Microsoft just released the patch that it almost released on Tuesday. It’s the SMBv3 patch that’s set the security community on fire. KB 4551762, whic
[See the full post at: Heads up: Microsoft posts a fix for that SMBv3 security hole. Get ready to install this month’s Windows patches.]
|
There are isolated problems with current patches, but they are well-known and documented on this site. |
-
Heads up: Microsoft posts a fix for that SMBv3 security hole. Get ready to install this month’s Windows patches.
- This topic has 33 replies, 21 voices, and was last updated 3 years, 6 months ago.
AuthorViewing 11 reply threadsAuthor-
MS-DEFCON ignored per usual, KB4551762 Cumulative Update for Windows 10 Version 1909 for x64-based Systems installed, system nominal.
Always create a fresh drive image before making system changes/Windows updates; you may need to start over!We were all once "Average Users". We all have our own reasons for doing the things that we do with our systems, we don't need anyone's approval, and we don't all have to do the same things. -
As someone who had many family and friends have W10 meltdowns (probably due to having inexpensive, slower machines) I’ve always appreciated those who have the knowledge and expertise to easily recover. For the DEFCON system to work, there have to be those adventurous enough to put their machines on the line. Your regular reporting of having no issues is appreciated.
Non-techy Win 10 Pro and Linux Mint experimenter
-
Windows 1909 Test Beta
March 12, 2020kb4551762
https://support.microsoft.com/en-us/help/4551762/windows-10-update-kb4551762Installed update from Windows Update and then rebooted without error.
On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender1 user thanked author for this post.
-
-
Well, Microsoft has done it again — force fed me KB4551762 (CVE-2020-0796) re: the SMBv3 security hole. Last night I left my PC asleep; this morning I came in to find my PC “ON” and updated without my permission. I am now at 18362.720. I am using StopUpdates10 to Pause updates. This has never happened since I’ve been using StopUpdates10 (a great tool by the way).
I realize KB4551762 is a critical update but @askWoody has said there are no known exploits. I don’t appreciate Microsoft again ignoring its own rules and NOT honoring my wishes to pause Updates.
Is StopUpdates10 a Microsoft tool?
1 user thanked author for this post.
-
-
No, StopUpdates10 is not from Microsoft
Then MS is not ignoring you, StopUpdates10 is failing you.
Stick to known and tested methods – group policy, pause button, metered connections.cheers, Paul
1 user thanked author for this post.
-
-
-
-
-
-
The reason why I’m concerned in this case is that Catalin Cimpanu — who has a good track record — says that several people have come up with working Proof of Concept exploits. In addition, Kevin Beaumont (who now works for Microsoft!) posted a video of a PoC.
It’s a long way from a working PoC to a widespread attack — but there’s still good reason to keep your ear to the ground.
Until there’s a real threat, though, in my opinion, it’s smarter to wait — at least until we see if there are any initial widespread problems.
4 users thanked author for this post.
Windows Server Version 1903 and Windows Server Version 1909 are Semi-Annual Channel releases and SAC releases are only available in Core or Nano Server variants.
Windows Server 2016 and 2019 are LTSC releases and are available with the Desktop Experience.
https://docs.microsoft.com/en-us/windows-server/get-started-19/servicing-channels-19
Francis
-
Yep
it’s not that only Server Core versions are affected, it’s only build 18362 is affected, which for Servers is only available in Core/Nano variant
i guess build 19041 (ver 2004) is also affected, but it’s not generally available yet, and maybe that’s why it didn’t recieve any updates this month yet (i.e. intentional delay to fix SMB issue)
-
-
not only that, the COVID-19 “pandemic” may also have something to do with MS not releasing any new updates for 19041.x yet
also saw this Twitter link recently in a few forums:
https://twitter.com/NorthFaceHiker/status/1238157709288992769
-
-
MAR 11, 2020 9:45 AM PDT
Long story short, Microsoft apparently had the patch ready to go but pulled it at the last minute. Microsoft warned security software manufacturers in advance that the patch was coming (a common practice), but didn’t yell, “Stop the presses!” in time to keep the cows in the barn. Two organizations on the inside accidentally published, then pulled, descriptions. The story raced through the blogosphere.
https://www.computerworld.com/article/3532002/disappearing-smbv3-patch-non-security-office-patches-and-a-so-far-mild-patch-tuesday.htmlWindows 11 Pro version 22H2 build 22621.2361 + Microsoft 365 + Edge
1 user thanked author for this post.
-
Win10 Security Updates are CUMULATIVE Updates. That means the latest one contains the previous ones. So if you install the latest one that contains the one before that, and the one before that…., it would be redundant to install the older patches. In fact, you won’t be able to do so.
If the newer patch supersedes (replaces) the older patch, the older patch will simply disappear from Windows Update after the newer one (containing it) is issued. By installing the newer patch, you install the older one by definition of “Cumulative”.
-
I understand supersedence chains and what a cumulative update is.
