December 2014 IE patch KB 3008923 is back

Topic

New Reply

I’m seeing reports all over that the highly problematic KB 3008923 is back. I wrote about the continuing problems in January 2015. It’s the patch behi
[See the full post at: December 2014 IE patch KB 3008923 is back]

8 users thanked author for this post.

Elly, Pepsiboy, ch100, JDeC, AJNorth, lizzytish, Spiff, HiFlyer

Reply | Quote

Replies

Thanks Woody. I’ve just been offered this on one of my Windows 7 machines. Time to sit tight methinks!

Talking of which, with odd things appearing such as this one plus the Office updates, and now we’re into the new month, isn’t it time for the MS Defcon to change?

Reply | Quote

So this is just a Hide And Forget, right? I noticed the patch came with a bit of scaremongering in Windows Update.

I don’t think I even have IE on my PC anymore,  beyond what’s embeded in the Control Panel. At least I’m not seeing ie.exe anywhere, when searching from the start menu.

Win7.

Reply | Quote

It is not recommended to HIDE updates. If you are installing updates, just UNCHECK it and it won’t be installed.

FYI, the executable for IE is “iexplore.exe” not ie.exe

2 users thanked author for this post.

owdrtn, HiFlyer

Reply | Quote

The problem with that is that there is a danger that updates that appear in your update list may be automatically re-checked by WU or even accidentally rechecked by oneself. Plus, it results in the main update list becoming extremely cluttered over time if you keep it filled with old updates you know you don’t want.

What is the reason for not hiding updates please, especially when you keep a note of which they are so you can easily retrieve them if needed? Is a hidden update more or less likely to be installed against your will than one left unchecked in the main list?

1 user thanked author for this post.

Elly

Reply | Quote

Windows update works on a supersedence system. Older updates are seperseded by newer ones that replace them. If you HIDE a patch instead of letting this order remove it naturally, it can “mess up” the supersedence chain and cause problems with Windows Update.

An example of this is the current Monthly Rollups. If you are in Group B and do not install the Rollups, but instead UNCHECK it before you install, then leave it as a CHECKED update afterward, next month it will simply disappear and be replaced by the later Rollup. It is superseded. If you HIDE it, you may end up with a stack of superseded Rollups in your hidden list.

So it is not just a matter of User “preference.” It is actually detrimental to the supersedence process to HIDE updates.

I know, it’s a Royal pain, but that’s the way is is.

9 users thanked author for this post.

walker, Elly, owdrtn, AElMassry, JDeC, woody, HiFlyer, Canadian Tech, Seff

Reply | Quote

Thanks for the explanation. As a Group A user (at least unless and until things go wrong then I’ll reconsider between B and W), I don’t really see the difference between a superseded update disappearing by being in (or possibly removed by WU from) my hidden list (and the replacement update appearing in my main list) and it disappearing from my main list when replaced. As the current update this topic is about shows, either way the replacement update appears in my main list and the superseded update is no longer on show. By hiding the unwanted update, however, I have ensured that it is not inadvertently installed. Each to his own, I guess!

Reply | Quote

I recall that user ch100 has advocated the view that hiding updates can be detrimental. I have my doubts about that though. I would like to see evidence that hiding updates can be detrimental.

If abbodi86 is reading this: do you agree with ch100 on this?

Reply | Quote

Yes, i do agree

and @PKCano did a good job in describing the most detrimental effect of hiding updates

this effect varies depending on the hidden update supersedence chain
i.e.  hiding KB3008923 will result in KB3003057 showing, and hiding that will result in KB2987107 showing

so the effect is a little limited in this case
but for Monthly Rollup it will be big

5 users thanked author for this post.

Elly, JDeC, woody, PKCano, MrBrian

Reply | Quote

@abbodi86: That behavior is by design though, I believe. I agree (from tests that I have done) that there is an interaction between hidden updates and what is offered, and I believe it works like this:

When you check for updates with Windows Update, a list of applicable updates (including updates that are superseded by other applicable updates) is returned to the Windows Update Client. If you have hidden an applicable update, the Windows Update client will go backwards in the supersedence chain and list the first superseded applicable update that isn’t hidden. Example: If you hide the April 2017 Windows monthly rollup, the March 2017 Windows monthly rollup appears (assuming it’s not also hidden). How is this a problem? 🙂

1 user thanked author for this post.

woody

Reply | Quote

Look at the later comments in this thread and see the problems supersedence creates when you hide patches 🙂

1 user thanked author for this post.

abbodi86

Reply | Quote

@PKCano: Do you mean a scenario in which a given update was defective (but not yet expired by Microsoft), and a superseding update fixed the issue in the superseded update?

I still maintain that this behavior is by design, and Microsoft would not consider it a bug.

Reply | Quote

I was referring to the confusion this is causing for the average User. Like
https://www.askwoody.com/forums/topic/december-2014-ie-patch-kb-3008923-is-back/#post-113045

Reply | Quote

@PKCano: I can definitely see, from a user’s standpoint, that it’s confusing that hiding a given update can cause a previously not-shown update to appear in Windows Update. But I believe that this is by design, and that there are good reasons for doing this. Example: Suppose a user just installed Windows 7, and Woody hasn’t given the go-ahead to install the April 2017 monthly rollup yet (this is hypothetical). So the user hides the April 2017 monthly rollup. Which is more desirable: 1) March 2017 monthly rollup now shows up in Windows Update or 2) no monthly rollups are shown in Windows Update? I choose 1 as being more desirable.

