December 2019 Patch Tuesday foibles and quibbles

Topic

New Reply

Microsoft has officially yanked the bogus Autopilot patch, KB 4532441, that some of you saw yesterday. Reminds me a lot of the same stupid thing in Oc
[See the full post at: December 2019 Patch Tuesday foibles and quibbles]

3 users thanked author for this post.

Great Lake Bunyip, abbodi86, Myst

Reply | Quote

Replies

This article has a screenshot of the nag screen
https://www.bleepingcomputer.com/news/microsoft/windows-7-to-show-full-screen-windows-10-upgrade-alerts/

Reply | Quote

My experience with EOSNotify and the December 2019 updates follows;  am running Windows 7 Pro SP1 32-bit and am a Group B updater:

1.  Updated the SSU (KB4531786)
2. Installed the Optional Net Framework security & quality update
3. Installed Win7 Security-Only KB4530692

Rebooted between all.  Surprised to see that after the KB4530692 installed/booted, the EOS nag screen did NOT appear, nor did it after another manual reboot.  Both the EOSNotify and EOSNotify2 tasks did appear in Task Scheduler/Microsoft/Windows/Setup set to “Active.”  I have disabled both (right-click, “Disable”).  I did NOT add the registry entry mentioned elsewhere ([HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\EOSNotify]
“DiscontinueEOS”=dword:00000001) and see no reason to unless the task disabling already done fails at some point.

No problems noticed with performance, etc. after the updates.  Of course I keep a recent system image handy just in case.  Not sure if not seeing the EOS nag was related to timing, or the security patch (32-bit perhaps??).  The timestamp on the digital signature of the KB4530692 is December 6, 2019 2:00:38PM.

2 users thanked author for this post.

jburk07, RTEsysadmin

Reply | Quote

The nag screen is supposed to appear Jan 15th after Win7 is EOL, not now.

2 users thanked author for this post.

jburk07, Great Lake Bunyip

Reply | Quote

Clicking on “Don’t remind me again” on the notification screen does the same thing.

Lawrence has amended the BleepingComputer article to indicate the distinction.

Reply | Quote

Changed a 10-year old Atom Netbook W7 – W10, as per the still available ‘freebie’. Did just what it says on the tin. Took all night. The Netbook is experiencing high performance issues.
HP printer required a new set of drivers. JOB DONE !

Reply | Quote

Color me confused. The Computerworld article says that the Win7 SO patch doesn’t include the nag but the M$ page seems to indicate otherwise. https://support.microsoft.com/en-us/help/4530692/windows-7-update-kb4530692

Reply | Quote

Yes, the way I read it, the SO has the nag as well.

1 user thanked author for this post.

jburk07

Reply | Quote

From the Computerworld article:

Those who cannot remember the past are condemned to repeat it.

Just a reminder for the amnesiacs…

Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...

1 user thanked author for this post.

anita.yk

Reply | Quote

No word yet on the Access query bug being fixed in this round of updates?

Reply | Quote

KB4484193 for Office 2010 .msi says it’s fixed.
Here is the link for the other .msi versions (2013 and 2016)

Reply | Quote

bbearren wrote:

KB4533002 Cumulative Update for .NET Framework 3.5 and 4.3 for Windows 10 Version 1909 for x64 KB4530684 Cumulative Update for Windows 10 Version 1909 for x64-baseed Systems KB4532441

Those two rolled in my NAS yesterday evening, got them on my Dell Latitude E5420 this morning.  No AutoPilot update for either of those machines.  No hiccups, no issues.

I went seeking on my desktop this morning and got the Malicious Software Removal Tool.

Always create a fresh drive image before making system changes/Windows updates; you may need to start over!

We were all once "Average Users". We all have our own reasons for doing the things that we do to our systems, we don't need anyone's approval, and we don't all have to do the same things.

Computer Specs

2 users thanked author for this post.

Great Lake Bunyip, woody

Reply | Quote

I didn’t realize Gregg Keizer of Computerworld wrote this article a few days ago about MSE support on Win7 ending on Jan. 14, 2020:
https://www.computerworld.com/article/3489036/microsoft-to-end-updates-to-windows-7s-free-av-software-security-essentials.html

no more new MSE definition updates for Win7 will be made after that EOL date

and yes PKCano is right about the KB4530692 update – EOSNotify.exe is included in that recent Win7 security-only update (that small app that shows the Win7 EOL nags) as I checked the contents of that patch myself and downloaded the 4530692.csv file info list from MS support and EOSNotify.exe is listed on there

1 user thanked author for this post.

