Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • July 2018 Security patches are out

    Home Forums AskWoody blog July 2018 Security patches are out

    This topic contains 93 replies, has 31 voices, and was last updated by  anonymous 1 week ago.

    • Author
      Posts
    • #202638 Reply

      woody
      Da Boss

      Martin Brinkmann should have a full list on ghacks shortly. In the interim, here’s the full list of downloads in the Microsoft Catalog. Odd that so ma
      [See the full post at: July 2018 Security patches are out]

      5 users thanked author for this post.
    • #202642 Reply

      Microfix
      AskWoody MVP

      Woody, post is now up on Ghacks:

      microsoft-windows-security-updates-july-2018-release-overview

      Many thanks to Martin Brinkmann.

      | 2x Group A- W8.1x64 | Group A+ Linux x64 Hybrid | Group B W7x64 Pro | Group W XP Pro
        No problem can be solved from the same level of consciousness that created IT - AE
      6 users thanked author for this post.
      • #202670 Reply

        BobbyB
        AskWoody Lounger

        @microfix thx for that did you catch that in the list?

        Evaluates the Windows ecosystem to help ensure application and device compatibility for all updates to Windows (what does that mean?)

        Got me stumped as well. Does it mean theyre going to up the “snooping” Telemetry etc as I see kb2976978(Win8.1) + kb2952664(Win7) are making the rounds, yet, again. Then again these seem to be 2-3 times a year reissue, so possibly I am reading something in to it that’s not there.

        4 users thanked author for this post.
        • #202673 Reply

          Microfix
          AskWoody MVP

          A new and improved death star on it’s way?

          | 2x Group A- W8.1x64 | Group A+ Linux x64 Hybrid | Group B W7x64 Pro | Group W XP Pro
            No problem can be solved from the same level of consciousness that created IT - AE
          2 users thanked author for this post.
          • #202702 Reply

            GoneToPlaid
            AskWoody Lounger

            Occasionally MS botches their telemetry updates, such that these updates may result in momentary slowdowns of the user’s computer. This is how I caught KB2952664 on one of my computers even though I thought that I had been careful to avoid installing it. The slowdown was so serious that it would intermittently prevent my AV product from being able to send file hashes to the AV cloud in order to verify that the files were safe. My AV product occasionally popped up a message that it had lost Internet connectivity.

            My guess is that the botched version of KB2952664 was occasionally exceeding the maximum number of allowable HTTP connections. This is a really bad thing since most AV products now also use the cloud to check files, in particular when you are using your web browser and when you are downloading emails. A momentary loss of Internet connectivity forces the AV product to rely only on its internal defenses.

            3 users thanked author for this post.
            • #202709 Reply

              zero2dash
              AskWoody Lounger

              Sure sounds like a fancy nondescript way to say “here’s an update to snoop some more”.
              Thank God for the 30 day deferral, because I’ll be using the next 30 days to wait for someone to break that patch apart and see what it does (Martin @ GHacks, abbodi86 or someone from the MDL forums surely will) especially as it correlates to Basic telemetry collection being allowed – and go from there.

    • #202644 Reply

      PKCano
      AskWoody MVP

      Group B Security only patches for July 2018 have been posted on AKB2000003.

      9 users thanked author for this post.
    • #202647 Reply

      ViperJohn
      AskWoody Lounger

      Yeah and Windows Update is trying to push the KB2952664 spyware update, listed as “Important” WITH the Box Checked, onto Windows 7 users again this month for the umpteenth time in history.

      7 users thanked author for this post.
      • #202650 Reply

        Microfix
        AskWoody MVP

        Looks like MSFT still haven’t fixed the W7 NIC issue when it comes to patching on certain systems.

        | 2x Group A- W8.1x64 | Group A+ Linux x64 Hybrid | Group B W7x64 Pro | Group W XP Pro
          No problem can be solved from the same level of consciousness that created IT - AE
        3 users thanked author for this post.
      • #202651 Reply

        PKCano
        AskWoody MVP

        Also pushing KB 2976978 on Win8.1

        5 users thanked author for this post.
        • #202665 Reply

          krzemien
          AskWoody Lounger

          Affirmative, marked as important.

          1 user thanked author for this post.
      • #202710 Reply

        GoneToPlaid
        AskWoody Lounger

        KB2952664 is way past its teens. She has become a middle aged woman in terms of the plethora of versions. Happy Birthday to KB2952664! Full sarcasm is implied.

