News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Comments on AKB 2000003: Ongoing list of "Group B" monthly updates for Win7 and 8.1

    Home Forums Knowledge Base Comments on AKB 2000003: Ongoing list of "Group B" monthly updates for Win7 and 8.1

    This topic contains 229 replies, has 39 voices, and was last updated by

     T 2 weeks, 2 days ago.

    • Author
      Posts
    • #170632 Reply

      Kirsty
      Da Boss

      Due to the size of the first topic of this name, it has been closed – it was too big to load easily.

      Please feel free to ask questions about AKB2000003 here

       
      The old comments can be found here:
      Part One – Mar/17-May/17
      Part Two – Jun/17 to Feb/18

      3 users thanked author for this post.
    • #170748 Reply

      SueW
      AskWoody Plus

      Kirsty, I wondered why I couldn’t access the original page . . . I kept getting 504 Timeouts last week.  I had wanted to read any comments that might have pertained to January’s updates prior to installing them.

      Is it possible to select and copy the comments on January’s updates (if any) from that page and then paste them here in order to make sure nothing fell through the cracks?  That is, none of us in Group B missed reading something really important or helpful?

      Many thanks!

      Win 7 SP1 Home Premium 64-bit; Office 2010; Group B; Former 'Tech Weenie'

      2 users thanked author for this post.
      • #170794 Reply

        Kirsty
        Da Boss

        @suew there have been 504s on pages with barely any posts in recent days/weeks, so that may not have been the only issue. While the topic is now closed for new postings, it can still be read (if you can get past the 504s).

        If the problem persists, we might have to split the closed topic in two, but I might keep an eye on that, balanced with the other problems 😉

        2 users thanked author for this post.
        • #170897 Reply

          SueW
          AskWoody Plus

          … it can still be read (if you can get past the 504s)

          Hmmm — I gave up after at least a dozen attempts!

          Thank you, @Kirsty, for your explanation (and your always helpful comments).  Indeed, it is a balancing act :).

          Win 7 SP1 Home Premium 64-bit; Office 2010; Group B; Former 'Tech Weenie'

          1 user thanked author for this post.
          • #172436 Reply

            Kirsty
            Da Boss

            The closed comments topic has now been split in two, which may or may not make it easier to access the old comments.

            2 users thanked author for this post.
            • #172477 Reply

              SueW
              AskWoody Plus

              YaY!!  Thank you, Kirsty!!  Each link definitely makes it easier to access the old comments 🙂

              Win 7 SP1 Home Premium 64-bit; Office 2010; Group B; Former 'Tech Weenie'

    • #170771 Reply

      SkipH
      AskWoody Lounger

      If this ‘forum’ software had a way to limit the posts-per-page (other than turning off the ‘nested’ display method), then it wouldn’t take so looooog and be so sloooow to load up a page of many posts.

      Topics on the main home page seem to be limited to a certain number (8 or 10?). If the number of posts/replies on a sub-topic page were limited to 30-40, then topics with lots of posts would not take so long to load (ludicrous speed or not).

      • #170795 Reply

        Kirsty
        Da Boss

        Ok @skiph, off-topic here, but to reply: no, that’s not an option (refer recent topics on nesting/threading/paging, and the various issues that caused) 🙂

        • #170930 Reply

          SkipH
          AskWoody Lounger

          Yes, I know that. My main point was…why is not there a ‘feature’ of this software to limit a ‘page’ of posts to some finite number, preferably user selectable…as there is on number of other forums I frequent, ranging from bicycling to R/C quad copters.

          And BTW…I assume the “Notify me of follow-up replies via email” still isn’t working? I’ve checked that option on at least 2 recent topics, and never received any emails (and, no they haven’t been going into a spam folder).

          • #170943 Reply

            woody
            Da Boss

            We have three options:

            > Let everybody post

            > Break posts into pages – but you really need to have linear (not indented) posts to make that work

            > Seal the topic off of further comments.

            I thought we’d get better speeds by turning the replies linear, and breaking the pages up into 10 or 20 posts. But it didn’t work out that way.

            If this ‘forum’ software had a way to limit the posts-per-page (other than turning off the ‘nested’ display method), then it wouldn’t take so looooog and be so sloooow to load up a page of many posts.

            And that’s at the crux of the problem. If you have nested replies, how would the software break them into pages? I struggled with that for a while, and finally gave up.

            3 users thanked author for this post.
          • #170944 Reply

            woody
            Da Boss

            Oh. And “Notify me of follow-ups by email” is part of an add-on that will get upgraded before too long. In the interim, though, it doesn’t work – as you note.

            2 users thanked author for this post.
            • #170947 Reply

              Kirsty
              Da Boss

              It does work, intermittently. Some people get no emails at all, but I get several each day (and cannot guarantee that is all that I should be getting, though).

              It may have something to do with the email address, as @sparky noticed a few months ago.

            • #170953 Reply

              HiFlyer
              AskWoody Lounger

              Oh. And “Notify me of follow-ups by email” is part of an add-on that will get upgraded before too long. In the interim, though, it doesn’t work – as you note.

              Does it help to “subscribe” to the topic?  btw:  I got six emails today.

               

    • #171748 Reply

      anonymous

      Is this KB4077561 only for 8.1 or for all OS? It looked like an 8.1 patch. If so, shouldn’t 8.1 be put with its name for reference?

      Jan 2018 KB 4077561 (release 1/24 for PIC/APIC stop errors) – Download 32-bit or 64-bit

       

      • #171758 Reply

        PKCano
        Da Boss

        If you will notice, it IS under the heading For Windows 8.1 and NOT listed under the heading For Windows 7.

    • #172948 Reply

      anonymous

      If one skips IE patches for a month or two, it is only necessary to install the latest one rather than each missed month correct?

      • #172953 Reply

        PKCano
        Da Boss

        The IE patches are cumulative, so you only need the latest one.

        1 user thanked author for this post.
    • #175844 Reply

      Skunk1966
      AskWoody Lounger

      I found this article about problems with this month’s updates:

      https://www.theregister.co.uk/2018/03/14/microsoft_secures_the_servers_of_the_world/

      Until further notice I won’t install this month’s(security-only) updates for Windows 7 SP1

    • #176090 Reply

      Skunk1966
      AskWoody Lounger
    • #184423 Reply

      z.d.
      AskWoody Lounger

      Hello all, can I ask for some advice please?

      I’m a Group B Windows 7 user . In late March, I was waiting patiently until MS-Defcon 3 arrived to install the March updates, and took the advice of Patch Lady’s post of 31st March to install KB4100480, the “Total Meltdown” patch.

      I’m now ready to install the March update, but have I done this out of sequence, i.e. by installing the March updates now will I be undoing the remedial work of KB4100480?

      Also, weirdly, Windows Update no longer offers me the March update. Obviously I’ll be downloading the March update manually, and I’m not sure if this is relevant, but I thought I’d mention it just in case.

      • #184430 Reply

        PKCano
        Da Boss

        I’m now ready to install the March update, but have I done this out of sequence, i.e. by installing the March updates now will I be undoing the remedial work of KB4100480?

        No, the March patches do not cause a problem for KB4100480.

        1 user thanked author for this post.
      • #185017 Reply

        StruldBrug
        AskWoody Lounger

        Also, weirdly, Windows Update no longer offers me the March update.

        As a Group B’er, you want “Security Only” updates, which Windows Update doesn’t give you. It gives you “Security Monthly Quality Rollups”, which you do not want, nor any previews. Use this the list, which PKCano updates monthly to get the Catalog download links for both “Security Only” and IE cumulative.

        https://www.askwoody.com/forums/topic/2000003-ongoing-list-of-group-b-monthly-updates-for-win7-and-8-1/

        2 users thanked author for this post.
    • #185150 Reply

      GoneToPlaid
      AskWoody Plus

      Hello everyone,

      Following are my notes about the Group B updates.

      GROUP B SECURITY ONLY UPDATE INSTALLATION NOTES

      NOTES ABOUT THE 2017 UPDATES…

      The January 2017 update KB3212642 will not show up as installed after the March 2017 update is installed, because KB3212642 was superseded by the March 2017 update. This supersedence is not documented by Microsoft.

      There was no February 2017 update.

      The Security Only updates should be installed sequentially and in the order of their release dates, except for two notable exceptions which are described below.

      1. Install the June 2017 update first, before installing the May 2017 and April 2017 updates (in this order), in order to prevent Windows Update from subsequently being blocked on some older CPUs. This was Microsoft’s way of saying “thanks” to users who installed Windows 7 on newer generation hardware such as on computers with AMD Ryzen CPUs, yet at the same time Microsoft inadvertently killed Windows Update for some older CPUs such as Haswell Core I5 CPUs and other CPUs.

      2. Install the September 2017 update before installing the August 2017 update since the September 2017 update includes newer updates for kernel mode drivers and the Windows kernel. The kernal mode drivers in the August 2017 update have issues. This is why you should install the September 2017 update before installing the August 2017 update.

      The October 2017 update may cause Jet DB issues with much older applications. A fix is available at:

      https://www.microsoft.com/en-us/download/details.aspx?id=13255&751be11f-ede8-5a0c-058c-2ee190a24fa6=True

      The November 2017 update may break printing for some Epson dot matrix and POS printers. Update KB4055038 is available to fix this issue.

      NOTES ABOUT THE 2018 UPDATES…

      The 2018 updates for Meltdown and Spectre COMPLETELY FAIL to protect against the BranchScope security vulnerability which was publicly disclosed in late March 2018. BranchScope is a new variant of the Spectre (CPU speculative execution) class of vulnerabilities which were publicly disclosed in January 2018. BranchScope theoretically can be mitigated, yet doing so is far from easy.

      The QualityCompat regkey must be set before installing any 2018 updates. This regkey should be set ONLY IF ALL INSTALLED ANTIVIRUS SOFTWARE has been updated to be compatible with all 2018 updates, regardless of whether or not the antivirus software automatically runs when booting Windows or later is manually run, because most antivirus software installs low level I/O drivers which are loaded when Windows starts, regardless of whether or not the antivirus software itself actually runs when Windows starts.

      The upshot of the above paragraph is: Make sure that ALL installed antivirus programs have been updated to be compatible with the QualityCompat regkey BEFORE you install any of the 2018 updates.

      ********************
      Windows Registry Editor Version 5.00

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat]
      “cadca5fe-87d3-4b96-b7fb-a231484277cc”=dword:00000000

      ********************

      The 2018-03-29 KB4100480 Windows kernel update must be installed immediately after installing any of the 2018 updates in order to address a kernel escalation of privilege vunerability. This update may be installed after installing the 2018 updates and rebooting.

      The January through March 2018 updates are inherently flawed by Microsoft. These flawed Meltdown updates expose ALL kernel and program memory to ANY program. This new expoit is called Total Meltdown. Microsoft themselves created this Total Meltdown flaw. NO MALWARE TECHNIQUES WHATSOEVER ARE REQUIRED IN ORDER TO EXPLOIT THIS FLAW.

      The March and April 2018 security only updates KB4088878 and KB4093108 still have issues (SMB server memory leaks and stop errors). KB4100480 Windows kernel update for Total Meltdown must be installed immediately after installing the March update. KB4099467 must be installed immediately after installing the March update to resolve stop error (ab) when exiting a Windows session.

      The April 2018 security only update will be presented and will install REGARDLESS OF WHETHER OR NOT the QualityCompat regkey is present and set within your Windows 7 computer’s registry. Why? Because Microsoft is trying to cover their collective rear ends in order to resolve the Total Meltdown vulnerability which Microsoft themselves created. The upshot is that, after installing this update and if your antivirus software is not compatible with the QualityCompat regkey, then your computer may BSOD on reboot. Microsoft kindly leaves it up to you in order to figure out how to resolve this issue.

      Best regards,

      –GTP

       

      3 users thanked author for this post.
    • #185166 Reply

      anonymous

      Is it correct that KB4100480, KB4099467 and KB4099950 are now included in the April KB4093108 update?

      1 user thanked author for this post.
    • #185171 Reply

      GoneToPlaid
      AskWoody Plus

      Is it correct that KB4100480, KB4099467 and KB4099950 are now included in the April KB4093108 update?

      That is a good question. The article for KB4093108 states that KB4093108 supersedes KB4100480, yet makes no mention about KB4099467 and KB4099950. Additionally, the Microsoft Update Catalog Package Details for KB4093108 do not list KB4093108 as superseding ANY updates whatsoever. Now, isn’t this a riot of fun to try to figure out?

      Yet at the end of the day, KB4099467 and KB4099950 still appear to remain stand-alone updates which are not part of KB4093108.

      Nothing verified, yet this is all that I have to say at the present time.

      1 user thanked author for this post.
    • #185314 Reply

      anonymous

      What will Group B folks be missing by never doing 4088878 on Windows 7 x64 machines that are up to date from February?  Are there stable updates from within 4088878 that can be done separately from the catalog?

