Feb 2021 patches so far

Topic

New Reply

We are still in watch and wait mode for February updates.  I’ll be waiting and testing and let you know what we find. So far I don’t see 1909’s being
[See the full post at: Feb 2021 patches so far]

Susan Bradley Patch Lady

4 users thanked author for this post.

RVAUser, jburk07, geekdom, abbodi86

Reply | Quote

Replies

AKB 2000003 has been updated for Group B Win7 (ESU) and Win8.1 on February 9, 2021.

There is a Security-only Update for those with Win7 ESU subscriptions.
There was no February IE11 CU for Win7.

February Rollup KB4601347 Download 32-bit or 64-bit for those with Win7 ESU subscriptions.

You must have at least the August Servicing Stack KB4570673 previously installed to receive these updates).
The latest is the December Servicing Stack KB4592510 – Download 32-bit or 64-bit for those with Win7 ESU subscriptions.

There is a revised Licensing Preparation Package KB4575903 dated 7/29/2020 for Win7 ESU subscriptions, if you need it.

There are .NET updates listed for Win7. See #2342225.

9 users thanked author for this post.

TaskForce141, arbrich, Steve, DrBonzo, Microfix, Kirsty, SueW, jburk07, abbodi86

Reply | Quote

I have updated my Win7 Group B computers through February with all SO updates and with the latest .NET 4.8 update. No issues to report.

4 users thanked author for this post.

TaskForce141, DrBonzo, SueW, Kirsty

Reply | Quote

I have a customer that has 19 Windows 7 Systems running. Long story but we are hoping to move to Windows 10 this year.

I just purchased and applied my YR 2 2021 ESU update key. We did have YR 1 Key all last year. I am trying to get these machines cleaned up.

I do not see any new updates for Feb 2021 to install yet – Does that mean my key is NOT working ??

I see there seems to be a bunch or Pre_Reqs from this post by PKCano.

I am looking for guidance on how to set this up on automatic to install these updates each month with as little manual work as possible and what needs to be done to get this working. I have included a copy of my update history on 1 particular machine that is temporarily out of production and I am cleaning up.

Any help is appreciated.

Thanks

 

 

Reply | Quote

The patches for Feb are listed and/or linked above.
If you have your second year ESU license applied correctly, you should be receiving your updates.
The pre reqs, other than this year’s license/subscription, are old – Aug or Dec SSU, older Prep pack. You should have most of those already.

The .Net Rollup contained updates only for versions 4.6-4.7.2 and 4.8. Updates for the earlier versions are from Dec (see link). There may be a problem, might be a good idea to hold up installing the .NET.

1 user thanked author for this post.

arbrich

Reply | Quote

Thanks, I got it all worked out and have a plan. I had forgot the last activation piece. Once I did it the Feb updates showed up.

Thanks again for the help.

Reply | Quote

Susan, your post asked about 1909 patches showing up.  Windows Update showed me 3 items today.

1. Windows Malicious Software Removal Tool x64 – v5.86 (KB890830)
2. 2021-02 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4601315)
3. 2021-02 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1909 for x64 (KB4601056)

Win 10 Pro 64-bit 21H2, Office 2019.
Win 7 Pro 64-bit, Office 2010.
Win 11 Pro 21H2.
Nethermost of the technically literate.

3 users thanked author for this post.

rontpxz81, Coldheart9020, jburk07

Reply | Quote

WSUS is showing 4 updates for 1909.  There is a SSU too, KB4601395.

2 users thanked author for this post.

rontpxz81, jburk07

Reply | Quote

I’m the same as @Melvin on both of my Win 10 Pro 1909 machines.  The three updates showed up in the queue to hide on Feb 9 at around 1:15 PM EST. 

2 users thanked author for this post.

rontpxz81, jburk07

Reply | Quote

On 1909. Got the security update.

1 user thanked author for this post.

jburk07

Reply | Quote

I’m on Pro.

Reply | Quote

20H2 Pro (2)
both updated ok last evening
both had 2 windows defender updates (same version) installed
this morning

Reply | Quote

Same situation as you Susan, on 1909 here, got the .NET one, but that was it, says I’m currently up to date, sitting on OS build 16363.1316.

Normally they show up right on time and install no problem, but today for the first time ever, nothing was offered (no KB4601315). We might not be the only ones?

https://www.tenforums.com/windows-10-news/173948-kb4601315-cumulative-update-windows-10-v1909-18363-1377-feb-9-a.html

2 users thanked author for this post.

rontpxz81, jburk07

Reply | Quote

Same here.  Only got the .NET Framework and Malware Software Removal. I manually check for more updates after install but nothing else turns up after

2 users thanked author for this post.

rontpxz81, jburk07

Reply | Quote

On 1909 Home and 0nly got the .NET Framework and Malware Software Removal. I’ve checked all over the place for this and posted in Microsoft Community. I saw the Tenforums responses. Glad it appears to be an issue not just on my computer.

1 user thanked author for this post.

rontpxz81

Reply | Quote

For those of you that seen the 1909   Pro or Home?

Susan Bradley Patch Lady

Reply | Quote

[WildBill]

I’m on Windows 10 Pro Version 1909. Like Melvin & others, I’m seeing KB890830 (MSRT v5.86), KB4601315 (Cumulative Update) & KB4601056 (.NET Framework Cumulative Update). I have Conexant High Definition SmartAudio 221 driver, but either since the beginning of the new year, or since I applied January’s updates, I no longer see the message “When the Windows 10 May 2020 Update [2004] is ready for your device, it will be available to download and install…”. I’m applying February’s 1909 updates when the all-clear is issued in March, then planning to use the Target Release Version (TRV) for 20H2. Before I switch to TRV, do I still need to remove my Conexant audio driver 1st, or is that necessary now?

Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...

• This reply was modified 2 years, 4 months ago by WildBill.

Reply | Quote

On a Dell Laptop KB4601315 was installed, On a HP Desktop KB4601315 isn’t showing.
Both are on 1909 Home.

1 user thanked author for this post.

rontpxz81

Reply | Quote

[Tom]

This is a slight detour but still on the topic of updates. I had 1909 but upgraded to 2004 using the TargetReleaseVersion methodology. 4 days ago that machine was updated to 2004, but it wasn’t the latest (January 2021) 2004. 2 days later I was offered the November 2020 updates, now I’m being offered the December updates. What gives?

Could it be that now that 20004 isn’t the latest any longer, the MS severs aren’t keeping it updated?

• This reply was modified 2 years, 4 months ago by Tom.

Reply | Quote

Windows offers what it thinks it needs.
Make a backup and then install, except Feb patches.

cheers, Paul

Reply | Quote

The .NET patches were already built since Jan 5 and ready for release before the crash bug reported

4 users thanked author for this post.

rontpxz81, WCHS, Microfix, PKCano

Reply | Quote

Windows 10 Home 1909 (OS build 16363.1316) and I am not seeing a security update so far (i.e. KB4601315). Scanning with wushowhide identified the following two updates are currently offered for my machine:
– KB4601056 – 2021-02 Cumulative Update for .NET Framework 3.5 and 4.8
– KB890830 – MSRT Windows x64 v5.86

2 users thanked author for this post.

