News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon

We're community supported and proud of it!

  • January 2022 patch day is here

    Home » Forums » AskWoody blog » January 2022 patch day is here

    Author
    Topic
    #2414297

    It’s that time of the month again for Windows updates where we all pause, ensure we have a GOOD backup of our machines and that we have deferrals in p
    [See the full post at: January 2022 patch day is here]

    Susan Bradley Patch Lady

    4 users thanked author for this post.
    Viewing 31 reply threads
    Author
    Replies
    • #2414318

      AKB 2000003 has been updated for Group B Win7 (ESU) and Win8.1 on Jan 11, 2022.

      There is a Security-only Update for those with Win7 ESU subscriptions.
      There was no Jan. IE11 CU  for Win7.

      January Rollup KB5009610 Download 32-bit or 64-bit for those with Win7 ESU subscriptions.

      You must have at least the August 2020 Servicing Stack KB4570673 previously installed to receive these updates).

      There is a October 2021 Servicing Stack KB5006749 – Download 32-bit or 64-bit for those with Win7 ESU subscriptions.

      There is a revised Licensing Preparation Package KB4575903 dated 7/29/2020 for Win7 ESU subscriptions, if you need it.

      There are .NET updates listed for Win7. See #2414280.

      8 users thanked author for this post.
    • #2414344
      3 users thanked author for this post.
    • #2414387

      KB5008876 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H2 for x64
      KB5009543 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems
      Malicious Software Removal Tool

      KB5009566 Cumulative Update for Windows 11 for x64-based Systems
      KB5008880 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11 for x64
      Malicious Software Removal Tool

      No hiccups.

      Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
      We all have our own reasons for doing the things that we do. We don't all have to do the same things.

      2 users thanked author for this post.
    • #2414473

      As of this writing, MS still hasn’t released any KB articles for any of the updates. I’ve been trying to find the details of what’s in the security updates for .NET 3.5 and 4.8 for Win 1o, but no joy only a 404 error code for the page. This includes using FF96, Edge 97.0.1072.55 and even as a last resort, IE. I have a couple of different portable installations of FF96 to cover things such as picky sites that don’t play well with tightened security settings such as those that can be used in FF, but still no joy with them either.

      I’ve noticed that Googling the KB numbers for this month’s KBs from MS hasn’t produced any hits from MS’s support site just yet. So, overall, must be too early to expect documentation from them.  🙁

      • #2414480

        The KB are now posted on the ghacks site linked above by Alex5723

        • #2414558

          Figures that MS would post the articles just a few minutes after I posted that they didn’t work!  😳😉

          At any rate, good to see that they’re active.

    • #2414545

      So, we should update Microsoft Store right now (if we have MS-Store updating turned off), even though MS-DEFCON right now is 2??

      • #2415769

        Does someone out there have an answer to this question? Should we wait until MS-DEFCON=3+ before going to Microsoft Stores and updating the HEVC extension? Or do it now?

        • #2415885

          Microsoft Store apps are not part of MS-Defcon.
          Update when you are ready.

    • #2414550

      Can any of the MS cognoscenti here answer the following question about this month’s update for Windows 10 20H2-Windows 10 21H2:

      Does KB5009543 fix the vulnerability described in the following thread?

      https://www.askwoody.com/forums/topic/zloader-alert-question/

      Thanks in advance for any input you may have.

    • #2414575

      They broke the supersedence chain with the last two Monthly Rollups for Windows 8.1 (KB5009624, KB5008263), where they changed the unique CBS package name Package_for_RollupFix which link all rollups since September 2016

      while WU won’t complain or offer the older rollups, but this cause two issues:
      1- previously installed rollups will not be superseded or removed automatically (Update Cleanup)
      2- some old small updates that are superseded by previous rollups will be offered in WU


      another issue regarding .NET Framework 3.5 rollup KB5008868
      it’s built as GDR update, therefore it will not be applicable or installed, specially if previous .NET rollups are installed (because they all are LDR updates)

      someone at Microsoft really hate Windows 8.1 🙂

      ====

      is there are a way to report these issues to relevant Microsoft employees?

      2 users thanked author for this post.
      • #2414655

        Post out on the patchmanagement.org list as someone monitors that.

