News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Heads up! 50 new security patches just pushed to the Update Catalog

    Home Forums AskWoody blog Heads up! 50 new security patches just pushed to the Update Catalog

    This topic contains 71 replies, has 31 voices, and was last updated by  davelr 1 month ago.

    • Author
      Posts
    • #1973411 Reply

      woody
      Da Boss

      They’re marked: IMPORTANT This is a required security update that expands the out-of-band update dated September 23, 2019. This security update includ
      [See the full post at: Heads up! 50 new security patches just pushed to the Update Catalog]

      4 users thanked author for this post.
    • #1973414 Reply

      Microfix
      Da Boss

      Getting October SMQR offered via WU on Win8.1..declined
      posted my WU screenshot here

      MS-DEFCON still at 3..

      Have they nudged this months patches back due to the release of 1909 on patch tuesday 8th of this month?

      ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

      • #1973424 Reply

        PKCano
        Da Boss

        This DOES NOT replace the October Patch Tuesday SQMR.

        1 user thanked author for this post.
        • #1973429 Reply

          Microfix
          Da Boss

          This DOES NOT replace the October Patch Tuesday SQMR.

          well, it hasn’t been released prior to this update being offered that I’m seeing in WU so, how could it be replaced?

          ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

          • #1973441 Reply

            PKCano
            Da Boss

            Sorry, wrong tense, but I was quoting (my bolding).

            4 users thanked author for this post.
    • #1973417 Reply

      grant.gardner
      AskWoody Plus

      Is it safe to assume that these updates will be incorporated into the standard patch Tuesday updates that are due out next week?

      • #1973442 Reply

        woody
        Da Boss

        Yes. Patch Tuesday this month will include previous cumulative updates (unless somebody changes their mind again).

        Big questions at this point: (1) Is an attack imminent and (2) Are there any additional bugs?

        Patches like this are notorious for triggering an absolute shirtstorm of bugs.

        8 users thanked author for this post.
        • #1973463 Reply

          Tom-R
          AskWoody Plus

          Woody, in light of this sudden unexpected (and unexplained by MS) development, shouldn’t the DEFCON level be bumped back to 1 or 2?

          • #1973469 Reply

            woody
            Da Boss

            Good question. The concomitant question is whether we should go to MS-DEFCON 4 or 5.

            At this point, I’m watching for evidence of bugs in this for-real out-of-band patch. If it looks clean, I’ll probably advise that people install it.

            But it’s still too early to tell – and I still have no indication whether CVE-2019-1367 is an ongoing concern for the 95% of all Windows users who don’t use IE. The Security Advisory has been updated to show the new patches – but there’s no change in the wimpy description. Clément Lecigne hasn’t said anything, either.

            2 users thanked author for this post.
          • #1973734 Reply

            anonymous

            Weekend starts here, and I am gone. Will not switch on Windows computers here before next week wednesday, so I am safe. For a change. I indeed also assume the emergencynlatched will be included in the regular patch rounds? What a mess Windows became :-/

            • #1973744 Reply

              PKCano
              Da Boss

              Yes, everything should be together in next Patch Tuesday’s updates.

            • #1973809 Reply

              anonymous

              Ok, thanks for the info! I am anonymous again, somehow my password isn’t working again. Must reset it, one day soon…

            • #1974276 Reply

              woody
              Da Boss
      • #1973447 Reply

        Bluetrix
        AskWoody MVP

        Is it safe to assume that these updates will be incorporated into the standard patch Tuesday updates that are due out next week?

        For:

        KB4524147 CU for 1903 (build 18362.388)
        KB4524148 CU for 1809 (build 17763.775)
        KB4524149 CU for 1803 (build 17134.1040)

        Note This update does not replace the upcoming October 2019 monthly update, which is scheduled to release on October 8, 2019.

        That’s from Microsoft

        Edit to add: Like Woody said, (unless somebody changes their mind again).

        Windows10 Home 1809 | Mint19 on VM

        • #1973452 Reply

          grant.gardner
          AskWoody Plus

          Is it safe to assume that these updates will be incorporated into the standard patch Tuesday updates that are due out next week?

