July patches are all messed up — but a good hint appears in Japanese

Topic

New Reply

I’ve given up on the July patches. Which is why we’re on MS-DEFCON 1. There’s a little bit of light, though — coming from a Japanese language explana
[See the full post at: July patches are all messed up — but a good hint appears in Japanese]

11 users thanked author for this post.

walker, SueW, cesmart4125, Pepsiboy, Elly, ch100, Heavenly, kiwisolutionz, Laptop Boy, Mr. Natural, fernlady

Reply | Quote

Replies

Group W, you become more enticing by the day.

4 users thanked author for this post.

Pepsiboy, Charlie, WildBill, FakeNinja

Reply | Quote

AKB2000003 has been updated 7/20/2018.

KB 4345459 (Win7) and KB 4345424 (Win8.1) have been added for Group B Security-only.

9 users thanked author for this post.

SueW, Pepsiboy, Elly, samak, jelson, Laptop Boy, lanceboil, HiFlyer, woody

Reply | Quote

So is KB4338823 still needed if KB4345459 replaces it?

Have you seen the price of Tums? It's enough to give you heartburn.

Reply | Quote

See abbodi86 ‘s information here, and check out the link in his post.

2 users thanked author for this post.

walker, jelson

Reply | Quote

Okay so no, 4338823 is not needed, just 4345459.

Have you seen the price of Tums? It's enough to give you heartburn.

1 user thanked author for this post.

SueW

Reply | Quote

Link to ComputerWorld Article

4 users thanked author for this post.

walker, Elly, HiFlyer, woody

Reply | Quote

My employer already pushed Windows 7 July 10, 2018—KB4338818 (Monthly Rollup) to my work system.

KB4338818 is another update that doesn’t play nice if you’ve disabled Libraries on Windows 7.  Specifically, you will lose the ability to rename folders in Windows Explorer if you install this with libraries disabled.  Other than that, I’ve encountered no problems.

However, my employer did not push out Security and Quality Rollup updates for .NET Framework for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4340556). Apparently that patch is still problematic.

2 users thanked author for this post.

cesmart4125, fernlady

Reply | Quote

I have a test Win 7 system with KB4338818 and Libraries are nowhere to be seen, yet I can rename folders…

My question is this: Could you please define “Libraries disabled”? Perhaps I’ve done something different than you.

-Noel

1 user thanked author for this post.

cesmart4125

Reply | Quote

Maybe he was talking about the Windows indexing service?

Reply | Quote

Noel Carboni wrote:

I have a test Win 7 system with KB4338818 and Libraries are nowhere to be seen, yet I can rename folders… My question is this: Could you please define “Libraries disabled”? Perhaps I’ve done something different than you. -Noel

I used the .zip download from this page: https://www.askvg.com/how-to-disable-libraries-feature-in-windows-7/

There are three sets registry settings:

Disable Libraries in Windows 7.reg
Only Remove Libraries Icon from Windows 7 Explorer.reg
Restore Default Settings.reg

What I’m going to do when the time comes to install July patches is “Restore Default Settings”.  After the patch is applied and I’ve rebooted, I’ll “Disable Libraries in Windows 7” again.

Perhaps what you’ve done is “Only Remove Libraries Icon from Windows 7 Explorer”?

Reply | Quote

Group W does indeed become more attractive with each passing day.

If it gets any worse, Woody, you might find that DefCon 1 doesn’t go quite low enough and you’ll need to invent DefCon 0.

6 users thanked author for this post.

GoneToPlaid, Kranium, lurks about, Charlie, woody, zero2dash

Reply | Quote

There is an alternative and it gives DEFCON-1 back its original meaning: nuking Microsoft HQ by having a computer virus grilling all their internal servers and development databases.

Where there is no intelligent life to be found, obviously there is no intelligent life at risk.

 

Marc

Reply | Quote

I think there needs to be a new group: ‘Group N’ N means never connected to the net.

Reply | Quote

I think there needs to be a new group: ‘Group N’ N means never connected to the net.

Agreed.