        Susan Bradley Patch Lady

        • #2415325

          .NET blog usually post the details of new updates each patch tuesday
          https://devblogs.microsoft.com/dotnet/

          but it’s radio-silence about January 2022 updates so far

          • #2415464

            Seasonal festivities diverted focus? now a MSFT hangover…
            Holding off two important Win8.1 devices and went ahead regardless on one device. No error flags. sfc clean and ran dism++ to clean the componentstore (FWIW) after a pre-update image. Thanks for the heads-up @abbodi86

            one redmond way, it's THAT obvious!
            1 user thanked author for this post.
    • #2414793

      I welcomed the January ’22 patches. Up to now, finished installing 45 minutes ago, my Old Faithful runs fine.

      The update ran (crawled) as it always should: a boring routine. No coughs, no hiccups, just recurrent chores.

      It made me so sleepy I’ll gladly return to bed. (I usually go to sleep at -my time- 20:00 to 21:00. Then get up after 4 hours sleep -in my middle of the night 01:00 to 02:00 – to do my computer chores, and return to bed after a couple hours or when I get sleepy again).

      Windows 10 Home 21H2. I tweaked it to run exactly as I like it. Microsoft doesn’t like that though. They tried again to goad/annoy me into installing/revealing things I don’t want/use/keep private. I can only answer “Ask me later” instead of a nonexistent “Don’t ask again” option. Oh well, as long as I can refuse …


    • #2414813

      Gunter Born reporting on his blog that there are multiple reports of boot loops on Windows 8.1 and Server 2012 R2, including on domain controllers.

      Patchday: Windows 8.1/Server 2012 R2 Updates (January 11, 2022), boot loop reported

      No matter where you go, there you are.

      5 users thanked author for this post.
    • #2414728

      Reports of VPN client issues popping up.  Confirmed on my end.

      • #2415047

        Reports of VPN client issues popping up. Confirmed on my end.

        Addition to my previous post.
        (Now running Windows 10 Home 21H2 19044.1466)

        NordVPN, TOR and qBittorrent continue to work just fine for me.

        I’ve noticed *no* issues whatsoever.


    • #2415020

      Susan, anything about the wormable security issue?

      • #2415387

        Exacly, CVE-2022-21907 – “HTTP Protocol Stack Remote Code Execution Vulnerability” for Server 2019/2022 is  the “biggest star” this month

        1 user thanked author for this post.
      • #2415763

        It’s still extremely unclear as to who is and isn’t vulnerable to that.  As I read it is still only denial of service and given the choice between applying the patches and getting into a boot loop versus denial of service, I’ll take potential denial of service over a booting problem.

        Susan Bradley Patch Lady

        2 users thanked author for this post.
        • #2418102

          Thanks, so I wasn’t just thinking I am too lazy for not finding quickly something more clear about this.

          This is ridiculous. You have a wormable vulnerability and you don’t even take the time to tell your customers in a very highly visible place if they should panic or not or if they have to mitigate by turning something off or adding a rule to a firewall. Imagine if it was a remote control vulnerability that would affect all desktop PCs.

          In previous cases of a similar issue, it was more easy to figure out if you had issues or not, for example if SMBv1 was turned on or not. For this one, the few bits I read were not clear at what was the consequences of the vulnerability and what was it affecting indirectly in terms of Windows service or app.

          I agree with you that if we are only talking about a denial of service, I prefer to wait. Please keep us informed if you find anything more clear about this.

          1 user thanked author for this post.
    • #2415450

      Windows 8.1:

      Installed the .Net update, Malicious Software Removal Tool and the Security Only Windows Update.  The only problem was that installation was slow.  That could be because my Windows computer is limping along with several problems.  I have had it for eight years and it was designed about 9-10 years ago.  It originally had Windows 7 on it, but Samsung had changed it to Windows 8.0 when I bought it.

       

      1 user thanked author for this post.
    • #2415536

      KB5009566 Cumulative Update for Windows 11 for x64-based Systems
      KB5008880 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11 for x64
      Malicious Software Removal Tool

      No problems.

      --Joe

      1 user thanked author for this post.
      CAS
    • #2415661

      0patch Pro just put out 21 micro-patches today for something called Remotepotato0 NTLM Relay Attack. CVE n/a  0 Day. I.m a basic  home user so I have no idea what it is.

    • #2415887

      Does KB5009543 fix the vulnerability described in the following thread?

      So far Microsoft hasn’t acknowledged the new zloader bug.

    • #2415897

      I have Windows 10 Pro 21H1 (19043.1415).  I follow the advice on this website to the best of my ability with no real computer technical expertise.

      I didn’t update to 21H2 yet but I will do so based on your advice.  I had Windows Updates paused until today.  I failed to install 21H2 and the Windows 10 December 2021 Update, which I usually do 1-2 days before Patch Tuesday.  I simply forgot to do it.