          For:

          KB4524147 CU for 1903 (build 18362.388)
          KB4524148 CU for 1809 (build 17763.775)
          KB4524149 CU for 1803 (build 17134.1040)

          Note This update does not replace the upcoming October 2019 monthly update, which is scheduled to release on October 8, 2019.

          That’s from Microsoft

          Edit to add: Like Woody said, (unless somebody changes their mind again).

          We don’t use IE on any of our servers and don’t have the printing issue.  Would rather wait for the standard Patch Tuesday stuff and install later this month once its given the go ahead by “the patch lady”.  Heck, I just installed Septembers updates this week.

    • #1973433 Reply

      PKCano
      Da Boss

      KB4524135 IE update, released 10/3/2019, for IE11 has been added to AKB2000003.

      Prerequsites for Win7 are SSU KB4490628 and SHA-2 coding update KB4474419

      3 users thanked author for this post.
    • #1973444 Reply

      armond
      AskWoody Plus

      HP printer issue still exists! I can’t print anything using my HP 6978 printer after installing KB4524147. “Microsoft is not currently aware of any issues”? Interesting.

      3 users thanked author for this post.
      • #1973470 Reply

        woody
        Da Boss

        Very important observation. Thanks!

        If you roll back KB 4524147, does your printer work again?

      • #1974477 Reply

        Susan Bradley
        AskWoody MVP

        Did into the printer driver setting and make sure that rebooting hasn’t moved a printer from the setup you like/that works to one that doesnt.

        I have a home pc that on occasion will reboot and my HP multi will move from tcp/ip setup to that web stupid printer driver thingy that never works.

        Susan Bradley Patch Lady

    • #1973451 Reply

      Alex5723
      AskWoody Plus

      They’re marked: IMPORTANT This is a required security update that expands the out-of-band update dated September 23, 2019. This security update includ
      [See the full post at: Heads up! 50 new security patches just pushed to the Update Catalog]

      ?

      You meant September 23.

      1 user thanked author for this post.
      • #1973475 Reply

        woody
        Da Boss

        You’re absolutely right. Change made.

    • #1973453 Reply

      IndyPilot80
      AskWoody Lounger

      So, unless I’m reading it wrong, it sound like if we’ve already patched for CVE-2019-1367 and we don’t have any .NET 3.5 or print spooler issues, we can safely skip this and wait until Oct 8?

      • #1973458 Reply

        grant.gardner
        AskWoody Plus

        That’s what I plan on doing.  Really dont want to add another round of server reboots into the mix.

        2 users thanked author for this post.
    • #1973462 Reply

      DrBonzo
      AskWoody Plus

      Scroll to the bottom of the following link under Revisions and it reads as though the only purpose of today’s new update is to fix the printer issue.

      https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1367

      This is what it says:

      To address a known printing issue customers might experience after installing the Security Updates or IE Cumulative updates that were released on September 23, 2019 for CVE-2019-1367, Microsoft is releasing new Security Updates, IE Cumulative Updates, and Monthly Rollup updates for all applicable installations of Internet Explorer 9, 10, or 11 on Microsoft Windows. Please see the Security Updates table for CVE-2019-1367 for the new updates. Note that these updates are available automatically via Windows Update, WSUS, or manually from the Microsoft Update Catalog. This release is separate from the October Update Tuesday release, which is scheduled for October 8, 2019

      2 users thanked author for this post.
      • #1973468 Reply

        armond
        AskWoody Plus

        As far as I know and tested, HP printer issue have nothing to do with the Print Spooler service, as I did not have any printing issue with other priters I tried with any of the recent Windows 10 Cumulative Update updates.
        Hopefully at least HP comes up with a solution, as I really like my HP printer and its Instant Ink free plan. Thanks so much for your time.

        • #1973690 Reply

          cogx
          AskWoody Lounger

          Not just HP for us, but Ricoh printers are causing us fits now too.  In one such case, installed today’s (10/3/19) update (for Windows 8.1) and it didn’t fix the application crashing when trying to print to that particular Ricoh.  It’s not the spooler crashing, it is the application trying to print to that particular Ricoh USB connected printer (Word, Chrome, etc.)
          The user’s other printer (network printer, also a copier Ricoh model) works and the Adobe PDF printer driver works.