I’m using this strategy with my W10 Home 1703 and W10 Pro 1703 installs. They’ve worked flawlessly since I instituted this policy.

-lehnerus2000

Reply | Quote

Defcon 0, if Woody invents it, could mean that you must get patched right away if a malware storm is sweeping the Internet and a patch is available to prevent the zero day exploit. You know, something nasty like not-Petya yet worse and spreading even more rapidly.

Perhaps Defcon -1 should also be invented. Defcon -1 would mean that if you install one or more of the current patches, not only are the patches flawed but also that they will not uninstall properly such that the only solution is to either restore from backup or to reinstall the OS.

Reply | Quote

For Windows 8.1 (x64) the only update that didn’t install was KB4340558, failing with an error of 80092004.   Well, a new one came in, dated yesterday and installed successfully with no workarounds required.  So, that clears up Win 8.1 (x64) for July.   There is probably a fix for Win server 2012 out there.

Reply | Quote

Check out @abbodi86 ‘s link to the Japanese translation. The update fixes are listed there (old and new).

2 users thanked author for this post.

ch100, jelson

Reply | Quote

In future editions of Webster’s..Incompetence will be defined as a state of being, invented by Microsoft as applied to Windows patches.

1 user thanked author for this post.

WildBill

Reply | Quote

Great Computerworld article, thank you Woody. A new Defcon number 0 or even -1 may be required if this nightmare continues or gets worse. Is it time to re-post the great picture that microfix provided concerning the “Official Windows Servicing Team” =

https://www.askwoody.com/forums/topic/really-did-anybody-at-microsoft-test-version-1803-on-their-own-hardware/#post-193264

The Cathedral Halls of Microsoft Quality Assurance?

3 users thanked author for this post.

Charlie, woody, WildBill

Reply | Quote

Group A on Win8.1. So, I can replace KB4338815 (Security Monthly Quality Rollup for July) with KB4338831 (Preview of Monthly Quality Rollup for August) when Woody bumps MS-DEFCON up to 3 or higher. How about when that I happens, I just skip both, install other updates (KB890830 [MSRT], KB4340558 [Rollup for .NET], KB4338832 [Flash security update], & KB4054566 [.NET Framework 4.7.2]), then wait for September to install the Security Monthly Quality Rollup for August? Win8.1 has been pretty stable & I usually avoid Previews like the plague… are there fixes in KB4338831 that I can’t live without for a month?!

Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...

Reply | Quote

The .NET patches and 4.7.2 are not reliable right now. Maybe by the time the DEFCON number comes out of the cellar. MAYBE..

6 users thanked author for this post.

columbia2011, Elly, Heavenly, woody, Cybertooth, WildBill

Reply | Quote

Not sure about the statement saying that the release of the .NET Framework 4.7.2 is not reliable.
I have a different opinion, although the patches for all versions of the .NET Framework released in July 2018 have proved not to be reliable.

Reply | Quote

This all reminds me of the January 2018 patchocalypse, meltdown, spectre fiasco, where over three months, fixes for patches to patch/ and replacement patches were issued. Groundhog months?

Looks like a I’ll be doing a few external system images over the weekend..then wait a few months for the dust to settle for W8.1 group A (if it ever does..) in the meantime, I’m going group W with W7 again as all devices are working fine with June 2018 patches.

As someone’s signature says ‘prepare for the worst and hope for the best’

Edit: The CU Patches for August will be interesting..

Win8.1/R2 Hybrid lives on..

3 users thanked author for this post.

SueW, Elly, zero2dash

Reply | Quote

Microfix wrote:

This all reminds me of the January 2018 patchocalypse, meltdown, spectre fiasco, where over three months, fixes for patches to patch/ and replacement patches were issued. Groundhog months?

Looks like a I’ll be doing a few external system images over the weekend..then wait a few months for the dust to settle for W8.1 group A (if it ever does..) in the meantime, I’m going group W with W7 again as all devices are working fine with June 2018 patches.

As someone’s signature says ‘prepare for the worst and hope for the best’

Are you talking about me?