Reply | Quote

I totally agree (1) that no update should be hidden simply because it hasn’t yet been cleared as fit for purpose, and (2) that major updates like a monthly roll-up should never be hidden. Minor updates like changes to the Summer Time in Outer Mongolia, for example, can surely be hidden and don’t merit being retained in the active list of updates.

There may be a valid question mark over which category some updates fit into, but on the whole I think major updates are best installed when deemed safe to do so and minor updates considered unwanted (or in many cases being updates which are simply inappropriate  e.g. Silverlight updates on a system with Silverlight not installed) are best hidden rather than being left in the active list for months or even years to come in case they are superseded one day, not least as there’s no likelihood of their successors being installed either.

Reply | Quote

@Seff: I believe that hiding a given update does not cause superseding updates to be hidden. As a test, on a test machine I hid the April 2017 Windows monthly rollup, and I’ll check if the May 2017 Windows monthly rollup is hidden on May 9.

Reply | Quote

The May Rollup won’t be hidden if you hide April’s but the March Rollup should reappear until the May Rollup is released.

Reply | Quote

That’s fine, thanks both, I was expressly not suggesting that monthly rollups should be hidden- the opposite in fact.

My point about a superseding update to a hidden one not being installed was nothing to do with the way WU treats hidden updates, rather that if I had hidden an update about a remote time zone or currency update because I didn’t want it, the likelihood was that I would also not want any superseding update on that so any complication in installing that wouldn’t arise as I’d hide it too.

Reply | Quote

I have a question.  Of the two following updates ,one allows you to down load but doesnt install unless you allow it .  The other just notifies you but doesnt down load or install.  If you select the notification only and hide it , will that also have a negative effect ?

Reply | Quote

If you are referring to the update mentioned in this article, I wouldn’t install it now. Wait until the supersedence problem is resolved.

Reply | Quote

Welp, turns out I still have IE then. Could have sworn it was ie.exe.

As for Hide vs. Uncheck. I prefer hiding because it ensures I don’t accidently install it, either by misclicking or confusing it for another update. But to each their own.

Reply | Quote

Even tho you may not use IE any more, there are some applications that do so behind the scene as it were, so it’s always recommended to keep it updated – but only when it’s been passed as fit for purpose of course.

Reply | Quote

Yep………. it’s sitting on my machine patiently!! hahaha! What a game of cat and mouse…..
It’s called a Cumulative Security Update for Internet Explorer 11……. wonder what else they
are trying to include….. like telemetry……. So far so good Woody with your help and that of all the others………. it has certainly made it so much easier to steer clear of all the pitfalls that surround us in this!! Many thanks one and all! LT

Don’t update – it only encourages them!
(with apologies to Billy Connolly)

Reply | Quote

It just an incomplete job in expiring old superseded update, in order to further reduce Windows Update scanning load

they expired most of IE11 cumulative updates (around 14 updates)
however, the supersedence chain for KB3008923 is now broken, the update that supersede it is expired
therefore and by metadata rules, KB3008923 is not superseded now

they did this exact same incomplete job for Windows 8.1 just before 2 or 3 months
the mistake did not last long, and they fixed it and competed the “expring” job within a month

 

bottom line, just ignore KB3008923 for now until they fix the issue and expire it
even if it get installed by WU, it have no affect at all on IE or system, because it’s completely superseded and won’t be active

6 users thanked author for this post.

Elly, woody, Spiff, HiFlyer, MrBrian, PKCano

Reply | Quote

Win7User here.  Hello, I too have the 3008923 offered. Will wait for WOODY’s advice.

PK, I did as you said a month ago and un-Hid my updates since I am Group B and every one eventually came back offered to me!  All the way back to October (??) of last year. Every time I rechecked for updates another one would come in. I had to keep re-hiding the updates until they all went away and the hidden list repopulated with those months of old updates. I even think a few previews wanted back in there. Thank you.

Reply | Quote

Do not install KB3008923

4 users thanked author for this post.

dgreen, JDeC, HiFlyer, woody

Reply | Quote

Either the update is distributed accidentially – or they changed something and avoided to update their manifest description for Windows Update and Microsoft Update Catalog and for KB-article KB3008923. My conclusion: The update thing at MS is terrible broken – some observations and thoughs may be found at Internet Explorer 11 Update KB3008923 (May 2017) is back within my blog.

Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author

https://www.borncity.com/win/

1 user thanked author for this post.

woody

Reply | Quote

See @abbodi86’s comments above

Reply | Quote

I hide those Eastern European currency change up dates.  I`ll never use them.

Reply | Quote

My hidden foreign currency updates eventually disappear from my hidden updates list.

Reply | Quote

Lol the plot thickens I have just been offered this IE11  update now kB3003057

something’s gone breasts up at MS, i wonder if they will blame this on the Russian’s  hacking their server ?

https://support.microsoft.com/en-gb/help/3003057/ms14-065-cumulative-security-update-for-internet-explorer-november-11,-2014

Reply | Quote

Unbelievable i hid the November 2014 patch  and Wus is offering this now KB2987107 Oct 2014, I didn’t install W7 or even build this PC until Feb2016

https://support.microsoft.com/en-gb/help/2987107/ms14-056-cumulative-security-update-for-internet-explorer-october-14,-2014

Reply | Quote

See @abbodi86’s comments on supersedence in this thresd.
DO NOT hide updates or the one it superseded will show up.
Just UNCHECK IT!!!!

