Here’s why KB 3035583 (the much-maligned GWX patch) may appear twice on your machine

Topic

New Reply

Fresh analysis from ch100: This is what all the talk about KB3035583 appearing twice is all about, in case you haven’t seen it or able to reproduce. I
[See the full post at: Here’s why KB 3035583 (the much-maligned GWX patch) may appear twice on your machine]

Reply | Quote

Replies

I don’t understand what a scan against WSUS is.Please explain. I am assuming that a scan against Microsoft Update means Control Panel/Windows Update/check for updates.

Reply | Quote

WSUS is the Windows Update Server – which is a specific machine for (mostly) corporate environments that controls updating on domain-connected computers.

Normal people won’t have one. But ch100’s results are insightful even if you don’t have WSUS. I think.

Reply | Quote

WSUS is an offline database similar to Windows Update and a Microsoft product targeted to medium-sized environments (10-1000 computers roughly). I run one for testing on a 180 days trial version of the Windows 2012 R2 Server which can be downloaded for free from Microsoft after registration.
Scanning against Microsoft Update means what a regular user would do after ticking the box “Give me update for Microsoft products…”, but for our purpose checking that box is not relevant. Not ticking that box means scanning against Windows Update – see the difference Microsoft Update vs Windows Update.
Microsoft Update allows updating other Microsoft software like Office, Silverlight, MSE, Defender in addition to Windows, while Windows Update (default) allows only updating of Windows.
By comparing WSUS with Microsoft (or Windows) Update and obtaining same results or similar with differences which can be explained, means that the results are likely to be correct and also allows understanding the differences in the offerings for updating Windows for end-users and Windows for businesses, which are subtle but relevant.
In principle, businesses are less likely to be disrupted by certain updates while end-users are treated more loosely from this point of view, as restarting computers is seen not so critical.
In regards to Windows 10 upgrading, businesses are not normally offered the option to upgrade, although as it was mentioned on InfoWorld by Woody and on this site, there were cases when either by accident or intentionally on the Microsoft side this actually happened.

Reply | Quote

I haven’t mentioned in the original email, but in case this is not obvious, I used Noel Carboni’s reference list for the hidden and avoided updates for my analysis.
https://www.askwoody.com/2016/the-win-7-sp2-convenience-rollup-kb-3125574-might-actually-be-worthwhile/

Reply | Quote

Thanks for the info. I learned something new.

Reply | Quote

It shows twice because there are two version offered by WU, Recommended (older) and Optional (newer)
per WU or msft rules, both are applicable until you install the new one
KB2952664 had this confliction once before
this will be fixed on next tuesday (or patch tusday)

Reply | Quote

Both KB3035583 appear as Recommended in the snapshot posted. They both have the same range for the size. I believe that the associated metadata is slightly different between the 2 versions which makes them being identified as different. It may just be the difference between being unticked or ticked by default following the recent pop-up “accident”.

Reply | Quote

You are right about the applicability, however I don’t think it is a conflict as such. Both versions are probably still valid, until Microsoft takes some action and removes the old one, making only the most recent being valid.
This is seen with .NET Framework 4.5.2 and .NET Framework 4.6.1. Both are still supported, but if 4.6.1 is installed, the older version is no longer available, being superseded. However in the Windows Update sense (metadata), the new one does not supersede the old one, otherwise the old one would not appear as valid option, unless the new one would be hidden, which is not Microsoft’s intention in this case.
The same is still seen with IE11, IE10 and IE9, although officially only IE11 is supported and the older versions should be retired. Because there are still applications, some of them servers released by Microsoft (older versions of CRM, SharePoint) which require older versions, they are still provided for compatibility reasons.

Reply | Quote

Very interesting information, ch100. Thanks for the info.

The VM on which I’m testing the installation of the “convenience rollup update” (for the second time now) shows two identical lines with KB3035583 in the hidden list…

http://Noel.ProDigitalSoftware.com/ForumPosts/Win7/TwoGWXHidden.png

The multiplicity of update info sources appears to be related to SFC reporting the system integrity check has failed after the convenience rollup…

http://forums.mydigitallife.info/threads/19461-Windows-7-Hotfix-repository/page1051?p=1231135#post1231135

-Noel

Reply | Quote

Great answer CH100. I already knew what was being talked about, but this was a detailed (but not technical) explanation that really added to my better understanding.

Reply | Quote

I don’t know why SFC is failing. As I said in another post, it may be due to an old bug introduced by a previous update fixed since then which now resurfaced due to the same old update contained in the Convenience Rollup? Or a false positive?

Reply | Quote

Few more details about the 2 instances of KB3035583. One is dated 25/05/2016 (May 25, 2016) and the other is dated 3/05/2016 (May 03, 2016). If the newer one is hidden, then the older one is offered. Like Woody, I don’t know what are the differences between the 2 versions.
If not interested in Windows 10, it is best to avoid both by ignoring them (not by hiding them). Only one, the newest available is offered.
If interested in Windows 10, then it is also best to avoid KB3035583 and just upgrade from the ISO from Microsoft without installing unneeded advertisements, as this is what this patch is about.

Reply | Quote

ch100: What is the reason you recommend that KB3035583 just be avoided rather than to hide it?

The one I currently show is on the “optional” list, italicized, and not checked. I never intend to update to Windows 10. Thank you.

Reply | Quote

Hiding it doesn’t help. It comes back, over and over again. Best to ignore it and run GWX Control Panel.

Reply | Quote

I addressed the issue in many other places on this site. What happens is that when an update is hidden by the end-user, a flag is set in the local DataStore.edb. This database keeps a record of which Windows Update operations were performed on that computer, updating history etc. Sometimes, and this is well known for KB2952664 and more recently for KB3035583, Microsoft later re-releases an update under the same KB number, but essentially different behind the scenes. The older update under the same name is retired by Microsoft after a while and this leaves an orphaned record in the database (if the retired update was previously hidden by the end-user) which can produce unexpected results. This is the reason why a lot of people believe falsely that Microsoft brings previously hidden updates out of hiding. In fact, Microsoft does not perform any secret access on any computer in this matter. A new update is released under the same number and appears in the list as normal. The old one which was previously hidden is now invisible because there is no reference to it on the Microsoft servers after it is retired. This can generate time-out and unpredictable results and while not having the hard evidence to prove it, I can certainly tell that most people that keep complaining about slow Windows Update, do practice this method of hiding the updates which they do not wish to install.

Reply | Quote

If you write a script to hide it, it stays hidden. I don’t use the other “get rid of windows 10 and junk” programs since I wrote my own. Since I don’t use the other software I may have missed some of their features.

Clarify which ones have these features:
(m)uninstalls junk updates (KB3035583, telemetry, etc..)
(a)Sets a scheduled task to re-hide said updates.
(m)Can automate the check for OS corruption

(m) — manually run once (sometimes needs run a second time)
(a) — runs scheduled

Reply | Quote

Woody: Thank you so much for the explanation about KB3035583. I understand now the reason for putting it into the “ignore” category. Your guidance and excellent advice are sincerely appreciated, as always! 🙂 🙂

Reply | Quote