          I know we scream about a lot of buggy patches, but the truth is, with the ~450 computers I directly support, and the three thousand more where I work, we rarely run into the “known issues” from various MS patches.  The last one I can recall was a bad MS AV update.
          Every year or two a screwy Word or Excel patch will get us.  But, now they have really gone and done it, breaking printing is like the number one cardinal sin where I work.  Printing is all anyone cares about.

      • #1973476 Reply

        woody
        Da Boss

        It could be that this out-of-band patch was re-issued to fix both the printer and .NET 3.5 installation bugs. But more importantly, it’s a for-real out-of-band update, with appropriate distribution.

        It’s also been ten days since MS initially dropped the CVE. Is it possible that this is a real threat? If so, why haven’t we heard anything about it? At least MS is giving it more attention.

        2 users thanked author for this post.
        • #1973626 Reply

          WildBill
          AskWoody Plus

          Can confirm it’s a real out-of-band update, since KB4521456 replaced KB4516067 on my Win8.1 machine. Main Question: Besides possibly fixing the breaking .NET 3.5 problem & the breaking printers problem (no printer attached on my laptop), does it properly fix CVE-2019-1367? That’s the $64,000,000 question! You just bumped us to MS-DEFCON 3 yesterday; been slow in patching, but I’d hate to patch today & find we’re still getting messed up. As Patch Lady said in Monday’s Plus Newsletter, Issue 16.35.0:

          Bottom line: Microsoft handled these updates poorly. At this time, the IE exploits appear to be highly targeted and narrowly applied. But the company hasn’t clearly spelled out the extent of the threat — except indirectly by making the fix relatively difficult to get.

          Windows 8.1, 64-bit, back in Group A... & leaning toward Windows 10 V1909. As long as it's a Lot Less Buggy!
          Wild Bill Rides Again...

          1 user thanked author for this post.
    • #1973464 Reply

      CADesertRat
      AskWoody Plus

      It’s been an interesting morning, I have 4 computers (W10 Pro 1809) which all started out with the same updates until WU this morning. See my results in another post. MS is changing updates FAST.

      MS-DEFCON 3: Get your September patches installed — but stick to the mainstream patches

       

      Don't take yourself so seriously, no one else does 🙂
      4 Win 10 Pro currently 1809 (3 Desktops, 1 Laptop).

    • #1973465 Reply

      Mr. Natural
      AskWoody Plus

      This is crazy. Everyone grab the popcorn. You can bet your sweet bippy I won’t be pushing any of these right away.

      Red Ruffnsore reporting from the front lines.

      1 user thanked author for this post.
    • #1973477 Reply

      bbearren
      AskWoody MVP

      I got KB4524147 earlier today.  Nothing unusual, as usual for me.

      Create a fresh drive image before making system changes, in case you need to start over!
      "The problem is not the problem. The problem is your attitude about the problem. Savvy?"—Jack Sparrow
      "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
      "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

      1 user thanked author for this post.
    • #1973488 Reply

      Barry
      AskWoody Plus

      I got KB4524147 earlier today.  Nothing unusual, as usual for me.

      Downloading it now. I might add it did not give the option to defer. As soon as i hit check for update it started downloading.

       

      Barry (Seeker)
      Windows 10 Home V 1903

      1 user thanked author for this post.
      • #1973501 Reply

        woody
        Da Boss

        Are you on Win10 1809?

        1 user thanked author for this post.
        • #1973572 Reply

          Barry
          AskWoody Plus

          No. 1903 as it says in my signature.

          Barry (Seeker)
          Windows 10 Home V 1903

          • #1973583 Reply

            woody
            Da Boss

            Oops. I should’ve looked at your signature.

            Yeah, that would be in keeping with the new updating method – in fact, unless you’ve clicked “Defer updates,” today’s cumulative update would’ve installed whether you clicked Check for updates or not.