        I already have a CMD file which iteratively removes all versions of KB2952664 from a Win7 computer. This weekend and if I have time, I will create a similar CMD file to check for and then, optionally, to uninstall all versions of KB2976978 from a Win8x computer. All of the code will remain identical, except for simply changing the name of the KB which is to be iteratively uninstalled.

        I deliberately wrote my CMD files to automatically crash if your computer has issues with updates which failed to properly install, such that installation files for the failed update remain on your computer. In other words, these issues must first be resolved before any of my CMD files will run properly. I also wrote my CMD files to check whether or not the dirty bit has been set for your OS hard drive. The dirty bit gets set when Windows detects that your hard drive has issues and is failing and perhaps already has uncorrectable sectors. My CMD files deliberately exit with a warning about a failing OS hard drive, and without having touched a thing on the failing hard drive. Detecting both of these potential issues is inherently important to do, before I will allow my CMD files to touch your computer’s hard drive when my CMD files either check for installed updates, or when uninstalling any updates. The upshot is that my CMD files first check for these potential issues before my CMD files are permitted to proceed any further.

        Note that there are three infamous updates which install telemetry in Win7. A separate iterative removal process must be used for each of these telemetry updates. I decided that it potentially is not wise to try to combine the removal process for all three of these telemetry updates into a single CMD file. So instead, I created individual CMD files which fully uninstall a given telemetry update, since there may be many versions of the specific telemetry update which must be removed. The upshot is that there may be potential issues which might be encountered when iteratively uninstalling more than one KB update. I don’t know if such potential issues might exist, yet I am not willing to experiment in order to find out. Thus, the sensible procedure is to iteratively uninstall only one KB at a time.

        The point of all of the above is that it is possible for Group A users to mostly rip their computers to Group B. I don’t write CMD files which would additionally do things such as disabling CEIP, and disabling telemetry related scheduled tasks in Task Scheduler. Why? Because you should learn how check for and then how to make these changes yourself, so that you know how to perform these tasks if you have to reinstall Windows. This is not rocket science. I instead prefer that users to learn how to do this on their own.

        Best regards,

        –GTP

        2 users thanked author for this post.
    • #202666 Reply

      geekdom
      AskWoody Lounger

      Peabody here reporting on Windows 7 updates:

      • Windows Malicious Software Removal Tool (KB890830)
      • Security and Quality Rollup updates for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 7 SP1 and Server 2008 R2 SP1 (KB4340556)
      • Darth Vader Update for Windows 7 (KB2952664)
      • July Security Monthly Quality Rollup (KB4338818)
      • Microsoft .NET Framework 4.7.2 (KB4054530)

      All installed without error and the system rebooted without error.

      Please note that I have GWX Control Panel to prohibit Windows 10 upgrade.

      Group G{ot backup} Win7|64-bit|SP1|TestBeta

      9 users thanked author for this post.
      • #202671 Reply

        Microfix
        AskWoody MVP

        Ha! Luke Skywalker is protecting our W7x64, Yoda is on standby for our W8.1×64 and I’m in the Cloud City with Linux 😀

        Darth Maul and General Grievous are looking after W10’s 😡

        | 2x Group A- W8.1x64 | Group A+ Linux x64 Hybrid | Group B W7x64 Pro | Group W XP Pro
          No problem can be solved from the same level of consciousness that created IT - AE
        6 users thanked author for this post.
      • #202672 Reply

        OscarCP
        AskWoody Lounger

        geekdom: You (Peabody?) have/has installed “Darth Vader”? Am I wrong, or isn’t that the dodgy revenant update that never dies?

        • #202674 Reply

          geekdom
          AskWoody Lounger

          As near as I can tell, Microsoft never borks that patch. It may be irksome, but it’s also the canary in the coal mine. I figure if it fails, there must be serious difficulties.

          Group G{ot backup} Win7|64-bit|SP1|TestBeta

          • This reply was modified 1 month ago by  geekdom.
          • This reply was modified 1 month ago by  geekdom.
          1 user thanked author for this post.
          • #202711 Reply

            GoneToPlaid
            AskWoody Lounger

            MS has borked KB2952664 at least once. See my post about it in this same thread.

            1 user thanked author for this post.
            • #202726 Reply

              geekdom
              AskWoody Lounger

              What? No stealth mode?

              Group G{ot backup} Win7|64-bit|SP1|TestBeta

        • #202678 Reply

          geekdom
          AskWoody Lounger

          Peabody was a cartoon character in Peabody and Sherman which was in turn part of Rocky and Bullwinkle suite. Peabody opened with “Peabody here.” Peabody was a dog and Sherman was his boy.