You are right, the older patch (KB4540673) is no longer listed in the hidden updates; it WAS there, but it’s gone now. Only the new one (KB4551762) is listed there.
Currently, this is the WU display:
So, will the newer one disappear from this display, after the WU is next scheduled?
Evidently, it does not simultaneously get rid of the older one in wushowhide AND the newer one in the WU display.
-
Assuming you have Windows 10 Pro and are using wushowhide and have Group Policy > Windows Update set to 2:
With the release of KB4551762, if you previously hid KB4540673 via wushowhide KB4540673 will now no longer show as hidden (or anywhere) in wushowhide.
But KB4551762 will now show up in wushowhide and maybe also the Windows Updater queue if you didn’t find it via wushowhide soon after it was released and hid it.
If it shows in Windows Updater queue, go to wushowhide and hide it. Then wait until Windows Updater automatically updates itself again (18- 24 hours). KB4551762 will then be hidden and removed from the Windows Updater.
To install it, unhide it and wait for Windows Updater to automatically update itself again and it will reappear in the Windows Updater queue to Download.
Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)2 users thanked author for this post.
-
-
-
-
From reading here, there has been no Microsoft mention of a fix to profile problems.
On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender -
Yup, makes me want to not install it.
1 user thanked author for this post.
-
-
-
Ditto: Installed via Windows Update. No apparent problems.
1 user thanked author for this post.
-
according to CVE-2020-0796, is known to only affect SMB 3.1.1, which is only in Windows 10 (1903 / 1909 only?).
Close. This vulnerability affects SMB compression, which is Windows 10 1903/1909 only (added in 2019). SMB compression was added after 3.1.1, they did not change the SMB version number when they added it. SMB 3.1.1 was available earlier, in Windows Server 2016, which does not have SMB compression and is not vulnerable.
8.1 is unaffected. LTSC 1809 is unaffected.
Compression is negotiated with a SMB2_NEGOTIATE context of SMB2_COMPRESSION_CAPABILITIES. Whether an implementation of SMB3 supports compression appears to be independent of whether it supports 3.1.1. Theoretically someone could make an smb server that does not support 3.1.1 but does support compression, but Microsoft did not do this.
Awfully confusing to have features without version numbers, but the reasoning is that compression is optional, so an implementation doesn’t have to support it.
I received user feedback from several users reporting install errors 0x800f0988 and 0x800f0900 during installing Update KB4551762.
Windows 10: Fehler 0x800f0988/0x800f0900 bei KB4551762
An English blog post will follow (will link it internally within the blog post) later.Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
Viewing 11 reply threads
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
Microsoft Backup triggers help-desk calls and confusion
by 15 minutes ago
-
How Amazon ejected AI-written e-books from its bestseller lists
by 16 minutes ago
-
Ten stunning features in Microsoft Word
by 18 minutes ago
-
Thunderbolt
by 18 minutes ago
-
VeraCrypt updates
by 2 hours, 23 minutes ago
-
A.I. and AskWoody
by 3 hours, 36 minutes ago
-
Where is Windows Update?
by 2 hours ago
-
mailwasher
by 6 hours, 22 minutes ago
-
Windows Photos
by 7 hours, 11 minutes ago
-
OT QuickBooks payroll module not letting you efile 941
by 8 hours, 10 minutes ago
-
MSA logins have been retired from DPC May 1st
by 8 hours, 8 minutes ago
-
Administrator Lock
by 12 hours, 9 minutes ago
-
Skype cancels loopback audio
by 16 hours ago
-
Python re-installation
by 14 hours, 24 minutes ago
-
Finally updated to Thunderbird 115
by 6 hours, 54 minutes ago
-
Hard drive boot up problem in Windows AND Linux
by 1 hour, 53 minutes ago
-
WSUS fails to download monthly Cumulative Update for Windows 11 Version 22H2
by 7 hours, 23 minutes ago
-
Excel tone
by 12 hours, 5 minutes ago
-
Wait for the bugs to be worked out
by 18 hours, 33 minutes ago
-
What Windows Really Needs [Pure OPINION]
by 10 hours, 47 minutes ago
-
“Winmail.dat” attachments when email is sent from Outlook to Thunderbird
by 1 day, 2 hours ago
-
win 11 22H2 Memory itegrity error
by 1 day, 10 hours ago
-
McLaren Health Care 6TB data breach
by 1 day ago
-
Long Live the Red Envelope Era | Farewell to DVDs | Netflix
by 1 day, 13 hours ago
-
Faststone Image Viewer updates
by 2 days, 15 hours ago
-
Malicious ad served inside Bing’s AI chatbot
by 2 days, 15 hours ago
-
win10 pro 22H2 current minus 1 mo,to, win11. suggestions…
by 2 days, 4 hours ago
-
Microsoft entered negotiations to sell Bing to Apple in 2020
by 3 days ago
-
X CEO shows her iPhone’s Home Screen – and X isn’t there
by 3 days, 1 hour ago
-
Keeping an older Mac secure
by 3 days, 2 hours ago