1 user thanked author for this post.

HiFlyer

Reply | Quote

MrBrian wrote:

@abbodi86: That behavior is by design though, I believe. I agree (from tests that I have done) that there is an interaction between hidden updates and what is offered, and I believe it works like this: When you check for updates with Windows Update, a list of applicable updates (including updates that are superseded by other applicable updates) is returned to the Windows Update Client. If you have hidden an applicable update, the Windows Update client will go backwards in the supersedence chain and list the first superseded applicable update that isn’t hidden. Example: If you hide the April 2017 Windows monthly rollup, the March 2017 Windows monthly rollup appears (assuming it’s not also hidden). How is this a problem? 🙂

Sure it’s by design, but it doesn’t mean that the design is ideal 🙂

for Rollups themselves or IE cumulatives it would be easy to distinguish, becuse they have same labeling
but what about other updates with generic labels (securitu update for windows 7 …etc)? how would you differentiate superseded updates from applicable?
if you are in Group B, some Security-Only updates have similar superseding chain like the matching month Rollup, hiding the rollup will cause these old security updates to show, and one would need to check MU catalog and see which one of them is superseded to hide

more else, the hidden updates list is affected by new supersading updates and hiding those might reset some part of the list, and so on

it’s unnecessary mess

 

1 user thanked author for this post.

Elly

Reply | Quote

We agree that this behavior is by design, and not a Microsoft bug :). And I agree that this design can be confusing to the user. But besides that, is there another issue? I believe ch100 mentioned a corruption issue? Is there an issue beyond user confusion?

 

 

Reply | Quote

Users not following Windows Update and hiding based on own criteria (or based on misleading information from other sources) will always have issues.
I don’t want to re-open the old debate, but this is obvious to me for many reasons, which I mentioned so many times on this forum.

4 users thanked author for this post.

woody, HiFlyer, PKCano, MrBrian

Reply | Quote

I see what MrBrian and CH and PK are saying. I’m in GROUP B and follow Woody’s advice on what to get and when.  After  2 to  2-1/2 weeks, I install the updates.  I go to the MS catalog and only get the “security only” updates even for the .NETs.  After that I HIDE all updates remaining to make is say 0 (zero) updates are needed. Then it starts anew the next month. This works for me. My other option is Group W as some of my friends. They threw up their hands and said, “no more” and stopped updating their devices (phones, etc.) No it is not safe, but they have not been compromised either and some are still on Windows XP (and again have NOT been compromised.) They use other software for protection like Spybot SD and adblockers to halt malicious ads. They have been doing that for years now and are still doing fine. Other relatives we have do Group A for absolute simplicity, and had installed Spybot Anti-Beacon for privacy. Thanks Woody for all you do.

 

Reply | Quote

Wait. This is weird. I got this update in Windows Update after refreshing my Windows 7. I thought it was a glitch or something after installing Java. Shouldn’t this be included in the Monthly Quality rollup?

Reply | Quote

KB3008923 is a 2014 IE patch – old and superseded. Not current. Not to be installed.

Reply | Quote

Noted. But if I install it and run a Windows disk cleanup wouldn’t it just get deleted anyway? In the past when I’ve done refreshes/reinstalls several superseded updates got deleted after a Windows Disk Cleanup. It actually brings the number of Windows and Office updates down considerably. And clears up quite a bit of space on your drive. Like 2-3 gigs have been cleared I found. But I digress. Couldn’t I just install it and then do a disk cleanup and then hopefully won’t be bothered again by it?

Reply | Quote

It’s there because the supersedence chain is broken. If you run Disk Cleanup, and clean it out, I think it will just show up again b/c of the supersedence problem.
If you leave it alone, and just UNCHECK it if you need to install something, I think MS will fix the problem eventually and it will go away.
MS is in the process of cleaning out the old patches that are superseded, and rolling the ones that are not superseded in the Monthly Rollups. Eventually we hope they will straighten things out and the Rollup will contain everything old and current.
It’s just a painful process for those of us on the outside. Imaging what it must be like working in MS!!!!

2 users thanked author for this post.

HiFlyer, ch100

Reply | Quote

Out of curiosity I did install it and then run a disk cleanup, the update did not get removed. So I will now manually uninstall it. How did the supersedence get broken? I’ve never heard of this happening.

Reply | Quote

Check this out – it explains it all. MS is making massive changes and this KB just go caught in the mess.
https://www.askwoody.com/forums/topic/massive-batch-of-old-windows-updates-retired/

5 users thanked author for this post.

Elly, woody, SueW, HiFlyer, ch100

Reply | Quote

Office updates are not removed by Disk Cleanup.
However running Disk Cleanup is useful for reducing and maintaining well Windows Update and the Windows internal components.

1 user thanked author for this post.

HiFlyer

Reply | Quote

I’m on 1511 – still. I run wushowhide everyday. All I’m seeing lately is an update for silverlight and defender. I leave them unchecked – meaning that I’ll accept them when offered. I’m not being offered anything else. Is that weird?