          Group G{ot backup} Win7|64-bit|SP1|TestBeta

          3 users thanked author for this post.
          • #202733 Reply

            EP
            AskWoody Lounger

            well geekdom, does your Win7 machine have the KB3184143 update installed?

            Don’t use Win7 without KB3184143 if you want to get rid of all those Win10 upgrade offers.

            • This reply was modified 1 month ago by  EP.
            • #202737 Reply

              geekdom
              AskWoody Lounger

              well geekdom, does your Win7 machine have the KB3184143 update installed?

              Yes.

              I don’t have Windows 10 upgrade offers.

              Group G{ot backup} Win7|64-bit|SP1|TestBeta

              • This reply was modified 1 month ago by  geekdom.
      • #202840 Reply

        WildBill
        AskWoody Lounger

        Here’s the list for Windows 8.1 (some KB’s changed to prevent confusion):

        Important (automatically checked)

        • Windows Malicious Software Removal Tool (KB890830)
        • Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2 for x64 (KB4340558)
        • July Security Monthly Quality Rollup (KB4338815)
        • July Security Update for Adobe Flash Player (KB4338832)
        • Darth Vader (“Compatibility”) Update for Windows 8.1 (KB2976978)

        Recommended (on my machine, Not automatically checked)

        • Microsoft .NET Framework 4.7.2 (KB4054566)
        • Update for Windows 8.1 [Telemetry?] (KB3080149) This was last published on 9/7/2015 & will never be on my machine.

        Windows 8.1, 64-bit, Group A.
        Wild Bill Rides Again...

    • #202669 Reply

      PKCano
      AskWoody MVP

      There is a Servicing Stack Update for Win10 v1709 KB 4339420. If you are installing manually, it should be installed prior to the CU KB 4338825.

      4 users thanked author for this post.
      • #202713 Reply

        GoneToPlaid
        AskWoody Lounger

        Edit your post to be in all RED, since what you mentioned is extremely important for all Win10 users.

    • #202688 Reply

      RockJohny
      AskWoody Lounger

      So is all .NET stuff safe to download?

      1 user thanked author for this post.
      • #202689 Reply

        geekdom
        AskWoody Lounger

        We are at MS-DEFCON 2; wait for MS-DEFCON 3.

        Unless you have a specific reason to patch or enjoy beta testing, wait.

        Woody’s MS-DEFCON System explanation is here:
        https://www.askwoody.com/ms-defcon-system/

        Group G{ot backup} Win7|64-bit|SP1|TestBeta

        • This reply was modified 1 month ago by  geekdom.
        4 users thanked author for this post.
      • #202691 Reply

        PKCano
        AskWoody MVP

        We have no idea what’s safe to download yet. It just came out.

        Give the Guinea Pigs and Beta Testers time to work it out. Wait for DEFCON-3.

        5 users thanked author for this post.
      • #202700 Reply

        anonymous

        If you’re on Windows 10 1803, Windows Update takes care of the botched up .NET 4.7.2 release shipped with that Windows version. If .NET 4.7.2 was installed before today on a previous Windows version, make sure to check out https://support.microsoft.com/en-us/help/4054530/microsoft-net-framework-4-7-2-offline-installer-for-windows and reinstall again from the upated installer! Re-running the updated .NET 4.7.2 should not cause any issues. In order to re-install .NET 4.7.2 without reboot, make sure to shut down all .NET apps (including Web apps running in IIS) before running the installer.

      • #202723 Reply

        GoneToPlaid
        AskWoody Lounger

        Good question. I want to know what is the latest .NET updates which everyone says is safe to download and install, since I have not updated .NET on my Win7 computers in a while.

        On another note, last month’s (June) IE cumulative update appears to be fine on all of my Win7 computers.

        • #202851 Reply

          Seff
          AskWoody Lounger

          I seem to have versions 1.1 and 4.6.1 installed on my gaming Windows 7 home desktop, and routinely install all important updates covering those, but I do not have 4.7.x installed as that is both unnecessary and reported to be problematic.

          When we get the all-clear this month, I will therefore expect to install KB4340556 (Quality Rollup) but not KB4054530 (optional and 4.7.2 based).

          The last .Net Framework update I installed was KB4099633 in May 2018.