      I’m wondering if March updates will eventually have to be installed or if “just” April 4093108 will be the way to go due to it containing fixes for things like 4100480 & possibly 4099467.

      Having only installed March MSRT last DEFCON 3, it’s a bit worrisome that the others might still need doing, so I’m hoping some can be avoided.  Perhaps I’m fooling myself.  Please advise, thanks.

      1 user thanked author for this post.
      • #185318 Reply

        PKCano
        Da Boss

        Group B folks who do not install March update KB4088878 will be missing all the fixes contained in the patch. Security-only patches are NOT cumulative. If you do not install one, you never get the fixes contained in it.
        April security-only update KB4093108 takes the place of KB4100480 and KB4099467. But it does not contain the fix for NIC/IP address problems. You will need to download KB4099950 and install it manually BEFORE you install the March and April Security Only UPdates. (And, yes, you need both).

        As Group B you will also need to download and manually install the IE11 Cumulative Update every month.

        My suggestion is you manually install KB4099950, reboot, check to see if C:\Windows\LOGS\PCIClearStaleCache.txt file is present. If it is….
        Install 4088878 KB4093108 KB4092946 (in that order, not necessary to reboot in between), reboot.
        Wait for DEFCON 3 or above to follow Woody’s patching.

        4 users thanked author for this post.
    • #185323 Reply

      anonymous

      thank you for the response.  Helps to unmuddy the water a bit.

    • #185372 Reply

      LTL
      AskWoody Plus

      Like the man said: Helps to unmuddy the water a bit. I would even say ‘a lot’.

      Held off any updates (or uninstalls) for more than a month. Just couldn’t keep up with all the patches and repatches, but now I was ready to give it a try – thanks to @mrbrian‘s sum up.

      Had IE 4092946 and 4100480 already installed, and that turned out to be no issue when I just installed 4099950 > reboot > 4088878 > 4093108 > reboot.
      Everything’s working fine – for now.

      Thank you again & always @woody @sb @mrbrian @pkcano!

       

       

      2 users thanked author for this post.
    • #186183 Reply

      anonymous

      Looking for clarification and a recommendation on the following.

      Group B. I haven’t updated since December so nothing from January through April. Above it says to install KB4099950 prior to the March KB4088878 update. But this article, https://www.askwoody.com/2018/patch-lady-kb4099950-gets-a-revision/, says KB4099950 does not apply to Group B patchers. Come time, do I install KB4099950 reboot and check for PCIClearStaleCache and then proceed or KB4099950 is not needed?

      For the January KB4073578 or KB4056897, February KB4074587 and March updates KB4088878. Is it advisable to hold off on those for a bit longer since they don’t contain any critical patches and seemed to cause many issues or it is not recommended to continue waiting on them?

      Thank you very much for sharing your knowledge.

      1 user thanked author for this post.
      • #186186 Reply

        PKCano
        Da Boss

        Look for the answer to your questions to be finalized when Woody raises the DEFCON level to 3 or above. At the time, he will publish his recommendations in a blog post ans a ComputerWorld article.
        All the information is not in yet.

        3 users thanked author for this post.
    • #191492 Reply

      anonymous

      I have some possible adjustments for the list:

      KB3044374 was mentioned as don’t skip (in 2015), so maybe it shouldn’t be on the avoid/uninstall list.
      “so don’t think you can skip it”
      https://www.computerworld.com/article/2910739/patch-management/microsoft-elaborates-on-kb-2990214-kb-3044374-windows-10-nagware-patches.html

      Add to junk list to not install / uninstall:
      If you still have KB3035583 installed somehow remove it?
      KB3123862
      KB3173040
      KB3163589
      KB3075249
      KB3090045
      KB3072318
      KB3064683
      KB2977759
      KB3081954

      Most(all?) of these never had any value and should be obsolete, so there is very little reason to have them installed.

      1 user thanked author for this post.
    • #192439 Reply

      Erik
      AskWoody Lounger

      I am in Group B with both a 32 bit Windows 7 desktop and a 64 bit Windows 8.1 laptop. Currently I haven’t patched anything since January. I skipped February and later since I absolutely rely on 2 factor authentication and read that February’s patches screwed that up and that March’s did not fix that. I know most people do use that so it might not be reported on much and maybe it got lost or forgotten about in the large amount of traffic here now. Does anyone know if it is safe for me to patch (security only) so that I will still be able to use my 2 factor authentication?

      • #192444 Reply

        PKCano
        Da Boss

        The SmartCard problem has been fixed, if that’s what you are referring to.
        There have been other problems with this year’s updates. You might want to read over Woody’s DEFCON blogs and those topics where he summarizes the problems. Be sure to include the linked ComputerWorld Articles. There have been a number of hotfixes as well.

        There is a problem with the May patches uninstalling NICs in Win7 that has not been fixed.

        1 user thanked author for this post.
    • #193218 Reply

      anonymous

      It looks annoying, but I’d like to try this “Group B” thing. Basically, on a fresh new installation of W7 SP1, I install the followings:

      KB3177467

      KB3172605

      Uncheck all Roll-Up updates and problematic updates, keep only Security and .net framework/c++ redistributable updates and install all of them.

      Is that right? Also, for IDK what reason, another guy here says to install only Office updates starting from June 2017: https://answers.microsoft.com/en-us/windows/forum/windows_7-update/windows-7-updating-in-2018/291a9582-17a7-4942-8145-8d9f68265189?tm=1524412557788

      • #193220 Reply

        PKCano
        Da Boss

        Although this is for Group A, read over the external to Windows Update and Windows Update settings in this post. Set them before you go online if they are available. Some will not be available until after updates are installed.

        For a Clean Install what I use (for Group B) is:
        BEFORE YOU START
        Download KB3020369, KB3138612, KB3177467, and KB3172605 for your bitedness. (I know you are going to ask. Yes, all four)

        OFFLINE:
        1. Install Win7. Reboot.
        2. If your installer does not include SP1, install SP1. Reboot.
        3. Open Administrative Tools\Services. Highlight Win Update Service and at top left click “Stop”
        4. Manually install the four downloaded patches in the order above. Reboot.
        5. In Windows Update Change settings – CHECK “Give me updates for other MS produces,” and set updates to “Never Check

        ONLINE:
        1. Check for updates
        2. If you don’t want the telemetry updates, HIDE the ones mentioned at the top of AKB2000003. You will have to keep watching for these every time before you install updates. Particularly KB2952664.
        3. To be sure you get all the necessary updates: HIDE the current “Security Monthly Quality ROLLUP,” check for updates, HIDE the next earlier “Security Monthly Quality ROLLUP,” check for updates. Repeat this procedure until you have hidden the “October 2016 Monthly ROLLUP.”
        4. Download and Install manually from AKB2000003, the Security Only Quality Updates from Oct 2016 to the current month and the latest Cumulative Update for IE11. Reboot wait 15 min. & check.
        5. HIDE any other updates you don’t want to install (drivers, anything that has caused a problem with your PC, features you don’t want, etc)
        6. Install everything else that is CHECKED in the “important updates” list. Reboot. (I like to do this in batches. (“Updates for Win7,”) reboot wait 5 min. & check, (IE11, .NET 4.5.2 or 4.6.1 ONLY, any additional  “Updates for Win7,” and in the optionals KB2670838 Platform Update), reboot wait 5 min. & check, (any “Update for User-Mode Driver Framework”, Update for Kernel-Mode Driver Framework,” and “Update for ActiveX Killbits”), reboot wait 5 min. & check, (“Security Updates for Win7”), reboot wait 5 min. & check, (“Security Updates for MS .NET”), reboot wait 5 min. & check, (anything else that is CHECKED in the “important updates” list), reboot wait 5 min. & check.)
        7. Repeat #5 and #6 until there is nothing left that is CHECKED in the “important updates” list.
        9. HIDE any UNCHECKED important updates that you don’t intend to install in the future.
        10. Reboot. Wait 30 minutes. Run Disk Cleanup, click “Cleanup System Files,” be sure Windows Update Cleanup is checked, click OK.

        I use Office 2010. I install all the checked important updates. from WU
        I also install the .NET Rollups that are checked important updates in WU.

    • #193267 Reply

      anonymous

      1) I noticed there is no Windows Update Cleanup in my Disk Cleanup options.

      2) I read many guides and none of them mentioned KB3138612, also KB3020369 is redundant since KB3177467 replaces it, as clearly stated on its page.

      3) Do you really have to install manually all the security-only updates? That’s really annoying… Why can’t you just select all  of them in WU and let it do the job for you?

      4) Do you instally ANY update that shows up for Windows Office 2010, even those from 2013?

      5) In the optional updates you don’t install anything?

      • #193281 Reply

        PKCano
        Da Boss

        1) I noticed there is no Windows Update Cleanup in my Disk Cleanup options.

        Run Disk Cleanup, click on cleanup System Files. If you have run Windows update it will be there.

        2) I read many guides and none of them mentioned KB3138612, also KB3020369 is redundant since KB3177467 replaces it, as clearly stated on its page.

        (I know you are going to ask. Yes, all four)

        3) Do you really have to install manually all the security-only updates? That’s really annoying… Why can’t you just select all of them in WU and let it do the job for you?

        Security only patches are NOT offered in WU, only the Rollups. I thought you said you wanted to be in Group B.

        4) Do you instally ANY update that shows up for Windows Office 2010, even those from 2013?

        I use Office 2010. I install all the checked important updates. from WU

        5) In the optional updates you don’t install anything?

        Group B does not check “Give me recommended updates the same way I get important updates” in the WU settings. If you read Akb2000003 you will see the guidelines.

        1 user thanked author for this post.
    • #193268 Reply

      anonymous

      Even if IE updates are listed multiple times on https://www.askwoody.com/forums/topic/2000003-ongoing-list-of-group-b-monthly-updates-for-win7-and-8-1/ I have to install all of them? I just have to stick to that list anyway?

      • #193276 Reply

        Kirsty
        Da Boss

        The Internet Explorer updates are cumulative – only the latest one needs to be installed.

        1 user thanked author for this post.
      • #193283 Reply

        PKCano
        Da Boss

        4. Download and Install manually from AKB2000003, the Security Only Quality Updates from Oct 2016 to the current month and the latest Cumulative Update for IE11

        3 users thanked author for this post.
        • #193302 Reply

          walker
          AskWoody Lounger

          @pkcano:  I just noted my answer to the question I had.    It was a question regarding the cumulative update for the IE being for Group B.  I do apologize for something that I should  have known.

          I try to read everything, and occasionally I make a mistake, “this may be one of them”, for which I apologize if it is.    🙁

          Your invaluable assistance is sincerely appreciated, as always.   🙂

          • #193306 Reply

            PKCano
            Da Boss

            IE11 Cumulative Update is part of the Rollup you install as Group A. You do not have to worry about the individual file. It is used by Group B.

            1 user thanked author for this post.
            • #193310 Reply

              walker
              AskWoody Lounger

              @pkcano:  Thank you for your very clear reference to the IE cumulative update being part of the Rollup you install as Group A.    I sincerely appreciate the clear, concise reply.    Your expertise is outstanding, as it always is.   Thank you once again, PK.      🙂

    • #193307 Reply

      anonymous

      Just to be fully sure, do you need to install the following types of updates?

      1) C++ Redistributables

      2) Definition Update for Windows Defender

      3) Malicious Software Removal Tool

      These kind of updates are released constantly, so I would like to know if I really need them or not.

      • #193309 Reply

        PKCano
        Da Boss

        6. Install everything else that is CHECKED in the “important updates” list.

        Yes, yes, yes, you need them.

        1 user thanked author for this post.
    • #193336 Reply

      anonymous

      Maybe dumb question: if I decide to install Microsoft .NET framework 4.7.2 manually (latest version available atm), will WU show me any updates for it?

      • #193339 Reply

        PKCano
        Da Boss

        I haven’t installed .Net 4.7.2 yet, but I believe the updates will be included in the .NET Rollups offered through WU.

        2 users thanked author for this post.
    • #193472 Reply

      anonymous

      One thing that should be pointed out for the Group B guide:

      You can’t install all the standalone WU Security-only patches in a row: you have to turn off the WU update service -> turn on -> install one update and keep repeating this procedure or the MSU installer will get stuck into a loop of “searching for updates for this computer” as documented here:

      https://superuser.com/questions/1044528/attempting-to-install-msu-hotfixes-results-in-searching-for-updates-on-this-com

      You can avoid doing this manually for every update by using this script:

      https://superuser.com/questions/1057443/windows-update-stand-alone-pakages-msu-loop/1057487#1057487

      • #193632 Reply

        The Surfing Pensioner
        AskWoody Plus

        The Windows Security-only patches have to be downloaded from the catalogue and installed individually using the M/S standalone installer. I myself would have WU turned off whilst doing this, until I want it to do a search afterwards. But forgive me if I’ve misunderstood your point.

