News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon Home icon Email icon RSS icon

We're community supported and proud of it!

  • Patch Lady – KB4088875 more questions

    Posted on March 27th, 2018 at 15:23 Comment on the AskWoody Lounge

    The following update has had a revision: KB4088875  But in doing so I’m scratching my head a bit more.

    Remember our original side effects relate to networking issues and loss of a static IP upon reboot:

    A new Ethernet virtual Network Interface Card (vNIC) that has default settings may replace the previously existing vNIC, causing network issues after you apply this update. Any custom settings on the previous vNIC persist in the registry but are unused. Microsoft is working on a resolution and will provide an update in an upcoming release.
    Static IP address settings are lost after you apply this update. Microsoft is working on a resolution and will provide an update in an upcoming release.


    On the page on KB4088875  a script is now linked and the following wording has been added:


    Follow these steps before you apply this update to a physical computer or a virtual machine:

    1. Back up the following registry key and subkey:


    1. Copy the following VBScript (VBS) code, paste it into Notepad, save the file with a “.vbs” extension, and then run the .vbs file.Note The script also includes binary version checks around PCI.SYS file.

    (note the KB has the script in detail)

    Okay so here are my questions:

    1.  Is this needed for all deployments or only where a static IP has been used?  As I’ve seen the loss of networking side effect more where a static IP was assigned to the network adapter.
    2. Can an admin run this script before the install of the update?  (based on admins testing this it appears the answer is yes)
    3. In a consumer setting, where we only go to Windows update, do we need this? (I don’t think so but it would be nice to know for sure)
    4. If we’ve already installed the update, should we run this script? (again, I don’t think so but it would be nice to know for sure)

    Right now I only have questions, not answers but here’s my mode of attack:

    1. If it’s a workstation where I have physical access and can easily fix any networking stack issue I’ve installed the update as is and honestly have had no issues.  I am mostly deploying this in settings where my router is handing out the DHCP and I’ve seen no issues.
    2. If it’s a server, I’m deploying this based on how comfortable I am with alternative ways to reach that server and deal with patching issues.  If I can walk over to the server, I’ve gone ahead and patched.  If I’m remote to the server, it depends on if there is a remote network management tool like an iLO or Drac (HP or Dell) and/or how responsive the support team is in the datacenter.

    The side effect of losing networking still feels like there is some other trigger at play in non VMware shops.  I’ve seen people report the issue mostly where a static IP has been assigned.

    One concern as Woody has already pointed out, next month’s preview of non security updates already has the same side effect.

    So bottom line, determine your zeal for updating, throw a bit of salt over a shoulder, squint your eyes real tight, and keep your fingers crossed while you update.  Hey, wouldn’t hurt would it?