          • This reply was modified 1 month ago by  Seff.
          1 user thanked author for this post.
    • #202697 Reply

      Seff
      AskWoody Lounger

      It would certainly seem that now would be a good time to reinstall GWX Control Panel in the event that you ever trusted Microsoft enough to uninstall it in the first place!

      1 user thanked author for this post.
      • #202715 Reply

        GoneToPlaid
        AskWoody Lounger

        Are you saying this only in the context of Win10 users, or are you saying this in the expanded context for Win7 and Win8x users, in addition to Win10 users?

        • #202850 Reply

          Seff
          AskWoody Lounger

          My concerns are with Windows 7 and 8.1, I’ve no interest in Windows 10 but if it’s also appropriate for those users then fine. My point was in relation to Microsoft renewing their upgrading pressure on non-Windows 10 users which we’ve been expecting for some time in the light of the dismal Windows 10 market statistics and as we approach the EOL date for Windows 7. It’s especially important this month given that KB295664 has reared its head again. Microsoft may have said they won’t go down the GWX route again but who here honestly believes a word they say anymore?

          • #202915 Reply

            AlexEiffel
            AskWoody MVP

            Since Win 10 isn’t free no more, it is possible they will only do what they did for me when they noticed I installed a fresh Win 7 not even SP1: complain loudly your system is obsolete and you should get Win 10, which you can happily ignore.

            • #202920 Reply

              Seff
              AskWoody Lounger

              Oh it’s still free. Google it and you’ll easily find out how you can still upgrade without having to pay.

            • #204327 Reply

              AlexEiffel
              AskWoody MVP

              Yes, but it isn’t in your face free for those they would try to push to upgrade.

            • #204352 Reply

              anonymous

              The free Windows 10 update is no longer in effect, the “accessibility” offer is in fact gone.

              If there’s another way to upgrade free I can’t find it via google.

    • #202718 Reply

      remco8264
      AskWoody Lounger

      Also 1803 has now officially been released to the Semi Annual Channel (formerly CBB). Confirmed on my PC (set to SAC, without further deferral).

      https://www.microsoft.com/en-us/itpro/windows-10/release-information

      1 user thanked author for this post.
    • #202722 Reply

      GoneToPlaid
      AskWoody Lounger

      No need to break it apart. It is always the same thing — gather telemetry about every single running program and process which is running on your computer. The only thing which changes is to hopefully make sure that Microsoft’s telemetry gathering does not interfere with AV programs, and to make sure that Microsoft’s telemetry gathering does not (as a result of bad code) noticeably slow down the user’s computer.

      1 user thanked author for this post.
    • #202735 Reply

      EP
      AskWoody Lounger

      KB4023057 for older Win10 releases seems to be making a recent comeback just like KB2952664 & KB2976978.

    • #202759 Reply

      Nibbled To Death By Ducks
      AskWoody Lounger

      After reading all here, I can only conclude:

      1. MS has no intention of fixing the NIC bug for WIN 7

      2. MS has no interest in doing _anything_ for WIN 7, period, save for installing snoopware.

      Thanks be for this site and group!

      My, how the mighty at MS have fallen.

      “O Tempora! O Mores!”

      O, Bananas!

      (A sense of humor is all that keeps me from going mad with IT; I’m still dreaming of that little rock out in the Pacific…and no, I’m not telling where it is. 🙂

      Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", Group "A/B [negative] :)", Air-Gapped backups, "Notify but do not download or install without asking."

      --

      "The more kinks you put in the plumbing, the easier it is to stop up the pipes!" -Scotty

      3 users thanked author for this post.
      • #202830 Reply

        Jan K.
        AskWoody Lounger

        MS has no intention of fixing the NIC bug for WIN 7

        Seems not, but they have…

        Evaluates the Windows ecosystem to help ensure application and device compatibility for all updates to Windows

        Which really doesn’t compute, does it?

    • #202762 Reply

      Geo
      AskWoody Lounger

      Group A,  except once again hid snoop 664.  W7x64, Home Premium, AMD, Microsoft Security Essentials, Office 2010, home user. Installed everything and MSRT.  No problems, no slow down.

    • #202770 Reply

      radosuaf
      AskWoody Lounger

      2. MS has no interest in doing _anything_ for WIN 7, period, save for installing snoopware.

      That has been obvious for some time now… To be honest, I wouldn’t blame them too much. It’s an old product. I’d blame them for abandoning W8.1 too early and for what W10 looks like.