        1 user thanked author for this post.
        • #193680 Reply

          anonymous

          You misunderstood. Windows 7 has lots of unfixed bugs. One of them causes your PC to get stuck in a loop “searching for updates for this computer” when you the M/S standalone installers downloaded from the catalogue. That’s why you have to keep disabling and re-enabling the WU service after every single update.

          • #193682 Reply

            PKCano
            Da Boss

            If you set WU to “Never check for updates” and disconnect from the Internet during the install, it may help you.

            And you can do a direct download from AKB2000003 – those are direct Catalog downloads

            1 user thanked author for this post.
            • #193812 Reply

              HiFlyer
              AskWoody Lounger

              If you set WU to “Never check for updates” and disconnect from the Internet during the install, it may help you. And you can do a direct download from AKB2000003 – those are direct Catalog downloads

              That procedure works for me….every time.  No searching when I click to install the downloaded (from AKB2000003) and saved update.  Thanks again PK.

               

          • #193690 Reply

            The Surfing Pensioner
            AskWoody Plus

            My Windows 7 doesn’t have “unfixed bugs”. I’ve never had the problem you describe at all…………………………………..or any bug-related other problem, for some time now.

            4 users thanked author for this post.
    • #193616 Reply

      anonymous

      Under “Optional” updates I have “2017-10 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows 7 and Server 2008 R2 for x64 (KB4043766)”, update framework driver mode, a lot of “update for windows 7 64bit based systems”. Should I Install them even if optional?

      • #193630 Reply

        PKCano
        Da Boss

        Group B does not install unchecked optional updates.

        2 users thanked author for this post.
        • #193667 Reply

          anonymous

          Do you hide the unchecked optional updates or just leave them there displayed?

          • #193670 Reply

            PKCano
            Da Boss

            I don’t even look in the optionals b/c they are all unchecked. But you can hide them if you want. I makes no difference.

            1 user thanked author for this post.
    • #195045 Reply

      RDRguy
      AskWoody Lounger

      @pkcano, @kirsty, @woody

      Seeing as we have probably 19 more months of Win7 Group B security-only patches & 55 more months of Win8.1 Group B security-only patches coming from MSFT, might I suggest splitting AKB 2000003 into separate AKBs, 1 for Win7 & another for Win8.1?

      As it is now, it will only keep getting larger and may eventually grow too big to keep together in a single post. Once support for Win7 stops in 2020, it would make more sense to separate out Win8.1 and why wait until it gets larger to do it?

      No real necessity to do it now but either way, I find this AKB to be extremely valuable especially to those who perform clean installs and wish to remain in Group B and I thank you all for keeping this AKB updated.

      Thank you.

      Group B / Win7 (Ultimate & Pro) [x64 & x86]
      RDRguy

      Win8.1 Group B (Pro) [x64]
      Win7 Group B (Ultimate & Pro) [x64 & x86]
      MSOffice Pro Plus 2010 SP2 (x86 Perpetual)
      MSOffice Pro Plus 2013 SP1 (x64 Perpetual)
      RDRguy

      1 user thanked author for this post.
    • #196019 Reply

      anonymous

      I have a 64 bit desk top 8.1 computer and try to follow AKB2000003’s direct catalog

      downloads for Group B.  However, today I checked my installed updates against his list only

      to find that I have somehow missed KB4012204 (March 2016) and KB402533 and

      KB4025252 (July), and both  April 2018 security updates.  Do I uninstall everything

      back to the first missed update and then install them again in sequence?  Your advice

      would be much appreciated.   Thank you. Jo

       

      • #196025 Reply

        PKCano
        Da Boss

        The Security Only updates are not cumulative. Take the ones you are missing and install them in order (Stop the Windows Update Service – you do not need to reboot in between). You do not need to uninstall anything.

        The IE update is cumulative, so you only need the latest one.

    • #196229 Reply

      anonymous

      Was there ever a definitive answer whether or not KB4099950 applies to Group B or not? I have tried searching but can’t find an answer.

      What happens if the security only patches are applied and the user has the NIC/IP error that KB4099950 is for? Can KB4099950 then be installed to fix it or it must be run before the March Security Only KB4088878?

      Thank you.

      • #196238 Reply

        PKCano
        Da Boss

        is not a Group B patch. Group B patches are Windows SO and IE11 Cumulative.

        However, you need to install KB4099950.
        If it was installed on your PC before April 17, you need to uninstall it and the March SO first b/c KB4099950 was modified 4/17. Then you need to download the current version of KB4099950 from the MS Catalog.  There are two files (an .msu and a .exe). To install, double click on the .msu – the .exe will be automatically executed in the process of the installation.

        Install KB4099950 before the March SO (do not reboot), install the March SO, and reboot immediately after.

        • #196720 Reply

          EH
          AskWoody Lounger

          Thank you PKCano for posting the list of “Group B” Win7 updates. Please correct me if I have the following procedure wrong:

          I have downloaded the Jan-May Security Only updates, along with KB4099950 and IE11 KB4103768. I will install Jan, then Feb updates, followed by KB4099950 as I do not have the “C:\Windows\LOGS\PCIClearStaleCache.txt” file present. I will then install Mar, Apr, and May SO updates, followed lastly with IE11 KB4103768. If I have this correct, when do I reboot during the procedure?

          Thank you again.

    • #196267 Reply

      anonymous

      Double checking. https://www.askwoody.com/forums/topic/comments-on-akb-2000003-ongoing-list-of-group-b-monthly-updates-for-win7-and-8-1-2/#post-185318 That post says to install KB4099950 and then reboot to check for Windows\LOGS\PCIClearStaleCache.txt file and the above says do not reboot and immediately install KB4088878.

      • #196273 Reply

        PKCano
        Da Boss

        The instructions directly above are the correct ones after the revision 4/17.

        1 user thanked author for this post.
        • #196754 Reply

          HiFlyer
          AskWoody Lounger

          The instructions directly above are the correct ones after the revision 4/17.

          PK;  I vaguely remember something about installing Feb SO before Jan SO because it had a fix for a problem.   Do you remember what that was about?

          • #196756 Reply

            PKCano
            Da Boss

            Maybe the AMD thing?

            • #196759 Reply

              HiFlyer
              AskWoody Lounger

              Maybe the AMD thing?

              That’s probably it.  I have 2 AMD win7 laptops I had to update, and I remember seeing  on AW to install Feb SO before Jan.     I did and had none of the problems about rebooting.

              I just can’t remember where the post was.  Thanks.   Senior Moments 🙁

               

    • #196274 Reply

      anonymous

      Thank you PKCano.

    • #196763 Reply

      anonymous

      Please correct me if I have the following procedure wrong:

      I have downloaded the Jan-May Security Only updates, along with KB4099950 and IE11 KB4103768. I will install Jan, then Feb updates, followed by KB4099950 as I do not have the “C:\Windows\LOGS\PCIClearStaleCache.txt” file present. I will then install Mar, Apr, and May SO updates, followed lastly with IE11 KB4103768. If I have this correct, when do I reboot during the procedure?

      Win7 / 64-bit / Group B

      • #196769 Reply

        PKCano
        Da Boss

        Slight revision. Install in this order – reboot where indicated:
        KB 4074587 Feb SO
        KB 4073578 Jan SO
        KB 4099950 (be sure you download both files .msu and .exe – only double click .msu)
        KB 4088878 Mar SO
        Reboot – wait 15 minutes after login to proceed.
        KB 4093108 Apr SO
        KB 4103712 May SO
        KB 4103768 May IE CU
        Reboot

        4 users thanked author for this post.
        • #196840 Reply

          HiFlyer
          AskWoody Lounger

          @pkcano “#196769 Slight revision. Install in this order – reboot where indicated: KB 4074587 Feb SO KB 4073578 Jan SO KB 4099950 (be sure you download both files .msu and .exe – only double click .msu)”

          You found the AMD post?

           

        • #196860 Reply

          EH
          AskWoody Lounger

          Thanks again PKCano.

          I do not have an AMD system. Should I still install the Feb update before the Jan SO update?

    • #200431 Reply

      anonymous

      Hi PKCano,

      My laptop collapsed a few days ago and I had to pull it again from a image backup dated April 2017.  I have Windows 8.1 and always have tried to have my computer within the “group B” directives.

      So now, my Win8.1 is not yet updated and I am trying to decide when and how update it properly. The thing is: in Ask Woody it has always been recommended to wait until there is a MS-DEFCON Level 3, 4 or 5 before updating anything, but this rarely happen nowadays. I think I have seen it happen once in all this 2018 (I follow the posts but sometimes loose track for some weeks). Also, from Woody’s analysis in the last months (https://www.computerworld.com/article/3216425/microsoft-windows/microsoft-patch-alert-some-bugs-in-win-10-1803-fixed-others-persist.html) it seems like Win8.1 is stable and untouched by all the recent update problems.

      So, taking that into consideration and the fact that I want to create a new clean image backup and move on into something more productive,… I wanted to update.

      Would you recommend it?

      How would you do it? Any specific installation order other than the chronological one?

      Anything I can do regarding the Meltdown-Spectre situation from this whole 2018? I am not up to date about that, but my retailer (Asus) is not offering any BIOS update (they are only offering Intel 6th, 7th & 8th gen, and my processor is 3rd gen) and I would not want to waste any  processing power into fixing a “there-is-not-any-real-threat-yet” problem.

      I would gladly appreciate an answer. Thank you!

      • #200436 Reply

        PKCano
        Da Boss

        First let’s get the correct information about DEFCON. The DEFCON rating only applies to the current month’s updates. The fact that we are at DEFCON-2 does not mean you can’t update anything. It only means that THIS month’s updates are on hold. Updates from previous months have been cleared (or not) and according to that month’s instructions are safe to install (or not). So th only on-hold as of today, are June 2018 Updates.

        My recommendation for your case:
        + You are up to date as of your April 2017 image.
        + Download all the security-only updates. the Dec. 2017 IECU, and the May IECU.
        + Set Win Update to “Never check.” Reboot.
        + Stop (not disable) the Windows Update Service. Leave the Services window open.
        + Start with the 2017 security-only updates you are missing and install them in order. Then install the Dec. 2017 IECU. You do not have to reboot between the patches.
        + Reboot, wait 15 minutes after login (Task Manager usage should drop to 0 or a very small number)
        + Stop (not disable) the Windows Update Service. Leave the Services window open.
        + Install the May 2018 Security-only update, then Jan-April SO, then the May IECU (Hopefully, installing May’s SO first will take advantage of fixes). If you find a second .exe file with any of the SOs, download it and put it in the same location as the patches but don’t click on it)
        + Reboot.

        What you are doing is updating to Dec 2017 and rebooting. You may want to make an image at this point b/c Dec 2017 is stable and before the M/S mitigation. Then catch up to date and wait for the DEFCON-3 for June patches.

        4 users thanked author for this post.
        • #200455 Reply

          anonymous

          Thank you for that quick response. It is really helpful, explicative and with very easy to follow instructions. I will do as you said.

          2 tiny follow-up questions:

          • You said to update until May 2018, but the 2018 June SO (4284878) and IECU (4230450) are listed as safe in the Patch list master. Should I still wait for the DEFCON 3?
          • That second .exe file you were talking about. I don’t understand what are you refering to. Is that the Jan 2018 KB 4073576 and Jan 2018 KB 4077561? Does that also include Nov 2017 KB 4055038 (as listed at the 2000003 post)? If so: do I download them and leave them in the same folder with the other SO updates but don’t click on them? Will they get installed somehow just by clicking in that month SO? Or in case I have to copy those .msi files somewhere. Where do they go specifically?

          About the DEFCON rating clarification. Thanks for explaning it. I get that is only about the current month updates. But in this situation, or whenever I haven’t had the time to update the PC in a few months it gets quite time-consuming to follow all the issues with every update / OS version / MSOffice / IE / Flash / Meltdown-Spectre… (although that has been easier in the last months/year with this post and the master patch list). So I usually rather wait until you see a general “go ahead”, or you have to invest a full morning or whole day going through countless posts and explanations since I last updated (more than a year in this case). But again, I feel like this rarely happen anymore.

          • #200462 Reply

            PKCano
            Da Boss

            Should I still wait for the DEFCON 3?

            Yes, because in addition to the DEFCON number, Woody puts an article in ComputerWorld with further instructions.

            That second .exe file you were talking about.

            The second file (the .exe) will appear in the download link for the SO if it is still needed. The SOs have a .msu extension. If you also see an .exe when you click on the link, download it also. It has no KB number. It will get automatically executed in the SO installation process. You don’t have to do anything with it except put it in the same location (folder or whatever) as the SO.

            Woody will probably raise the DEFCON number this weekend or sometime during next week. Certainly before the next Patch Tues.

            2 users thanked author for this post.
            • #200688 Reply

              anonymous

              Thank you SO MUCH for these great explanations!

              Is all crystal clear now. I will proceed as told.

