It’s May updating time!

Topic

New Reply

It’s that time of the month that I’ll urge you to pause your updates on your Windows platforms, but review any pending updates on your Apple platforms
[See the full post at: It’s May updating time!]

Susan Bradley Patch Lady

8 users thanked author for this post.

deuce120, lmacri, TechTango, CAS, WCHS, geekdom, abbodi86, Pim

Reply | Quote

Replies

AKB 2000003 has been updated for Group B Win7 and Win8.1 on May 9, 2023.

See #2557750 and #2557751 for information on Win7 and Win8.1 updates (Logged in Member access required).

6 users thanked author for this post.

geekdom, SueW, Microfix, abbodi86, Guest, Pim

Reply | Quote

Dustin Childs Zero Day Initiative security report is out Zero Day Initiative — The May 2023 Security Update Review

Reply | Quote

in-the-wild UEFI bootkit

This doesn’t sound good to me!

https://www.welivesecurity.com/2023/03/01/blacklotus-uefi-bootkit-myth-confirmed/

Reply | Quote

Keep in mind that the attacker has to have rights to your machine and it would kick a reboot to take control.  If you are a nation state, then I’d be nervous.  Otherwise as a normal user, I’m more concerned that you ensure you have a good backup and have recovery media.

Susan Bradley Patch Lady

Reply | Quote

Microsoft wants people to get the Windows 11 updates sooner so they can beta test them sooner.  No thanks!

And why are they still putting out security updates for Internet Explorer?  I thought that the train had left the station.

Mark

 

Reply | Quote

Win7, Win8.1 and their related Servers (with IE11) still have ESUs in progress.

2 users thanked author for this post.

abbodi86, Mark

Reply | Quote

“as June 13, 2023 is the last time Windows 10 Enterprise and Education, Windows 10 IoT Enterprise, and Windows 10 Enterprise multi-session will get an update.”

Shouldn’t that be Windows 10 Home, Pro, Pro Education and Pro for Workstations? Otherwise the aforementioned versions of 21H2 will still receive updates another year to June 11, 2024 per the Windows 10 release information here: https://learn.microsoft.com/en-us/windows/release-health/release-information

Linux Mint 21.1 LTS (Cinnamon). Windows 8.1 Pro virtual machine (with Classic/Open Shell) via VirtualBox.

Reply | Quote

It’s for v20H2

Windows 10, version 20H2 has reached end of servicing – May 9, 2023
https://learn.microsoft.com/en-us/windows/release-health/windows-message-center#3086

2 users thanked author for this post.

Mothy, PKCano

Reply | Quote

Thanks, the wording in the article is confusing as June 13, 2023 corresponds to end of service for only Home and Pro versions.

Linux Mint 21.1 LTS (Cinnamon). Windows 8.1 Pro virtual machine (with Classic/Open Shell) via VirtualBox.

1 user thanked author for this post.

abbodi86

Reply | Quote

Apologies had that flip flopped.  Fixed.

Susan Bradley Patch Lady

2 users thanked author for this post.

abbodi86, Mothy

Reply | Quote

In fact on my iPhone iOS 16.4.1 is still pending even though I have auto updates enabled.

Did you enable ‘Rapid response’ updates ?

“iPhone or iPad: Go to Settings > General > Software Update > Automatic Updates, then make sure that “Security Responses & System Files” is turned on.”

Reply | Quote

I did.  It never pushed them to me.

Susan Bradley Patch Lady

Reply | Quote

PKCano wrote:

Win7, Win8.1 and their related Servers (with IE11) still have ESUs in progress.

Not me anymore!  Windows 11 all the way!:)  But no beta testing.

and Ubuntu 22.04.

Mark

 

Reply | Quote

Susan Bradley wrote:

I did.  It never pushed them to me.

Have you tries shutting the iPhone and restarting ?

Reply | Quote

The rapid updates didn’t work for many, it wasn’t just me.

Susan Bradley Patch Lady

Reply | Quote

Martin Brinkmann has published his usual thorough breakdown of this month’s patches.

Given that this month’s W10 22H2 CU kb5026361 fixes the following six critical security vulnerabilities, I thought it prudent to install with any consequences being dealt with at a later stage on the systems. (bull by the horns and all that..)

Windows Network File System Remote Code Execution Vulnerability

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

Windows OLE Remote Code Execution Vulnerability

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

Did notice during the update, a long pause at 42% before the successful update…
Winver now displaying OS build 19045.2963
Event viewer, SFC and DISM showing expected clean reports and nothing unusual. (No Edge on both x86/ x64 Pro systems)

So far, so good..will update should there be any issues

Keeping IT Lean, Clean and Mean!