The Security-only updates for Windows 7 (KB4338823) and Windows 8.1 (KB4338824) apparently have been supplanted by another pair of “fixes” (KB4345459 for Windows 7 and KB4345424 for Windows 8.1) which fix several problems in the security-only patches and rollups. Oh boy.

The June 2018 patches are working fine for me too on Windows 7 and Windows 8.1. If necessary I shall wait a few months just like the last time from January 2018 to June 2018 until the problems are fixed.

Hope for the best. Prepare for the worst.

Reply | Quote

If anyone believes things will improve any time soon, just wait for the upcoming Windows 10 1809… and face reality. The Redmond ‘experts’ are just a bunch of progressive clowns messing up each and everything that comes in their way. It’s as if they get paid to kill Windows and all other Microsoft technologies one by one. In the end, they’ll ship Windows running on Electron…

Reply | Quote

Microsoft should just say “we will keep issuing updates until everything is fixed”. But we do not know when this will be, or even if that is even possible. Please try and enjoy Windows when it works, and when it doesn’t just use something else.

1 user thanked author for this post.

Charlie

Reply | Quote

Microsoft Patching guidance from an unknown source —

“Point your firearm directly at your computer and gently squeeze the trigger.  If your firearm fails to discharge, continue pulling the trigger until it goes bang or a determination is made that reloading is required.”

1 user thanked author for this post.

Cybertooth

Reply | Quote

Just when you think it can’t possibly get any worse, it does.  I’m no longer leaning toward Linux, I’m being pushed to it!

Have you seen the price of Tums? It's enough to give you heartburn.

3 users thanked author for this post.

GoneToPlaid, johnf, WildBill

Reply | Quote

Win 7 & Server 2008

MS says the patches KB4345459 and KB4338821 are not replacements.

Brent Alinger [MSFT] (July 18, 2018 at 10:27pm):
“According to the Windows Servicing team, for the non Windows Server 2016 operating systems, it is required that the update released on July 10th be installed for Windows update to offer the new update. This is because the update is a patch to the previous package. Windows update chooses updates based upon packages previously installed on these operating systems.”

This says (I think):

1) KB4345459 is a patch for KB4338823 (Group B)
2) KB4338821 is a patch for KB4338818 (Group A)

See:
Issue with July Updates for Windows

Note: Server 2008 and Win 7 have the same servicing stack.

I’m guessing that even if 459 is a replacement for 823, you can install 459 over 823 (without uninstalling 823).

What’s your take on this guys (and gals)?

– Carl –

1 user thanked author for this post.

Charlie

Reply | Quote

See abbodi86 ‘s post here and the link he provides.

Reply | Quote

Yep, already had read that, but I still think the above is correct.

Also, I installed NET 4.72 and KB4340556 (Rollup) last week on a Win 7 test machine. I’m running very heavy NET based, multi-threaded, 64bit simulation software and haven’t encountered issues.

Could you please point me to some links regarding NET issues? I don’t want to have to uninstall unless necessary.

– Carl –

Reply | Quote

See Woody’s main blog post here – comment about the ,.NET not being replaced.

Then the ComputerWorld article that is linked in that post.

Reply | Quote

There are .NET Framework patches expired and re-released under the same number on July 20.
Too much trouble this month.
The only patches which are safe are the Flash and Office patches and I would say based on my own assessment the optional .NET Framework 4.7.2 for all OS, without any updates for now.

1 user thanked author for this post.

WildBill

Reply | Quote

@PKCano

The links you provided do not apply to Win 7. As far as I have been able to determine, there are no issues with NET and Win 7.

KB4345232 – “0x80092004” error occurs

Am I missing something?

– Carl –

Reply | Quote

You are correct. It covers Win8.1 (KB4340558) but doesn’t mention Win7 (KB4340556). Nevertheless, all things considered, I would not rush to install these patches. Personally, I hide them for the time being. There are just too many problems this month.

4 users thanked author for this post.

WildBill, SueW, Elly, kiwisolutionz

Reply | Quote

There are/were issues with the July 2018 .NET Framework updates, unless .NET Framework 4.7.2 is installed first as far as I can tell.