            1 user thanked author for this post.
    • #1973489 Reply

      Microfix
      Da Boss

      satirical view/
      so in essence these patches seem to suggest the following:
      IE zeroday is now fixed, we think!..but
      RPC may or may not work so..
      If your printer works, the patch will bork it
      If your printer didn’t work before this patch, it’s still borked.
      If you don’t have a printer think yourself lucky punk.
      And to top it all off…there’s skeletal documentation about these patches

      Aha! no IE zeroday patch printer works..oh dear, rock and a hard place. /satirical view
      popcorn time on linux..

      ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

    • #1973511 Reply

      Geo
      AskWoody Plus

      Group A, Win 7X64  .Just received   KB4524157 from WU.

      • This reply was modified 1 month, 1 week ago by  Geo.
      • #1973705 Reply

        KP
        AskWoody Plus

        Win 7 – 32 bit (KB4524157)

        I say back to DefCon 1 or 2 for this.

         

        DefCon 3 for the September  Patches. Unfortunately it means you have to manually download the patches from the Microsoft Update Catalog.

         

        • This reply was modified 1 month, 1 week ago by  KP.
        • This reply was modified 1 month, 1 week ago by  KP.
        Attachments:
        • #1973726 Reply

          jburk07
          AskWoody Plus

          @kp
          When I hid KB4524157, the September patches reappeared in Windows Update, so you could do that instead of downloading them from the catalog.

          Group A Win7 x64 Home Premium SP1 Ivy Bridge

          • This reply was modified 1 month, 1 week ago by  jburk07.
          1 user thanked author for this post.
          Pim
          • #1974418 Reply

            KP
            AskWoody Plus

            At that point in time, I had not installed the September patches so I download KB4516065 from the Microsoft Update Catalogue and manually installed. Sounds like there are still some problems with KB4524157.

            • #1974549 Reply

              EP
              AskWoody_MVP

              what kind of printer problems, KP? be really specific about them.

              I did not find any printer problems with the KB4524517 update on all my Win7 computers as I can reliably print to my family’s networked HP envy 7855 series printer through a WiFi internet connection.

            • #1974649 Reply

              KP
              AskWoody Plus

              I have not installed KB4524157 yet so no printer problem.

    • #1973548 Reply

      Mr. Natural
      AskWoody Plus

      So is this the new norm now? Put them out on Microsoft Download Catalog first so that the “seekers” can beta test before releasing to Windows Update. Then let the Windows Update “seekers” have at it for the second round of beta testing.

      Perhaps not a bad idea the way this whole A.I. thing is going.  🙁

      Red Ruffnsore reporting from the front lines.

      3 users thanked author for this post.
    • #1973571 Reply

      anonymous

      Too Much KB overload and I have skipped the Telemetry “Security Only” months and really I’m only interested in the 2019 Oct W7 Security Only(If No telemetry is included) and the Oct IE cumulative security only updates for Windows 7.

      It’s just too much to worry about all of the out of band IE updates with IE getting its usual cumulative security patching each month anyways.

      I’m using only Firefox for browsing until the Oct 2019 IE cumulative updates get DEFCON 3/higher rated, and actually Firefox is a lot better for browsing than IE regardless of any IE Zero Days.

    • #1973593 Reply

      Hopper15
      AskWoody Lounger

      Thanks for the heads up Woody.

    • #1973713 Reply

      T
      AskWoody Plus

      I’m so confused by this – if this is a monthly rollup then does that mean it includes all the junk those of us who are security only wish to avoid? I’m now conditioned to avoid anything rollup in the title and checking the file information for this update shows it does contain files like diagtrack and such. Therefore, where is the security only version? I want that one, i’m not about to start installing rollups.

      • #1973727 Reply

        PKCano
        Da Boss

        The fix is in the IE11 CU which Group B installs.
        Since Group A doesn’t have separate patches, and theri IE11 fix is part of the Rollup, Group A gets a Rollup (yes, it is a Rollup)
        AKB200003 has been updated with the IE11 patch, but Woody has not blessed it yet.

        WAIT.