AJNorth

Reply | Quote

It’s funny but when I removed MSE from 3 out of 4  of my windows 7 64 bit laptops that were running MSE, I get a message to update the Windows defender definitions and  I can not find any Windows defender installed on the laptops. Now Windows Defender on 7 was supplanted by MSE and after uninstalling MSE the action center flags are going off requesting that I find some security software and also update the Win Defender definitions.

But you are correct MS needs to support those definition updates at least for keeping the botnets from taking over. But I guess that MSE has been going downhill for me for the last 8 months as its been having failures to start properly on startup and after reboots and black screened one of my laptops that was running MSE after is was rebooting to Apply the Windows 7 Security Only update for Nov 2019.

I have to say that MS has been mostly ignoring MSE for many months in 2019 in the process of ending support for MSE after Jan 2020 so maybe it’s time to look for other options even if that’s some paid options. So with around 25% of Windows OS users still expected to be on Windows 7 after Jan 2020 there may be a market for post 7 EOL security software that specializes in protecting 7 longer term and has extra Zero Day awareness added in to some extended level that folks would pay extra for. There is that 0patch offering but what about integrating that with some Virus/Firewall real time protection features as well for more protection after Jan 2020 on Windows 7.

I’m now Looking at Security Software but I do not want any Security Software that forces me to remain online and connected just to perform scans of my system. I’m fine with license verification after installation, and to install definition updates, but I’d rather have Scan ability while not being forced to remain connected. I want nothing to do with cloud based security solutions on my laptops and really just want Virus/Firewall and the Real Time protections that can make use of downloaded definitions that are updated daily.

Folks running 7 after its EOL are really going to have to install some No-Script and other Browser plugins that can block everything possible if they plan going Protection Free with their security software after MSE is no longer getting definition/engine updates. And many of those free options have spying as a source of income under the “Free” business model so that’s more to consider as well.

Reply | Quote

Just had an interesting blip on my Windows 10 -1909 device with the 12-2019 Cumulative Update (KB4530684).

After the update was installed and the PC was restarted, I noted that my Drive Mappings were no longer available and my AD management tools could not find the domain to PC is bound to.  The associated message was that Naming was not available due to the RPC server not being available.

Rolling the update back has corrected the issues but I wanted to put this out there for anyone listening.

4 users thanked author for this post.

RTEsysadmin, Great Lake Bunyip, Kranium, woody

Reply | Quote

Yesterday (Tuesday evening) I tried to install yesterday’s patches on my pretty-much vanilla 8 year old Dell XPS laptop. The update tried to install, but just hung. After what I considered enough time for something to happen, I did the unthinkable: I powered off the machine and rebooted it in safe mode. Windows then reverted the changes (I was surprised, to say the least). I then rebooted and the machine booted normally, but then tried to install an update, which hung again. I repeated the power off, boot to safe mode procedure, but this time I turned Microsoft Update b****y off. It will remain  turned off until Woody and Ms. Susan sound the ‘all clear’. The laptop is now running just fine without whatever updates MS wanted me to have. Other than the “missing updates preventing any Updates” riot a few years ago, I have never had any problems with Microsoft Update, believing that the lack of any software other than MS Office would keep me safe. Oh, well. Perhaps this is Microsoft’s subtle hint that I should buy a shiny new Windows 10 machine… 🙂

1 user thanked author for this post.

RTEsysadmin

Reply | Quote

Followup: I checked Microsoft Update today (Sunday) and found that KB-4530734, 2019-12 Security Monthly Quarterly Roll-up, had failed to install. I tried installing it from MS Update, and it installed just fine this time. I have turned MS Update back on, and put the new machine purchase (Dell apparently does not support Win 10 on my old XPS-720x laptop).

Reply | Quote

I see that the Win7 EOL date of January 14, 2020 is a Patch Tuesday.  (BTW, isn’t it curious how Patch Tues is on the latest possible date that month?) Does anyone know whether people who still have Win7 on Jan 14 (probably including myself, Group A) will be offered the January updates?  And if so, will they remain available later in the month?

EDIT:  I now see that the ghacks article says Win7 updates *will* be offered in January.  But I still wonder if they will *remain* available.

Reply | Quote

Jan updates, as well as all the non-superseded updates, will continue to be available after Win7 EOL.

4 users thanked author for this post.

jburk07, Great Lake Bunyip, rick41, woody

Reply | Quote

Perhaps this is a possible strategy:

(1) Install the updates, as usual, once it becomes clear they are harmless, the SO included, first for December and then for January, creating a restore point before installing the December SO, but after installing the other December patches.