10 users thanked author for this post.

jburk07, deuce120, deuxbits, JCpharm, TechTango, CAS, Alex5723, geekdom, abbodi86, DrBonzo

Reply | Quote

Microsoft SharePoint Server Remote Code Execution Vulnerability

Sharepoint is a beast unto it’s own if you don’t have a SharePoint installation, then you aren’t at risk for that one.

Susan Bradley Patch Lady

Reply | Quote

I followed your lead and installed the May update. Now on Win 10 Pro 22H2 (OS 19045.2965). No issues after install.

Peace, CAS

2 users thanked author for this post.

jburk07, geekdom

Reply | Quote

Hardened Windows user.

KB5026372 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems
Windows Malicious Software Removal Tool x64 are installed.  No hiccups.  Now running Windows 11 Pro (OS Build 22621.1702).

Always create a fresh drive image before making system changes/Windows updates; you may need to start over!

We were all once "Average Users". We all have our own reasons for doing the things that we do to our systems, we don't need anyone's approval, and we don't all have to do the same things.

Computer Specs

2 users thanked author for this post.

fernlady, geekdom

Reply | Quote

My NAS got Malicious Software Removal Tool on 5/9/3034.
KB5026361 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems on 5/11/2023.

Now running Windows 10 Pro (OS Build 19045.2965)

Always create a fresh drive image before making system changes/Windows updates; you may need to start over!

We were all once "Average Users". We all have our own reasons for doing the things that we do to our systems, we don't need anyone's approval, and we don't all have to do the same things.

Computer Specs

2 users thanked author for this post.

jburk07, geekdom

Reply | Quote

Guinea Pig Update (A Brief Moment of Guinea Pig Time)
Version and build after update: Win11Pro 22H2.22621.1702

WuMgr downloaded and installed:

• 2023-05 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems (KB5026372)
• Windows Malicious Software Removal Tool x64 – v5.113 (KB890830)

Installed without error and the system rebooted without error.
System rebooted twice while updating.

Carpe Diem {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1778 x64 i5-9400 RAM16GB HDD Firefox114.0b8 MicrosoftDefender

3 users thanked author for this post.

jburk07, fernlady, abbodi86

Reply | Quote

I have updates deferred/paused on both my Windows PCs AND iPhone SE 2nd gen phones.

my iphone SE 2nd gen is still using IOS 16.3.1 and I have disabled auto updates on there. I am NOT updating to IOS 16.4.1, even though I have been recently offered that new version on my iPhone but have declined that update (that’s right Susan, I want to update my iphone manually on MY schedule, not apple’s)

Reply | Quote

EP wrote:

my iphone SE 2nd gen is still using IOS 16.3.1 and I have disabled auto updates on there.

I have an iPhone SE 2nd gen as well. I have both Install iOS Updates and Security Responses & System Files automatic updating disabled:

(Note the last sentence under Security Responses & System Files.)

After getting my fingers burned once with a failed update and having to wipe/recover in DFU (Device Firmware Upgrade) mode, I now prefer to read around for several days to see if there’s any reported issues with updates. I did this recently and finally installed iOS 16.4.1 and iPadOS 16.4.1 in the first week of April.

I saw the release of the Rapid Security Response 16.4.1(a) reported a few days later (April 11th) in a national newspaper, including warnings about the potential for attack. On May 4th I saw a similar warning in the same national newspaper but the advice was more urgent in tone.

I hadn’t seen any adverse affects reported so I downloaded/installed the RSR 16.4.1(a) update. I’ve been using it without incident on both my iPhone SE2 and iPad Gen 9 since then.

It was only yesterday that I saw reports in the same national newspaper that some users were complaining bitterly that the RSR 16.4.1(a) update was ruining their iPhone’s battery life.

That hasn’t been my experience on my iPhone (or iPad). After an iOS update there’s often a couple of days of slightly reduced battery life if battery charging recalibration is necessary, but in my experience this usually clears up after one or two charge cycles. (It also helps considerably that I use Siri to keep Bluetooth off unless I need it.)

My point is… these days I *never* let my iDevices update automatically. There are several reasons:

1. I *never* use iCloud for *device* backup/restore, from a bitter experience of waiting hours for an Over-The-Air (OTA) restore when I was away from home. I prefer to carry out a manual backup of my devices locally via iTunes and USB cable just prior to manually updating iOS/iPadOS.

2. Until this present iPhone, I didn’t have sufficient internal storage space on the phone to download a major iOS update, unpack it on the phone then swap out the old iOS for the new. I let my laptop take the strain instead, even though my present iPhone has lots of spare capacity. Updates are downloaded quickly to my ethernet-connected laptop via iTunes, unpacked on the laptop then squirted via USB cable to the iDevice. (Note that OTA updates are considerably smaller than the same updates downloaded via iTunes because different methods are used.) Restores are similar but in reverse and very much faster than OTA.