Coldheart9020, jburk07

Reply | Quote

I’m in the same situation; MSRT and CU .NET update. Same version and build as you (except I’m on Pro edition), and no sign of KB4601315 either in WU or wushowhide.

Reply | Quote

With 20H2 I’ve seen only seen Successes so far + Me.

Almost Every day or 2, though, I am Hiding — via wushowhide — the Driver — INTEL – System – 7/18/1968 – 12:00:00 a.m. – 10.1.16.7 — and it keeps coming back. GP / WU has — Don’t Let WU Install Drivers –…..WHAT’s this about? ….. Neither HP nor Intel Software Sppt Asst’s show anything. Thanks for any thoughts….

W10 Pro 22H2 / Hm-Stdnt Ofce '16 C2R / HP Envy Desk-Ethernet - SSD-HDD/ i5(8th Gen) 12GB / GP=2 + FtrU=Semi-Annual + Feature Defer = 1 + QU=0

Reply | Quote

ExcludeWUDriversInQualityUpdate only has effect for built-in WU Setings page

2 users thanked author for this post.

CraigS26, WCHS

Reply | Quote

[TechTango]

the Driver — INTEL – System – 7/18/1968 – 12:00:00 a.m. – 10.1.16.7 — and it keeps coming back. GP / WU has — Don’t Let WU Install Drivers –…..WHAT’s this about?

The date 07/18/1968 is symbolic. Intel was founded that day. The reason this date is use is to lower the rank of Intel Chipset Device Software. This is necessary since it’s a supporting utility that should not overwrite any other drivers.

I allowed installation some time ago.

• This reply was modified 2 years, 3 months ago by TechTango.

1 user thanked author for this post.

CraigS26

Reply | Quote

Dump wushowhide (even Microsoft removed the app in disgust).
Move to Wumgr or Wumt.

1 user thanked author for this post.

CraigS26

Reply | Quote

Not true.

abbodi86 wrote:

No, it’s not the reason

MS is leading blatant campaign to kill old download links for so caled SHA1 signed content
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/sha-1-windows-content-to-be-retired-august-3-2020/ba-p/1544373

lot of treasures are lost

1 user thanked author for this post.

Microfix

Reply | Quote

abbodi86 wrote:

MS is leading blatant campaign to kill old download links

Does this mean that if you already have downloaded it, you’re good, but if not, you won’t be able to get it any longer?

Mod edit: Quote attributes corrected
Please quote from the original source and not the poster of the quote.

Reply | Quote

wushowhide that you have previously downloaded is still good.
MS has just removed the page from its site.
You can still download it from other safe sites like OlderGeeks.com or MajorGeeks.com
It still works. It is still the same thing.
I use it all the time.

1 user thanked author for this post.

WCHS

Reply | Quote

Thanks for correcting my post to attribute the original source. (I can’t put a ‘thank you’ on my own posts.)

Reply | Quote

Alex, I found this link to an updated cab. version of win show/hide on a windows ten forum post dated three days ago. It worked just fine for me on Win 10 2004. Perhaps you could disclose the link to the reference in your reply.

Peace,

CAS

Reply | Quote

CAS wrote:

Alex, I found this link to an updated cab. version of win show/hide on a windows ten forum post dated three days ago. It worked just fine for me on Win 10 2004. Perhaps you could disclose the link to the reference in your reply.

Peace,

CAS

Wumgr

WUmt

1 user thanked author for this post.

CAS

Reply | Quote

on 1909 home here, missing the update to

Reply | Quote

Windows Updates has offered me an Important Update for Office 2010, namely Security Update for Excel 2010 (KB4493222),  and the box is checked.   Does this mean that it is still not the “end of the line” for Office 2010?

 

Reply | Quote

It’s important security update, just apply it 🙂

in my theory, they botched last security updates before Office 2010 EOS, and all post EOS updates are to fix that

glad they did it regardless the reason

3 users thanked author for this post.

SueW, L95, PKCano

Reply | Quote

Windows 10 Home 1909 (OS build 16363.1316) got the .NET and the MSR but no sign of the security update (i.e. KB4601315).

Reply | Quote

Susan, for someone that is on top of all security and patching, I find ti very strange I don’t see any info here regarding the secure channel netlogon changes that are included in this month’s cumulative update? Everyone should be reviewing their event logs for insecure connections before applying this update, or risk those connections being broken off from their DC.

1 user thanked author for this post.

Microfix

Reply | Quote

Actually the patch has already been in our systems now it’s just enforced.  I’ll be following up with a more ‘business’ patcher view.

Susan Bradley Patch Lady

Reply | Quote

“Actually the patch has already been in our systems now it’s just enforced.”

That is not the correct verbiage at all. There was a recommendation by Microsoft to turn on these Group Policies, but the patch was not “already there”. That is just not true at all. The patch came out on Tuesday with the monthly cumulative. You may want to review the NETLOGON changes more closely. This is already affecting a lot of people from what I see online. Many are caught unaware.

Reply | Quote

Actually no the patch bits were included in the August updates.  It’s only now that it’s been enforced.

https://docs.microsoft.com/en-us/answers/questions/79348/netlogon-secure-channel-cve-2020-1472-clarificatio.html

The secure channel patch has been there since August.

Susan Bradley Patch Lady

Reply | Quote

Regardless, no mention of it at all? This website has turned into more of a chicken little forum that the sky is falling more than a rational discussion of what to be prepared for…

1 user thanked author for this post.

Microfix

Reply | Quote

Next week’s newsletter (not this week) will be covering it in full.  I don’t recommend installing updates right away.

This week – the emphasis will be consumers/early reports.

Next week will be business patching viewpoint.

So far in my early tests no impact whatsoever to Windows 7 ESU and a test non patched Windows 7 esu connecting to a DC.  Server 2003 era and some Linux will have issues for which you can put in an exception.  It’s a topic best served for the newsletter as it needs a lengthy explanation/analysis and not a blog post.  Hope that helps?

I plan to do “business patching” focus in the third newsletter of each month.

Susan Bradley Patch Lady

1 user thanked author for this post.

rexr

Reply | Quote

@anon #2343031

@MrBrian’s investigative discussions into patches (Win7 at the time) was excellent reading that enthused many on this forum, myself included. He’s up there for sharing those findings and the highly interesting discussions that followed on the forum. RESPECT!

Keeping IT Lean, Clean and Mean!

Reply | Quote

v1909 CU KB4601315 apparently pulled from WU (only) for metadata revision

4 users thanked author for this post.

Berserker79, WCHS, Coldheart9020, PKCano

Reply | Quote

AH HA detection issue.