    • #208788 Reply

      anonymous

      Jul 2018 KB 4345459 (released 7/16/2018, replaces KB 4338823, fixes 0xD1 error, W3SVC, tcpip.sys) So, do I need to download and install also 4338823 or not? The last patch I installed was May 2018.

      • #208793 Reply

        Elly
        AskWoody MVP

        Woody hasn’t changed the DEFCON level for July patches, yet. We are currently at DEFCON 1:

        Current Microsoft patches are causing havoc. Don’t patch.

        Win 7 Home, 64 bit, Group B

        2 users thanked author for this post.
    • #210018 Reply

      Purg2
      AskWoody Lounger

      Perhaps I’m reading this wrong.  It seems a correction might be in order.

      Jul 2018 KB 4338823 – Download 32-bit or 64-bit
      Jul 2018 KB 4345459 (released 7/16/2018, replaces KB 4338823, fixes 0xD1 error, W3SVC, tcpip.sys) – Download 32-bit or 64-bit
      Jul 2018 KB 4339093 (IE11) – Download 32-bit or 64-bit

      If 4338823 is the security only update for Win 7, how can 4345459 replace it when it is not a revision of 4338823?

      Isn’t 4345459 simply an additional update that is required to fix the stop error & not a new “security only” update?

      Win 8.1 Group B, Linux Dabbler

      • #210026 Reply

        anonymous
      • #210031 Reply

        OscarCP
        AskWoody Plus

        This issue you are referring to, Purg2, has surfaced repeatedly since KB 4345459 showed up last month, with variable results as to conclusions.

        In the interests of Patching Science, I recently performed the following two experiments: (1) Installed KB 4338823 (after creating  a restore point where I could beat a retreat to if the action got too hot after updating.) Then restarted and tested to see if my installed applications were working normally, performed the most important (to me) activities… and all seemed well. Then,  (2) at the instigation of DrBonzo,  I continued experimenting, and installed KB 4345459 following the previously mentioned steps, except for the restore point, as one seemed enough already. Again, everything copacetic.

        In conclusion: do (1), or do (1) and (2). Or, if you are really ambitious, maybe carry out your own experiment and install KB 4345459 by itself. My expectation is that, probably, you still shall live long and prosper.

        Group B. Windows 7 Pro SP1 x64, I-7, “sandy bridge” CPU.

      • #210032 Reply

        Purg2
        AskWoody Lounger

        @anon 210026, thanks for the info.

        In the ghacks link, According to M.Brinkmann:    When you check the Update Catalog listing and there the package details, you see which updates KB4345459 replaces.  It does not replace 4338823.

        This is why I’m suggesting that the wording on the list is confusing to others & should be changed to reflect that 4338823 is still required.

        I’m not about to do that until the defcon changes.  I just want to get it right when the time comes to help my buddy get his Win 7 machine updated.

        @oscarcp, interesting, thanks.

        Win 8.1 Group B, Linux Dabbler

        2 users thanked author for this post.
        • #210035 Reply

          DrBonzo
          AskWoody Lounger

          FWIW, I patched WIN 7 Starter 32 bit last night. Did the IE 11 (4339093) first, then rebooted. Then I did OscarCP’s 1) and 2) with a reboot after each patch. Everything is fine.

          Also, there’s a post from Aboddi86 somewhere here on AskWoody where he states that 4345459 does indeed replace 4338823. I’ve gotta run right now, but I’ll try to find that post later. So, I think you could forget about the original SO patch (4338823) and just do 4345459 and be just fine. I did both just because I was curious and was using a guinnea pig machine.

          1 user thanked author for this post.
        • #210042 Reply

          DrBonzo
          AskWoody Lounger

          @purg2 Look here and a few posts above and below it. It’s a short interchange between me and aboddi86 about the original SO patch and it’s replacement; i. e. KB4338823 and KB4345459, respectively.

          edit: forgot the link. Here it is

          July patches are all messed up — but a good hint appears in Japanese

          1 user thanked author for this post.
        • #210050 Reply

          Purg2
          AskWoody Lounger

          DrBonzo, I really appreciate the input & links.

          This post still has me concerned about the need for either 4338823 or 4345459, or both.

          /snip…..install KB4345459 only as suggested, or install both either will work

          Head hurts, will come back later to see what’s what.

          Win 8.1 Group B, Linux Dabbler

          1 user thanked author for this post.
    • #211515 Reply

      StruldBrug
      AskWoody Lounger

      W7 SP1 Home x64 Group B
      Installed all pertinent Aug updates after taking usual precautions and no issues.
      KB890830 MSRT
      KB4343899 OS Security Only
      KB4343205 IE Cumulative
      KB4345590 .Net Rollup

      Stopping phase of the IE restart took about 15 minutes. I was patient.
      Event viewer showed warning that ASP.Net setup couldn’t run because IIS was missing. I won’t enable it, either!

      So, there it is. Now in holding pattern for September.

      2 users thanked author for this post.
      • #211531 Reply

        anonymous

        ? says:

        Thank you for the update info StruldBrug, i also updated 5 win7 32bit (mixed Intel and AMD processors) for July and August with the SO’s, IE’s and MSRT’s and Office 2010 (on one machine). DISM kicked out KB2509553 MS11-030 from 04/11/2011 a LLMNR DNS resolution patch…

        1 user thanked author for this post.
    • #213924 Reply

      Janie8
      AskWoody Lounger

      I follow Windows 7 Group B for the security only and internet explorer updates, I check every few days to see whether Woody has moved from Defcon 2 to Defcon 3 but I seemed to have missed when it was safe to install the July updates.

      Is it safe to install KB4345459 (sec only) and KB4339093 (IE)?

      • #213927 Reply

        PKCano
        Da Boss

        Woody did not change the DEFCON-1 rating for the July patches because there were som many problems. And he has not changed the DEFCON-2 for August yet.

        When he does give the go-ahead it will be for both July AND August. He will publish the instructions in the ComputerWorld article.

        So we are still on hold for both months now. WAIT. We’ll get there eventually.

        4 users thanked author for this post.
      • #213928 Reply

        anonymous

        As PKCano explained, you didn’t miss it – the MS-DEFCON level was never raised (lowered?) for July, and hasn’t yet been raised for August. See the following links for woody’s posts & discussion:

        We continue at MS-DEFCON 1: Don’t install any of the July patches

        Staying the course at MS-DEFCON 2

        2 users thanked author for this post.
    • #215594 Reply

      TonyC
      AskWoody Lounger

      OK, it’s now MS-DEFCON 4.

      Given that the July 2018 security only update for Windows 7 was considered unsafe to install, how do I now go about installing both the July 2018 and August 2018 security only updates safely? Surely, as soon as I install the July 2018 update and reboot, my system will, by all accounts, be in an unsafe state.

      I presume that I should forget about KB4338823 completely because KB4345459 is a complete replacement for it?

      And I presume that I need only install the Aug 2018 security only update for IE, KB4343205, because IE security only updates are cumulative?

    • #216134 Reply

      anonymous

      What does Group B (W7) do about .net framework for August? Microsoft Update Catalog provides a slew of downloads (.exe and .msi) when requesting KB4345590 or 4345679. Nothing offered in Windows Updates regarding .net in August. Please advise!

      • #216138 Reply

        The Surfing Pensioner
        AskWoody Plus

        Well, WU gave me KB4345590. Installed O.K.; no problems since.

      • #216139 Reply

        DrBonzo
        AskWoody Lounger

        As I understand it, Group B doesn’t address .NET. So you need to decide whether you want the .NET Rollup or the Security Only patches. If you want the Rollup, just let Windows Update do the install for you – it “knows” which of the slew of downloads you saw your computer needs. If you want the Security Only, then I would suggest you download ALL – actually you should find 2 equivalent sets one set being .exe and the other being .msi, either set will do – of the slew of downloads you saw for 4345679. Then install ALL of them. You may find that all will install, or you may find only some will with others giving a ‘not applicable to your computer’ message. That usually just means your system doesn’t have the version of .NET that patch is for. When you’re done, you might go back and try to install any that didn’t install initially, just to be sure.

        Any way, that’s what I used to do and it served me well.

        PS – If you know exactly which versions of .NET you have, you can eliminate many of the slew of downloads you saw and only download/install the relevant ones. I used the brute force method because I think it’s a pain to find out which versions I have and I never remembered to write them down when I found out! There are ways to find out what versions you have but I don’t know them off the top of my head.

        Good luck!

        1 user thanked author for this post.
        • #216158 Reply

          PaulK
          AskWoody Lounger

          The .NET version(s) that one has are listed in Control Panel > Programs and Features, under Microsoft .NET Framework n. ….
          I have 4.7.1, which replaced (and eliminated the listings of) 3.5.n, and perhaps some 2.n.

          3 users thanked author for this post.
      • #216142 Reply

        Elly
        AskWoody MVP

        If you follow Steps B3 through B6 above you will find .Net updates will show up checked within Windows Update, if any are available. There isn’t telemetry associated with the cumulative .Net updates, if that is your reason for following Group B updating. So you can install any checked .Net updates… but don’t install any unchecked updates. Remember to uncheck the Monthly Quality and Security update before installing any other checked updates.

        Win 7 Home, 64 bit, Group B

        3 users thanked author for this post.
    • #216159 Reply

      HiFlyer
      AskWoody Lounger

      Net Detector on my desktop – fast and accurate.

      https://www.raymond.cc/blog/how-to-check-what-version-of-microsoft-net-framework-is-installed-in-computer/

       

      1 user thanked author for this post.
    • #216165 Reply

      anonymous

      RE: #216134 “What does Group B (W7) do about .net framework for August? Microsoft Update Catalog provides a slew of downloads (.exe and .msi) when requesting KB4345590 or 4345679. Nothing offered in Windows Updates regarding .net in August. Please advise!”

      Thank you for the responses to my inquiry (above), but I think some missed the point.

      1. Windows Updates does NOT show any .NET Framework patches for download. I hid July ones because of issues, but when I checked for August (a day or two ago), there were NO updates for .NET (checked or unchecked).

      2. I went to MS Catalog and looked for KB345590. It has a download link but when you click it, it shows 5 different files. If I read DrBonzo correctly, I guess I need to download these 5 files and install each of them if I want KB345590. However, does anyone know why Windows Update didn’t offer KB455590?

      Further Information:

      3. I am assuming I need .NET Framework patches because they provide security fixes, and I know I haven’t installed any for at least 2-3 months.

      Thank you.

      • #216170 Reply

        DrBonzo
        AskWoody Lounger

        Perhaps some/all .NET patches inadvertently got installed without your knowledge? That sort of thing has been known to happen. Open Windows Update. On the left click on ‘view update history’ and look for .NET patches. Also on the left, click on ‘installed updates’ and check for patches.

      • #216185 Reply

        PaulK
        AskWoody Lounger

        My MS Catalog search for 4345590 shows 3 lines. For each, the applicability is in the columns Title and Products. Select your edition; and note the bits: 32 (may be unlabeled), and 64.

        MSCat

        Attachments:
    • #216168 Reply

      Elly
      AskWoody MVP

      If you un-hide July .Net update and run Windows Update again, do you get anything different?

      Win 7 Home, 64 bit, Group B

      • #216169 Reply

        Elly
        AskWoody MVP

        Interestingly I haven’t done the August updates, and just checked Windows Update to see what is offered… and I don’t have any .Net updates offered that are checked.

        Win 7 Home, 64 bit, Group B

      • #216171 Reply

        DrBonzo
        AskWoody Lounger

        As of last night I was offered the KB4345590 patches by Windows Update on 2 Win 7 computers. Installed it on both machines via WU. This morning all I was offered and am currently being offered is .NET 4.7.2, which isn’t really a patch, but rather an ‘upgrade’ from 4.7.1.

    • #216605 Reply

      anonymous

      RE: #216165: .NET Framework Issues

      DrBonzo:

      I checked like you suggested, and the only recent .NET Framework patches installed were from June ’18, so what I wanted was not inadvertently installed. Thank you for the suggestion, however, as well as your other comments.

      PaulK:

      Yes, I realize this is what you get. I clicked on the appropriate one and was then offered 5 files to download (some ending in .exe and some in .msu plus another). My original question was in regard to whether or not I should download & install all 5 files offered or just specific ones. Thank you for taking the time to provide a screenshot. See below for the resolution.

      Elly:

      I did as you suggested (looked at hidden updates), and it turned out that the .NET Framework patch I had previously hid was KB 4345590, which is what I was looking for. Apparently, when I accessed the July Windows updates and hid some, it was actually in mid-August not July. Thus, I had hidden the August .NET Framework patch thinking it was the July patch. I subsequently downloaded & installed it.

      Thank you to everyone who replied and offered suggestions. A special thanks to Elly since his suggestion led to resolution of the issue.

      Over and out. Be Calm and Carry On the good work on askwoody.com.

