News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

Daily Archives: March 14, 2020

  • Widespread reports of problems with the second March Win10 cumulative update, KB 4551762, the SMBv3 patch

    Posted on March 14th, 2020 at 08:38 woody Comment on the AskWoody Lounge

    I was afraid this would happen. When Microsoft releases two security patches back-to-back, it’s rare that the second patch goes in without problems.

    I’m seeing lots of reports with problems with Thursday’s post-Patch-Tuesday cumulative update, KB 4551762.

    Günter Born kicked off the discussion on Borncity with Windows 10: KB4551762 causes errors 0x800f0988 and 0x800f0900.

    Mayank Parmar at Windows Latest has more complaint reports — and they’re extensive:

    • The aforementioned errors on installation
    • Random reboots
    • Performance hits (which are always hard to verify)

    People who already have installation issues will be lucky enough to have Windows to automatically repair the patch is manually removed. Alternatively, some will have to undergo the recovery process and reinstall their Windows 10 copy if the PC remains slow and buggy.

    We’re also getting lots of reports about the new cumulative update zapping user profiles, just like the original Patch Tuesday patch and last month’s cumulative update.

    There are no in-the-wild exploits of the SMBv3 security hole, although there are many Proof of Concept demos. Kevin Beaumont has tried and failed to crack it in a meaningful way. We’ve had a couple of anonymous posts that point to other potential problems, but I haven’t seen any of them in the real world.

    Finally, @Alex5723 notes that MS has changed the Knowledge Base article associated with the patch, with a worthwhile inclusion:

    SMB Compression is not yet used by Windows or Windows Server, and disabling SMB Compression has no negative performance impact.

    Microsoft also inserted a clarification (for Dummies like me!) explaining why the Server Core versions are the ones affected.

    ‘Softie Nate Warfield tweeted:

    Full Server is not released as part of the Windows Semi-Annual Channel releases; only Server Core.

    As such, Full Server is not affected, only the listed Server Core editions.

    Which is what numerous people told me here on the forum. Thanks, all!

    We’re still at MS-DEFCON 2.