Susan Bradley Patch Lady

Reply | Quote

Sorry, I know there is still a long way before the February patches receive the go-ahead to install, but assuming that by then the security update for 1909 is yet to be pulled back up on WU after the metadata revision, does that mean we will need to download the relevant SSU and CU packages from the Microsoft Update Catalog and do a manual install?

I’m no stranger to manual installation, but when the Feb patches are cleared it would be some comfort to have your input on whether we should indeed do a manual install. On the other hand, I might take this as a sign that when the Feb patches are cleared I should finally click on the scary “Download and install” button of the offer to update to 20H2. 🙂

Reply | Quote

I guess it will be back sooner than that
but yes, manual installation is fine too (no issues reported KB4601315 itself yet)

1 user thanked author for this post.

Berserker79

Reply | Quote

abbodi86 wrote:

v1909 CU KB4601315 apparently pulled from WU (only) for metadata revision

I notice this morning that the pulled KB4601315 is no longer in wushowhide and that its replacement–KB5001028–showed up to be hidden.

Reply | Quote

Hi.  What happens if one restarts the computer before the 2.10.2021 cumulative update for Windows 10 version 2004 finishes installing?  I thought the updates had finished installing because it said it was ready to restart and when I pressed restart I noticed the new cumulative update was only 20% installed.  The reboot took about 30 minutes before anything came back and I see no sight of the regular cumulative update.   What should I do?  Thank you.

Reply | Quote

It’s probably OK, installed.  When you press Restart following an update, it usually says “Working on updates, xx%”, where xx will vary up to about 30%.  At that point the actual restart occurs, and on resumption xx% will continue (hopefully) until 100% when a normal restart sequence (sign on etc.) will take over.  Have a look in installed updates, see if that one is now listed.

Windows 10 Pro 64 bit 20H2

Reply | Quote

When I pressed restart, it was thirty minutes before the first ‘Working on updates xx%’ .  actually appeared. When it finally rebooted a few minutes after that, the .NET update was showing as successful, but no sign of the regular cumulative update.  And nothing indicated that it still needed to be installed.  And it still shows nothing for the regular cumulative update today, even though the computer seems to be working normally ( thus far ).  Hopefully it has installed and just isn’t saying it.
Thanks for the help.

Reply | Quote

anonymous wrote:

I thought the updates had finished installing because it said it was ready to restart and when I pressed restart I noticed the new cumulative update was only 20% installed.  The reboot took about 30 minutes before anything came back and I see no sight of the regular cumulative update.

I noticed about three months ago that when multiple updates are being downloaded/installed, that the first download to compete will trigger the “Restart” button even though others in the batch are not downloaded yet as indicated by each upsdates progress bar.  So when you click “Restart” before all the updates are downloaded, Windows keeps on downloading and does install the batch correctly, but the “wait” screen is unnerving if you haven’t had the experience yet.  Now I make sure everything is downloaded before clicking “Restart”.

 

3 users thanked author for this post.

Wayne, dgc-art, jnmcewen55

Reply | Quote

Thanks for the assistance.  This is the first time this has happened on this machine during the installation phase.  The cumulative update had already fully downloaded, and had been installing for some 30 minutes before the restart appeared, and it took 30 minutes after my error during the restart phase before the first ‘working on updates xx%’ appeared.   But it’s not showing whether it installed or not.

Reply | Quote

[dgc-art]

I have just had the same situation on Windows 10 Pro 20H2. It asked for a restart even though KB4601319 was showing as downloaded but not installed. After leaving it a good 30 seconds I pressed restart and immediately 11% installation showed against KB4601319. So I just let the PC do its thing. Restart took about 30 minutes and it was clear something was happening as indicated by the CPU activity. When the PC was back up and running KB4601319 did not show in the installed updates. I ran a “check for updates” and it confirmed that I was up-to-date. PC appears to be working as normal. I am assuming the cumulative update is installed.

• This reply was modified 2 years, 3 months ago by dgc-art.

Reply | Quote

Type winver in the searchbox and press Enter.
If your version is 20H2 Build 19042.804 the Feb. update is installed.
If your version is 20H2 Build 19042.746 the Jan. update is installed.

2 users thanked author for this post.

Ex-Conn, dgc-art

Reply | Quote

What about 19042.789 ?

Reply | Quote

That was a preview, so most people would not have installed it.

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

Reply | Quote

Thanks about winver.  Forgot all about that.  Just checked and it shows the new February build number, so apparently the update took.  Yay!

Reply | Quote

[Alex5723]

Windows 10 Feb. 2021 is the last update with separate SSU for older Windows 10 versions.
Going forward the SSU will be part of the monthly CU.

Simplifying on-premises deployment of servicing stack updates

Update 2021.02.09: On February 9, 2021, we released the February 2021 SSU for Windows 10, versions 1909, 1809, 1607 and 1507. The February 2021 SSU will be a prerequisite for receiving the new one cumulative update (LCU and SSU packaged together) for these versions of Windows 10.

We are planning to switch over to the new combined package format for these earlier versions in the coming months. In the meantime, please broadly deploy the February 2021 SSU across your organization to take advantage of the upcoming capability..

More at : https://www.ghacks.net/2021/02/11/wave-goodbye-to-servicing-stack-update-issues/

• This reply was modified 2 years, 3 months ago by Alex5723.
• This reply was modified 2 years, 3 months ago by Alex5723.

Reply | Quote

Not true, only build 19041 will not have separate SSU going forward
other versions will still have SSUs next month(s)

Reply | Quote

So the information Microsoft published at that link two days ago, and about each of the four SSUs updated on Tuesday, is incorrect?

Additionally, this update enables a single package design that incorporates the servicing stack update (SSU) into the latest cumulative update (LCU). Combining the SSU and LCU update into a single package provides a more seamless deployment and installation experience.

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

Reply | Quote

[abbodi86]

It’s not incorrect, but they said “in the coming months” in the announcement

v2004 got first SSU with the new ability in September 2020 (KB4577266), yet it got three SSUs afterward KB4598481, KB4593175, KB4586864

for instance, v1809 will get SSU KB5000859 next month

• This reply was modified 2 years, 3 months ago by abbodi86.

1 user thanked author for this post.

PKCano

Reply | Quote

Based on 19041.844 release (Beta/RP channel), even this is not true

all 2004/20H2/21H1 got new separate SSU KB5000911, with few cosmetic changes:

– file name is SSU-19041.841-x64.cab instead the usual Windows10.0-KB5000911-x64.cab

– display name in installed updates panel will shown as “Servicing Stack 10.0.19041.841”

– CBS package name is changed to Package_for_ServicingStack instead the usual Package_for_KB5000911

the last point is the most useful, as it chain all future SSUs together, whch allow to normally uninstall old superseded SSUs (currently, all SSUs are permanent and cannot be uninstalled)

2 users thanked author for this post.