Reply | Quote

KB308923 is being offered on Win7, not Win10

Reply | Quote

See this https://www.askwoody.com/forums/topic/massive-batch-of-old-windows-updates-retired/

2 users thanked author for this post.

HiFlyer, MrBrian

Reply | Quote

I’m looking for more information about this post from ch100:

“Never hide updates again, except for very short term – only few minutes or hours for testing only. If you prefer to skip certain updates, just ignore them, but do not hide, as they often get revised, replaced or expired and by having hidden versions at the time when they get modified, you actually impact the Windows Update management of the updates and corrupt your system.” (my bolding)

Can anybody give me a reproducible Windows 7 scenario in which this alleged corruption due to hiding updates happens?

Reply | Quote

@MrBrian
Corruption refers in this context to the SoftwareDistribution database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb and not to Windows.
However, this has potential impact over future updating of the system as a whole.

One such example. Microsoft releases often timezone changes or currency updates in early preview. Some people decide for whatever reason to hide those updates. They are eventually superseded by monthly rollups which include those updates. After a while, Microsoft might decide to retire the old timezone update, because it becomes obsolete after the release of the rollup. Now there is a record in the DataStore.edb which does not have a corresponding reference on the Windows Update site. This previous hidden update lingers there forever and can be removed only by deleting the DataStore.edb and recreating it. The unsuspecting user does not even know that the hidden record exists.
If this is a benign problem or not, I have no way of knowing or measuring. But there is always a good chance that such records may generate timeouts or other undesired behaviour of the updating mechanism. As such, my recommendation is never hide updates. There is no point in adding overhead to an already fragile mechanism which works well only for those few who had the patience to understand it in all details and master it and does not work well for the large audiences for which it was designed and intended.

2 users thanked author for this post.

HiFlyer, MrBrian

Reply | Quote

@ch100: So in summary, there is no known corruption problem due to hiding of updates, but you recommend not to hide updates due to an abundance of caution that there could be such a problem?

1 user thanked author for this post.

ch100

Reply | Quote

Essentially yes.

1 user thanked author for this post.

MrBrian

Reply | Quote

In fact hiding updates for testing and unhiding them while they are still available on the Windows Update servers do not create any problem. This is a useful procedure to identify various supersedence behaviour as it was explained by other knowledgeable posters many times including in this thread.
The only potential problem appears when such hidden updates are retired and suddenly there are no references and the local cached database is out of sync with the Windows Update servers repository.

Reply | Quote

@ch100: I would guess a fair number of people have hidden versions of KB2952664 that are now expired. Are any of these people having problems with Windows Update?

1 user thanked author for this post.

SueW

Reply | Quote

The answer is the same as above.
I don’t know, but maybe.
Imagine that now we have had over 1000 expired updates for few operating systems.
Let’s assume 200-300 (I haven’t counted exactly) are for Windows 7 64-bit or any other OS as an example. Let’s also assume that those about 200 updates were previously hidden by certain users.
What happens now when Windows Update is run against Windows Update servers at Microsoft?
Less than 10 updates out of sync may not produce any visible effect, but 200?
Nobody seems to know exactly, but I would suggest that this sort of situation should be avoided, at least based on common sense.
There is no need to panic though as it is easy to recover by resetting the DataStore.edb.

2 users thanked author for this post.

HiFlyer, MrBrian

Reply | Quote

My take on this is that if there really were a corruption issue for Windows 7, given the amount of time Windows 7 has been available, there should exist a Microsoft Knowledge Base article documenting it, and a fix available.

Reply | Quote

I find it interesting that @ch100 suggests that problems can arise when a hidden update is retired as the record of it no longer exists and so it “lingers there forever”. I think most users’ experience is that retired updates disappear from hidden updates just as effectively as they do from the active list, and that’s certainly my own experience.

I do appreciate the theoretical risk of problems arising from hiding updates, and my thanks to those who advice on that,  but I haven’t yet seen any evidence of that risk being borne out in practice. In the absence of that evidence, it seems to me that any such theoretical risk is outweighed by the practical nuisance caused by retaining unwanted updates in the active list where they may also “linger there forever”.

2 users thanked author for this post.

GoneToPlaid, MrBrian

Reply | Quote

What issues can result from hiding a Windows update?

1 user thanked author for this post.

ch100

Reply | Quote

i installed it.
should i uninstall it?
i usually hide the updates i don’t intend on installing;
will this create a mess:will i be offered more useless/related updates?

Reply | Quote

I wouldn’t worry about it. Just Microsoft screwing up again.

1 user thanked author for this post.

ch100

Reply | Quote

Since this is supposedly for Win 7.  When you go to Woody`s Info World article of  Dec. 17, 2014 it mentions ” Microsoft ships KB3025390 to fix KB3008923. When you click on KB3008923 l at the bottom of his article  it links you to MS14-080 from the Dec 17  article it refers to KB3022827 contains the same security updates that apply to Windows 10 Technical Preview.  What does the  Win 10 tech  preview have to do with Win7?

Reply | Quote

Must be old info. That was 2.5 years ago.

If you have a specific link that’s behaving badly, let me know….

Reply | Quote

Thanks for all your efforts, Woody, and everyone else.