      1 user thanked author for this post.
    • #216890 Reply

      HonzaZKrumlova
      AskWoody Lounger

      Just mention: long list of KBs was superseded by KB4457145 and much more longer list of KBs superseded by KB4457144. Anytime we should consider steps of B group and supersedences, month by month it can change and honestly, not every month I rescan WU from scratch on clean W7SP1, but this month… I will.

      Look at catalogue for details…

    • #217884 Reply

      StruldBrug
      AskWoody Lounger

      WS7 SP1 Home x64 Group B September 08 Beta Test
      Configuration: Simple home consumer with no network, no peripherals, no office, no Vmware
      Malware check: Eight scan tools run, including MSRT, and quarterly anti-rootkit, all clean
      System File Integrity: SFC-CBS log produced and quarterly SURT log, both clean
      Backup: New full image of system drive created
      Updates:
      KB4457145 OS Security Only
      KB4457426 IE Cumulative
      KB4457918 .Net Rollup
      KB4463376 IE Cumulative (fix)

      After each update that offered “restart now”, first started Task Manager and waited for Trusted
      Installer to complete. This took about 5-10 minutes. Then restart was selected.
      After each restart, Event Viewer was checked. Only warning showed after .Net update, IIS metabase
      updates were aborted … IIS isn’t installed nor is it wanted.
      Tested applications, known to require .net 4.5 and 4.6, all okay. Normal operations appear A-Ok.

      2 users thanked author for this post.
    • #219128 Reply

      anonymous

      ? says:

      just installed KB4463376-IE, and KB4457145-Sept. SO from here and KB890830, and KB4457044-.Net 3.5.1 (the part of the KB4457198-.Net rollup the machine wanted) using win update on win7-32bit and it came back up for air! I must have installed KB3177467 and then removed it because of problem(s) it had two years ago? the file remnants are probably in the SxS basement? or not.
      Anyway, the “b” style worked for September 2018 patches.

      1 user thanked author for this post.
    • #224354 Reply

      Janie8
      AskWoody Lounger

       

      I follow Windows 7 (x64) Group B. I’m up to date on the security only and IE11 updates but I’m not up to date on the security only updates for .NET Framework 4.7.1

      I’ve searched the site and been onto the master patch list page but I’m not sure which ones to install. I would be extremely grateful if someone could tell me which security only .NET Framework 4.7.1 to install. Microsoft downloads the rollups and previews but I hide those.

      1 user thanked author for this post.
      • #224357 Reply

        PKCano
        Da Boss

        On this MS page you will find the KB number for the different versions of .NET  SO for Sept, 2018. When you go to the Catalog, search for KB4457914 (this is the bundle for all the .NET SO updates). Then click on “download,” choose the link that applies to the .NET version.

        You can find the MS page by searching for the bundle KB number, clicking on the name of the update (instead of “download”), and in the box that pops up, choosing “More information.”

        3 users thanked author for this post.
    • #224383 Reply

      Janie8
      AskWoody Lounger

      Thank you PKCano.

      On the Microsoft Update Catalogue, there are two updates for KB4457914 that mention Windows 7. Both mention 4.7.1. One mentions “for Windows 7”, the other mentions “Windows 7 and Server 2008 R2 for x64”, I presume it is the latter but would you please confirm that is correct, as I don’t want to download the wrong one.

      I presume that I will need to install previous months .NET updates before installing the September one, how far back should I go, the last one I have is February.

      • #224390 Reply

        PKCano
        Da Boss

        If your computer is 64-bit, you should make sure that x64 is in the description. Some of the 32-bit do not have any x86, they are just plain.

        If you are installing security only (there have not always been one each month), I would install all that you have in date order. It is probably not necessary to reboot between.

        1 user thanked author for this post.
    • #224393 Reply

      Janie8
      AskWoody Lounger

      Thank you.

      Looking at my hidden updates for .NET they are all previews or rollups, Microsoft doesn’t appear to have downloaded any of the security only. In order to check that I do have all the ones I need, where would I find the update KB numbers (if there are any) since February.

      • #224394 Reply

        PKCano
        Da Boss

        Security-only updates don’t come through Windows Update.

        Look at the description of the Sept SO .NET. Use parts of it to search the Catalog (use a + between search terms). something like “2018 + security only update for .NET Framework” – should give you all for this year.

        To be honest with you, Group B is about telemetry. .NET Rollups should be safe in that respect. In fact, Group B instructions recommend the .NET Rollups. That way, you don’t have to worry about which update goes with which version – WU takes care of it for you.

        2 users thanked author for this post.
    • #224395 Reply

      Janie8
      AskWoody Lounger

      Many thanks PKCano, in future I will install the .NET Rollups.

    • #225826 Reply

      anonymous

      Guys, is it possible to use NTLite and add all the updates manually to the ISO and still be in Group B, but without wasting hours to install all the updates by hand?

      1 user thanked author for this post.
      • #225957 Reply

        HiFlyer
        AskWoody Lounger

        Guys, is it possible to use NTLite and add all the updates manually to the ISO and still be in Group B, but without wasting hours to install all the updates by hand?

        Hope you get some positive answers.

    • #229440 Reply

      WildBill
      AskWoody Plus

      Hello to @pkcano & @kirsty! Since Microsoft has decided to include KB2976978 in the Monthly Rollup (interestingly, I still see it in Windows Update for my Win8.1 64-bit machine), I’ve finally decided to move to Group B this month. Besides downloading KB4462941 (Security Only update) & KB4462949 (IE11 Cumulative Security update) from the Catalog, should I also download & apply KB890830 (Malicious Software Removal Tool), KB4459924 (Security & Quality Update for .NET Framework), & KB4462930 (Update for Adobe Flash Player) from the Catalog as well?

      Windows 8.1, 64-bit, now in Group B!
      Wild Bill Rides Again...

      • #229444 Reply

        PKCano
        Da Boss

        You should be able to install all the others from Windows Update. Hide the Rollup first. You can download the SO and IE11 CU from AKB2000003 (direct link to the Catalog).

        1 user thanked author for this post.
    • #232574 Reply

      Skunk1966
      AskWoody Lounger

      Hi Woody/PKCano,

      I’ve been away for a while and am looking for a list of security-only updates for Windows 7 x64 that are safe to install starting September 2017 until now. I checked here but it’s unclear to me which ones are safe and which ones aren’t safe and should be avoided.

      Could it be possible to just post a list of recommended security-only updates for Windows 7 x64 that can safely be installed?

      Thanks in advance!

      • #232576 Reply

        PKCano
        Da Boss

        The recommended safe Security-only updates are listed in AKB2000003 from Oct 2016 until the present. It will be updated to reflect the Nov updates today (Nov 13, 2018).

        1 user thanked author for this post.
        • #232577 Reply

          Skunk1966
          AskWoody Lounger

          The recommended safe Security-only updates are listed in AKB2000003 from Oct 2016 until the present. It will be updated to reflect the Nov updates today (Nov 13, 2018).

          so all updates in that list are safe and cause no issues? The reason why I’m asking is because the August 2017 security-only update KB 4034679 is also still listed there and that one caused issues

          1 user thanked author for this post.
    • #234057 Reply

      HonzaZKrumlova
      AskWoody Lounger

      I know, Group B is about Win SO updating, but still believe, this is right place for topic here.

      I am GroupB + .NET (secu and quality) and every month I do prepare such a collection of files and scripts, to be able install Windows in exact state of that month, in 3 ways (Group A, GroupB + NET 461 and GroupB + NET 452).

      Since, October was really poor month, later then usual, right now, Im closing (making) my “Win 7 – 10-2018” set and found something. Those “.NET secu and quality” … seems not to be so cumulative.

      In details, .NET 2018-09 (KB4457918) include these:
      – 4457044 – NET 3.5.1 patch
      – 4457038 – NET 4.5.2 patch
      – 4457035 – NET 4.6+ patch
      – 4019990 (D3 compiler for 4.7NET patch)

      In October, new secu and qua .NET “cumulative” (KB4459922) includes:
      – 4457008 – NET 351 patch (I presume replacing 4457044)
      – 4457019 – NET 452 (replacing 4457038)
      – 4457016 – NET 4.6+ (replacing 4457035)

      After clean install of my “Win7 GroupB + NET in 2018-10 state”, next WU scan ask to install KB4457918 (2018-09 .NET). wow, strange. I hit it and analyze WinUpdate.log, which shows me, KB4457044 (.NET 3.5.1 of 2018-09) has been installed.

      This shows me, those .NET patches are not so cumulative, as I presume (4.5 and 4.6 actually ARE cumulative, but .NET 3.5.1 not and I have to install 351 patch 2018-09 AND 2018-10)

      Any ideas why?

      Whats more confusing to me is the name, listed in MS Catalogue. In my language (Czech) its written (writing exact translation to EN)> 2018-XY cumulative update for security and quality. But WinServer2008R2 version (not translated in Czech version of MSCatalogue) in original> Security and Quality Rollup for …..

      Now, I am thinking, whats exact meaning of “Rollup” and “cumulative”. Is this MS bug or bad translation? Should it be cumulative, month after month those .NET updates? For anybody, not installing separate from scratch Win7 in 2 separate version (September and October) is this ….. simply invissible.

      Ideas?

      2 users thanked author for this post.
      • #234064 Reply

        PKCano
        Da Boss

        “Rollup” means a bundle. many patches together.
        The .NET Rollup contains individual patches for multiple versions of .NET. But the Rollup does not necessarily contain updates for ALL versions of .NET – in any given month, some versions of .NET may not have an update. If there have been no changes to one of the versions, there may not be a patch for it. But Windows Update doesn’t discriminate ahead of time – everyone gets the Rollup through Windows update. It only uses the individual patches that apply to each individual machine.

        “Cumulative” implies the current one contains current fixes plus all the previous fixes.

        3 users thanked author for this post.
    • #234128 Reply

      anonymous

      Jul 2018 KB 4345459 (released 7/16/2018, replaces KB 4338823, fixes 0xD1 error, W3SVC, tcpip.sys) Does this mean that you still have to install 4338823 before or that you can skip it on a new Windows 7 installation?

      Also, in the case I want to make an AiO W7 ISO with all the Group B updates already applied, what else do I need to be really complete? I added KB3020369, KB3138612, KB3177467, KB3172605, all the list of security updates till November 2018, I would need also the rest of importa updates + .NET + Office, but where to find those? I saw there are tons of apps like WHDownloader, Windows Update Downloader, etc. but most have discontinued support or list useless updates as “needed”/”adviced”, so I can’t seem to trust them…

      Maybe an expert here can help me.

      • #234135 Reply

        PKCano
        Da Boss

        You only need KB 4345459.

        KB3020369, KB3138612, KB3177467, KB3172605 – These need to be added offline immediately after installing Win7+SP1. They will speed up the search for updates through Windows Update.

        Windows Update Mini Tool (WUMT) can help you download the updates. Many here use it. There are discussions about it’s use here on the site. Start by looking under  the “Tools” Forum. Then use the search box. on the right side of the site.

        You may find some information that will help here, and from this post to several below it. Realize these are a year old.

        1 user thanked author for this post.
        • #234164 Reply

          anonymous

          I see that now there is a new tool: https://www.askwoody.com/forums/topic/windows-update-manager-wumgr/

          Anyway, both important and recommended updates are mixed together, it doesn’t specify which one is under “category” column, nor it makes distinction for “.NET” which is under the category “Windows 7”. The only thing it can differentiate is “Visual Studio”, “Office” and “Windows Defender”…

          Also I don’t understand why you linked those posts PKCano: are you indirectly saying that you don’t believe in making the life easier embedding all updates in an ISO and you prefer to do everything manually on every single machine you come across?

          Anyway, I’m thinking to just embed all security updates and that’s it… I guess it shouldn’t take too much to install the rest which is just some minor hotfixes, .NET and Office… At least I hope, I’m gonna make a try on a new machine. Then I can just write down all extra stuff I had to install looking at WU chronology and embed it in the ISO for the next time I guess…

    • #234149 Reply

      HonzaZKrumlova
      AskWoody Lounger

      “Rollup” means a bundle….
      “Cumulative” implies the current one contains current fixes plus all the previous fixes.

      Well, well. Thats valid theory, OK so far. And since MS in Czech translation of those KBs names use explicitly word “kumulativni” (cumulative), whats called Rollup in original english written name, at least this is bad bad translation, aghrrr.

      Still, I believe, its bug, a sort of. Even (KB) numbers of 2018-10 are lower than 2018-09 numbers, interesting. I personally have idea, why. And another interesting fact is, I do backtrace all my separate “Win sets”, month by month back in past (have them since patchocalypse) and found: however nobody ever said, their are cumulative (just Rollups), they actually ARE. All the time since 2016-10, every .NET related patches have been replaced during next  update (and effectivelly, they were cumulative, untill now).