Microfix, PKCano

Reply | Quote

abbodi86 wrote:

Based on 19041.844 release (Beta/RP channel), even this is not true

Last week’s Windows IT Pro Blog announcement said:

“We are planning to switch over to the new combined package format for these earlier versions [1909, 1809, 1607, 1507] in the coming months.” [not this month or next month]

“In the meantime, please broadly deploy the February 2021 SSU across your organization to take advantage of the upcoming capability.”

“Stay tuned for more information on when we’ll transition to the combined package format for these versions!”

(2004/20H2/21H1 were not mentioned.)

Is any part of that incorrect?

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

Reply | Quote

So you think they will switch older version before 2004/20H2/21H1?

all this hype is (so far) incorrect, SSUs are still separate updates/packages

unless they intend to pack (not package) SSU and LCU into one msu file

Reply | Quote

Addendum, based on the published KB4601382:

– KB4601382 in Microsoft Update Catalog is unified pack

the msu file contain combined KB4601382 cab
the combined KB4601382 cab contain SSU-19041.841 (KB5000911) cab + the actual KB4601382 update cab

– This unified pack is intended only for WSUS/Configuration Manager deployment

built-in Windows Update already recieve and handle separate SSU+LCU together since v1709 (i.e. it does not need the unified pack at all)

– In order to manually use the unified pack, you should first install the latest separate SSU KB4598481 (one time operation)

or use appropriate extraction tool (expand.exe or 7-Zip) to extract the separate SSU + LCU cab files, and install them using Dism.exe

Reply | Quote

[bbearren]

Pushed to my NAS yesterday and today:

KB4601319 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems KB4601050 Cumulative Update for .NET Framework 3.5 and 4.0 for Windows 10, version 20H2 for x64 along with the latest edition of the Malicious Software Removal Tool x64

The .NET Framework Update and Malicious Software Removal Tool got the automatic restart after Active Hours.  The Cumulative Update was pending restart after Active Hours, so I restarted by clicking the button.

No hiccups, no problems.

Always create a fresh drive image before making system changes/Windows updates; you may need to start over!

We were all once "Average Users". We all have our own reasons for doing the things that we do to our systems, we don't need anyone's approval, and we don't all have to do the same things.

Computer Specs

• This reply was modified 2 years, 3 months ago by bbearren.

1 user thanked author for this post.

rexr

Reply | Quote

There seems to be an issue with the release of 1909 February patches.   A full set of 1909 patches (CU, DU, SSU, .NET) shows up in the Update Catalog, but they are blocked from downloading.  Looks like MS found a last minute issue and hit the brakes in a rather awkward way.

Reply | Quote

https://www.askwoody.com/forums/topic/1909-get-out-of-band-kb5001028/  They have a new February release.

Susan Bradley Patch Lady

Reply | Quote

anonymous wrote:

A full set of 1909 patches (CU, DU, SSU, .NET)

What is ‘DU’? I’ve seen it before, but thought it was a typo for FU (since the ‘D’ key and the ‘F’ key are adjacent). But, FU (for Feature Update) doesn’t make sense here, at least not to me.

Is it another term for MSRT?

Reply | Quote

Dynamic Update

1 user thanked author for this post.

WCHS

Reply | Quote

abbodi86 wrote:

Dynamic Update

Why is there both a CU and a DU for a give KB file? For example, DU and CU KB5001028 or DU and CU KB4601315 (the one that was pulled)?

Reply | Quote

Dynamic Cumulative Update is applied during upgrade process itself (and probably for winre.wim too)
while regular CU is installed afterward

1 user thanked author for this post.

WCHS

Reply | Quote

Microsoft :

The following CVE has been updated on February 11, 2021.

* CVE-2021-1721

– CVE-2021-1721 | .NET Core and Visual Studio Denial of Service Vulnerability
– https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1721

– Version 2.0
– Reason for Revision: Revised the Security Updates table to include PowerShell
Core 7.0 and PowerShell Core 7.1 because these versions of PowerShell Core are
also affected by this vulnerability. See
https://github.com/PowerShell/Announcements-Internal/issues/22
for more information.
– Originally posted: February 9, 2021
– Updated: February 11, 2021
– Aggregate CVE Severity Rating: Important

Reply | Quote

Installed KB4601319 on my v2004 Pro two days ago and all seemed well, but I’ve noticed since then that Windows is having a lot of trouble getting out of the screensaver, and taskmanager taking quite a while to pop up. Uninstalling it now.

Reply | Quote

Reporting problems with Win10 Pro v2004:

I had Win10 Pro 2004 Build 19041.746 (Jan 2021), Local ID only, never been near an MS ID. Also, there was no PIN or Windows Hello settings. I had uninstalled all the third-party malware s/w previously. Time to clean things up. I decided to Reset the PC, which reinstalls Win and saves only the User data, no settings or third-party programs. The install seemed to go well, at least it rebooted and came back to the desktop with the same ID (Admin) and password.

The first order of business was to go over the now MS default settings and put them back where they were before. Starting with the Settings App in Security & Update\Windows Upate there were no problems. I accessed Group Policy and attacked the WU settings there also without problems. Now to check the rest of the Settings App.

First setting – Clicked on Security. Nothing happened, and the Settings App Froze up.
Rebooted a couple of times (Fast Startup off) – same thing. Well, maybe the problem was due to the fact that I hadn’t installed the latest Feb update. So I restored the original Jan image, updated to Feb CU and tried the Reset again. Winver says Build 19041.804 but it has the same problem – Settings App\System does not work, freezes Settings App, but all the other major settings are OK/viable.

Thinking it might be the lost credential thing, I started looking around. In the upper left corner of the main Setting App, I see “Local Account” and under it a “Sign in” link (What? I am signed in!). Clicking on “Sign in” it is asking about an MS ID. There has never been an MS ID associated with this PC!!!!
In Control Pannel\Credential Manager I find the Windows Credentials User Name has been changed from the original installation. I tried to Restore the Windows Credentials saved from the old installation. Didn’t work either.

So it seems, for this attempt, I do not have access to the Settings App\System.
And I cannot “Sign in” at the top of the Settings App b/c I do not have (never have had) an MS ID/permission. Nor do I ever plan to create one for the purpose.
I do not know if the Windows Credentials are responsible. But a part of the Settings App is broken.

I have restored an image of v1903.
Used an ISO of v1909 Build 18363.592 (Jan 2020)  to upgrade saving only the User Data with no apparent breakage. Third-party apps are gone. I have gone through and put my settings back.
My plan now, since I have accomplished the cleanup, is to manually update v1909 to Jan 2021 level (download from the Catalog, manually install), set TRV for 1909, and wait, since I still have questions about Feb 2021 updates for both v1909 and v2004.

4 users thanked author for this post.

abbodi86, Mele20, Alex5723, Microfix

Reply | Quote

If YOU don’t know what happened..!!
As to how and why the system had an MS ID out of the blue upon ‘Reset’, is beyond belief.
Perhaps the system defaults on an MS ID once a ‘Reset’ is done, irrespective of whether the user has an account or not.

Keeping IT Lean, Clean and Mean!