As  reasonably computer literate newbie to this lounge/forum, with responsibility for updating the 3 computers in our small office, I read all this with mounting amazement, mixed in with a little horror, at how Microsoft behaves and manages its updates. No wonder there are so many fixes from Microsoft if this is the way they manage things!

For now, however, I shall uncheck and patiently wait for it to go away!

Edit: html to text

RobB

Reply | Quote

I was offered 3008923, and I installed it.

Then I saw the article about it causing problems, and attempted to install 3025390.

The 3025390 installation reported it was ‘not applicable’.

I uninstalled 3008923.

Reply | Quote

Regarding KB3008923,
I wondered why some Windows 7 systems get KB3008923 offered and others don’t.

For instance,
I do not get KB3008923 offered on my Windows 7 Home Premium x64 system that was installed November 24, 2014.
But I do get KB3008923 offered on my Windows 7 Professional x64 system that was installed March 29, 2016.

I guess the system installation date, and thus the updates that were installed, has something to do with getting KB3008923 offered or not.

On my Windows 7 Home Premium x64 system that was installed November 24, 2014, KB3008923 was installed December 25, 2014. (That system was offline on Patch Tuesday December 9, 2014, till December 25, 2014, when KB3008923 and other December 9 updates were installed.)

On my Windows 7 Professional x64 system that was installed March 29, 2016, KB3008923 was never installed, as it was already superseded by a more recent Cumulative security update for Internet Explorer, the March 8, 2016 update KB3139929.
And with recently Microsoft retiring old superseded updates, consequently breaking the supersedence chain (as discussed by abbodi86 and ch100), Windows Update no longer recognizes the current Cumulative security update for Internet Explorer on that system.

I think that difference, mainly the system installation date, and thus the updates that were installed, is what determines whether or not KB3008923 is being offered.

(Also posted at Wilders Security Forums.)

2 users thanked author for this post.

satrow, MrBrian

Reply | Quote

I installed KB3008923 on both my Windows 7 machines in December 2014, and it’s being offered again now. The only difference between then and now is that in Dcember 2014 I was running (and using) IE9 and now I’m running (albeit barely using) IE11.

1 user thanked author for this post.

Spiff

Reply | Quote

Thanks very much, Seff.
That means I may have been too confident in my conclusions in my previous post.

Reply | Quote

Seff wrote:

I installed KB3008923 on both my Windows 7 machines in December 2014, and it’s being offered again now. The only difference between then and now is that in Dcember 2014 I was running (and using) IE9 and now I’m running (albeit barely using) IE11.

I think I found the reason that you get KB3008923 offered for the machines on which KB3008923 was installed in December 2014, while I do not get KB3008923 offered for the machine on which KB3008923 was installed in December 2014.

On your machines you had the KB3008923 update for IE9 in 2014, I had the KB3008923 update for IE11 in 2014.
According to the Microsoft Update Catalog for KB3008923, the versions for IE9 and IE11 are not the same. (Also if you download the two versions, you see they’re not the same.)
As I said, I think that is the reason that you get KB3008923 offered for the machines on which KB3008923 was installed in December 2014, while I do not get KB3008923 offered for the machine on which KB3008923 was installed in December 2014.

Reply | Quote

This discussion has a “How many angels can dance on the head of a pin” quality. I have for years routinely hidden update offerings. For instance, even though the hardware is long gone, I’ll occasionally get an HP printer or Dell monitor update offering because some old driver is hiding somewhere. Because the hardware is gone, the update fails, so I hide it. Eventually, except for “Windows 7 Language Packs,” these and all other update offerings disappear from “Restore hidden updates.” After years of this, at this moment the only entries in my “Restore hidden updates” record are for the “April, 2017 Preview of Monthly Quality Rollup for Windows 7 (KB4015552)” and about half a TB of “Windows 7 Language Packs.” (It’s unlikely I’ll ever need to do anything in Lithuanian.) If the past is prologue, the “April, 2017  Preview” will disappear as well. Might this theoretically cause some problem with Windows Update in the future? There go those angels again.

As an aside, I still get a chuckle over the very idea of installing a beta–oops, monthly rollup preview of an MS security update. Makes me laugh every time I think about it. Thanks, Microsoft!

GaryK

 

GaryK

3 users thanked author for this post.

woody, HiFlyer, MrBrian

Reply | Quote

Just offered on our W7 and tried to install itself even though I have ‘check for updates but choose whether to download and install them’.

Disconnected at 80% and checked /cleaned system and also emptied Windows/SoftwareDistribution/Download folder.

Restarted the PC to find..

it had not installed

PHEW!

Needless to say, I changed the WU settings to ‘Never Check for Updates’ until the all clear is given post patch Tuesday 9th May.

On our W8.1 it was offered but, I declined 🙂

Win8.1/R2 Hybrid lives on..

Reply | Quote

I use Win 7×64   Premium Home Edition. KB3008923 installed on my computer back on 12/10/14 followed by MS fix KB3025390 installed on 12/22/14.  My computer is working fine. I have not  been re-offered KB3008923.  I assume it’s because it already exists on my computer.  I have been following Woody since 2014.   I am in Group A.

 

Reply | Quote

The December 2014 IE11 KB3008923 was being offered to me also the past few days. (It was originally in my hidden updates since 2014).
The one being offered again I kept hiding it and it kept coming back.
However today, there’s a new one….KB3003057 Dec. 9, 2014 42.4 MB
Haven’t had a chance to look that one up yet. My gut tells me it’s not going to be good.
I have been hiding updates since 2014.  Have only installed “critical” updates since 2014.
My computer runs fine.