      There are other facts supporting this concept – D3compiler patch (4019990, signature dated 4/28/2017) included in every next rollup …. or more complicated example: 2017-11 .NET rollup includes D3compiler patch (initially released 2017-05 rollup), 3.5.1 patch unchanged since 2017-09 rollup, 4.5.2 patch updated little bit 2017-10 (socalled swedish lang fix 🙂 of 2017-09 release and the only one updated at 2017-11 patch for 4.6 …. this is for me proof at least they tried to be cumulative.

      I am “digging” for these details with single reason – is it just a supredences/metadata error (like we saw plenty of them) or is this really remarkable change of concept of .NET patch model? In the second case, I suggest add some note to KB20000000000003 or anywhere you think its usefull.

      • #234198 Reply

        PKCano
        Da Boss

        AKB200003 is not concerned with the .NET updates, only those related to Windows/IE11. The Group B patchers are encouraged to update .NET through Windows Update normally.

        The lack of the D3compiler causes problems for Win7 if .NET 4.7 (or later) is installed. It has been included to prevent these problems in the case of first-time install.

    • #234285 Reply

      EH
      AskWoody Lounger

      Windows 7/Group B

      Hello,

      I posted this previously in the Questions: Windows 7 forum, but I think it may be the wrong place for questions regarding 2018 patches. Please forgive me if it’s incorrect to post it here.

      I rolled back from March, 2018 to December, 2017 and have installed no Windows updates in 2018 except for Security Essentials definitions. I work in video editing and production, and observed an impact to performance after the Jan. -> March, 2018 security only updates, hence the rollback.

      What do I need to install now in November, 2018 that will not drastically impact
      my computer performance? Is it safe to install the latest IE11 cumulative update?
      What about .NET framework updates–I am running version 3.5.30729.5420?

      I’ve read Susan Bradley’s post #218232 about installing all of the 2018 updates, then disabling Spectre/Meltdown protections via registry edits. Is this a viable solution or should I just stay put at Dec. 2017?

      Thank you,
      Eric
      ———————————————————————————————————————–
      Win 7 Pro (x64) / Intel Core i7-3820QM (Ivy Bridge) / 16GB RAM / NVIDIA GeForce GT 650M

      • #234290 Reply

        PKCano
        Da Boss

        The latest IE11 Cumulative Update should be OK. I have not heard anything about the .NET patches causing a slowdown.

        As far as the Security-only patches – I know there were slowdowns associated with the Jan-Mar patches. About the rest, well, that’s a question. You could install the patches and disable the Meltdown/Spectre protections in the Registry and see if that works. The patches can be uninstalled and the Registry setting set back to original if it doesn’t work. That’s a lot of work.

        Before you try anything like that, be sure you backup your data and make a full image of your computer. Then set a restore point along the way. And don’t forget you will need the Servicing Stack update as well.

        1 user thanked author for this post.
        • #234479 Reply

          EH
          AskWoody Lounger

          Thank you PKCano for the info. Regarding .NET updates, I just checked Windows Update and found the following:
          2018-09_Security and Quality Rollup for .NET Framework (KB4457918)
          9/11/2018
          Security Update for Microsoft .NET Framework 3.5.1 (KB3122648)
          2/9/2016
          Security Update for Microsoft .NET Framework 3.5.1 (KB2972211)
          9/9/2014
          Security Update for Microsoft .NET Framework 3.5.1 (KB2973112)
          9/9/2014
          Which one(s) should I install? Also, should I install directly from WU or from the MS Catalog?

          Regarding IE11, should I go ahead and install KB4466536 immediately?

          I am going to give some more thought to the 2018 Security Only updates. That does sound like a lot of work to undue the updates should they slow my computer considerably.

          1 user thanked author for this post.
          • #234481 Reply

            PKCano
            Da Boss

            I suggest you install the .NET through WU instead of trying to manually install the individual patches.. I think WU will install what you need.

            The IE11 patches are cumulative, so you should only need the latest one. Go ahead and install it.

            The Security=only patches are available here if you decide to install any of them. The links are direct downloads from the Catalog.

            2 users thanked author for this post.
            • #234485 Reply

              EH
              AskWoody Lounger

              Which .NET update(s) should I let WU install? It shows three old security updates, along with the Security and Quality Rollup dated 9/11/2018.

            • #234493 Reply

              PKCano
              Da Boss

              Install whatever is in WU for your version. Windows Update will handle whatever needs to be handled. Be careful not to get installers for later versions of .NET than what you have. I know the installer for .NET 4.7.2 sometimes shows up.

              1 user thanked author for this post.
            • #235002 Reply

              walker
              AskWoody Lounger

              @pkcano:  How do we know which version we have of the .NET ?   I have nothing pending now, other than one unchecked .NET in the Optionals, and I won’t touch that one.  Thank you again for your wealth of information and guidance.   Great work!    🙂

            • #235005 Reply

              PKCano
              Da Boss

              Since you are using Windows Update, you don’t have to worry about which version you have. Windows Update will install the right patches automatically when you do your updates.

            • #235009 Reply

              walker
              AskWoody Lounger

              @pkcano:   Thank you for the very prompt, reply.  I am sincerely grateful for all of your help.   🙂

    • #234522 Reply

      EH
      AskWoody Lounger

      There are three separate .NET updates listed in WU for my version (3.5.1):
      KB3122648, KB2972211, and KB2973112.
      There is also the Security and Quality Rollup for .NET Framework (KB4457918).
      Should I simply install the Security and Quality Rollup?

      1 user thanked author for this post.
      • #234523 Reply

        PKCano
        Da Boss

        I would go ahead and let the older ones install as well. WU won’t overwrite newer files with older ones. If those are not needed they will simply not be installed, but it will satisfy whatever WU needs so they don’t keep showing up.

        2 users thanked author for this post.
    • #234524 Reply

      EH
      AskWoody Lounger

      Okay, I will give it a go. Thank you.

    • #237962 Reply

      anonymous

      ? says:

      tired of waiting so i updated win7 32 bit with november so, ie, office 2010, and msrt, came back up for aire in fine fashion…

      the dism removed KB2892074, ms13-099, and KB3078601, ms15-080.

    • #239231 Reply

      SueW
      AskWoody Plus

      As a Group B-er, I just downloaded “2018-11 Security Only Quality Update for Windows 7 for x64-based Systems (KB4467106)” from the “2000003” list.  Its .msu shows only 8.0 MB in size.  Since it’s been larger in the past, I also checked the Microsoft Update Catalog, and saw that its .msu size is 36.6 MB.

      Am I missing something (other than 28+ MB)?

      Many thanks in advance.

      Win 7 SP1 Home Premium 64-bit; Office 2010; Group B; Former 'Tech Weenie'

      • #239233 Reply

        PKCano
        Da Boss

        I just downloaded it from AKB2000003 and the download showed 36.6MB for the x64 file. Same as from the Catalog.

        1 user thanked author for this post.
        • #239236 Reply

          SueW
          AskWoody Plus

          Many thanks for your quick response, PKCano!  I just downloaded it again from AKB2000003 and it’s now 36.6 MB!  I’m relieved that it’s consistent with the Catalog.  Go figure . . .

          Win 7 SP1 Home Premium 64-bit; Office 2010; Group B; Former 'Tech Weenie'

          • #239239 Reply

            PKCano
            Da Boss

            Actually, those links are direct downloads from the Catalog. So, whatever is up there, is what you get.

            2 users thanked author for this post.
            • #239263 Reply

              SueW
              AskWoody Plus

              I thought so . . . that’s why I was concerned about the difference in size and wanted to confirm.  I have no idea how I got an 8 MB download, but it’s all good now, thank goodness.

              Win 7 SP1 Home Premium 64-bit; Office 2010; Group B; Former 'Tech Weenie'

    • #239294 Reply

      twbartender
      AskWoody Plus

      I also had the same experience as SueW had when I downloaded and saved the November Win 7 x6 (KB4467106) Security Only file from the “2000003” list on 12/7. At first I didn’t take note of the size of the file, and it was only after 2 attempts at trying to install it and receiving the following error & message: 0X8007000d “Data Is Invalid”, that I realized there was a problem with the file. It was at that point when I questioned the size of the file compared to previous Win 7 SO updates I’d downloaded and installed. I too went to the Microsoft Update Catalog and saw that the size of the download should be 36.6 MB rather than 8MB. I went ahead and downloaded the file from the catalog. It installed without a hitch along with the rest of the November SO updates. Later that same day, 12/7, I used the link from the “200003” list and downloaded and saved another copy of the same file, and it still only downloaded an 8MB file.

      I can also confirm that after that day the file downloaded from the “200003” link downloads the correct 36.6 MB file as PKCano has so indicated.

      1 user thanked author for this post.
      • #239295 Reply

        PKCano
        Da Boss

        When you download a file, and don’t give the download time to finish, you will actually find two files. One will have the correct name, the other a .part “partial” extension, and the files won’t have the right size. Perhaps you didn’t wait long enough for the download to complete? Or maybe MS is messing up, b/c the links are actually direct download links to the MS Catalog. There is NO indirect download.

        • #239298 Reply

          twbartender
          AskWoody Plus

          PKCano, I have no clue as to what caused the link to download only an 8 MB file, but I can say with 100% certainty that the file had completely finished downloading to the location I intended, and the file has the same file name as the correct 36.6MB file. Not only that, as I previously stated, I was able to duplicate it by downloading it a second time about an hour later.

          I still have that second copy of the 8MB file if it is of any use to you.

          1 user thanked author for this post.
          • #239299 Reply

            PKCano
            Da Boss

            Looks, then, like the monkey is on MS’s back. Thanks for the confirmation.

            2 users thanked author for this post.
            • #239301 Reply

              Ed
              AskWoody Lounger

              I’ll back up both of their claims, I also downloaded an 8,192 kb file three times using the direct link from here on December 5th before finally getting the correct one on the fourth attempt. I just chocked it up as a downloading issue on my end but obviously it wasn’t.

              1 user thanked author for this post.
            • #239513 Reply

              Ed
              AskWoody Lounger

              Over the weekend I remotely installed the Group B updates on several computers using direct download links from the Catalog and on NUMEROUS occasions downloaded these same “incomplete” files mentioned above. It happened while downloading both the SO update and the IE SO update and each time the errant file downloaded was exactly 8,192 kb.

              This has to be an issue with Microsoft as I downloaded these updates from computers scattered all around the US. Just figured I’d add this latest info in here so others downloading these screwed up files from M$ knows the problem absolutely is NOT on their end.

              1 user thanked author for this post.
            • #242080 Reply

              phaolo
              AskWoody Lounger

              Btw the patches contain an hash code in the name, so you can immediately verify if the downloads are correct.

            • #242634 Reply

              walker
              AskWoody Lounger

              anonymous:    What does      SO  mean?  With all of the acronyms, I get lost with some of them.  Any help would be most appreciated.

            • #242641 Reply

              PKCano
              Da Boss

              SO stands for Security-Only

    • #241314 Reply

      anonymous

      ? says:

      thank you for the info on the out-of-band IE patch. it also applies to IE8

    • #242610 Reply

      anonymous

      ? says:

      thank you for the “green” light and thank you PK for helping on Christmas!

      i did the out of band IE update the 19th along with the December SO, no problem(s). today i finished the updates on “B” style win7 32 bit systems. the machine with Office ’10 wanted me to download and run KB947821 the 151.6 MB “System Update Readiness Tool!” i scanned for updates after hiding this bad fish and it showed up for an encore and then slinked away on the second rescan ha, ha on you Microsoft… i skipped that ordeal (i’ve fallen in that trap b4), installed the patches and am on my merry way to happy new years!

      so, KB4471328-IE and KB4471328-Dec. SO on the 19th, and:

      KB4471987-.Net Dec. rollup (installed KB4470641 and KB4470640) and jacked up my fragmentation as usual.

      KB890830-Dec. MSRT (sans heartbeat telemetry).

      Office 2010 had 6:

      KB4461577-Excel, KB4461570-Office, KB4461576-Outlook, KB4461521-Power Point, KB4427172-Office, KB4461579-Office.

      ran disk cleanup\DISM and there were no updates removed this time. whew, glad that is over for a few days way to much care and feeding for windows 7, the XP downloaded and installed the December updates on the 11th in under 4, yes four minutes and the linux does not require user input to stay on the straight and narrow…

       

      2 users thanked author for this post.
    • #242815 Reply

      anonymous

      I’m in group B. I’ve been trying to download the Win7x64 November SO update. I’ve gone directly to the catalog (https://www.catalog.update.microsoft.com/Search.aspx?q=KB4467106) and it keeps giving me a faulty ~8MB file.  I saw in comments that people were eventually able to get the correct file from Microsoft, but I’ve been trying for some time and it isn’t happening.  Does anyone have a copy of the actual update they would be willing to share with me?

      • #242822 Reply

        PKCano
        Da Boss

        You can download KB4467106 from AKB2000003 on this site. The links are direct download from the Catalog. However, when this happened before, the problem was on the Microsoft end, not in AKB2000003. People just kept trying till it worked.