        1 user thanked author for this post.
        T
        • #1973731 Reply

          T
          AskWoody Plus

          Ahh, this makes sense. Thank you.

          Yes, i never rush into updating for just this reason and i’m with woody and susan on this, as things stand right now it’s best to hold off until microsoft can decide whether it is actively being exploited and stick to it.

    • #1973732 Reply

      ashfan212
      AskWoody Lounger

      Windows 7 x64 Home Premium Group A

      KB4524157 is described as a monthly rollup. Therefore, all of its enhancements will be contained (presumably) in next Tuesday’s scheduled October monthly rollup.

      Accordingly, I cannot conceive why today’s monthly rollup can be deemed “important” and mandatory when its replacement will be available in 5 days.

      I assume that the consensus advice would be to ignore this rollup update.

    • #1973794 Reply

      anonymous

      I installed KB4524147 to two desktops, both with the recommended patches from the Master Patch list installed.  One desktop is on 1903 and the other is on 1909.  No problems on either machine, and start menu’s work ok on both machines.

    • #1973838 Reply

      abbodi86
      AskWoody_MVP

      IE vulnerability did not make them push the patches before, but a printing issue does?

      2 users thanked author for this post.
    • #1974186 Reply

      Speccy
      AskWoody Lounger

      Could the “printing issue” be just the tip of a(n apparently unrelated?) deeper iceberg (?):
      “In addition to the BD Alaris PC Unit infusion pump, the researchers found (…) cameras, printers, routers, Wi-Fi mesh access points (…) that are all vulnerable to Urgent/11 bugs.”

      (URGENT/11 is a “suite” of 11 security vulnerabilities in the implementation of the network protocols that make up the IPnet TCP/IP stack – publicly disclosed back in July and recently making the news. Maybe that’s just an unrelated coincidence?…)

    • #1974196 Reply

      rozmansi
      AskWoody Lounger

      The KB4524135 and KB4524156 installed on our Windows Server 2012R2 over the night and all JScript legacy ASP websites broke: heap corruption, unknown variable values, garbage in error responses. Event log was full of “Error: File /index.asp Unexpected error. A trappable error (C0000005) occurred in an external object. The script cannot continue running..” messages. Clicking refresh on any website gave a couple of successful responses, followed by a 500 Internal Server Error, and again some sucessful responses…

      VBScript pages were unaffected.

      Uninstalling both updates made websites stable again.

      JScript.dll broken?

      1 user thanked author for this post.
    • #1974232 Reply

      anonymous

      After KB4524147 I get a warning in Event Viewer every time I open Google Chrome (Event ID 10016 – DistributedCOM).

      1 user thanked author for this post.
    • #1974274 Reply

      glnz
      AskWoody Plus

      Win 7 Pro 64-bit, Group A.  (Already installed the large patches from September.)

      So – should I or shouldn’t I?

      • This reply was modified 1 month, 1 week ago by  glnz.
      • #1974277 Reply

        PKCano
        Da Boss

        Should: Wait for Woody and Susan to assess the patches.

        Shouldn’t: Rush into patching (almost ever).

        3 users thanked author for this post.
    • #1974481 Reply

      anonymous

      KB4524147 and KB4524148 also causes the exact same spoolsv jscript error!  I have customers that never installed  KB4517211 last week but today installed KB4524147 and 48 through automatic updates, which is supposed to fix the printer problem.  They did not have the printer problem before and now after installing up the new update, they HAVE the problem.  I have 2 entire offices down because of these 2 updates.

      1 user thanked author for this post.
      • #1974552 Reply

        EP
        AskWoody_MVP

        what printers do you have?

        I’m not experiencing the printing problems with these recent updates like KB4524147 & KB4524148.
        btw, I have an HP envy 4500 and an HP envy photo 7855 series printers and they both work okay whether using a local usb cable connection or a wifi networked connection. one of them had a driver issue that required uninstalling and reinstalling the printer drivers to actually fix a printing problem.