Reply | Quote

When I set up a new 1909 iso the only way I could get an local ID was by turning off the Internet.  As long as it saw wifi/internet/something it refused to let me log in without it.  My guess is that the refresh/reset is pulling down this code that won’t let you log in otherwise.   Can you do all that with the computer disabled/unplugged?

Susan Bradley Patch Lady

Reply | Quote

The Reset function is from within the OS (Updates & Security\Recovery) downloads the Win installation from MS.

The ISO of 2004 that I have is 19041.450 – considerably older than the installed version (I don’t think that works) and it has the bug. I don’t think the refreshed ISO was available to everyone (I don’t have connections) but it still would have been an older version. I didn’t want to do a wipe-out-start-from scratch.

I have always done installation from an ISO offline, as I did in this case upgrading 1903 to 1909. I am aware it forces an MS ID if you are connected.

I think you are right. I think it does the install the same as if you do a clean install from an ISO while connected to the Internet, where you can’t choose a Local ID. But you’d think that the Refresh option (a way to FIX the computer), which keeps the Local account ID and password and all the User data, wouldn’t lock you out if you don’t have an MS ID. You’d think it would preserve the User permissions too. Too bad for the average User who has no clue.

It’s EXTREMELY confusing, particularly for non-tech Users. And I think nefarious on MS’s part to mislead one into thinking it was going to FIX the PC, when what is does is actually break it unless you give up your Local ID’s independence. Unless you are savvy enough to figure MS was going to foul you up.

Reply | Quote

Microsoft would argue it’s not a bug 🙂  Their goal is to get us to use Microsoft accounts and PINs 🙂  We may (okay more like don’t) agree with that but I’ll bet to them it’s not a bug.

Susan Bradley Patch Lady

Reply | Quote

Your interpretation of what I said is way off.
The bug I was referring to is in 19041.450 per @EP in #2339962:

EP wrote:

I created a v2004 ISO with build 19041.572 (Oct. 2020 KB4579311 update integrated) from this ESD install package that includes the certificates bugfix after upgrading via ISO method. did an ESD to ISO conversion with either esd decrypt-multi-release or esd decrypter wimlib script before running the v2004 upgrade install offline w/ no internet connection during the upgrade process. the 2004 ISO with build 19041.450 does not include the defrag and lost certificates fixes, so create an updated ISO that has at least build 19041.572

I was not referring to the method of installation.

Reply | Quote

Wonder if an unactivated W10 refresh exhibits the same behaviour?
If it doesn’t, it’s tied into the activation mechanism, if it does, it’s MSFT’s method to ensure everyone has a MSFT ID Account.
Thinking about it further, over the last few iterations of W10, the offline method has been getting more obscure during setup..

Keeping IT Lean, Clean and Mean!

Reply | Quote

I KNOW I used the “skip” setup local box in setting up a 1909 while on the Internet back in it’s day.  This recent ISO would not let me.

Susan Bradley Patch Lady

Reply | Quote

PKCano wrote:

In the upper left corner of the main Setting App, I see “Local Account” and under it a “Sign in” link (What? I am signed in!). Clicking on “Sign in” it is asking about an MS ID. There has never been an MS ID associated with this PC!!!!

The Settings banner in versions 2004/20H2 always has Sign in (to MS) under Local account.

PKCano wrote:

I think you are right. I think it does the install the same as if you do a clean install from an ISO while connected to the Internet, where you can’t choose a Local ID. But you’d think that the Refresh option (a way to FIX the computer), which keeps the Local account ID and password and all the User data, wouldn’t lock you out if you don’t have an MS ID. You’d think it would preserve the User permissions too. Too bad for the average User who has no clue.

It’s EXTREMELY confusing, particularly for non-tech Users. And I think nefarious on MS’s part to mislead one into thinking it was going to FIX the PC, when what is does is actually break it unless you give up your Local ID’s independence. Unless you are savvy enough to figure MS was going to foul you up.

You weren’t locked out of your local account.

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

Reply | Quote

PKCano wrote:

The install seemed to go well, at least it rebooted and came back to the desktop with the same ID (Admin) and password.

b wrote:

You weren’t locked out of your local account.

I didn’t say I was locked out of my Local ID.

PKCano wrote:

Settings App\System does not work, freezes Settings App, but all the other major settings are OK/viable.

PKCano wrote:

So it seems, for this attempt, I do not have access to the Settings App\System. And I cannot “Sign in” at the top of the Settings App b/c I do not have (never have had) an MS ID/permission. Nor do I ever plan to create one for the purpose. I do not know if the Windows Credentials are responsible. But a part of the Settings App is broken.

PKCano wrote:

You’d think it would preserve the User permissions too.

I was locked out of the “System” part of the Settings App.
I could not access it, it was grayed out, and when I tried, the Settings App locked up.
I had to close it before any other part of it worked again.

Reply | Quote

No SMQR patch issues on three Win8.1 x64 devices (the forgotten OS),
likewise for Win7 ESU x86 KB4601347 SMQR and KB4603002 Win7 .NET 4.5.2 Rollup
All installed on 9th/10th February. No errors in Event Viewer, SFC integrity good and Local printer works as intended. Won’t mention Linux distro’s – oops! I just did 🙂
Another awkward month for W10..surely not

Keeping IT Lean, Clean and Mean!

Reply | Quote

I received an article this morning about Blue Screens with WAP3 Wi-Fi. Apparently MS has released a fix.   OP Edit. I see you’ve already mentioned this.

Reply | Quote

For what it’s worth…

After creating back-up images of the “C” drive before installing the Feb 2021 updates, there have been no problems at all on the four Windows 10 Pro PCs in our small office. All are on version 20H2.

Reply | Quote

Win 10 Pro 1909 64 bit.  Downloaded the February SSU KB4601395 and replacement February CU KB5001028 from MS Update Catalog, standalone installed OK, test machine stable for 2 days.   Despite this month’s last minute hiccup, intending to stay on 1909 until summer, if MS will be releasing 1909 CUs that aren’t blocked against Pro installation (as they have done previously after EOL of earlier Win 10 versions.

Reply | Quote

Windows 10 Pro 20H2 :
Got KB890830 MSRT and KB4601050 .NET. No CU KB4601319.
Winver : 19042.746
Windows up to date.

Belarc Advisor shows missing KB4601319.
WUmgr shows none.

Reply | Quote

[Alex5723]

Alex5723 wrote:

Windows 10 Pro 20H2 :
Got KB890830 MSRT and KB4601050 .NET. No CU KB4601319.
Winver : 19042.746
Windows up to date.

Belarc Advisor shows missing KB4601319.
WUmgr shows none.

Just finished updating KB4601319 (after checking for updates).
The update process took, up to the restart request, 2 and half hours !! on i7 6-core, 16GB RAM, M2.NVMe SSD.
The update process used during the whole time 16% CPU, 250MB RAM.
Kaspersky A/V has been paused and not running.

winver: 19042.804.