        The file can not be uploaded to AskWoody, so the exchange would have to take place through Dropbox or some similar online storage. If you get the update from someone else, be sure to check the authenticity.

    • #242827 Reply

      anonymous

      Thanks, PKCano. As far as I can tell, the page you linked simply links directly to the catalog download I referenced. I did try getting the update from there originally, but since it’s the same source, no luck.  I’ve been trying to download this update since November, and now it’s almost January. Every single time I click it, it just gives me the unusable 8 MB file. I really hope someone has a copy and is willing to upload it somewhere.

      If no one does, is it OK to just skip this one and move on to the December update?

      • #242831 Reply

        PKCano
        Da Boss

        The Security-only patches are not cumulative like the Rollups, so if you miss one, you miss it completely. Just keep trying with more frequency. Maybe you will get lucky.

      • #242842 Reply

        DrBonzo
        AskWoody Lounger

        In my role as neighborhood Santa in the last few days, I’ve downloaded a bunch of patches from the Catalog. The MS servers have been, shall we say, very inconsistent as far as time required for successful download, whether downloads were successful, etc. etc. etc,. Using IE to download seemed to help as did a File —> exit command from the menu, and then a fresh restart of IE (IE 11 on all the computers I used) and then a download attempt. I ran into your problem a few times and as PKCano said, just keep trying.

      • #243086 Reply

        Ed
        AskWoody Lounger

        It may help to check your Download folder (or where-ever you save downloaded files to) and delete any existing copies of the file, then close your browser and dump your temporary internet files before trying to download it again.

        I had the same problem you’re having while updating numerous computers last week and it may just be a coincidence but going through that process a couple times worked on the last three I updated.

    • #243163 Reply

      Cybertooth
      AskWoody Lounger

      I have a (possibly dumb) question.

      Topic 20000003 for Group B patchers says the following about the last patch for December:

      Dec 2018 (IE11) KB 4483187 – Download 32-bit or 64-bit (Released 12/19/2018 replaces KB4470199, fixes CVE-2018-8653 Scripting Engine Memory Corruption Vulnerability)

      If this patch replaces the one given just above it, why not strike out the listing above it, or better yet delete it altogether from the list? Not sure what the purpose might be of keeping it there.

      Thanks in advance.

      1 user thanked author for this post.
    • #309538 Reply

      anonymous

      PK – I’ve been too busy with other things to keep up after all these years of playing “I’m a B type, I can do this” with microserf. Finally I’ve gotten so far behind (family issues) that in trying to catch up I’ve found that I cannot do so. My last catch up was Sept 2018 – KB4457145. That worked, but when I tried to download KB4457426 and/or KB4463376 for IE nothing happened. No download, and no other  info. I checked my link and it’s fine.

      Am I screwed, or did I do something wrong here?

      Jimvs

      • #309545 Reply

        PKCano
        Da Boss

        The IE11 updates are CUMULATIVE. So you only need the last one. If you are patching through Dec 2018, use KB4483187. If you are using Jan patches, use the one for Jan. In any case, you need only one. The links to some of the earlier patches may not be valid if MS has pulled them b/c they’ve been superseded.

        • #310514 Reply

          EP
          AskWoody_MVP

          normally the IE updates are supposed to be cumulative.

          however yesterday 1/13, I installed KB4480965 IE11 update on my Win7 system, rebooted and RAN Windows update again and it offered/listed the KB4483187 IE11 update. i don’t know why…

          on the other hand, when the KB4483187 IE11 update is installed (and I removed/uninstalled the old KB3185319 IE11 update from my Win7 & Win8.1 computers) and ran Windows Update, it no longer offered the old IE11 updates like KB3185319. so it looks like KB4483187 completely replaces KB3185319 & older IE11 updates.

          1 user thanked author for this post.
      • #309567 Reply

        PKCano
        Da Boss

        I forgot to mention, the MS Catalog download (direct links in AKB2000003) has been messed up for a couple of months. People have been getting 8MB files instead of the patches (Read above complaints) even when downloading directly from the MS page. Be patient and try again. Eventually it seems to work.

        • #309761 Reply

          anonymous

          Thank you PK. Will give it a whirl.

        • #309913 Reply

          anonymous

          Catch-up through 12/18 completed. Smooth as a cat’s…fur.

          Thanks PK.

          Jim

    • #310515 Reply

      EP
      AskWoody_MVP

      note – see my recent post above PKCano’s about KB4483187

    • #310842 Reply

      Jim VS
      AskWoody Plus

      So noted EP. Thanks for the information.

      jimzdoats

    • #318551 Reply

      anonymous

      ? says:

      i updated win7 32 bit (Dell 4300 Dimension with Intel 2.8 MHz SL7EY, 1GB PC133 ram) today using the links on AKB2000003 with no issues. Windows update (after the standalone January SO and IE11) offered KB4481480 January .Net rollup and KB890830 January MSRT also no installation issues. i will wait a bit longer (better DEFCON position) to update the remaining 3 machines.

      thank you!

      1 user thanked author for this post.
    • #319939 Reply

      anonymous

      ? says:

      Thanks for the January ’19 green lite! makes me nervous to wait around for the dust to settle while the badness never takes a day off…

      updated 3 win7 32 bit pro machines (2 AMD, 1 Intel processors) and 1 with office ’10 using “B” style. the Jan SO and IE-11 stand a lone links downloaded from here with no problems.

      One quirk was the .Net KB4481480 Jan roll-up that for the first time i can recall required no restart to complete the installation? see:

      https://docs.microsoft.com/en-us/dotnet/framework/deployment/reducing-system-restarts
      and:
      https://docs.microsoft.com/en-us/windows/desktop/RstMgr/about-restart-manager

      from:
      https://docs.microsoft.com/en-us/dotnet/framework/index if interested.

      The .Net update ngen / mscorsvw.exe took 4-6 minutes to run the servicing routine on all three machines, and wrecked my disk fragmentation, as usual. If interested Defraggler shows the (temporary) scrambling to specific files on the drive caused by .Net updates.

      The Office 2010 had KB2553332, KB4161614 (unchecked), KB4461625 (Word), KB4462157, and KB4461623 (Outlook).

      Thanks again for doing all the leg work to keep us from falling down the rabbit hole and saving all the precious brain cells!

      1 user thanked author for this post.
    • #323614 Reply

      HonzaZKrumlova
      AskWoody Lounger

      Hey, everybody, this is quite big one, this needs to be clear and EP probably should write it with BIG RED font

      note – see my recent post above PKCano’s about KB4483187

      PKCano insist those IE patches are cumulative and thats simply not true or clear.

      If you are patching through Dec 2018, use KB4483187. If you are using Jan patches, use the one for Jan. In any case, you need only one.

      Next “second Tue” approaching, so I also made some tests with January WU state. And I have the same idea as EP. In general, IE patches should be cumulative, but that Dec2018 incident (out of band ie patch KB4483187, replacing regular KB4470199) is not that fashion. Because, January IE patch KB4480965 in theory, it should include features/fixes from 4483187, but it seems it doesnt. Tried that in GroupA way, tried that in GroupB way, after all updates (including Jan IE 4480965), next WU scan asks for KB4483187.

      Whats more confusing, MS Catalogue about KB4480965, it mention, it is replacing both Dec IE patches. Strange, MS confirm its cumulative (by mention in catalogue) and also deny it (with WU scan result). This could be supredences problem or even worse – that idea about “cumulative IE” is not valid anymore.

      And since, we, the people of group B, rely on exact information, without possibility to verify it by WU scans, this should be investigate very carefully. Personally, I also will do some research about the similar situation in Sept IE patches (KB4457426 vs KB4463376).

      This deserve more care, that just “So, noted”.

      HzK

      p.s. PKCano, if you really do bielive “only just 1 last IE patch”, why there are so many of them in official “Group B list”

      • #323621 Reply

        PKCano
        Da Boss

        p.s. PKCano, if you really do bielive “only just 1 last IE patch”, why there are so many of them in official “Group B list”

        Because, by definition, they are cumulative.
        The list is populated monthly and the past ones are not removed. It is ongoing.

        The problem you are seeing is because there can be a difference between metadata supersedence and component supersedence. A patch can REPLACE the components of  another patch and still not METADATA supercede it.

        An example of this the Monthly ROLLUP and the Monthly ROLLUP PREVIEW.
        The Monthly ROLLUP (issued on Patch Tues) is composed of three parts: non-security patches, security patches, and the IE11 CU. It is a SECURITY Update and is CHECKED in the Important Update list.
        The Monthly ROLLUP PREVIEW (issued on the third Tues of later the same month) is composed of four parts: the three components of the Monthly ROLLUP plus the non-security updates for the following month. It REPLACES the Monthly Rollup component-wise, but because it is a NON-SECURITY update, it cannot METADATA SUPERCEDE the the Rollup. Therefore, it appears in Windows Update as an UNCHECKED Optional Update. A non-security update does not metadata supercede a security update.

        You have the same situation with KB4483187. It REPLACES KB4470199, but it does not METADATA supercede it, so you will keep seeing it. But if you install it, it will not overwrite the following month’s IE11 CU components because the later CU has COMPONENT supercedence.

        Windows Update works on metadata supercedence. The actual Updating Process works on component supersedence.

        5 users thanked author for this post.
        • #323631 Reply

          LTL
          AskWoody Plus

          Nice to have MS’s update gibberish deciphered into understandable English!

    • #327571 Reply

      anonymous

      ? says:

      ok, so i patched 4 machines on 2\14 Valentines’ Day, still use IE on all Windows installs, boo who.

       

      1 XP Pro had 8 patches KB4887085 was pulled for wrecking havoc before i ran Microsoft Update (thanks for the warning MSFN!) took 3 minutes total to patch XP.

      all Win 7 Pro, 2 AMD 1 Intel

      the SO’s i picked up here, thank you! then Microsoft Update offered: ( i peeked inside KB4486564 on Linux box using FF of course and did not see any stuff i did not want and it is smallish at 17.9MB.)

      KB4487078- Feb. .Net S & Q (43.1MB, mscorsvw.exe took 14 minutes to run on all 3 machines)

      KB4486563- you know what i did with that (Extreme Prejudice)

      KB890830-Feb. MSRT (also small 2.1MB, last month was 6.0MB)

      Office 2010 had 8 patches, ‘nuf said, bonus it still works!

      also cleaned and shut off Shell Bags, one machine had over 2000 entries and 800+ deleted folders. and my post update cleaning system is now easier (faster)

      again, many thanks for all you do Ishmael, PK and others…

      1 user thanked author for this post.
    • #329487 Reply

      owdrtn
      AskWoody Lounger

      Sorry in advance for such a blasphemic question, but really.. it’s still unclear to me whether or not GroupB are prescribed to integrate either of those two KB into their Gold Windows 7 x64 Installer Media Image:

      • Service Pack 1 (KB976932)
      • Enterprise Rollup Update (KB2775511)
      • Convenience Rollup Update (KB3125574)

      It does seems clear to me that SP1 is a sure go, but is it for GroupB, without any post-deploy “defusing” operations ?

      • #330634 Reply

        Kirsty
        Da Boss

        @owdrtn your question about Installer Media images isn’t related to the monthly Group B updates in AKB2000003. I suggest you post your question in the AdminIT Lounge forum, perhaps in the Managing Updates in Organisations topic of that forum.

        • #331009 Reply

          anonymous

          Is there not any GroupB-dedicated thread covering not exclusively monthly updates for win7 and 8.1 , but any updates ?

          • #331032 Reply

            PKCano
            Da Boss

            Group B is only about telemetry in Win7/8.1 updates. The rest of the updates follow general guidelines like the rest of the people.

          • #331033 Reply

            The Surfing Pensioner
            AskWoody Plus

            Here is such a thread started by Oscar CP last year:-

            Home › Forums › AskWoody support › Windows › Windows 7 › Windows 7 patches › The Ease of Group B patching

    • #329879 Reply

      anonymous
    • #339744 Reply

      anonymous

      I’ve recently discovered the Simplix Pack to create a fully updated image of Windows 7, but I’m wondering whether it’s better or worse than the list here provided. I’m asking for some feedbacks based on the list of updates that the latest version of the program integrates: https://pastebin.com/UhAf8s3c To me it looks like it integrates lots of useless old updates and that it doesn’t use Security-only updates.

      Basically I’m asking if it’s better to use a fully updated W7 image where I integrate the Security-only patches found here on AskWoody or use the updated W7 image created with the Simplix Pack.

      • #339754 Reply

        PKCano
        Da Boss

        I suspect any updated image you find that was made after October 2016, when Microsoft started the Rollups, will include the Rollups and not the Security-only Updates. The updated images will be all the Rollups included until the date of imaging (there was a new Win7 image current through Nov 2018 made just recently).