      So now I think I should wait to install any Windows 10 updates until late January when this website gives the ok to do so.  In the meantime, my computer won’t have 21H2 or the December 2021 Windows 10 update.  But that’s probably better than installing the January 2022 update before this website gives the ok to do so.

      My Windows 10 Updates are now paused until 2/9/22 (until after the next Patch Tuesday).  Please advise whether you agree that I should keep Windows Updates paused until late January when this website gives the guidance to install the January 2022 update.  Also, please confirm that the January 2022 update will include everything that was included in the December 2021 update.  Thank you.

      • #2416288

        Hi,

        Clarification – Windows 10 Pro 21H1 (19043.1415)
        ———————————————–
        The patch level of your machine for the build 19043.1415 is December 14, 2021. Hence, you have already installed the Dec 2021 Cumulative Update KB5008212.
        Re : https://support.microsoft.com/en-us/help/5008212

        At the moment the 11 January 2022 Patches have just been released but under MS-DEFCON 1. There is ample time since your machine is now paused to 09Feb2022 in order to check back again with Askwoody on the go ahead to install the January 2022 patches.

        To upgrade from Windows 10 Pro 21H1 to 21H2, try to check whether the Enablement Package KB5003791 is offered within Windows Update after you have installed the January 2022 patches. The Enablement Package route is the fastest way to upgrade to 21H2 from 21H1.
        Re : https://support.microsoft.com/en-us/topic/kb5003791-update-to-windows-10-version-21h2-by-using-an-enablement-package-8bc077be-18d7-4aac-81ce-6f6dad2cd384

        HTH

        Cheers.

        • #2418130

          Hi again,

          Have a look also on the following on how to use the registry keys settings for “TargetReleaseVersionInfo” or Group policy on “Select the target Feature Update Version” to target and move to Windows 10 Pro 21H2. This may help in triggering Windows Update to offer the Enablement Package KB5003791 instead of Windows 11.

          6000003 Registry keys and group policy settings to select specific feature
          ————————————————————————–

          6000003 Registry keys and group policy settings to select specific feature

          Thanks to the other poster below @John782 for the reminder.

          HTH.

          Cheers.

    • #2415922

      Even if you are blocking updates for now, yes, all monthly updates are cumulative containing all previous months, and IMO it can and should be done to install the December 2021 updates.  Easiest way with the blocks in place is to manually install from here, if you are still on 21h1

      https://www.catalog.update.microsoft.com/Search.aspx?q=%202021-12%2021h1%20×64

      Updating to 21h2 with the blocks in place, I do not know how to do easily, but 21h1 is supported until December.  https://docs.microsoft.com/en-us/lifecycle/products/windows-10-home-and-pro

      • #2415985

        Updating to 21h2 with the blocks in place, I do not know how to do easily, but 21h1 is supported until December. https://docs.microsoft.com/en-us/lifecycle/products/windows-10-home-and-pro

        The route that I normally go for doing this kind of upgrade is to use the Windows ISO Downloader available at heidoc.net .  That one will allow download of an installer .ISO for virtually any version of Windows dating back to Windows 7 or Office dating back to 2010.  32/64 available, as well as any language, Insider Previews, Dell recovery images and more.  All of these downloads come directly from Microsoft.

        Once you have the .ISO you want, use the Explorer to find the file, right-click and select Mount.  That will mount the .ISO as a virtual drive, and as such, you don’t have to use Microsoft’s Media Creation tool.  Navigate to the virtual drive, and run SETUP.EXE to run the installer.  There are 3 dialogs: whether to have Windows check for updates after install, acceptance of EULA, and what to keep or overwrite.

        I’ve used this method to update Windows 10 versions (as I write, I have two virtual machines that I’m updating from 20H2 to 21H2), as well as upgrading Win 7 installations to Win 10.

        If Windows Update is offering a semi-annual update for the version you want, that will be somewhat faster than installing from a .ISO, but the .ISO gives you more control over the process, especially if you want an update that Microsoft isn’t offering — e.g., you have update blocking in place, or if you want to do something like upgrade from 20H2 to 21H1.

         

    • #2416837

      FYI,

      2 Windows 10 Home v21H2 systems (one x64 and another x86 system)
      ————————————————————————
      With Macrium System Image done, resumed update via Windows Update yesterday and installed the following without incident:

      – 2022-01 Cumulative Update for Windows 10 Version 21H2 for x64 (x86)-based Systems (KB5009543)
      – 2022-01 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H2 for x64 (x86)-based Systems (KB5008876)
      – Windows Malicious Software Removal Tool for x64 (x86)-based Systems v5.97 (KB890830)

      Paused Windows Update for both systems to furthest date available.