• This reply was modified 2 years, 3 months ago by Alex5723.

Reply | Quote

[Bob99]

…on i7 6-core…

Just which Intel CPU are you using for that machine?

Since it took so long with a seemingly potent processor, (I’m typing this a couple of minutes after having posted my initial question above) was there a SSU for 20H2 that may have been needed that wasn’t used, thus potentially causing the extreme slowness with the individually downloaded patch?

I know that when we install individual patches gotten from the Catalog, until recently we’ve also needed to get the SSU as well that WU would ordinarily go get on its own and “silently” install before proceeding to install the LCU.

I also know that 20H2 and 2004 are supposed to be “weaned” of this behavior this month or they’ve already supposedly been weaned of it, I just don’t know which at this point.

If they’ve supposedly been weaned off this “separate” SSU behavior, then this thought is a moot point…or is it? After all, we are talking about MS.  🙂

• This reply was modified 2 years, 3 months ago by Bob99.

Reply | Quote

Uhh…scratch that theory about a missing SSU. There wasn’t one released this month for 2004 and 20H2. 😳😳

So, that still leaves my original question asking just which processor from Intel is in that machine.

BTW, I posted this reply because when I went to click the “EDIT” option on my post above, it just disappeared.

Reply | Quote

[Alex5723]

Created the install log (PowerShell Get-WindowsUpdateLog command) for KB4601319. CU download started at 2021-02-16 21:19:23.5759370.
Installation started at 2021-02-16 21:21:34.4287305.

Can’t find the reason why the update took so long.

From the log :

2021-02-16 21:23:22.6678568 17496 10308 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (10308)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 11
2021-02-16 21:23:23.6682573 17496 18036 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (18036)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 15
2021-02-16 21:23:25.6822928 17496 14040 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (14040)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 20
2021-02-16 21:26:13.5160384 17496 12916 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (12916)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 22
2021-02-16 21:26:13.5173495 17496 12916 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (12916)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 29
2021-02-16 21:26:13.6078282 17496 1844 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (1844)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 30
2021-02-16 21:26:13.6318178 17496 7580 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (7580)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 31
2021-02-16 21:26:13.6566809 17496 10388 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (10388)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 32
2021-02-16 21:26:13.6599549 17496 11852 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (11852)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 33
2021-02-16 21:26:13.6613055 17496 11852 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (11852)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 35
2021-02-16 21:26:13.6688978 17496 2184 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (2184)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 37
2021-02-16 21:26:13.6698991 17496 2184 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (2184)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 39
2021-02-16 21:26:13.6787904 17496 7400 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (7400)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 40
2021-02-16 21:26:13.6798767 17496 7400 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (7400)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 43
2021-02-16 21:26:13.6883708 17496 5088 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (5088)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 44

2021-02-16 21:51:54.7012519 17496 14020 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (14020)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 55
2021-02-16 21:51:54.7018532 17496 14020 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (14020)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 60
2021-02-16 21:51:54.7024347 17496 14020 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (14020)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 64
2021-02-16 21:51:54.7030083 17496 14020 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (14020)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 68
2021-02-16 21:51:54.7035889 17496 14020 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (14020)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 72
2021-02-16 21:51:54.7042065 17496 14020 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (14020)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 73

2021-02-16 23:25:08.4612237 17496 9748 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (9748)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 76
2021-02-16 23:25:09.1981780 17496 5652 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (5652)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 77
2021-02-16 23:25:09.9282688 17496 1684 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (1684)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 78
2021-02-16 23:25:10.9460494 17496 3588 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (3588)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 79
2021-02-16 23:25:11.7839732 17496 15584 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (15584)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 80
2021-02-16 23:25:13.8143003 17496 15520 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (15520)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 81
2021-02-16 23:25:17.0920148 17496 16908 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (16908)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 82
2021-02-16 23:25:27.0155450 17496 10360 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (10360)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 83
2021-02-16 23:25:28.9836028 17496 10496 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (10496)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 84
2021-02-16 23:25:29.5581629 17496 15400 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (15400)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 85
2021-02-16 23:25:31.2314906 17496 15800 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (15800)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 86
2021-02-16 23:25:31.6788930 17496 16756 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (16756)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 87
2021-02-16 23:25:32.4313332 17496 10772 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (10772)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 88
2021-02-16 23:25:33.8014617 17496 4004 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (4004)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 89
2021-02-16 23:25:34.2412694 17496 16320 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (16320)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 90
2021-02-16 23:25:42.6130115 17496 13368 UDP Deployment job Id 8CFD91CB-AE0D-4052-92BD-66FCF0A6EEE3 : NotifyClient (13368)(0) called for update id 95E93F1C-A9D3-4850-A1DF-42612DF616AE, code = Update progress, percent complete = 100

• This reply was modified 2 years, 3 months ago by Alex5723.

Reply | Quote

[PFC]

Alex5723 wrote:

The update process took, up to the restart request, 2 and half hours !!

got all 4 of them plus the .net core update done in about 30 mins.

my 5th update was a Defender SU.

what was yours doing for two hours?

• This reply was modified 2 years, 3 months ago by PFC.

Reply | Quote

[Alex5723]

PFC wrote:

what was yours doing for two hours?

It was running the update process using 16% of CPU and 250MB of RAM all that time.
The update progress jumped from 0-20% in 30min.
From 20-44% in 30min.
From 44-73% in 30min
From 73-74% in 30min
From 74-100% in 30min.

Nothing else was running. CPU has been used only by the TiWorker process, all other processes used 0% of CPU.

According to my daily Acronis differential backup and Disk Cleanup (admin) the size on the update was 4GB.

This behaved more like a full Feature install than a CU update.

• This reply was modified 2 years, 3 months ago by Alex5723.

Reply | Quote

Bob99 wrote:

Just which Intel CPU are you using for that machine?

Intel i7 8750H (it is gaming laptop).
CPU ran at 4 GHz all that time.

No SSU update for 20H2. Downloading the update took 30sec as I am on Fiber 1Gb.

Reply | Quote

Alex5723 wrote:

This behaved more like a full Feature install than a CU update.

maybe something related to Reserved Storage, see the following?

https://mcpmag.com/articles/2019/01/14/windows-10-7gb-of-reserved-storage.aspx

Reply | Quote

PFC wrote:

Alex5723 wrote:

This behaved more like a full Feature install than a CU update.

maybe something related to Reserved Storage, see the following?

https://mcpmag.com/articles/2019/01/14/windows-10-7gb-of-reserved-storage.aspx

Thanks, Windows 10 was not a clean install and I don’t have reserve storage.

Reply | Quote

KB4601319 update is causing webcam problems and other accessories. Microsoft promised a fix for webcom .

A Microsoft representative has quietly confirmed that the February 2021 cumulative update (KB4601319) suffers from a bug that could disable your web camera. In addition to camera crashes, users have also reported other bugs in Windows 10 KB4601319 and Microsoft is investigating the reports…

“Thank you for bringing the issues with Intel Realsense Camera to our attention. We are aware of the issue and are working on a fix. In the meantime, if you need to get your camera working, please follow the instructions on how to remove an installed Windows Update,” Microsoft noted.