        If you want the Security-only patches, you will need to use an older ISO and manually update. The list in AKB2000003 are direct links to the MS Catalog, so if you use them, you have the latest SO patches.

        • #339906 Reply

          anonymous

          This is not a downloaded ISO image, it’s a tool that automatically downloads all the needed updates (excluding telemetry updates) and integrates them in your own WIM image. The tool gets updated every month with the latest updates.

          I was only asking for a feedback about the updates that got integrated into my W7 SP1 original install.wim compared to a integrating just the AskWoody list.

          • #339922 Reply

            Elly
            AskWoody MVP

            You might read Canadian Tech’s method for clean installing Windows 7 without telemetry (if telemetry is the issue for you): AskWoody #188268 and answers.Microsoft Updating Windows 7 in 2018.

            I don’t have any experience with the Simplex Pack, and would have to go through its listed updates manually, to see what type of updating they are using… maybe someone will answer with more experience that can tell you. The link to pastebin just shows a very long list of included updates to have to weed through.

            I’ve installed using @Canadian Tech’s method, and it went smoothly, and my Windows 7 has been very stable… and is telemetry free.

             

            Win 7 Home, 64 bit, Group B

            • #340037 Reply

              anonymous

              My doubt is about how is it possible that Simplex Pack is telemetry free while not using the security-only updates? I checked and all the KB starting with 4 in the AskWoody list are missing. Anyway, I don’t honestly understand this Canadian Tech guy. Why just install security-only updates till May 2017? That makes no sense for me… As for system images, I’ve never used them, and I’d prefer to avoid them if possible. As I said, I can already make a perfectly stable ISO integrating all the security-only updates and then installing the extra ones that I’m prompted to. Of course my real objective would be to know in advance which are the “extra ones” that Windows Update is going to offer me so that I could integrate everything in one shot and not having to install 1 single update.

            • #340229 Reply

              Elly
              AskWoody MVP

              You might find better answers by posting your question in the Windows 7 Support forum, as Knowledge Base articles are generally considered references, rather than a place to ask for help.

              Win 7 Home, 64 bit, Group B

              1 user thanked author for this post.
            • #348717 Reply

              walker
              AskWoody Lounger

              @elly:  I inadvertently did a “thanks” to a Group B, subject.    My apologies, and thank you for all of the other good postings you make!   🙂

              1 user thanked author for this post.
    • #340478 Reply

      Jim VS
      AskWoody Plus

      PK – Sorry to bother again, but I’ve been trying to update the Jan KB4480964 on my W7 and after downloading I get the “message” that this update is not applicable to my computer. I’ve been using the x64 updates for quite sometime, so I’m confused/bemused by this response.

      Should I try the x32 version, or is there some other thing (that you may know about) that is currently going on?

      jimzdoats

      jimzdoats

      • #340480 Reply

        PKCano
        Da Boss

        The link (direct link to Catalog) gives me the correct download (with 8.1. KB4480964, and x64 in the file name). Look at the file size. I’m showing 34+ MB. Sometimes MS  Catalog has a problem and the files size is considerably smaller, doesn’t work. (Also check to be sure you didn’t install the Rollup)

        1 user thanked author for this post.
        • #341040 Reply

          Jim VS
          AskWoody Plus

          I’ve tried a few more times and nothing works. Ive even waited an hour or so for the larger file to arrive. I also swept the floor looking for some kind of eff-up on my part that would have allowed my Win 7 system to to think it was something else. I did not find anything on this unit that should prevent an update from microsloth to become downloaded. Unless, of course that it is W7 and not W8.1

          I’m absolutely confused by this; you guys have always come up with an answer, or a work-around when this kind of s**** occurs. If I need to upgrade this PC to W8.1 I’m ready to do that. My wife won’t be, but that’s my problem and not yours.

          Any help is most wanted and hoped for.

          Jim

          jimzdoats

          • #341048 Reply

            DrBonzo
            AskWoody Lounger

            Well, KB4480964 is for Windows 8.1. You say you have a W7 computer, which I take to mean Windows 7. So I think it’s a good thing you’re getting the message that it (KB4480964) isn’t applicable to your computer.

            Edit: If you want the January Security Only patch for Win 7 you want KB4480960.

            2 users thanked author for this post.
            • #342182 Reply

              anonymous

              Roger that DrB. YOU sir, are correct. Anyone needing the Jan 2019 Win7 64-bit update should pay close attention, since it was not available on the “Group B” update site here at Woody’s. Clanking in to Widders own site for updates and (taking time to go fill the wee dram glass) allowed the download for that appropriate 4480960 update to arrive and, subsequently be installed.

              Slainte!

            • #342186 Reply

              PKCano
              Da Boss

              The Win7 patches are ABOVE the Win8.1 patches.

              KB4480960 IS available in its proper place.
              You have to look in the Win7 patches, but the KB number you asked for was for Win8.1 which was stated in my original answer.

              1 user thanked author for this post.
    • #341253 Reply

      anonymous

      ? says:

      ok, so i downloaded KB4490628-SSU 32bit (4.2MB) patch from here and ran it from the desktop. 10 seconds to install it, no trusted installer running afterwords. shows installed in event viewer\setup and Microsoft Update, CBS log shows a 51kB run (was empty prior to updating.) prefetch shows wusa, trusted installer and vssvc.exe ran successfully, as well.

    • #341326 Reply

      RamRod
      AskWoody Lounger

      PK, I don’t know how else to do this, so I’m asking this question as a reply to an unrelated issue.

      And it’s a big ASK.

      I have a Windows 7 machine that I haven’t turned on since 2015. It was right in the middle of that mess with Windows Update – it took hours and hours to update Windows 7, if it updated at all. In the midst of that we moved. I boxed that PC up and didn’t unpack it until last weekend. Still haven’t turned it on let alone connected to the web.

      I want to resurrect that machine. I’d like it to be Group B – security only updates. I don’t want the spectre and related updates. I also wish to avoid the modern telemetry add-ons. I just want my old Win7 machine up and running securely.

      Now to the big ASK! What steps should I take to bring this machine back to life – albeit a mostly secure if not fully updated life? Even if you choose not to respond to this ASK you’ll have my eternal respect as one of Woody’s MVP’s.

      Thanks in advance, RamRod.

      • #341338 Reply

        PKCano
        Da Boss

        This is not the right place to do that. Make a topic under Win7 Patches Forum. I’ll try to put something together in my spare time (ha ha). Name it something like “How to update Win7 that has been offline since 2015” (or something like that).

        1 user thanked author for this post.
        • #341342 Reply

          DrBonzo
          AskWoody Lounger

          Perhaps this link will save both of you some time?

          Quickest way to get Windows 7 SP1 fully patched

        • #341347 Reply

          PKCano
          Da Boss

          That post is two years old. There is a more recent one than that, but I need to find it. And that even needs to be updated (for example, we have had two SSUs since). Set up the Topic and give me some time to find the links and get together the changes since.

          • #341442 Reply

            anonymous

            Here you are: https://www.askwoody.com/forums/topic/comments-on-akb-2000003-ongoing-list-of-group-b-monthly-updates-for-win7-and-8-1-2/#post-193220

            • #341445 Reply

              Elly
              AskWoody MVP

              There have been servicing stack updates since that was written, also…

              Win 7 Home, 64 bit, Group B

        • #341348 Reply

          RamRod
          AskWoody Lounger

          Thanks for the quick response.

    • #342581 Reply

      anonymous

      Just so that you know – KB 4489873(the security-only update for IE11, Windows 8.1, 64 bit March 2019) still does not work well with my Halo Spartan Strike game – missing sound and possibly other problems. I have uninstalled it for normal game-playing.  I haven’t noticed any problems with the March 2019 Windows 8.1 64 bit update.

       

    • #348103 Reply

      anonymous

      ? says:

      thank you for the not April fool’s day green light!

      updated 3 win 7 pro 32 bit machines 2 AMD 1 Intel and one with Office 2010:

      KB890830-March MSRT

      Office:

      KB4462226-Office, KB4018363-Access, KB2589339-Office, KB4461626-Office, KB4462229-Outlook…

      manually installed the March SO, IE, SU and SSU and bonus being PRO machines haven’t seen hide nor hair of KB4493132 nag

      1 user thanked author for this post.
    • #1496554 Reply

      anonymous

      ? says;

      Wow, it is already MAY! (still snowing here, currently 36 degrees outside) only 8 more months of win7…

      thanks to the Woody’s wise patch system and all the helping elves, too. all i had were the 2 B patches and MSRT plus the Office 2010 patches on one machine and they came back for more in fine style. i ran DISM and came up with 2 patches from 2014 and 2015 KB3033929 and KB3003743 both of which caused problems for lots of folks when they were originally released. KB3003743 MS14-074  was so troublesome that Woody wrote about it on Infoworld “Microsoft’s Black Tuesday Toll,”

      https://www.infoworld.com/article/2846845/microsoft-black-tuesday-kb-3003743-ie11-emet-5-security.html

      i log most every patch that is removed after monthly patches and am wondering why they were breaking machines when originally released and why are they being removed from SxS 4 or 5 years later? Especially when the OS is soon to be relegated to the pages of history?

      Anyway, many more thanks for helping us make through yet another “Black Tuesday!”

    • #1628446 Reply

      byteme
      AskWoody Plus

      Typo in ongoing list (and in https://www.askwoody.com/forums/topic/may-2019-patch-tuesday-arrives/#post-1621530):

      pciclearstatecache –> pciclearstalecache.

    • #1662885 Reply

      anonymous

      ? says:

      just did 3 win7 pro 32 bit, 2 AMD, 1 Intel. got the IE-29.1MB and SO-72.3MB + pci..29.5KB. here then the rest through update chute. Office 2010 had 2, KB44645672.9MB and Outlook KB4464524 12.1MB plus KB890830-May MSRT-6.8MB. threw away the rest of the bad fish. the PciClearStaleCache.exe did not run. the KB4499406-43.2MB .NET (KB4495606 for me) ran cleanup for 13-14 min. after reboots. and as usual did the tasmanian devil fragmentation routine all over my HDD’s. i notice a problem is surfacing (i should have waited a little longer? to patch.) i eagerly await the day my kester will be too far away for microsoft to reach and i will never forget the wasted hours and stressed machines trying to patch because microsoft wanted me to do things their way.

      • #1663014 Reply

        PKCano
        Da Boss

        What will you do with your time when Jan 14, 2020 comes. Think of the load off! 🙂

    • #1663493 Reply

      anonymous

      ? says:

      let me see? what constructive things could i do with all the time i will have after my cruel microsoft task master fades into the distant past? humm, i know, i’ll keep pushing the limits of my newfound friend linux…

      thanks, PK! wake me up from my post patching glow when i will then have to rip out all of the May 2019 patches because somebody forgot to build them correctly… (again)

    • #1747876 Reply

      BobT
      AskWoody Lounger
      • #1747879 Reply

        Kirsty
        Da Boss

        It’s because the topic is closed to new comments that the text is different to a normal topic. However, the current site issues have changed how closed topics are displayed, making them a little harder to read currently.

        1 user thanked author for this post.
        • #1750738 Reply

          BobT
          AskWoody Lounger

          Ahh thanks, be nice if that could be fixed. Like you said, super hard to read!

        • #1751389 Reply

          PaulK
          AskWoody Lounger

          A hokey little trick –
          (This works on Win 7 / Firefox; I assume OK in other environments too.)

          Click anywhere in the article (sets focus):
          Edit > Select All -OR- just Ctrl+A
          This will highlight everything: white text, on a blue ‘highlighter’, on a white page background.

          To cancel, just click anywhere.

          This is nice when one is contending with (e.g.) white text on a white background.

          2 users thanked author for this post.
    • #1766168 Reply

      T
      AskWoody Plus

      Yet again the file hashes for the cumulative security update for IE11 (KB4498206) do not match the table of hashes here. I know it’s in the filename but it’s a bit disconcerting when there’s a mismatch like that and filenames can easily be changed. Probably give the May update a miss since it’s cumulative anyway.

      • #1766176 Reply

        PKCano
        Da Boss

        Compare the Win7 x64 May IE11 files as an example.
        The top one is from the MS Catalog.
        The bottom one from the AKB2000003 download link.
        They appear to be the same.
        Screen-Shot-2019-06-02-at-3.44.02-PM

        Attachments:
        • #1766299 Reply

          T
          AskWoody Plus

          Yes but that’s the filename, if you look at the table (under ‘File information’) in the link to the cumulative update i posted that hash in the filename doesn’t match any of the SHA1 hashes listed. Nor does SHA256 if you check the file from a command prompt using certutil -hashfile. This happened in january as well and i skipped that update. I’m sure it’s safe but you know, it’s microsoft we’re talking about here and since they are cumulative i’d rather just skip an update. I’m group b by the way.

          • This reply was modified 2 weeks, 2 days ago by
             T.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Comments on AKB 2000003: Ongoing list of "Group B" monthly updates for Win7 and 8.1

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.