      MSI H110 PC MATE * Intel Core i5-6402P * 2 x 8 GB Corsair Vengeance LPX DDR4 2133 MHz * Gigabyte GeForce GTX 1050 Ti D5 4G * Samsung 840 EVO 250GB SSD * Western Digital Blue 1TB HDD * Seagate Barracuda 1TB HDD * DVD RW Lite-ON iHAS 124 * Creative X-Fi XtremeGamer PCI * Windows 10 Pro 1803 64-bit + Windows 10 Mobile 1709 (Lumia 640 LTE)
      2 users thanked author for this post.
    • #202771 Reply

      anonymous

      Win 7, 32 bit here. As it happens, yesterday I checked the supportpage for KB 2952664 (https://support.microsoft.com/en-us/help/2952664/compatibility-update-for-keeping-windows-up-to-date-in-windows-7). It was then dated April 11th or 18th – anyway, April. The page now has the datestamp of July 11th. It specifically still states:

      This update performs diagnostics on the Windows systems that participate in the Windows Customer Experience Improvement Program. The diagnostics evaluate the compatibility status of the Windows ecosystem, and help Microsoft to ensure application and device compatibility for all updates to Windows. There is no GWX or upgrade functionality contained in this update. 

      But somehow, I don’t trust Microsoft that much anymore …

      ~ Annemarie

      1 user thanked author for this post.
      • #202842 Reply

        WildBill
        AskWoody Lounger

        The Windows 8.1 equivalent is KB2976978. The message is the same, but the date is July 10, 2018… for now. So is the support page for KB2952664.

        Windows 8.1, 64-bit, Group A.
        Wild Bill Rides Again...

    • #202775 Reply

      anonymous

      Strange thing…

      I have fresh install of W7-64bit, moreless its GroupB style, plus NET 4.5.2 (and its updates), minus snooping KBs. Last WU scan (june, after defcon3) detect no missing updates. New scan right now detect missing KB3123479, which is quite old (1-2016, something about SHA1).

      I backtrack my install scripts and found, I have REMed KB3123479 due to info, it was replaced by 5-2017 secuonly KB4019263 and this one is installed OK.

      Something is rotten in the state of MS…

    • #202787 Reply

      macauln82
      AskWoody Lounger

      Hi, this .net update (kb4340558) seems to be failing on all my server 2012 r2, i have had a quick look on line and i have found there are other users with this issue, error code 0x80092004

      anyone else?
      Thanks

      Edit to remove HTML. Please use the “Text” tab in the entry box when you copy/paste

      4 users thanked author for this post.
      • #202816 Reply

        gborn
        AskWoody MVP

        The package seems to be broken (a component hasn’t a hash value). I’ve about 15 confirmations worldwide. I wrote a blog post .Net Framework: Update KB4340558 drops error 0x80092004?

        6 users thanked author for this post.
        • #202831 Reply

          abbodi86
          AskWoody MVP

          I got that error too
          it’s caused by .NET 4.x rollup KB4338419, which somehow conflict with the last two rollups KB4229727 & KB4096417

          the solution was to uninstall KB4229727 & KB4096417
          then running to clean the leftovers:
          Dism /Online /NoRestart /Cleanup-Image /StartComponentCleanup

          (you may also run Disk Cleanup > Windows Update Cleanup)

          then reboot
          afterwards, KB4338419 was installed sucessfully

          4 users thanked author for this post.
          • #202873 Reply

            gborn
            AskWoody MVP

            @abbodi86: Thx for your hint – I’ve added this hint to the blog post – hope it helps affected users.

            • #202958 Reply

              abbodi86
              AskWoody MVP

              You are welcome

              but running DISM is not enough
              KB4229727 & KB4096417 must be uninstalled beforehand

              2 users thanked author for this post.
          • #203033 Reply

            gborn
            AskWoody MVP

            Just a feedback: I suggested this approach to several people affected in Germany. The feedback from two was, that it unfortunately didn’t help.

            1 user thanked author for this post.
          • #203223 Reply

            ch100
            AskWoody MVP

            I don’t think this is an issue if .NET Framework 4.7.2 as it comes on MU is installed first and separate from the other patches for the month of July 2018.
            All other patches should install smoothly after.