While Microsoft has only acknowledged reports of camera issues after the cumulative updates, users have noted that KB4601319 is also affecting the performance of their wireless mouse, second monitor and other accessories.

In addition to hardware failure, there are reports of Blue Screen of Death error too…

Reply | Quote

[EP]

new preview patches for 1809 and 1909 have recently came out Feb. 17 (watch out folks):

KB4601380 for v1909:
https://support.microsoft.com/help/4601380

KB4601383 for v1809 (enterprise/education/ltsc 2019):
https://support.microsoft.com/help/4601383

along with new .NET preview patches for 1809 and 1909

KB4601556 for 1909
https://support.microsoft.com/help/4601556

KB4602298 for 1809
https://support.microsoft.com/help/4602298

• This reply was modified 2 years, 3 months ago by EP.

Reply | Quote

[abbodi86]

February 16 actually 🙂
they were live around 22:00 UTC

and Flash Removal KB4577586 also published via WU

• This reply was modified 2 years, 3 months ago by abbodi86.

1 user thanked author for this post.

Microfix

Reply | Quote

Microsoft Security Update Releases

Summary
=======

The following CVEs and advisory have undergone a major revision increment:

* CVE-2021-24067
* CVE-2021-24069
* ADV990001

– CVE-2021-24067 | Microsoft Excel Remote Code Execution Vulnerability
– https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24067

– Version 2.0
– Reason for Revision: Microsoft is announcing the availability of the security
updates for Microsoft Office for Mac. Customers running affected Mac software
should install the update for their product to be protected from this vulnerability.
Customers running other Microsoft Office software do not need to take any action.
See the Release Notes for more information and download links.
– Originally posted: February 9, 2021
– Updated: February 16, 2021
– Aggregate CVE Severity Rating: Important

– CVE-2021-24069 | Microsoft Excel Remote Code Execution Vulnerability
– https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24069

– Version 2.0
– Reason for Revision: Microsoft is announcing the availability of the security
updates for Microsoft Office for Mac. Customers running affected Mac software
should install the update for their product to be protected from this vulnerability.
Customers running other Microsoft Office software do not need to take any action.
See the Release Notes for more information and download links.
– Originally posted: February 9, 2021
– Updated: February 16, 2021
– Aggregate CVE Severity Rating: Important

– ADV990001 | Latest Servicing Stack Updates
– https://msrc.microsoft.com/update-guide/vulnerability/ADV990001

– Version 33.0
– Reason for Revision: To address known issues customers might have experienced when
installing security updates released on February 9, 2021, Microsoft has released
the following servicing stack updates (SSUs): KB5001078 for all affected editions
of Windows 10; KB5001079 for all affected editions of Windows 10 Version 1607 and
Windows Server 2016. Customers must install the new SSU before installing the
applicable February 9, 2021 security update.
– Originally posted: November 13, 2021
– Updated: February 16, 2021
– Aggregate CVE Severity Rating: Critical

Reply | Quote

Microsoft has pulled yet another buggy Windows 10 SSU this month..OOOPS!
KB4601390 the previous being KB4601392
Note to all W10 LTSB users who are following the MS-DEFCON system:

You must install the new KB5001079 SSU BEFORE attempting to install the February 9th, 2021 security updates. applies to 1507 – 1607? LTSB versions.

Source:
https://www.bleepingcomputer.com/news/microsoft/microsoft-pulls-a-second-windows-ssu-for-blocking-security-updates/

Within the article are additional steps for those who have these patches installed already.
Edit: updated for clarity

Keeping IT Lean, Clean and Mean!

Reply | Quote

Microfix wrote:

NOTE TO ALL W10 users who are following the MS-DEFCON system:

You must install the new KB5001079 SSU BEFORE attempting to install the February 9th, 2021 security updates.

That update only applies to LTSB version 1507, so virtually no one here:

https://www.catalog.update.microsoft.com/Search.aspx?q=KB5001079

It’s unfortunate that in places, like the KB article for this SSU, Microsoft refers to version 1507 as merely “Windows 10” (because it had no version number when originally released):

KB5001079: Servicing stack update for Windows 10: February 12, 2021

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

Reply | Quote

my bad, although in the article it states:

The issue was first observed by users who tried installing the February 9 security updates on Windows Server 2016 and Windows 10, version 1607

so not only 1507 LTSB
Post ammended

Keeping IT Lean, Clean and Mean!

Reply | Quote

That refers to the similar occurrence last week, previously highlighted by Susan Bradley as below.

But that was a different broken SSU (KB4601392) replaced by a different fixed SSU (KB5001078) for LTSB 1607/Server 2016.

Susan Bradley wrote:

Friday night quick patching recap for business patchers:

Windows Server 2016 SSU – has been recalled and been replaced with KB5001078. This fixes the issue where the cumulative update got stuck at 24%.

Source: Windows 10, version 1607 and Windows Server 2016 | Microsoft Docs

Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge

Reply | Quote

You might have read that I have not been offered win updates to 1909 for quite some time. With PKCano’s help, seems to have likely been fixed. So I am being offered 5001028.

Correct me please if wrong, but this is an update to a formerly approved Jan update and only fixes a WPA3 issue. I am not WPA3 capable. Should I still be on hold for installing this?

And, I am not being offered an SSU. PK said included with CU, but then I read above it is included with the NEXT CU’s. So wondering how I should handle that or if it will install when I install 5001028?

Thanks.

Reply | Quote

KB5001028 is a REPLACEMENT for KB4601315 which was pulled/no longer offered by Microsoft. We are still on DEFCON-2, which includes ALL Feb patches including this Our-of-band replacement.

The SSU is bundled with the CU. It does not show in the WU queue, but installs when the CU is installed. It has not been combined with the CU yet. Installing the CU will also install the SSU.

1 user thanked author for this post.

Melvin

Reply | Quote

My 2018 Huawei MB X Pro will STILL not update to version 2004, released almost a year ago and Microsoft is stopping support of version 1909 in May 2021 two months from now.

While I have reached out to Huawei, I have received the same exculpatory narrative that it’s about the loss of the Huawei recovery partition and that the onus falls on Microsoft, which is the exact same narrative it used for excusing feature upgrade issues in updating from 1903 and 1909, both of which installed for me WITHOUT issue.

Unless I’m missing something, my inability to upgrade from 1909 — after properly setting the target for 2004 in Group Policy (or, alternatively, using the date) — is entirely on Huawei’s side, not Microsoft’s. It is, however, very much like the blue screen of death for all Americans who supported Huawei after Trump dropped the hammer. Though I very much liked Huawei, I will not easily forge or forgive its ongoing incompetence and cavalier insouciance in this matter.