Windows7 64 bit Home Premium SP1 Windows Server 2008 R2x64
Group B

 

Reply | Quote

This is why the other patch is showing up https://www.askwoody.com/forums/topic/december-2014-ie-patch-kb-3008923-is-back/#post-113035

1 user thanked author for this post.

dgreen

Reply | Quote

Windows update offered the ancient IE cumulative update to my Win7 systems.  A quick check revealed that the update had been installed several years ago. This is not the first time that Windows Update has offered something from the dim past that had already been installed. Such offerings usually disappeared with the passage of time.  I quickly concluded that, for the moment,  WU is borked.  No surprises here.

Reply | Quote

Just to give an update.
Yesterday I posted above that kb3008923 was offered and I hid it.  It came back a couple of times.  Then yesterday kb3003057 was in my updates.  I unclicked it for the moment but did not hide it.
This morning I deceided to check my “hidden” updates and kb3008923 was not there.
Apparently it was removed by MS?
So does kb3003057 supercede kb3008923?

Windows7 64 bit Home Premium SP1 Windows Server 2008 R2x64
Group B

Reply | Quote

Last night I hid 3008923 and this morning I was offered 3003057 which I also hid, after which I was offered 2987107. These all relate to IE updates installed in 2014, when I had IE9 installed although I subsequently upgraded to IE11. I’ve left the latest one available for the moment (thinking that if I hide it there’ll doubtless only be another in its place) but there seems to be no apparent reason for them to be offered after all this time and the information pages haven’t been updated since 2014.

Given that tomorrow is presumably Patch Tuesday and we’re already getting an assortment of old updates along with some Office ones, is it not past time to change the MS Defcon?

Reply | Quote

dgreen wrote:

So does kb3003057 supercede kb3008923?  

According to my monthly records, 3008923 was issued in December 2014, 3003057 (which appears now if you hide 3008923) was issued in November 2014, and 2987107 (which appears now if you hide 3003057) was issued in October 2014. They appear therefore to be going backwards, not forwards. I still haven’t tried hiding 2987107 and I only began keeping records of updates in October 2014. I installed all three of those updates when they were first issued in 2014.

None of it makes any sense to me!

Reply | Quote

Same here.  KB3008923 was removed from my “hiddens” when KB3003057 showed up this morning which I also will not install.  Note that I just installed IE11 from scratch and then fully updated it thru WU just a month ago.  3008923 and 3003057 didn’t turn up until weeks after that original IE11 install and updating.

For me the real question  is why are these 2 1/2 year old “Cumulative” IE updates showing up now when they would have been superceded and made moot by 2 1/2 years worth of  “Cumulative” IE updates that have been put since they were originally released in 2014.

Viper

Reply | Quote

Is this Patch Tuesday? Because I just checked my Win7 box, and it’s telling me there are no updates available. Then I checked a Win10 box, and it says the same thing. Anybody know anything?

 

GaryK

Reply | Quote

Patch Tues is tomorrow. MS usually releases the the patches around 10:00am PDT on Tues.

Reply | Quote

PKCano wrote:

Patch Tues is tomorrow. MS usually releases the the patches around 10:00am PDT on Tues.

Oh jeez–today is Monday. Doh!

GaryK

Reply | Quote

Why is it recommended not to hide the nasties updates ? Would you mind explaining, or maybe refer me to some previous answers ?

 

[IE11 Offline Installer redist]  (which one to get)

Its seems like there’s two version of archive-executable installers packaged with the setup installer binary, along with additional files, some of which are tunable to customize our installation:
Filename: EIE11_EN-US_WOL_WIN764.EXE  (file version 11.0.0.7)
Official mirror/Dl page: https://support.microsoft.com/help/18520/download-internet-explorer-11-offline-installer

Filename: EIE11_EN-US_MCM_WIN764.EXE  (file version 11.0.0.3)
Official mirror/Dl page: https://support.microsoft.com/help/18520/download-internet-explorer-11-offline-installer

Than you’ve got the raw unarchived/single binary Setup Installer (which seems to be universally present in all of the afformentioned archive-packaged version:
Filename: IE11-Windows6.1-x64-en-us.exe
Official miror: https://windows.microsoft.com/en-us/internet-explorer/download-ie

Each having different signed cert and build specs (sig date, hashing type, version, etc..) (all of em are signed with outdated cert, yet are released as current and official latest build)
TLDR: which of those redist you get to install IE11… and why

Reply | Quote

[Why avoid hiding nasty updates ?]
Why is it recommended not to hide the nasties updates ? Would you mind explaining, or maybe refer me to some previously answered post ?

A topic was recently discussing the “advisability” of hiding updates, but you should also check out the search for ‘hide updates’, especially @ch100’s on this page.

1 user thanked author for this post.

owdrtn

Reply | Quote

There are no “nasty” updates.
This is only in your imagination.
You use a product and you have to follow manufacturer’s instructions about using it as you are bound by an implicit contract with the manufacturer.
Windows is a highly engineered product and unless you are highly competent in systems/software engineering, you have absolutely no way to use Windows in a better way than the manufacturer requires you to use it.

