updates.
              Unhide the Security Monthly Quality ROLLUPS (leave the other four hidden). The Jan ROLLUP should be the only one that appears – DO NOT INSTALL IT.

              That should be it.

      • ch100 says:

        KB971033 – that one is a weird patch. It can cause Windows Activation issues for little reason. I would say avoid it unless it is specifically requested by one of the Microsoft sites. This is the only Important patch which can be avoided safely.
        KB976932 being re-offered is only cosmetic. It will install in fact a superseded patch KB2533552, which is better to accept to avoid as I said cosmetic issues. Functionally it does not matter if you install later patches like KB3020369 superseding it, but without it and until you install the later patches, Microsoft says it can cause blue-screens. Install KB976932 when offered.

        The best sequence to follow is to install manually first:
        KB2533552
        KB3020369
        KB3172605

        After that use Windows Update as usual. At least until you get close to being fully patched, use the configuration of Windows Update to Never check for updates and check manually.
        Install about 25 updates at a time, start with all Important non-security (less KB971033), follow with all Security and in the end follow with all Recommended and Optional until there is nothing left.

        • DonnaT says:

          Thank you. You say the best sequence is to install the 3 updates manually first. I have KB3020369 & KB3172605. You also said to install KB976932, which will install KB2533552.

          Do I install KB2533552 manually first, then KB976932 or just do KB976932 since I have the other 2? Doesn’t KB976932 install KB2533552?

          • ch100 says:

            KB976932 itself is SP1.
            But more recent distributions packed KB2533552 as secondary package together with SP1 as mandatory fix.
            Install the three manual patches first and do not worry about KB976932 again because you will not see it again as required (if you already had Service Pack 1 installed).

          • ch100 says:

            If you already have KB3020369, you will not be able to install KB2533552 manually, allow whatever comes on Windows Update, in your case KB976932.

    17. Joe C. says:

      On Win 7 SP1

      In addition to KB3212646 in the January release in WU I got an update for Word Viewer KB3141490.
      (And the new WMSRT of course.)

      • ch100 says:

        Do you still have Office 2003 installed?
        KB3141490 is an update for Office 2003 and there seems to be one of those each month until about September 2017.

      • PKCano says:

        If you have the Viewer installed, you get updates for Office 2003. It is like a runtime version that lets you see the documents.

    18. Ryan says:

      If the new window updates are cumulative why did:

      β€’ KB2952664 : Compatibility update for keeping Windows up-to-date in Windows 7

      β€’ KB3172605 : July-2016-update-rollup-for-windows-7-sp1-and-windows-server-2008-r2-sp1

      β€’ KB3179573 : August-2016-update-rollup-for-windows-7-sp1-and-windows-server-2008-r2-sp1

      Show up as optional updates after I manually installed update (KB3212646 : January 2017 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1)

      Also wuaueng.dll stayed at 7.6.7601.19161 instead of the newer version 7.6.7601.23453. Should I install the optional updates? One thing to note is that the last time updates were pushed to this computer was Aug 2nd, 2016.

      • abbodi86 says:

        They are not fully cumulative yet
        for now, they only include all fixes from September 20, 2016 onwards

        in February or March, they will start adding previous fixes before September 2016

        the Monthly Quality Rollup is expected to be fully cumulative in several months, maybe September 2017 πŸ™‚

        • Terry Pickleson says:

          So will both bug fixes and security fixes be fully cumulative then? Will old patches for the .NET Frameworks also be added to the .NET Framework rollups? Also are Office updates cumulative? I don’t use MS Office, but I am curious.

          • abbodi86 says:

            Yes, the Monthly Quality Rollup will be cumulative
            .NET 4.x.x rollups are already cumulative
            .NET 3.5.1 rollups will follow the MQR rules and become cumulative eventually

            Offices updates are cumulative for each product/component they patch
            but they are not rolled-up, so we will still have a lot of updates

            • Terry Pickleson says:

              I see.

            • ch100 says:

              @abbodi86
              What is the meaning of
              “Offices updates are cumulative for each product/component they patch
              but they are not rolled-up, so we will still have a lot of updates”

              The Office updates come as msp files with new functionality added to the previous one. What does it mean they are cumulative but not rolled up?
              I would be very interested if there was a method to reduce the number of Office updates, like there is one for Windows Update when running Disk Cleanup.
              The Installer folder tends to keep all those copies for uninstall purpose, which again tends to become huge after a while, even for newer products like Office 2016.