      New OS Build : 19044.1466.

      1) Scanning and printing via USB cable to local printer is working. No network printing here.
      2) Passed both DISM, SFC and CHKDSK checks before and after patching.
      3) Nothing untoward to report. So far both Windows 10 Home systems are running stable.

      Hope this helps.

      Cheers.

      1 user thanked author for this post.
    • #2417781

      Windows 10 Pro 21H2.

      Updated Jan 2022 updates : KB5009543, KB5008876, KB890830.

      All is well.

      2 users thanked author for this post.
    • #2418028

      For those who need the .NET Framework basic starter kits:

      https://dotnet.microsoft.com/en-us/download/dotnet-framework

      On Hiatus {with backup and coffee}
      offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender TRV=1909 WuMgr
      offline▸ Win10Pro 20H2.19042.685 x86 Atom N270 RAM2GB HDD WindowsDefender WuMgr GuineaPigVariant
      online▸ Win10Pro 20H2.19042.804 x64 i5-9400 RAM16GB HDD Firefox86.0 WindowsDefender TRV=20H2 WuMgr
    • #2418055

      Maybe I just missed it , but is there been a certain date we should use to defer WU too? I just went ahead and set mine to January 31 before the 11th. Also prior to that,  I had changed the registry value on both of my PCs from 21H1 to 21H2. After that, WU made 21H2 available to both, and it was downloaded and then I installed on both PCs.  No issues noted, on either, other than on the old Toshiba Satellite it took 2 hours or longer and on my Lenovo Yoga it took about 15 minutes or less. I guess that has something to do with the age and technology of the PCs’?  According to some back when I bought the Toshiba they said that Toshiba was not a good product and wouldn’t last like the better brands, but it’s getting close to 11 years old and still works OK. (lol).  Thanks, and  I appreciate everything ya’ll do on here to help keep us informed on applicable info, stay updated and be safe.

    • #2418057

      Maximum defer in group policy for quality updates is 30 days, although there are ways to block more.  That is probably fine, but if you happen to visit this site and it has a ms-defcon of 4 before that, go ahead and install the update using your preferred method.

    • #2418064

      Easily installed 2022-01 Cumulative Update for Windows 10 Version 21H2 for x64 (x86)-based Systems (KB5009543) and 2022-01 Cumulative Update for .NET Framework 3.5 and 4.8  for Windows 10 Version 21H2 for x64 (x86)-based Systems (KB5008876). Absolutely no issues.

      I am grateful to all of you who posted here and announced their installation of these updates. You act as my bellwethers.

      Peace, CAS

      1 user thanked author for this post.
    • #2418091

      I have now done some testing of the MS Q&S updates on three different Win10 Pro 21H1 “canary” machines. All three have survived the process and still seem to be functional. The updates applied were:

      KB5009543 Q&S Win10 21H1
      KB5008876 .NET 3.5 and 4.8
      KB890830 (their monthly malware scanner)

      There was one minor “glitch” on the “old” MS Surface (i5-4300U, 8GB RAM, 60GB free space on drive) where the .NET update and malware scan were accomplished, but for reasons that were not clear, the KB5009543 update was aborted and required a re-download…. Subsequently installed without issues

      Basic research is what I am doing when I don't know what I am doing - Werner Von Braun

      1 user thanked author for this post.
    • #2418106

      Maximum defer in group policy for quality updates is 30 days, although there are ways to block more.  That is probably fine, but if you happen to visit this site and it has a ms-defcon of 4 before that, go ahead and install the update using your preferred method.

      Thank you, but I am aware of all that. Susan had been giving info on what pause date to use in the past, and that was what I was referring too.

    • #2418118

      There was one minor “glitch” on the “old” MS Surface (i5-4300U, 8GB RAM, 60GB free space on drive) where the .NET update and malware scan were accomplished, but for reasons that were not clear, the KB5009543 update was aborted and required a re-download…. Subsequently installed without issues

      I noticed the same glitch as deuxbits while Windows Update was installing my Jan 2022 Patch Tuesday updates on my Win 10 Pro v21H2 laptop yesterday. The .NET Framework cumulative update KB5008876 and Malicious Software Removal Tool KB890830 installed normally, but my 2022-01 Cumulative Quality Update for Win 10 Version 21H2 for x64-Based Systems KB5009543 seemed to get stuck at the end of the download (see image below). I waited for about 45 min but the KB5009543 installation never seemed to proceed past the “Downloading – 100%” phase so I re-booted after my other updates finished installing, and KB5009543 installed normally and updated my v21H2 OS to build 19044.1466 the next time an automatic Windows Update ran on my system.  My Win 10 Fast Startup power option is disabled but I have a slow internet connection so that might be part of the problem.