3. If the worst happens and the update fails to an unresponsive device (it happens occasionally, mainly with full iOS updates on older iDevices) then I have all the tools I need (iTunes, USB cable, already downloaded OS) to connect the iDevice in DFU mode… then carry out a restore of data from the local backup. You just can’t do that with OTA if things go pear-shaped, like the wifi signal drops out completely… leaving you with a brick.

(I also advise family/friends to stop automatic updates of their iDevices as well. Instead, I have an iMessage ‘group chat’ to let people know when I think it’s safe to upgrade manually, based on my experience of upgrading first… although a few just wait until I visit.)

Hope this helps…

2 users thanked author for this post.

jburk07, oldfry

Reply | Quote

I have a question about this Secure Boot Vulnerability issue.

Secure Boot is ON on my Win10/Pro laptop, Build 19045.2846 (April 11).

I was going to use the Windows 10 Media Installation Tool to create a 22H2 iso file, since I haven’t made one yet after moving to 22H2 in February. Should I wait until after I install the May update to do this?

Also will a backup image created before installing the May 9 update be good after the May 9 CU is installed? I used the system’s Backup and Restore (Windows 7) and store the image on an external hard drive.

Reply | Quote

Unless you do the manual commands to remove the vulnerable bootloader code, no impact at all will be done on the images.  You can apply the updates, they will have no impact on your media.

Next year in 2024 they will be mandating the changes.

Susan Bradley Patch Lady

Reply | Quote

EP wrote:

I am NOT updating to IOS 16.4.1

iOS 16.5 will be released next week.

Reply | Quote

Uneventful Win 10 22H2 Pro …. May CU KB5026361 – MSRT – SSU – Adobe Reader… It took awhile….

W10 Pro 22H2 / Hm-Stdnt Ofce '16 C2R / HP Envy Desk-Ethernet - SSD-HDD/ i5(8th Gen) 12GB / GP=2 + FtrU=Semi-Annual + Feature Defer = 1 + QU=0

5 users thanked author for this post.

jburk07, deuxbits, JCpharm, TechTango, geekdom

Reply | Quote

KB5026372 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems

Windows Malicious Software Removal Tool x64

No problems.  Now running Windows 11 Pro Build 22621.1702

--Joe

2 users thanked author for this post.

geekdom, fernlady

Reply | Quote

At my company, my office PC is Win 10 Pro 64-bit v 21H2.

My company just installed both KB5026361, discussed above, and KB5025315.  My office PC rebooted and all seems OK.

But what is KB5025315?  Thanks.

3 users thanked author for this post.

jburk07, deuxbits, geekdom

Reply | Quote

glnz wrote:

But what is KB5025315?

The only thing I find with that number is a lawn mower part.

Carpe Diem {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1778 x64 i5-9400 RAM16GB HDD Firefox114.0b8 MicrosoftDefender

1 user thanked author for this post.

glnz

Reply | Quote

I did my first Win10 Pro update to Build 19045,2965 today.

This installation has had the bulk of the UWP Apps removed (deprovisioned) for a long time, and they have not returned. I have also been running MSEdgeRedirect (plus Group Policy and Registry settings) to control Edge, which has basically been invisible during my use of the OS.

However, I decided to experiment with removing Edge. So I purchased the Portable version of Geek Uninstaller and, before doing the update, used it to “force remove” WebView2 Runtime, Edge, and Edge Update along with the “traces” found. I did not disable the MS Edge Services or the Scheduled Tasks (this may be necessary in the future). Edge did not return with the 2023-05 update.

Others have reported Edge returns and they have to “rip it out again.” We’ll see what happens before I do the same to the rest of the Win10 and Win11 installations.

Otherwise, I have seen no problems from the update.

4 users thanked author for this post.

jburk07, oldfry, deuce120, geekdom

Reply | Quote

PKCano wrote:

I did not disable the MS Edge Services or the Scheduled Tasks (this may be necessary in the future).

I uninstalled them both using Revo Uninstaller Pro Run as Trusted Installer (via Resource Hacker) and also disabled MS Edge Services and the Scheduled Tasks.  Neither has returned since.

Always create a fresh drive image before making system changes/Windows updates; you may need to start over!

We were all once "Average Users". We all have our own reasons for doing the things that we do to our systems, we don't need anyone's approval, and we don't all have to do the same things.

Computer Specs

4 users thanked author for this post.

jburk07, oldfry, geekdom, PKCano

Reply | Quote

I have uninstalled Edge several times, but it returns within several days of uninstalling. What is the precise procedure for removing Edge such that it remains uninstalled including all the subparts?

Carpe Diem {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1778 x64 i5-9400 RAM16GB HDD Firefox114.0b8 MicrosoftDefender

Reply | Quote

Updated a couple Win 10 and 11 systems. No big issues other than the flag on Defender about LSA being off on Win11 even when on. Thought they would have maybe fixed that by now!