        • This reply was modified 1 month, 1 week ago by  EP.
    • #1974557 Reply

      Microfix
      Da Boss

      Our Canon printer works fine on Win8.1 Pro x64 (USB) after installing SMQR kb4524156..I wonder if certain proprietary driver files are at play here. .it just seems a mixed bag of issues

      ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

      1 user thanked author for this post.
      • #1974575 Reply

        woody
        Da Boss

        .. which is precisely why this is such a pain! I can’t point my finger to any particular driver, or even manufacturer.

        • #1974611 Reply

          Microfix
          Da Boss

          Recently (August) we had the VBScript patch fiasco when the interns had the reigns and was eventually fixed (or so we were led to believe)..I wonder if something has been overlooked? Perhaps printer issues are the outcome and the issue lays within the relationship between the IE zeroday patch and VBScript patch which affects MS JScript in dotNET depending on what version is installed. (I ain’t no expert her BTW, just looking at facts.)

          These are two things we know that have changed recently.

          Ref this Jscript Wiki

          ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

      • #1974601 Reply

        Speccy
        AskWoody Lounger

        Just a wild guess… Xerox printers, perhaps?

        Following my previous post, after reading Armis technical whitepaper [see for e.g. page 7: “modern examples of remotely triggerable TCP/IP bugs can still be found in the most widely used OSs”], their recent update of the original post and their recommendations (currently offline) published back in August I can’t help thinking that Microsoft might be also simultaneously implementing some sort of preventive countermeasures on Windows, against “something” bad out there (undisclosed vulnerabilities, malware or targeted attacks come to mind) that may be somewhat related with scripting and how (through it) Windows interacts with network connected devices (printers, routers, switches, etc).

        But I digress… Hopefully I’m totally wrong and this “Urgent/11” thing is totally off-topic and has absolutely nothing to do with the current patching “bug madness”. It may be just a totally unrelated coincidence.

    • #1974637 Reply

      anonymous

      I just had a PC with the HP won’t print issue. It installed KB4524148 last night. I uninstalled it, still no print. It was installed as a Web Services printer like most recent HP devices. I installed the UPD configured to an IPv4 IP and it worked. I suspect it is something in the web services it borks. This seems consistent with other reports that the UPD fixes it.

    • #1974684 Reply

      glnz
      AskWoody Plus

      This is weird – I saw KB4524157 in Windows Update for my WIn 7 Pro 64-bit machine just now (Friday Oct 4 10pm ET).  Said the last search for updates was about 6:50am.

      I didn’t install it but instead ran Check for Updates, and it disappeared!!!!!

      Did MS pull it ?????

      2 users thanked author for this post.
      • #1974931 Reply

        DrBonzo
        AskWoody Plus

        I don’t know if they pulled it since it still shows up in MS Support and also the MS Catalog.

        I do know that on three Win 7 machines sometime on Friday evening the 2019-10 Rollup was no longer offered in Windows Update and had been replaced with the 2019-09 Rollup.

        1 user thanked author for this post.
    • #1974861 Reply

      anonymous

      Yesterday this update on my wife laptop was download automatically. Today on my laptop and desktop appears the button to dioad it if i want…

    • #1974988 Reply

      Synoptic12
      AskWoody Lounger

       

      Upon installing Microsoft update (KB4524157 ) in Windows 7 64-bit, “Aero” was terminated. I was unable to repair the issue using the troubleshooter. Furthermore, Windows 7 would not shut down after ‘shutting down’, only remaining with the desktop theme. A manual shutdown was necessary.

      * I uninstalled the aforesaid update and the system reverted back to normal. To alleviate further issues, I now have ‘System Restore’ enabled to avoid any further complications.

      • Sorry for the bad photos.
      1 user thanked author for this post.
    • #1975726 Reply

      davelr
      AskWoody Plus

      Very important observation. Thanks!

      If you roll back KB 4524147, does your printer work again?

      I’m having the print problems on one of our systems. Document would go to spooler but hang. Eventually printer would print a timeout error page. Pulling KB4524147 didn’t change. Pulling KB4522016 in addition did allow documents to print, but after significant (1-2 Min) delay before spooler would release document from buffer. No start menu problems however.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Heads up! 50 new security patches just pushed to the Update Catalog

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.