Reply | Quote

Leave 4.7.2 installed as uninstalling could cause huge problems, but be careful with the updates. They can normally be uninstalled safely if required, one by one at a time.

Reply | Quote

I appreciate abbodi86’s post, but, to me at least, the following 2 sentences are not quite clear:

“To apply security-only update (Security-only update), apply ” KB4345459 “. KB4345459 Is A fix for this problem is added to the contents of KB 4338823 (Security-only update)”

The first sentence implies that if I want the security only patch, I only need to install KB4345459. But the second sentence says that the contents of KB4345459 are added to KB4338823. To me this second sentence implies that BOTH KB 4345459 AND KB4338823 are required.

Perhaps this is a translation issue, perhaps this is a “my stupidity” issue, perhaps it’s another issue, or perhaps it’s some combination of these issues. But, in any case, if someone can clarify this it would be much appreciated not only by me, but to many other people here as well (based on the posts I’ve read).

Thanks.

2 users thanked author for this post.

LH, jelson

Reply | Quote

My interpretation is: KB4345459 = KB4338823 + a fix for the problem in KB4338823.
Did you see the table in the linked article from a MS employee?

6 users thanked author for this post.

Laptop Boy, SueW, ch100, jelson, abbodi86, DrBonzo

Reply | Quote

I’m not trying to be argumentative, nor am I trying to be a pain in the neck, and I’m going to defer to your far greater knowledge and experience in interpreting MS mumbo jumbo.

However, even the table seems to have potential for obfuscation. The second column says that KB4345459 is the “patch that fixes the problem”. But there wouldn’t be a problem if the patch in the first column, KB4338823, wasn’t installed. So, that makes me wonder: Does KB4345459 only fix the issue created by KB4338823, or does it fix this issue as well as fix the other problems that were initially addressed by KB4338823?

I gather from abbodi86’s reply a bit further down this page, that his answer is that KB4345459 fixes the original issues addressed by KB4338823, and in addition, fixes the issue created by KB4338823 if it (KB4338823) was installed, but obviously doesn’t fix the issue if it wasn’t installed. Or, in other words, either just install KB4345459 and be done with it, or if KB4338823 is already installed, then install KB4345459, and then be done with it.

Thanks for enduring this probably too long post.

1 user thanked author for this post.

Laptop Boy

Reply | Quote

No worries at all 🙂

either just install KB4345459 and be done with it, or if KB4338823 is already installed, then install KB4345459, and then be done with it.

exactly

KB4338823 contains July 2018 security fixes + may cause TCP/IP BSOD issue
KB4345459 contains July 2018 security fixes + a fix to prevent/mitigate TCP/IP BSOD issue

9 users thanked author for this post.

Charlie, Laptop Boy, SueW, cesmart4125, Elly, ch100, woody, jelson, DrBonzo

Reply | Quote

Thanks abbodi86! That was very clear.

Reply | Quote

To abbodi86.  Thank you, and PKCano and DrBonzo, for the helpful clarifications. Could I impose on you to clear up one further matter.  I’m a novice, and the answers to the following questions might be obvious, but I’d like to be 100% certain regarding what to do.

Am I correct that for those of us in Group B (security-only) who are running Windows 8.1, your advice would be:

(a) If you have ALREADY installed KB4338824, don’t uninstall it.  But do install KB4345424 now to fix the problems in KB4338824.

(b) If you HAVEN’T ALREADY installed KB4338824, don’t install it (by not installing it, you avoid having to recover from a virtually inevitable BSOD, etc.).  Instead, install KB4345424 only.

By the way, am I right that KB4345424 is “safe” to install and has no known issues?

Thank you for the enormous amount of useful information that you generously contribute to this website.

Reply | Quote

Your (a) and (b) are correct.

Laptop Boy wrote:

By the way, am I right that KB4345424 is “safe” to install and has no known issues?