      Win-10-Pro-v21H2-Patch-Tuesday-Cumulative-Update-Stuck-at-End-of-Download-EDITED-12-Jan-2022

      I should also mention that the KB5008876 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 v21H2 (rel. 11-Jan-2022) that patched CVE-2022-21911 is the first .NET Framework update delivered to my system by Windows Update since February 2021 when Windows Update delivered KB4601050 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 v2004 (rel. 09-Feb-2021) that patched CVE-2021-24111. I have my Win 10 Pro Local Group Policy Editor setting at Computer Configuration | Administrative Templates | Windows Components| Windows Update | Windows Update for Business | Select When Preview Builds and Feature Updates Are Received enabled and set to Semi-Annual Channel, and my results would seem to support the theory that Windows Update will only deliver a stable .NET Framework update if it includes a security update when this Local Group Policy Editor setting is set to Semi-Annual Channel. I’ve posted further details in post # 2418029 of doneager’s June 2021 thread .NET Update Confusion.
      ————-
      Dell Inspiron 5584 * 64-bit Win 10 Pro v21H2 build 19044.1466 * Firefox v96.0.0 * Microsoft Defender v.4.18.2111.5-1.1.18800.4 * Malwarebytes Premium v4.5.0.152-1.0.1538

      1 user thanked author for this post.
    • #2418246

      KB5009543 breaks client-side IKEv2 VPNs on Windows 10. Causes error 13804: General processing error. Third-party SSL VPN (based on OpenVPN) still works. Removing the update gets IKEv2 VPN working again.

      KB5009566 does the same thing to Windows 11, with the same fix.

    • #2418251
    • #2418472

      Win 10 Pro 21H1  64 bit.  Used WUMgr to download and install Jan cumulative update, install OK and two machines stable for 2 days.

    • #2418743

      It happens (obviously) also when upgrade from Win 10 to Win 11!

      Yesterday I posponed kb5009543 on Win 10, correctly connected to VPN, upgraded to Win 11 and I was unable to connect.

      Then I uninstalled KB5007215 on Win11 and magically VPN restarted working after reboot!

       

      In addition please note that KB5007215 remained in updates list that you open when you want to unistall one of them…

      • #2418827

        You are brave updating when we are at DEFCON1.

        To be sure it’s 7215, reinstall it and check the VPN.

        cheers, Paul

    • #2418923

      CVE 2022-21907 Wormable vulnerability, Microsoft Windows Server 2012R2 and KB5009624!

      Seriously, I cannot patch the servers because they’ll fail to boot the VMs (which do the work) and yet there is a wormable vulnerability in http.sys. (Reading CVE2022-21907 more carefully _implies_ that 2012R2 is not affected by this http.sys vulnerability)

      And yet, 6 days later, January 17th, Microsoft still has not fixed this problem!?

      https://support.microsoft.com/en-us/topic/january-11-2022-kb5009624-monthly-rollup-23f4910b-6bdd-475c-bb4d-c0e961aff0bc

      Looking under Known Issues.
      <table class=”banded”>
      <tbody>
      <tr>
      <td>
      <p class=””>After installing this update on a device by using Unified Extensible Firmware Interface (UEFI), virtual machines (VMs) in Hyper-V might not start.</p>
      </td>
      <td>We are currently investigating and will provide an update in an upcoming release.</td>
      </tr>
      </tbody>
      </table>
      Really? A facepalm is required here.

      On a tangential note, anyone else see the USNews and World report of the top10 jobs for 2022. Information Security Analyst got the #1 spot. Good salary and good work life balance. That really made me laugh. My work never ever stops. Hackers don’t stop.

      Basic research is what I am doing when I don't know what I am doing - Werner Von Braun

      1 user thanked author for this post.
    • #2418987

      Yesterday I posponed kb5009543 on Win 10, correctly connected to VPN,

      WHAT KIND of VPN and what client??? L2TP and IPSEC/IKEv2 get killed; Third-party (OpenVPN) SSL VPN does not.

    Viewing 31 reply threads
    Reply To: January 2022 patch day is here

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.