News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Patch Lady – That SMB issue isn’t SMB

    Posted on January 11th, 2019 at 18:04 Susan Bradley Comment on the AskWoody Lounge

    As a follow up to Woody’s earlier post on the issue of  KB4480970 (Monthly Rollup) and KB4480960 (Security only) causing issues with networking and discussed on the Patch Watch Podcast, an interesting factoid about the Windows 7/Server 2008 R2 bug of this week:

    It’s not due to SMB, but NTLM bug.

    Ned Pyle on twitter (and summarized here) states that:

    You will NOT have this issue if you’re using Kerberos. I.e, with a Domain user that is connecting to remote share by DNS or NB name & not IP address

    You won’t have this issue if you are NOT a local administrator on SMB host

    You will NOT have this issue if your SMB host is running Windows 8, 8.1, 10 or Windows Server 2012, 2012 R2, 2016, 2019

    Furthermore, it already looks like the issue has been resolved in a new KB https://support.microsoft.com/en-us/help/4487345 … which appears to only be released on the Microsoft catalog site at this time and not through Windows update.   Which may I point out is a bit odd since many hitting this are … cough … not in a domain and thus wouldn’t be behind WSUS and would only experience Windows update as their patching mechanism.

    If you are impacted the other workaround is showcased in https://support.microsoft.com/en-us/help/951016/description-of-user-account-control-and-remote-restrictions-in-windows that has the fixit version of the registry key workaround.

    One could argue that it’s bad running as local administrator (it is).  One could argue that one needs to ensure you are moving off sharing files on a Windows 7 or Server 2008 r2 given that it has about a year’s life left (unless you have an uber expensive premier support contract and plan to be buying extended support for Windows 7/Server 2008 R2).  But one could also argue that Microsoft is once again showcasing that it’s not testing patches across a wide range of scenarios.

    The reality is that we still have a ton of crappy line of business software that demands local administrator, and the reality that we have workhorses called Windows Server 2008 R2 and Windows 7 that until the feature release process settles down (I’m looking at you 1809 for the number of consultants I see complaining about excessive CPU, the need to constantly install updated drivers, and interactions with printers that worked fine with prior feature releases) as a reason that Windows 10 still needs to act like the adult it’s supposed to be and be dull and boring as it should be instead of annoying and petulant like it is.

    Until then, download that patch from the Microsoft catalog site and go back to keeping an eye out for any other issues on the first official “B” Patching week of the 2019 patching year.

     

     

    If that helped, take a second to support AskWoody on Patreon

    Home Forums Patch Lady – That SMB issue isn’t SMB

    This topic contains 13 replies, has 11 voices, and was last updated by  anonymous 3 weeks, 2 days ago.

    • Author
      Posts
    • #309101 Reply

      Susan Bradley
      AskWoody MVP

      As a follow up to Woody’s earlier post on the issue of  KB4480970 (Monthly Rollup) and KB4480960 (Security only) causing issues with networking and di
      [See the full post at: Patch Lady – That SMB issue isn’t SMB]

      Susan Bradley Patch Lady

      8 users thanked author for this post.
    • #309126 Reply

      jstech
      AskWoody Lounger

      Just like no one should be running Windows XP at this point. Yet they are out there. Old phone systems, massage beds, entertainment systems, etc.

      Group A | Windows 7 Pro 64-bit | Windows 10 Pro 1809 64-bit
    • #309344 Reply

      gborn
      AskWoody_MVP

      @susan, thx for your post. Some additional thoughts are here: Fix for the Windows 7 SMB network bug caused by Update KB4480970/KB4480960

      1 user thanked author for this post.
    • #309379 Reply

      anonymous

      Is KB4487345 a security only quality update? The windows update catalog does not indicate that it’s a security only quality update! I’m only security only so what are my options? It could be that it’s just a stright up fix but I always look for the words “security only quality update: before I’ll trust it.

      I’m also concerned about any windows end of life nagware that my slip in a similar manner to XP’s nagware when it was getting close to its EOL.

      • #309387 Reply

        Elly
        AskWoody MVP

        Per Microsoft:

        This update resolves the issue where local users who are part of the local “Administrators“ group may not be able to remotely access shares on Windows 7 SP1 and Windows Server 2008 R2 machines after installing the January 8th, 2019 security updates.