This is not correct in that we don’t know yet whether the fix KB4345424 is “safe” and has no issues. We recommend waiting to install ANY of the July Windows or .NET patches until Woody raises the DEFCON number to 3 or above (see number at the top of the blog). That is what the DEFCON system is all about – WAIT, and minimize the risks.

2 users thanked author for this post.

Laptop Boy, DrBonzo

Reply | Quote

Yes, that’s correct

KB4345424 is safe, any issues would have showed up by now

1 user thanked author for this post.

Laptop Boy

Reply | Quote

It’s not just you, I found this to be unclear and misleading too.  Check out my report #204795.

Have you seen the price of Tums? It's enough to give you heartburn.

1 user thanked author for this post.

DrBonzo

Reply | Quote

Google translator 🙂

2nd sentence cleared:
“KB4345459 has the fix for this problem, which is added to the contents of KB4338823 (Security-only update)”

nevertheless, somethings do not worth to complicate it 😀
install KB4345459 only as suggested, or install both
either will work 🙂

6 users thanked author for this post.

Bill C., SueW, ch100, jelson, DrBonzo, PKCano

Reply | Quote

I think Woody described it best when he wrote “Upside Down and Backwards”.

I can think of some other words to use but they can’t be used in this blog.

Have you seen the price of Tums? It's enough to give you heartburn.

2 users thanked author for this post.

SueW, Cybertooth

Reply | Quote

Group A,  Win7 x64, AMD, home premium, home user.  Just don’t  install  any Previews you don’t need them. Other wise no problems.

Reply | Quote

Customers who have successfully installed the security updates and who are not experiencing any issues do not need to take any action.

I haven’t installed anything, but since I’m not experiencing any issues, I’ll follow the recommendation anyway and don’t take any action.

Excellent.

What a blissful day.

2 users thanked author for this post.

BobbyB, Charlie

Reply | Quote

Update posted by @gborn on borncity.com:

Updated Microsoft Security Advisory Information
Posted on 2018-07-20

Reason for Revision: To address a known issue in the security updates released on July 10

1 user thanked author for this post.

Elly

Reply | Quote

…and why is it only the Japanese blog has this detail?  I don’t get it.

Susan Bradley Patch Lady/Prudent patcher

6 users thanked author for this post.

WildBill, SueW, Elly, BobbyB, woody, jelson

Reply | Quote

@PKCano

Just caught the borncity update. I don’t know what to believe now.

Ahhh! (pulling what little hair I have left out).

– Carl –

Reply | Quote

It’s funny…  I did my fitness tests on my VM early on and they passed.  Then I installed the July updates on hardware – a Win 7 x64 Ultimate system, which is primarily used here as a server.  I’ve seen no problems whatsoever.  Note the uptime in Task Manager.

I think this goes to show that there is great power in communicating with a lot of folks on the Internet.  One person’s (or system’s) experience can only go so far, because an operating system is a very complex beast and no one could possibly use it all.

-Noel

2 users thanked author for this post.

Elly, BobbyB

Reply | Quote

Noel Carboni,

Thanks. Please, could you also mention which Win 7 (x64) July updates did you install in the VM and the PC?

 

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

Installed via the normal Windows Update applet. I screen grabbed ’em.

-Noel

3 users thanked author for this post.

OscarCP, SueW, Elly

Reply | Quote

The issues are obviously experienced depending on what is installed and used on that particular system. Chances are that most people don’t encounter any issues.
However, due to the fact that there was such a massive response from Microsoft (and confusion as well), the best practice in this case is to follow the mainstream and either not install anything from July 2018 except for Flash and Office, or at minimum to apply the later patches if uninstall for whatever is already installed is not an option. There are also out-of-band releases from June 2018 like an SSU for Windows 10 1803 which I would uninstall too, although the SSU uninstall require advanced knowledge of doing so.

1 user thanked author for this post.

abbodi86

Reply | Quote

The discussion, so far, has got a little confusing for me.

My take, so far and, please, correct me if I am wrong, is that, now, the update has to be made in two steps:

(1st)   Apply the first version of the (flawed) July update of either the S&Q Rollup (Group A) or the Security Only (Group B).

(2nd) Next, having done that, apply the second, later July (fixer) update corresponding to the one previously installed in 1st.

>>> This applies to Win 7, 8.1 and 10 (any version).

Doing all this might:

(a) Fix a problem with the first update without actually uninstalling it, or (b) the install process of the second update might, automatically and without telling anyone this out loud, first uninstall the first update and then replace it with the second. Either way, the BSOD problem is supposed to get fixed.

I am in no hurry to do something about this… Just wondering how this works, exactly, to get and keep that information for later use.

Group B, Windows 7 Pro SP1, Intel I-7 4-core “sandy bridge”.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

Here is the answer and also here.

2 users thanked author for this post.

ch100, OscarCP

Reply | Quote

With thanks to PKCano.

I am still interested in knowing whether the update process is (a) or (b).

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

I think this post from abbodi86 in response to one of my questions, answers your question(s):

https://www.askwoody.com/forums/topic/july-patches-are-all-messed-up-but-a-good-hint-appears-in-japanese/#post-204857

1 user thanked author for this post.

cesmart4125

Reply | Quote

As per article:

Bottom line: Don’t patch

or uninstall whatever is released and installed after 12 June 2018, except for the Flash updates and Office updates which appear to be clean.

Reply | Quote

Why don’t we all band together, take Microsoft over, sack all their staff, and get Woody and all the Ask Woody MVPs to run things ?

2 users thanked author for this post.

Cybertooth, WildBill

Reply | Quote

In the article originally written in Japanese, I believe there’s a typographical error.  Under For Windows 7 SP1 / Windows Server 2008R2the following statement appears:

To apply Monthly Rollup, apply ” KB 4338818 (Monthly Rollup) + KB 434559 ” or ” KB 4338821 (Preview of Monthly Rollup)

KB 434559 should read KB 4345459.

And yes, Woody, this article does add some clarity.

Edit to remove HTML. Please use the “Text” tab in the entry box when you copy/paste.

Reply | Quote

You may be correct regarding the incomplete KB 4345459, however; in the Chart higher up on that page, it shows the patch for the full “Monthly Quality Rollup” KB4338818 as KB4338821 (the 2018-07 Preview Rollup) with no mention of KB4345459, which shows in the Chart as the patch for the Security only KB.

So is KB4345459 even applicable to patching KB4338818???

Reply | Quote

Security-only KB4345459 contains Security-only KB4338823 plus the fix for tcpip.sys.

KB4338821 is the 2018-08 Preview Rollup. It contains the 2018-07 Monthly Rollup KB4338818 plus the fix for tcpip.sys

1 user thanked author for this post.

abbodi86

Reply | Quote

I’m a bit confused. When looking on the supportpage of 4338821 it states: this non-security update includes improvements and fixes that were a part of KB4338818 (released July 10, 2018) and also includes these new quality improvements as a preview of the next Monthly Rollup update: etc.

 

Doesn’t this mean that is does NOT include the securityfixes from 4338818?

~ Annemarie

Reply | Quote

Rollups are composed of three parts: non-security updates, security updates, and IE11 cumulative updates.

Rollups and Preview Rollups are cumulative. The 2018-mm Preview (released a week or so after the 2018-mm Rollup) is composed of four parts: the three parts of the 2018-mm Rollup PLUS the non-security updates that will be contained in the 2018-mm+1 Rollup

1 user thanked author for this post.

walker

Reply | Quote

Thank you, crystal clear now 🙂

~ Annemarie

Reply | Quote

anonymous wrote:

I think there needs to be a new group: ‘Group N’ N means never connected to the net.

Agreed. I’m using this strategy with my W10 Home 1703 and W10 Pro 1703 installs. They’ve worked flawlessly since I instituted this policy. -lehnerus2000

I thought MS were going to build in a mechanism into Win10 so that you had to connect at least once a month or it would get deactivated (or reduced functionality). Did that never happen?