Reply | Quote

If there are no “nasty” updates why are any of us here? Why is Woody even bothering?

I have a lot of respect for your knowledge, experience, and commitment, but you totally lost me there.

Where, for example, is the evidence that hiding updates actually causes harm to a user’s system as opposed to having the theoretical potential to do so?

What about the updates that forced Windows 10 on unsuspecting users? Were ordinary users just supposed to accept them because the manufacturer fed them to us?

Edited for content.
Please follow the –Lounge Rules– no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

1 user thanked author for this post.

owdrtn

Reply | Quote

What about the updates that forced Windows 10 on unsuspecting users? Were ordinary users just supposed to accept them because the manufacturer fed them to us?

old news Seff.

Installing KB3184143 should have removed all the updates that forced the automatic Win10 upgrade.

Reply | Quote

ch100 wrote:

There are no “nasty” updates. This is only in your imagination. You use a product and you have to follow manufacturer’s instructions about using it as you are bound by an implicit contract with the manufacturer. Windows is a highly engineered product and unless you are highly competent in systems/software engineering, you have absolutely no way to use Windows in a better way than the manufacturer requires you to use it.

It’s hard for an non-native english speaker to user proper wording.
Here’s my suggestion: Just replace “nasty” for anything that refer to what you already know I was refering to…

1 user thanked author for this post.

Kirsty

Reply | Quote

ViperJohn wrote:

Same here. KB3008923 was removed from my “hiddens” when KB3003057 showed up this morning which I also will not install. Note that I just installed IE11 from scratch and then fully updated it thru WU just a month ago. 3008923 and 3003057 didn’t turn up until weeks after that original IE11 install and updating. For me the real question is why are these 2 1/2 year old “Cumulative” IE updates showing up now when they would have been superceded and made moot by 2 1/2 years worth of “Cumulative” IE updates that have been put since they were originally released in 2014. Viper

Your comments have really got me to thinking. Let’s think about recent events. Namely, that NSA hacks for Windows were just recently exposed and reported, and which were “fixed” by Microsoft in their March update rollups. So now I am putting two and two together. I am uninstalling this this old update and its old supplemental update which fixed issues with this old update.

Reply | Quote

Patch Tuesday 5/9: I installed either KB4019264 on some Win7 systems and KB4018271 IE11 security-only patch on a few other Win7 systems, check for updates thru WU and KB3003057 is being offered instead of KB3008923. On the weekend (Sun. 5/7 to be exact), I checked for updates on WU on my Win7 machines and KB3008923 was offered but I unchecked it and did not hide it (I just ignored) it.

By the way, KB3003057 for Win8.1 is part of the November 2014 update rollup (aka. Update 3) for Win8.1 and KB3003057 was integrated/slipstreamed onto the Win8.1 Refresh media ESDs & ISO images as well.

1 user thanked author for this post.

Spiff

Reply | Quote

EP wrote:

[…] KB3003057 is being offered instead of KB3008923. […]

Thanks, EP, same here.

On one of my Windows 7 x64 systems, on which since May 6 KB3008923 was being offered, yesterday, I unchecked KB3008923 and I installed Rollup KB4019264.
I am not sure if after installing Rollup KB4019264 the old KB3008923 was still being offered, or if it was replaced by KB3003057, at that time.
Anyway, at this time, today, KB3008923 is no longer offered, but it is replaced by KB3003057, Cumulative security update for Internet Explorer: November 11, 2014.

The system on which first KB3008923 was offered, and (after installing Rollup KB4019264) now KB3003057 is offered, that is my Windows 7 Professional x64 system that was installed March 29, 2016, on which KB3008923 and KB3003057 were never installed, as in March 2016 those were already superseded by a more recent Cumulative security update for Internet Explorer, the March 8, 2016 update KB3139929.

Reply | Quote

Hi guys, yesterday i installed kb3008923 but this morning i had a change of heart and uninstalled it, is this going to lead to errors, should i not have done so? Would uninstalling kb3008923 have been a clean uninstall? I’m always weary about uninstalling Windows updates. Also, today it is no longer being offered, only KB3003057 is being offered should i install that? Are we absolutely convinced that these updates are not necessary? Would installing them have any negative impact considering they have been superseded?

Please advise as i’m a little confused, if i did reinstall kb3008923 from the microsoft site would it be the same version that was offered in windows update? Or was the windows update version perhaps have been an updated version?

Edit to remove HTML

Reply | Quote

anonymous wrote:

<span style=”color: #000000; font-family: ‘Helvetica Neue’, Helvetica, Arial, sans-serif; font-size: 14px;”>Edit to remove HTML</span>

Lol .. happens all the time here as well ;p

@woody are you aware of this unparsed html bug that occur sporadically when posting/replying ?

Reply | Quote

If you copy/paste from a Word document, it carries the HTML with it, and it makes a mess. It needs to be converted to text (.txt) first.

Reply | Quote

So now they expired KB3008923, but they forgot to expire the two updates in its chain KB3003057, KB2987107

MSFT employees, it’s not hard to check MU catalog to see the chain 😀

Reply | Quote

abbodi86 wrote:

So now they expired KB3008923, but they forgot to expire the two updates in its chain KB3003057, KB2987107

Has this expiration been applied in KUC for Win7 ?
Also, (always wondered this one): Are you planning to provide such a thing as distinct versions targeted at “Group-B”er and “Group-A”er ?