      • #203963 Reply

        abbodi86
        AskWoody MVP

        KB4338419 (2018-07 Security) is now revised not to be offered if KB4229727 (2018-06 Preview) is installed

    • #202800 Reply

      anonymous

      Win 8.1 x64 – Updates installed except for KB2976978, which I hid.   KB4340558 is failing with error 80092004.   Seeing some discussions, no solutions over at https://answers.microsoft.com/en-us/windows/forum/windows8_1

      I guess Win 8.1 was due for a bum update – it has been way too smooth compared to the other OS’s so far.   😬

      2 users thanked author for this post.
      • #202843 Reply

        WildBill
        AskWoody Lounger

        It’s your choice to install or not… mine is Not. If KB4340558 is messed up, Microsoft should fix it… once enough people complain. By waiting, it will be fixed by the time Woody moves us to MS-DEFCON 3 in August.

        Windows 8.1, 64-bit, Group A.
        Wild Bill Rides Again...

        • This reply was modified 1 month ago by  WildBill.
        • #202968 Reply

          anonymous

          I have the same problem.
          Installation of KB4340558 always fails on all my 3 Win 8.1 Professional machines with error code 80092004. Considering available posts on www I conclude the package to be faulty.

          EDIT html to text – content may not appear as intended

    • #202810 Reply

      anonymous

      I have 2 windows 2008 R2 servers, and I have not received the Security Quality Monthly Rollup for June or July.  The July update is kb4338818 and the June update is kb4284826. I’m not sure why i am not getting them as i seem to be getting all the other updates.  Should I go to Microsoft catalog and install them, or just not do anything.  Any help on this would be appreciated.

      • #202814 Reply

        PKCano
        AskWoody MVP

        Are you using WSUS or patching as stand-alone?
        It’s a little early to apply the July patch – we haven’t had time to see if there are problems with it. Susan Bradley’s Master Patch List is available (button at the top of the blog).

        • #202862 Reply

          anonymous

          I am using windows update, and the Quality Security rollup updates have not shown up in windows update for June and this month/July.  I’m not sure why because I am getting all the other updates through windows update. Prior to June I had been getting the Quality Security rollup updates.  I’m not sure if i should wait awhile to install the June and July rollups or get them from the catalog and install them.

    • #202815 Reply

      MrToad28
      AskWoody Lounger

      I’m all Win7 and am not patching until Malwaresoft fixes the NIC issue.

      • #202820 Reply

        geekdom
        AskWoody Lounger

        It may not get fixed. What is your next step?

        Group G{ot backup} Win7|64-bit|SP1|TestBeta

      • #202961 Reply

        rick41
        AskWoody Lounger

        I finally took the leap on my three Win7 64-bit laptops about ten days ago.  No NIC issues on any – 2 Intels and 1 Realtek.

        2 users thanked author for this post.
    • #202827 Reply

      grumpy65867
      AskWoody Lounger

      Status of Windows 10 1809 has changed to Semi Annual Channel on this link:

      https://www.microsoft.com/en-us/itpro/windows-10/release-information

      ?????????????

      • #202857 Reply

        CADesertRat
        AskWoody Lounger

        I assume that you mean 1803 which has already been reported as being SAC.

    • #202913 Reply

      Bill C.
      AskWoody Lounger

      Win 7, 32 bit here. As it happens, yesterday I checked the supportpage for KB 2952664 (https://support.microsoft.com/en-us/help/2952664/compatibility-update-for-keeping-windows-up-to-date-in-windows-7). It was then dated April 11th or 18th – anyway, April. The page now has the datestamp of July 11th. It specifically still states: This update performs diagnostics on the Windows systems that participate in the Windows Customer Experience Improvement Program. The diagnostics evaluate the compatibility status of the Windows ecosystem, and help Microsoft to ensure application and device compatibility for all updates to Windows. There is no GWX or upgrade functionality contained in this update. But somehow, I don’t trust Microsoft that much anymore … ~ Annemarie

      Actually the bolded statement is correct now and has been.  The following were / are the following:

      KB3035583 = GWX itself
      KB2952664 = Compatibility Update and Telemetry
      KB3021917 = More Telemetry

      They say they will not do GWX again, OK, but the real question is what WILL they do?

      See post #202733 above by EP on the KB3184143 update. that removed GWX.  It does NOT remove the KB2952664.

      Caution, caution, caution is the best tactic.

    • #202940 Reply

      PKCano
      AskWoody MVP

      I just update my Insider Preview to Build 17713.1000
      Nothing on the MS Store App menu works – not Settings, not update, not Account…

    • #202944 Reply

      PKCano
      AskWoody MVP

      Updating my 1703 VM today (CU KB4338826, IE11 Flash, MSRT and C++) when I  got a popup saying “Your Windows Update is not working properly. You need the Update Facilitation Service. Click OK below.” Oh, no you don’t! I clicked on the “X” and closed the box – it was not then listed in the downloaded updates.