        It is a fix for security updates, whether the Security Only, or the security part of the Monthly Quality and Security update. It is not yet (if it will be) included in a Security Only update. It will most probably be included in the next Monthly Quality and Security update. It isn’t a rollup or cummulative update that includes telemetry (if that is what you are worried about).

        It is one of the problems discovered, and then fixed, after the January patches were issued. It is a good example why most of us follow the DEFCON system and wait for these problems to be discovered by others. Woody will provide instructions as to how to navigate through this, when the DEFCON level changes.

        As far as I know, no one is reporting any ‘end of life’ nagware for Windows 7, yet. One of the problems that Microsoft faces, is that it has lost the trust of many customers… a sad state of affairs, even if they don’t acknowledge it.

        Win 7 Home, 64 bit, Group B

    • #309393 Reply

      NetDef
      AskWoody_MVP

      This has hit several of my small clients (home and very small office) with their network scanners.

      Installing the hotfix seems to have cleared the problem.

      http://www.catalog.update.microsoft.com/Search.aspx?q=KB4487345

      ~ Group "Weekend" ~

    • #309461 Reply

      Sportsman
      AskWoody Lounger

      Does the new patch KB4487345 replace KB 4480960? I notice both are around the same size. (I haven’t installed KB 4480960 yet.)

      Windows 10 Home 64-bit

      • #309462 Reply

        Kirsty
        Da Boss

        Using the helpful link @netdef provided above to check the Package Details, the supercedence shows as:

        This update replaces the following updates:
        Update for Windows 7 for x64-based Systems (KB3121255)
        Update for Windows 7 for x64-based Systems (KB3156417)

    • #309566 Reply

      SonicMojo
      AskWoody Lounger

      “I’m looking at you 1809 for the number of consultants I see complaining about excessive CPU, the need to constantly install updated drivers, and interactions with printers that worked fine with prior feature releases)”

      I spent the better part of a week troubleshooting why my perfectly good HP LaserJet 1505n printer fully supported on my 1709 machines – only to discover that ALL prior HP drivers that shipped with the OS have been stripped out and “moved” to Windows Update. Which of course is completely useless if using WSUS – and even more useless after I tested Windows Update and my 1505n driver is nowhere to be found on WU.

      Luckily I managed to figure out where the missing driver was being installed from in 1709 (Driverstore/FileRespository) and made a backup of that folder and was able to get my new 1809 machines working correctly.

      I almost gave up on this printer to buy a new one if not for this week of troubleshooting. It just shows me how little thought Microsoft gives to Windows 10 and how it could care less about the hoops users have to go through to actually use their perfectly fine existing hardware.

      Sonic

    • #313757 Reply

      EP
      AskWoody_MVP

      note to Susan (Patch Lady):

      this was recently posted on Born’s web site:
      https://borncity.com/win/2019/01/19/does-the-fix-kb4487345-fail-on-windows-server-2008-r2/

    • #314931 Reply

      cesmart4125
      AskWoody Plus

      Susan,

      Please tell me what SMB and NTLM are.  Thanks.

      Attachments:
      You must be logged in to view attached files.
      • #315014 Reply

        anonymous

        Acronyms and abbreviations often take on lives of their own and become their own definitions. It can be difficult to remember what radar or laser originally stood for in full words.

        Server Message Block is quick, but Windows New Technology Local Area Network Manager has nested acronyms within it. (Windows NT LAN manager)

        • #315823 Reply

          cesmart4125

          Many thanks, anonymous for your help.

           

    • #332003 Reply

      anonymous

      “An authentication error has occurred
      The local security authority cannot be contacted”

      After fixing this back in January with KB4487345, I noticed this behavior returned after the following updates installed on February 20th:

      “2019-02 Security and Quality Rollup for .NET Framework (KB4487078)” and
      “2019-02 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4486563)”

      I uninstalled KB4487345 and restarted.  I am not getting the error anymore.
      Is anyone else experiencing this behavior?

       

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Patch Lady – That SMB issue isn’t SMB

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information: