Widespread reports of freezing with this month’s Win7 Monthly Rollup, KB 4493472, and Win8.1 Monthly rollup KB 4493446

Spiceworks has a nearly-feature-length litany of problems with KB 4493472.

DON’T let Windows Automatic Update get to your Windows 7 or 8.1 (or Server 2008 R2 or Server 2012 R2) machines. But you knew that already.

Thx @BoltsfanKevin (that’s Kevin Hughes)

UPDATE: Server 2008 R2 machines are falling left and right. From the Sophos Endpoint Security blog:

SAV service was logging lots of error messages in event log. Event IDs : 7022 (service hang), 80, 81, 83, 85, 82, 566, 608, 592.

The server became unresponsive, no rdp, no file share access, Ctrl Alt Delete not working.

Only solution is to uninstall the patch. Which may be difficult.

ANOTHER UPDATE: Sophos has posted an official acknowledgment, putting the blame on both the Win7 Monthly Rollup and the Win 8.1 Monthly Rollup, KB 4493467:

If you have not yet performed the update we recommend not doing so.

If you have performed the update but not yet rebooted we recommend removing the update prior to rebooting.

If you have performed the update and have rebooted, triggering the issue:

Boot into safe mode
Disable the Sophos Anti-Virus service
Boot into normal mode
Uninstall the Windows KB
Enable the Sophos Anti-Virus service

It’s still much, much too early to tell if the same change in Win7 and 8.1 will also clobber other software. Just sit tight and wait for the MS-DEFCON level to change.

More details (including a question about precisely which patches are breaking Sophos) in Computerworld Woody on Windows.

UPDATE: We’ve had several reports that Avast customers are experiencing the same symptoms. Avast has a mea culpa:

Windows machines (particularly those running Windows 7) are becoming locked or frozen on startup after Microsoft updates KB4493472, KB4493448, and KB4493435.

April Patch Tuesday Windows and Office patches are out

Martin Brinkmann has posted his synopsis on ghacks.net:

• Microsoft released security updates for all client and server versions of Windows.
• Other Microsoft software with security updates: Microsoft Edge, Internet Explorer, Microsoft Exchange Server, Team Foundation Server, Azure DevOps Server, Windows Admin Center, Microsoft Office
• Microsoft fixed many long standing known issues.

Dustin Childs’s usual pack-leading analysis on the Zero Day Initiative blog paints a tolerable picture: 74 separately identified security holes. Two actively exploited, both of which seem to be used by nation-state attackers.

Worthy of note: Win10 1903 — which hasn’t been released yet to the hoi polloi — has its own security cumulative update.

As expected, Win10 1607 and 1703 are getting their last patches.

The sole new Security Advisory, ADV190011, talks about the April 2019 Adobe Flash Security Update.

Looks like a dull one. Leave your blocks in place, there’s nothing much to see here.

We’re staying at MS-DEFCON 2.

MS-DEFCON 2: Get your machine braced for the Windows and Office patches due tomorrow

It’s that time again.

With a little luck, we’ll have more options by the time the May or June Patch Tuesdays come around, but for now it’s the same-old same-old.

Details in Computerworld Woody on Windows.

There’s a fix for the bluescreen on the second March cumulative update for Win10 1809 – KB 4490481

Remember the bluescreens many people reported after installing the second March cumulative update for Win10 1809, KB 4490481? For many people, installing the cumulative update results in a System Service Exception error when you restart. (To add to the confusion, the second cumulative update for March was released on April 2.)

I’ve never seen an acknowledgment of the bug, even though I’ve seen lots and lots of reports. When Microsoft says it’s going to start documenting all of the significant bugs in cumulative updates, I’m still skeptical — and this is one of the prime examples.

On Sunday morning, an enterprising (and bright!) fellow on the My Digital Life forum, max1, posted a fix. Ends up that the bluescreen is triggered if you have certain Media Center fonts on your Win10 1809 machine. (Media Center doesn’t ship with Win10. As for why anyone would want it… that’s a discussion for another time.)

I have no idea how max1 figured it out, but reports from all over say it fixes the bluescreen. I first saw the report on Sunday evening, here on AskWoody, from an anonymous poster. Overnight, Martin Brinkmann posted confirmation on ghacks.

There are four fonts you have to take off of your system. You can futz with the registry (Brinkmann has the instructions) or you can create a .reg file following the instructions from our anonymous poster:

Copy the following into a text file, rename it with .reg extension and double click on it:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontLink\SystemLink]
"MS PGothic MC"=-
"Segoe Media Center"=-
"Segoe Media Center Light"=-
"Segoe Media Center Semibold"=-

Works like a champ.

Microsoft re-re-re…-releases KB 4023057, the “Update to Win10 1507, 1511, 1607, 1703, 1709, and 1803 for update reliability”

I last talked about it on Nov. 19:

KB 4023057 has been updated, with a lengthy KB article and very little substance that I can discern.

This update includes files and resources that address issues that affect the update processes in Windows 10 that may prevent important Windows updates from being installed. These improvements help make sure that updates are installed seamlessly on your device, and they help improve the reliability and security of devices that are running Windows 10.

We saw it on Sept. 9 and earlier on January 8.

@ch100 has offered the only explanation that makes sense to me:

KB4023057 was and still is one of the most weird and unexplained updates in the recent times. This update has never been offered to WSUS, but only to Windows Update. This would indicate that it meant for unmanaged end-users and unmanaged small business users…

This patch may be harmless, but why it was released and where it actually applies, it is still a mystery.

The KB article has been updated with a release date of April 4. No doubt this version has more goodies to break the back of any system trying to avoid Win10 1903. Which is funny because 1803 and 1809 are supposed to grow native, built-in 1903 blocking features. More about that Monday morning in the AskWoody Plus Newsletter.

If you want to well and truly hide it — which isn’t easy — follow @PKCano’s directions.

Odd that MS hasn’t added Win1o 1809 to its list of affected versions.

New update options for Win10 1903 explained

MS VP Mike Fortin just posted a much-anticipated announcement of the update (blocking!) capabilities in Win10 version 1903, when it ships. Fortin calls it the “Win10 May 2019 Update” which should confuse the living bewilickers out of everybody — previous Win10 updates around this time of year have been called “Spring” and “April” — but nevermind.

We will provide notification that an update is available and recommended based on our data, but it will be largely up to the user to initiate when the update occurs.

When Windows 10 devices are at, or will soon reach, end of service, Windows update will continue to automatically initiate a feature update [an apparent reference to the Win10 1709 SAC bug mentioned by John Wilcox yesterday]

all customers will now have the ability to explicitly choose if they want to update their device when they “check for updates” or to pause updates for up to 35 days.

We will increase the amount of time that the May 2019 Update spends in the Release Preview phase [painful reminder of the bluescreens in this week’s Win10 1809 cumulative update]

the Windows 10 May 2019 Update will start to be available next week in the Release Preview Ring for those in the Windows Insider Program. We will begin broader availability in late May for commercial customers, users who choose the new May 2019 Update for their Windows 10 PC via “check for updates,” and customers whose devices are nearing the end of support on a given release.

It’s an interesting take on a long-standing problem. If this works out the way Fortin says it will, we’ll have reason for celebrating. Yes, even Win10 Home users.

UPDATE: Ed Bott has already posted an article on the topic. Ditto Mary Jo Foley. Paul Thurrott has a particularly engaging take on the topic (paid content – and well worth the price) that concludes, “What took so freaking long?”

Zac Bowden just clarified an important point:

Yeah. If you press "download and install" on the feature update, you're locked in. You can only pause it up to 35 days. If you don't click "download and install" on the feature update, you won't have to install it for as long as the version of W10 you're running is supported.

— Zac Bowden (@zacbowden) April 4, 2019

Leopeva64 – who’s been right about many Win10 things lately – insists that the Pause (even in Win10 1903 Home) will go up to 35 days, not the “7 days 5 times” promised by Fortin. Looks like the trick is to go into Advanced Options. Yes, on Home.

Who knows, we all make mistakes, maybe he "forgot" that those advanced options appears there or, as I said, he didn't want to mention it for "some strange reason", but believe me, those advanced options will not change when the "May feature update" is released.

— Leopeva64 (@Leopeva64) April 4, 2019

I remain cautiously optimistic.

Reliable reports of bluescreen after installing Win10 1809’s second March cumulative update, KB 4490481

Martin Brinkmann advises that you better back up your system before installing KB 4490481, the Win10 1809 “optional non-security” second cumulative update for March (which, confusingly, was released on April 2).

@AskWoody @etguenni @Deskmodder

— ghacksnews (@ghacksnews) April 4, 2019

On ghacks.net:

Ran into a System Service Exception error on restart after installing the update on one machine. System Restore fixed the issue, Startup repair did not.

doctorwizz on Tenforums:

I was rebooting from Win10 to boot to Win8.1. The update was installing on the shutdown phase and it was taking longer to install this time. So I tried to boot to Win10 again. It was continuing to update and bam. BSOD System Service Exception.

From secondsight, also on Tenforums:

I like doctorwizz above also have BSOD on every machine I have after restarting to complete this update. They all run Win 10 Enterprise. I don’t have any special software running and I’ve never had such problems before. I got out of the fix by doing a system restore and I’m back at 17783.379 now. I tried an experiment or two. I tried the standalone windows catalog installer….same thing.

I also found a Chinese language post that may (or may not) be related.

Of course, I recommend that you NOT install this second monthly cumulative update. Just follow the instructions in my Computerworld article and you’ll be fine.

History of cumulative updates for .NET Framework for Win10 1809 and Server 2019

Patch Lady Susan Bradley just discovered this gem.

Yes, there was a cumulative update for .NET Framework 3.5 and 4.7.2, for Win10 1809, released on April 2.