Never Say Never

3 users thanked author for this post.

jburk07, deuxbits, geekdom

Reply | Quote

Hey Y’all,

I became quite disturbed when I read all the information on the Secure Boot fixes.
Since I use a lot of USB boot devices I was wondering if I would have to block these update.

So I fired up my TEST machine and did the update. Then I rebooted and rebooted again this time using F12 on my Dell to get the boot menu and selected one of my USB Boot drives and it worked just fine.

I’m still a little worried about the future when MS makes some of the settings mandatory rather than optional and whether or not there will be an easy way to update these devices if the programs that create these bootable USB devices are not updated, especially older versions.

May the Forces of good computing be with you!

RG

PowerShell & VBA Rule!
Computer Specs

3 users thanked author for this post.

jburk07, oldfry, geekdom

Reply | Quote

FYI,

According to the following tutorials, Microsoft’s Media Creation Tool (MCT) is now reported to be offering to create Windows ISO or USB Media for the latest Windows 10 Version 22H2 build 19045.2965 and Windows 11 Version 22H2 build 22621.1702 released on 09 Mar 2023.

1) TenForums – Download Windows 10 ISO File

OPTION 1 : Download Latest Windows 10 ISO using Media Creation Tool

“ISO file for Windows 10 version 22H2 build 19045.2965 is currently available for download using this option as of May 10, 2023.”

May 9, 2023—KB5026361 (OS Builds 19042.2965, 19044.2965, and 19045.2965)

2) ElevenForum – Download Official Windows 11 ISO file from Microsoft

OPTION 1 : Download Latest Windows 11 ISO using Media Creation Tool

“This will be for a Windows 11 Version 22H2 Build 22621.1702 ISO file with install.esd.”

May 9, 2023—KB5026372 (OS Build 22621.1702)

HTH folks looking to create fresh install media taking into account the Secure Boot Vulnerability fixes.

6 users thanked author for this post.

jburk07, Alex5723, Microfix, Pim, oldfry, geekdom

Reply | Quote

Wonder if the new MCT iso build 19045.2965 for W10 22H2, affects the revoval of msft edge? 🙂

Keeping IT Lean, Clean and Mean!

Reply | Quote

How? you mean it cannot be uninstalled?

Reply | Quote

Updated with no problems:

x2 Win10 Pro (Parallels VMs) to 22H2 Build 19045.2965 KB5026361 + MSRT
x1 Win10 Pro (old Dell StudioXPS 1340 laptop) to 22H2 Build 19045.2965 KB5026361 + MSRT
Hid KB4023057 again on Win10 machines.
x2 Win8.1 Pro (Parallels VMs) 2023-05 Rollup KB5026415 + MSRT (one is my daily driver)

Pending: x2 Win11 Pro on ARM (Parallels VMs) and x1 Win11 Pro h/w install.

2 users thanked author for this post.

jburk07, geekdom

Reply | Quote

Hi Susan:

Windows Update successfully installed the following May 2023 Patch Tuesday updates on my Win 10 Pro v22H2 laptop and I haven’t noticed any negative effects so far:

• KB5026361: 2023-05 Cumulative Update for Win 10 Version 22H2 for x64 (OS Build 19045.2965)
• KB4023057: Microsoft Update Health Tools v3.72.0.0
• KB890830 : Windows Malicious Software Removal Tool x64 – v5.113

The update process went smoothly this month. I normally watch the entire download and installation from my Windows Update GUI (Settings | Update & Security | Windows Update), but after clicking the “Install Now” button I closed the GUI, waited for the “Restart Now” pop-up notification to appear in my system tray, and then re-opened the GUI and confirmed all updates had finished installing before I initiated the restart.

I’m beginning to suspect that some of the glitches I’ve seen in the past (e.g., the download and/or installation of the monthly cumulative update appearing to get stuck for several minutes) only happen, or at the very least are more pronounced, when my Windows Update GUI is open. There was no Cumulative Update for MS .NET Framework 3.5, 4.8 and 4.8.1 for Win 10 Version 22H2 this month, which always seems to cause problems with my Patch Tuesday updates (see my 24-Feb-2023 post # 2536955 in Here Comes February’s Valentines of Patches for one example), so I’ll have to wait and see what happens the next time a .NET Framework update is released.
————-
Dell Inspiron 5584 * 64-bit Win 10 Pro v22H2 build 19045.2965 * Firefox v113.0.0 * Microsoft Defender v4.18.2304.8-1.1.20300.3 * Malwarebytes Premium v4.5.28.266-1.0.2005 * Macrium Reflect Free v8.0.7279

2 users thanked author for this post.

jburk07, geekdom

Reply | Quote