I love this tool, but mostly use it as an automated live supersedence lookup, until I can figure if/how it could handle “Group-B”-style as well.

Reply | Quote

KUC is not my tool, i just share info with the developer 🙂

the tool is targeted for Group-A, and i don’t think Komm will create another version for security-only updates

KUC started in the first place to provide all and any available applicable updates, specially hotfixes
which is the definition of Group-A

1 user thanked author for this post.

owdrtn

Reply | Quote

Thanks for confirming.

Reply | Quote

abbodi86 wrote:

KUC is not my tool, i just share info with the developer 🙂 the tool is targeted for Group-A, and i don’t think Komm will create another version for security-only updates KUC started in the first place to provide all and any available applicable updates, specially hotfixes which is the definition of Group-A

I’d love to try this out, but when I go to the KUC Downloads I see about 100 beta versions. I’m not sure which executable (for Win7/32) to choose. What version are you using?

GaryK

Reply | Quote

Always choose the latest version / zip file

and if you have Win 8.1, no need to download each alone, zip file contain latest version for both

Reply | Quote

It vanished today – at least from my WU.

Antec P7 Silent * Corsair RM550x * ASUS TUF GAMING B560M-PLUS * Intel Core i5-11400F * 4 x 8 GB G.Skill Aegis DDR4 3200 MHz CL16 * Sapphire Radeon 6700 10GB * XPG GAMMIX S70 BLADE 1TB * SanDisk Ultra 3D 1TB * DVD RW Lite-ON iHAS 124 * Windows 10 Pro 22H2 64-bit

Reply | Quote

radosuaf wrote:

It vanished today – at least from my WU.

Using Win7/8.1, i personally prefer not using WU anymore .. M$ deliberately reducing reliability and support on this gateway for those Win version.. (using catalog til it gets messed up as well), then might escalate to WSUS, SCCM, cab files or else..

Reply | Quote

owdrtn wrote:

[IE11 Offline Installer redist]  (which one to get)

Its seems like there’s two version of archive-executable installers packaged with the setup installer binary, along with additional files, some of which are tunable to customize our installation:
Filename: EIE11_EN-US_WOL_WIN764.EXE  (file version 11.0.0.7)
Official mirror/Dl page: https://support.microsoft.com/help/18520/download-internet-explorer-11-offline-installer

Filename: EIE11_EN-US_MCM_WIN764.EXE  (file version 11.0.0.3)
Official mirror/Dl page: https://support.microsoft.com/help/18520/download-internet-explorer-11-offline-installer

Than you’ve got the raw unarchived/single binary Setup Installer (which seems to be universally present in all of the afformentioned archive-packaged version:
Filename: IE11-Windows6.1-x64-en-us.exe
Official miror: https://windows.microsoft.com/en-us/internet-explorer/download-ie

Each having different signed cert and build specs (sig date, hashing type, version, etc..) (all of em are signed with outdated cert, yet are released as current and official latest build)
TLDR: which of those redist you get to install IE11… and why

Bumping that one.. some reply would be appreciated..

Yesterday, while swimming in the FUD dilemma that is 2670838, I took the plunge and got it installed. (note that I don’t use IE11 as a browser, only a the mandatory prerequisite for the windows OS gui shell (Win Explorer)..
Noticed some disproportioned text affecting pretty much everything (all chrome, ff, included) so I UNINSTALLED it.. The output ==> IE11 automatically rolled back to IE8

So i’m now reinstalling it, and will grant @ch100 +1 “personal-worth cred token” for this #102810 post, which ended out being valid.

Reply | Quote

Hi,

If I have KB3008923 installed on Windows 7 x64, should I remove it or just leave it? And if I should remove it, is there an update I should replace it with? Thanks.

Edit to remove HTML

Reply | Quote

You should just leave it.

Reply | Quote

Thanks for response. I read on the site after this thread that said to ignore this particular update but it was already installed on my computer. So it shouldn’t affect anything by having it installed?

Reply | Quote

That is correct

Reply | Quote

After reading Woody’s post about 3008923 being re offered due to the supersedence chain being “broken”, I decided not to run Windows Update at all till Woody gave the green light for this month. I ran it (WU) for the first time this month yesterday (for other reasons discussed in another thread) and wasn’t offered 3008923, but instead was offered the one that it superseded, 2987107.

Upon checking, I did indeed install 2987107 just after it was originally offered a couple of years ago, and the installation was successful. Looks like what abbodi86 said in post 113947 above (May 10th) has taken full effect. So, I will sit and wait to see just how long it takes MS to “repair” the broken chain they established by retiring all those updates earlier this year.

I will leave the update unchecked to see just what happens to it: if it simply goes away or if it is replaced with yet another retired update.

Thanks to abbodi86 for post number 113947 above (from May 10th) that explains just what happened a few days ago. Also a big thanks to PKCano, CH100 and MrBrian for helping the rest of us understand just how the supersedence chain works with regards to Windows Update with their discussions above.

1 user thanked author for this post.

ch100

Reply | Quote

Apologies for the off-topic post, but that IE11 patch from 2014 that was sticking around like an unwelcomed guest (which I can’t remember the KB number of, sorry) is gone now.  Just did a check for updates and it’s no longer being offered.

Reply | Quote