      I hope the “X” doesn’t mean “Yes” this time!

      3 users thanked author for this post.
    • #202957 Reply

      anonymous

      Just some new information for anyone using the smaller “Delta” updates:
      Beginning February 12, 2019 Microsoft will end its practice of creating delta updates for all versions of Windows 10.
      https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-quality-updates-explained-amp-the-end-of-delta/ba-p/214426

      This will probably not affect too many people I suspect.

      2 users thanked author for this post.
    • #202994 Reply

      anonymous

      KB4338814 pulled from WSUS for Server 2016.

      Symptom: After installing this update on a DHCP Failover Server, Enterprise clients may receive an invalid configuration when requesting a new IP address. This may result in loss of connectivity as systems fail to renew their leases.
      Workaround: Currently, there is no workaround for this issue. Microsoft is working on a resolution and estimates a solution will be available mid-July.

      Yet another round of great testing and QA by M$.

      1 user thanked author for this post.
      • #203353 Reply

        anonymous

        On our WSUS servers KB4338814 is still valid today 7/13/18 11:00 EDT after many bi-hourly synchronizations.

        Did you mean to say that you chose to decline it on your WSUS, or that MS had expired it?  There is a big difference between the two.

        Thanks in advance for clarifying,

        Jim

    • #203011 Reply

      anonymous

      It seems Microsoft no longer allows users to uninstall KB2952664, even with admin privileges.  I’ve made multiple attempts using “WUSA /uninstall /kb:2952664” as well as via the uninstall function in “Programs and Features” –> “Installed Updates”.

      Using “WUSA” repeatedly just gives the appearance of success each time, but after the first attempt it should come back with something like “KB2952664 not installed on this computer.”

      Invoking the uninstall function of the “Programs and Features” control panel applet brings up the obligatory confirmation dialog, followed by a progress bar dialog, followed by the disappearance of the “Update for Microsoft Windows (KB2952664)” item from the list view of installed updates.  However, refresh the view, and there it is, resurrected in all its adhesive never-say-die glory.

      What to do?

      • #203014 Reply

        PKCano
        AskWoody MVP

        KB2952664 has been re-released MANY times. Each subsequent release has the same KB number but is considered a “different” patch.

        Consider that it has been installed multiple times on the computer. When you uninstall the currently active version, it seems that it was not uninstalled because it seems to reappear in the list of installed updates. But what you are seeing is not the version you uninstalled. What you see is the next last version.

        To get rid of it, you have to uninstall ALL the versions that have been installed. You can keep uninstalling until all disappear. Or you can tru @gonetoplaid ‘s removal method here. Here is some more information on the removal.

        From now on, try to hide it before it gets installed because it will be reissued again and again as long as Win7 is supported.

        3 users thanked author for this post.
      • #203015 Reply

        geekdom
        AskWoody Lounger

        Think of it as the Silverlight of telemetry.

        Group G{ot backup} Win7|64-bit|SP1|TestBeta

    • #203030 Reply

      anonymous

      Well, I thought this particular problem didn’t affect me but I noticed that one of two W8.1 machines failed to install this months rollup.  It also failed to install the Flash Player update.  I ran Windows Update again today and both installed fine.

    • #203039 Reply

      Jacounette
      AskWoody Lounger

      j’ai eu aussi la KB2952664 une de celles perverses qui participaient à la migration vers windows 10. Un conseil : choisissez “télécharger les mises à jour MAIS ME LAISSER CHOISIR DE LES INSTALLER” ainsi vous aurez la main mise sur toutes les mises à jour même les IMPORTANTES.

      Translated: I also had the KB2952664 one of those perverse who participated in the migration to windows 10. One tip: choose “download updates but let me choose to install them” so you’ll have the hand on all updates even the IMPORTANT ones.

      J’ai toujours refusé windows 10 et je me bats chaque début de moi pour débusquer les mises à jour complices d’une éventuelle installation de w10 à mon insu.

      Translated: I have always refused windows 10 and I fight every beginning of me to flush updates complicit of a possible installation of w10 without my knowledge.

      Je lis plus haut : “Pensez-y comme la Silverlight de la télémétrie” … est ce que ça veut dire que la mise à jour silverlight fait partie des MAJ néfastes et complices de la migration forcée vers w10 ?