In any event, I’m posting here to ask for any suggestions or the names/contact information of people whom I should reach out to in hopes of getting feature upgrades in the future.

Reply | Quote

>Microsoft is stopping support of version 1909 in May 2021 two months from now.

So sorry. I don’t know where I got this date — Microsoft just moved to an 18 month support schedule, so I think that I must have gone off the more compressed support dates — but, in researching the issue in more depth, Microsoft’s support for 1909 will now continue to December 2021. Given that fact, along with the red light Huawei with which has tagged the 2004 upgrade, I feel no pressure to install any upgrade at this time, ISO or not, until such time as a green light appears.

Reply | Quote

Windows 10 – release information | Microsoft Docs

Not per that official support page.  It still lists May as a drop dead date for Home and Pro.  Where are you getting December as I don’t see that anywhere.

Susan Bradley Patch Lady

Reply | Quote

<h3>Thanks for all you do, Susan!

Bleeping Computer pegs it as May 2021  (https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-10-1909-reaches-end-of-service-in-may/)

Microsoft itself pegs it 18 months out from the date of its release, though I must have been confused by decoupling Win Pro from Enterprise:
https://docs.microsoft.com/en-us/lifecycle/faq/windows [Under: <small>What is the servicing timeline for a version (feature update) of Windows 10?
|…18 months from release date]
</small><small>
</small><small>but then there’s </small><small>https://support.microsoft.com/en-us/lifecycle/search?alpha=1909, which points us back to May 2021 again, reconfirming what you just said. </small><small></small><small>

Again, THANKS!

</small></h3>

Reply | Quote

[Alex5723]

michael.mdgr wrote:

Unless I’m missing something, my inability to upgrade from 1909 — after properly setting the target for 2004 in Group Policy

Make a full image backup to external HDD and a recovery USB stick.

Download the 2004 ISO from Heidoc.net (download the portable ‘download tool’ and launch the tool).
Select the proper ISO file and download.
Open the ISO (or mount) and run setup.exe.

During the update process you can select : clean install, install keep programs and data.

• This reply was modified 2 years, 3 months ago by Alex5723.

Reply | Quote

[CAS]

I had no problem downloading and installing Kb4601050 (. net framework update) but bk4601319 was a real challenge. Windows downloaded the latter several times but wouldn’t install it. I went to ms update catalog to download it and while it was downloading I checked back with windows update and it would download about 10% of the update and then try to install it and throw off an error message. Meanwhile the catalog download continued, slowly. I returned to Windows update to see if anything was happening and lo and behold I found that the update had been 100% downloaded and was in the process of being installed. When it finished installing I restarted my computer a second time, the first time being after the .net download. After restarting it I checked the image health and it showed that image version 10.0.19041.804 was not corrupted. I then ran Belarc Advisor and all was well.

I have no idea what was going on with the issues concerning the the download and install of the cumulative update for February. When I checked the event log there were three windows update agent errors 20, a bizillion esent 642 warnings, a kernel event-tracing error and warning relating to readyboot. so far as I’m concerned whatever made this so difficult and tedious is a mystery and a waste of time. The fact that it only happens once a month is the only ray of sunshine.

• This reply was modified 2 years, 3 months ago by CAS. Reason: wrong word used and corrected

Reply | Quote

Thanks Alex5723.

Is there any problem that could arise from using the ISO (using “keep programs and data”) as opposed to using the Windows Update and Security process?

Reply | Quote

It’s the same process, but under your control.
We suggest disconnecting from the internet when you run the ISO setup.exe. This prevents any updates apart from those on the ISO. Reconnect when done for normal updating.

cheers, Paul

Reply | Quote

CAS wrote:

I have no idea what was going on with the issues concerning the the download and install of the cumulative update for February.

See #2344165

1 user thanked author for this post.

CAS

Reply | Quote

Just a couple of minutes ago I got notified of a new update : KB4023057 for 20H2 with Feb. 2021 updates.
Installed, no re-boot required.
KB4023057 has been installed previously on Oct. 2020.

Reply | Quote

Alex5723 wrote:

Just a couple of minutes ago I got notified of a new update : KB4023057 for 20H2 with Feb. 2021 updates.
Installed, no re-boot required.
KB4023057 has been installed previously on Oct. 2020.

Anyone else?
KB4023057 = update to the USM – Update Service Module re-issued?
kill switch for WUShowhide? wouldn’t surprise me in the least..
2 + 2 = 5 🙂

Keeping IT Lean, Clean and Mean!

Reply | Quote

Hope this will fix the “bug” that caused the installation of KB4601319 to run for 2H+.

Reply | Quote

It’s not, KB4023057 fix update/upgrade blockers, not updates issues

Reply | Quote

I had KB4023057  hidden in wushowhide. It was offered to me again today as new along with an NVDIA driver that I had also hidden. Odd. Hid both again.

Reply | Quote

rebop2020 wrote:

Odd. Hid both again.

It will keep coming back with a new date. I encountered it in Aug, Sept, Oct 2020 and probably every month after that, hiding it each time.

Here’s Microsoft info on it

Here’s ghacks.net info on it

Reply | Quote

Running Win10 Home 2004 … I just got KB4023057 pushed on me.  This isn’t the 1st time and sure it won’t be the last for this update

Reply | Quote

abbodi86 wrote:

It’s not, KB4023057 fix update/upgrade blockers, not updates issues

“This update includes files and resources that address issues that affect the update processes in Windows 10 that may prevent important Windows updates from being installed. These improvements help make sure that updates are installed seamlessly (like KB4601319 on my device:-) your device, and they help improve the reliability and security of devices that are running Windows 10. “

Reply | Quote

It’s not, it only make sure you get KB4601319, not to help installing it 🙂

Reply | Quote

[Alex5723]

@abbodi86

it only make sure you get KB4601319, not to help installing it

Microsoft’s promise :

“updates are installed seamlessly”

• This reply was modified 2 years, 3 months ago by Alex5723.
• This reply was modified 2 years, 3 months ago by Alex5723.

Reply | Quote

No accurate

Reply | Quote

My NAS (nothing paused/blocked other than driver updates via Group Policy) got a push earlier today:

KB4601382 Cumulative Update Preview for Windows 10 Version 20H2 for x64-based Systems

Now running Version 20H2 (OS Build 19042.844).

No hiccups, no issues.

Always create a fresh drive image before making system changes/Windows updates; you may need to start over!

We were all once "Average Users". We all have our own reasons for doing the things that we do to our systems, we don't need anyone's approval, and we don't all have to do the same things.

Computer Specs

Reply | Quote

[giorgio]

Just went to winver 2004 today, my laptop external monitors, Displaylink over usb, both powered up and configured immediately. I was having some problems with the mobilepixel Displaylink monitors on 1909 I was having to unplug and wait 2 minutes at times. This is a welcome change

 

Eluktronics RP15 Ryzen 4800H 32b ram Nvidia RTX 2060

• This reply was modified 2 years, 3 months ago by giorgio.

Reply | Quote