(2) When the NAG flash screen shows up, try pushing the “Don’t show me this screen again” button in it.

(3) If this button-pushing does not work, confirming the darkest suspicions of people around here, first try hacking the Register, as explained by Lawrence Abrams in the ‘Bleeping Computer’ article, or else use the restore point created in step (2) to restore the OS to its state before installing the December SO patch and all the January patches. (Or if one is really ambitions, create an ISO disk image of the state of the system at that earlier time, instead of a restore point, and use it to do the restore.)

(4) Reinstall the important January patches, besides the SO and IE11. In case they are no longer available by then (unlikely, but you know what? It’s MS!), it might not be a bad idea to have saved, earlier on, all their .msu files, downloaded directly from the Catalog.

(5) Subscribe, before January 14th, to a Win-7-afterlife independent patching service such as ‘0patch’ and hope for the best. As usual.

https://www.askwoody.com/forums/topic/worth-considering-0patch-for-win7-after-january-2020/

Comments welcome.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

1 user thanked author for this post.

Great Lake Bunyip

Reply | Quote

Probably irrelevant, bu my Microsoft Lumia 950 still gets updates occasionally.  I got one this morning, don’t know if it’s related to Patch Tuesday.  I’m now on Windows 10 Version 1709 OS Build 10.0.15254.600.

Always create a fresh drive image before making system changes/Windows updates; you may need to start over!

We were all once "Average Users". We all have our own reasons for doing the things that we do to our systems, we don't need anyone's approval, and we don't all have to do the same things.

Computer Specs

Reply | Quote

It was related, but it’s the last one you’ll get:

No more Windows 10 Mobile security updates after December 2019’s Patch Tuesday.
…
Windows 10 Mobile, version 1709 (released October 2017) is the last release of Windows 10 Mobile and Microsoft will end support on December 10, 2019.

Windows 10 Mobile is over: Prepare for final security patches as support ends

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

Reply | Quote

b wrote:

It was related, but it’s the last one you’ll get

Not a concern.  The probability of miscreants, malcontents and/or ne’er-do-wells enthusiastically targeting Windows Phones with malware seems to me to be rather remote.

Back in February I bought a new spare Lumia 950 for less than $200, much cheaper than replacing it with any other “flagship” mobile phone; I don’t care for Android, and won’t pay the Apple tax.  My original is still working quite well, but one never knows.

I haven’t updated my spare since February, so I swapped out the SIM, installed the battery and powered it up.  I’ve installed 128 updates (after downloading and a restart) and it’s now fully updated, as well, powered off and battery removed, ready for service when the time comes.

Always create a fresh drive image before making system changes/Windows updates; you may need to start over!

We were all once "Average Users". We all have our own reasons for doing the things that we do to our systems, we don't need anyone's approval, and we don't all have to do the same things.

Computer Specs

Reply | Quote

It now appears there could be one more next year:

Microsoft on Friday quietly announced it had extended Windows 10 Mobile’s end-of-support date by about 30 days.

Microsoft quietly extends support for Windows 10 Mobile

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

1 user thanked author for this post.

abbodi86

Reply | Quote

Had to reset the computer and I have instaleld 1909-nothing out of the unusual at the moment, but all programs and functions are now normal. 🙂 Sighhh~TOOK ME A day and a half and with somewhat sleep to get everything back to normal. 🙂

Reply | Quote

Servicing Stack Updates (SSU): Frequently Ask Questions

2 users thanked author for this post.

woody, PKCano

Reply | Quote

Blocker Toolkit to disable automatic delivery of Microsoft Edge

Microsoft will distribute Microsoft Edge (Chromium-based) through Automatic Updates for Windows 10 RS4 (1803) and newer.

i guess this might happen tomorrow or next week

2 users thanked author for this post.

Alex5723, woody

Reply | Quote

Bogdan Popa just posted a link to this problem with Outlook, reported on the MS Answers forum by DGilfor:

My Outlook 2007 stopped sending/receiving email from my gmail account after installing this update. I tried rebuilding my account and changing it from POP3 to IMAP but nothing worked. Outlook could not find my gmail account. My internet was ok. I uninstalled the update and outlook started working again. Anyone else have this issue?

1 user thanked author for this post.

columbia2011

Reply | Quote

i deactivated both EOSNotify and EOSNotify2 in task scheduler Microsoft/Windows/Setup.

i couldn’t find anything in registry regarding, so in registry i didn’t change anything:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\EOSNotify
or
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\EOSNotify

PC: Windows 7 Ultimate, 64bit, Group B
Notebook: Windows 8.1, 64bit, Group B

Reply | Quote