      Translated: I read above: “Think of it as the Silverlight of telemetry” … does that mean that the silverlight update is part of the harmful updates and complicit in the forced migration to w10?

      merci d’avance !

      Translated: thank you in advance !

      Translated per Google Translate. Would really appreciate if someone could confirm it translated accurately. Apologies for any inaccuracies. TY- Elly

      • #203042 Reply

        PKCano
        AskWoody MVP

        KB2952664 is a Compatibility patch that performs diagnosis on your computer and sends the information to Microsoft – a “snooping” patch.

        Silverlight is a browser add-on (like Flash Player or Java). It has nothing to do with an upgrade to Win10. However, it is rarely used by programmers and mostly useless.

        3 users thanked author for this post.
        • #203045 Reply

          geekdom
          AskWoody Lounger

          When Silverlight is uninstalled on a system, multiple Silverlight updates will sequentially appear and each of those updates must be hidden. To date, there are 16 Silverlight updates that are hidden.

          Group G{ot backup} Win7|64-bit|SP1|TestBeta

          • This reply was modified 1 month ago by  geekdom.
          3 users thanked author for this post.
        • #204863 Reply

          anonymous

          Merci pour le complément de renseignement. Bonne soirée à vous

    • #203352 Reply

      gborn
      AskWoody MVP
      • #203388 Reply

        woody
        Da Boss

        At least they responded….

        • #203416 Reply

          GoneToPlaid
          AskWoody Lounger

          And fairly quickly too. That is rather remarkable, given how long it usually takes Microsoft to admit that there are issues with their updates. Essentially, Microsoft is admitting that they add ingredients to their recipes for each month’s Security and Quality Rollups and then toss the bread into the oven, without first checking whether or not they have used the correct ingredients. The baked bread analogy was the best I could come up with at the moment.

          Microsoft also states that they are aware of these issues and that they are working on a solution. Thank goodness that you moved to Defcon 2 as soon as the July updates were released. Windows 7 and Windows 8x users should get updated through June since it is important to implement Microsoft’s latest built-in Meltdown protection via Microsoft’s updates to these operating systems. Yet from my experience with updating my Windows 7 computers, getting updated to June 2018 and especially if users held at December 2017, requires installing the January through June 2018 updates in a special way, as I have previously documented. I am not sure if my documented methods for Windows 7 also applies to Windows 8x, yet it wouldn’t hurt for Windows 8x users to use my methods to get safely updated through June 2018.

          1 user thanked author for this post.
    • #204130 Reply

      anonymous

      The server 2008 R2 July updates borked out SharePoint 2007 farm, uninstalled them all and trying to work out which update was the culprit.

      1 user thanked author for this post.
    • #204171 Reply

      anonymous

      A few days after applying all the July updates (not instantly!), the servers started to perform really badly (physical Hyper-V server with several VMs, all on 2012 R2). Uninstalling KB4338815 on the VMs had minimal impact, uninstalling KB4338815 on Hyper-V host (which reverted it to KB4284815) worked wonders! Our users could finally use our ERP and accounting software solutions again without waiting for several minutes for each process that would usually take mere seconds.

      Shocked at the poor patch quality! Hoping that Microsoft will release a fix at all (they’re promising mid-July on the KB page, at least for their known issues). I’ll make sure to delay updates for longer in the future!

      1 user thanked author for this post.
      • #204377 Reply

        anonymous

        Update: KB4338831 should supposedly fix the known issues. Will try it in a few weeks…

      • #209345 Reply

        anonymous

        KB4338831 running on physical and virtual servers smoothly for 6 days now, apparently fixing the issues from KB4338815. Really pleased with the current performance of the servers, user’s processes within server-based applications are fast again! 🙂

        2 users thanked author for this post.
    • #204786 Reply

      anonymous

      Hello PKC, In Woody’s page of Group B updates for 7 and 8.1 it says, “Jul 2018 KB 4345459 (released 7/16/2018, replaces KB 4338823, fixes 0xD1 error, W3SVC, tcpip.sys) – Download 32-bit or 64-bit”, but in the article from MS it states it is NOT a replacement.

      On the MS page it said, “This update does not replace a previously released update.”
      https://support.microsoft.com/en-us/help/4345459/stop-error-0xd1-after-a-race-condition-occurs-in-windows-7-service-pac

      Thank you, and the other good MVPs, for your help here at Woody’s.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: July 2018 Security patches are out

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information:


    Comments are closed.