            • abbodi86 says:

              Didn’t i explained it before? πŸ˜€

              cumulative = latest msp supersede all previous patches for the same component defined by file name

              not rolled up = each component has its own msp, and it’s released separately
              only very few Hotfixes contained multiple msp files

              there are no automatic or intended way to clean Windows Installer PatchCache

              however, there are some reliable ways to clean older patches, manually or through a .vbs script
              i wrote a detailed post about it at MDL, but unfortunately it was lost in a hack delete 3 months ago (along with a lot of irreplaceable content)

              this link is close enough to mine
              https://www.raymond.cc/blog/safely-delete-unused-msi-and-mst-files-from-windows-installer-folder/
              i recommend the second one
              note that the WiMsps VBScript lists the used patches to keep, so you need to delete the non-listed files
              do not use the old Microsoft Utility

              there are one more truly manual way which works specifically for Office patches
              but it’s not easy to explain πŸ™‚

              • ch100 says:

                Thanks πŸ™‚
                Apologies if you explained it to me before, but I don’t remember and this is too interesting to me to have forgotten. πŸ˜€
                It is very likely that it was explained only on MDL before and unfortunately lost.
                The manual way which certainly works is to uninstall all patches until getting to RTM and run WU fresh. Or uninstall Office and reinstall followed by WU. None of those 2 methods are very professional I am afraid.
                I was under the impression that you were referring to products (not suite) like Word, Excel etc when saying about cumulative updates, but I understand now that it is about the component level and each product is made of many such components.
                Thanks again πŸ™‚

              • abbodi86 says:

                No need for apology πŸ™‚
                i actually posted it here
                https://www.askwoody.com/2017/ms-defcon-2-unknown-office-patches-on-the-horizon/#comment-113929

                the linked list gives a more clear perspective of what i mean πŸ™‚
                https://support.office.com/en-us/article/81464cf1-8510-4ea4-9737-d65db89132ea
                each .msp filename represent a component, all updates for this component are cumulative
                and some of these components represent a whole product/program, as noted in second column (i.e. Excel, Access, Word)

              • abbodi86 says:

                As for the manual cleanup way, my way does not require any uninstall/reinstall πŸ™‚
                it’s simply based on WICleanup method, but instead you do the verfication yourself and delete orphaned .msp files

                ===
                – go to C:\Windows\Installer
                – change view mode to Details (already default in W8 +)
                – right-click on the above properties bar, and enable “Title”
                – sort the files by Title
                – you can now see that certain .msp files have similar titles, with different patch version
                – for each of these similar .msp files, delete the older files with lower version, keeping only the highest one
                ===

                i know the explanation is not very clear without images, but i’m bad at that
                this method never failed me or caused any updating problems πŸ™‚

                • ch100 says:

                  I understand your explanation about sorting by Title and removing older versions.
                  I tried to use Patch Cleaner instead of WICleanup which seems to be old.
                  I will find out if it broke anything, no big deal, just reinstalling Office and repatching.
                  The manual method allows certainly more control and it is likely to be safer.

        • ch100 says:

          I am expecting that at that time we will see the true SP2 named Update 1 or whatever, something similar to KB2919355 or if not, at least similar to KB3000850 (which would not be SP2).

    19. Doc says:

      Woody, as the usual advice, is it MSRT, aside from the small snooping, clear to apply right now?

      Also it’s description states that it will run once after being download but I never noticed it running before… Does it somehow run silently on the background or it should pop some screen or prompt?

      • woody says:

        Usually MSRT runs quietly. Yes, I still think it’s worthwhile running the program – even though I must admit that it’s never caught anything on my machines.

        • Doc says:

          And of it did caught something, how are we supposed ro know? Would it pop something up or it would only show inside some log contained on that oddly named folders, which seems random, created by MSRT?

          Also is there a way I can verify that it is running at the moment or had been run recently?

    20. Terry Pickleson says:

      Woody do you think the small amount of patches for this month were because of the holidays? I mean I don’t know how long in advance Microsoft prepares the patches. Also when will you update the DEF-CON status? I recently did a clean install of 8.1 on my laptop and am wondering when it’s safe to update.

      • woody says:

        Yep, it’s undoubtedly because of the holidays.

        Hold off until the middle of next week. There’s nothing pressing this month anyway.

        • Terry Pickleson says:

          Okay. Thank you. Although I did install the July 2016 Rollup to speed up the update scans. But it’s still taking forever to find anything.

        • ch100 says:

          I think Terry is asking for advice in relation to a NEW installation.
          I would say install everything, i.e. Important and Recommended (and Optional would be a good choice, but that is up to your preference) until December 2016 or November 2016.
          Avoid January 2017 if you wish, until Woody says it is safe. To save time, you could install January 2017 too and uninstall if anything major comes up.

    Leave a Reply