Reply | Quote

David,

That’s an interesting question. I have seen several shop windows recently with TV’s/monitors displaying advertising where I’ve seen a blue Windows box in the image which says something like:

“Windows needs your help. Windows Update has been unable to check for updates for the past 30 days” (or words to that effect) and there are 2 choices – go to Windows Update or Close.

I’m assuming these shop computers are running Windows 10 and they’re not connected to the Internet. I’m also assuming that if you close the message box it will keep coming back again and again.

Now, I don’t know if there is a way to disable these notifications but if any”workarounds” are as effective as the methods of disabling Windows Update for W10 (especially in the Home Edition) then I don’t believe there is much chance of stopping them. Unless you go online and let Windows Update run, of course.

PC1: Gigabyte B560M D2V Motherboard, Intel i5 11400 CPU, 16GB RAM, NVIDIA GeForce GTX 1650 Graphics Card, 1x Samsung 870 EVO 250GB SSD, 1x Samsung 860 EVO 250GB SSD, Windows 10 Professional 22H2 64bit.
PC2: Asus H81M-PLUS Motherboard, Intel i3-4160 CPU, 16GB RAM, NVIDIA GeForce GTX 1050 Graphics Card, 1x Samsung 870 EVO 250GB SSD, 1x Samsung 860 EVO 250GB SSD, Windows 10 Home 22H2 64bit.

Reply | Quote

Then maybe “Group N” should mean “Never Windows 10”. Or “aNything but Windows 10.”

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

Ok, I read everything. However, I don’t understand this:

If you check Win 7 KB4338823 package details in MS Catalog, it does not say that it has been replaced by KB4345459. Same with KB4345459 package details, it does not say that the update replaces KB4338823. So, giving all your advice so far, I assume that this has to be an oversight by MS. In other words, right now, MS Catalog info implies both updates are needed, instead of just KB4345459.

Edit to remove HTML. Please use the “Text” tab in the entry box when you copy/paste.

Reply | Quote

Based on the remarks from @abbodi86 and others, it now appears that if you are installing the security only update in windows 7, it only requires that KB4345459 be installed to fulfill the requirements for the windows 7 July Security Only Update.

If this is true, how is it that the Windows support page for KB4345459 states the following under the section, “Update replacement information”: This update does not replace a previously released update.

So if that is the case, wouldn’t that imply that KB4345459 is a fix only and should only be installed after installing KB4338823?

1 user thanked author for this post.

Charlie

Reply | Quote

1- KB articles don’t contain accurate info about replacement in about 97 % of the time

2- KB4345459 is a non-security update, KB4338823 is a security update
per metadata rules, the second can replace the first, but not the opposite

3- This happened before in the last few months, and the same argument continues every time 🙂

4- My only intention is to deliver an update fact, i’m not trying to prove a point or make any statement
it’s totally OK to follow the suggestion, or go with the official route (i.e apply both updates)
😀

5 users thanked author for this post.

Charlie, DrBonzo, PKCano, twbartender, geekdom

Reply | Quote

So what is the bottom line?

If one is Group B (installing Security Only, never the Rollup), is patched completely, with no issues, through June and has not installed KB4338823 yet, which one of these two options is the correct one: (a) update KB4338823 first, then KB4345459, or (b) just update KB4345459 and ignore the other one?

(Assuming one installs anything at all, which right now I do not recommend unless pressed by the circumstances of one’s job to do so.)

With all the due and highest respect to those making assertions previously on what to do about this, to me this discussion is turning less and less clear than mud by the posting.

(And, please, do not answer with a link to a previous posting. Just stating it is option (a) or option (b) should be enough, as it cannot be both. Can it?)

 

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

Yeah, you got it. a and b both works the same. Take your pick.

Reply | Quote

@oscarCP – I’m not sure there is a bottom line yet. After all we’re not even 2 weeks into the July patch cycle.

To me, it comes down to this at the moment:

MS seems to want you to install both patches. That could be problematic if a reboot after the first patch (8823) results in a BSOD or some other problem. I’m not sure I’ve got the chops to recover from something like that in order to get the second patch installed. Then again, it may be OK to install both patches without a reboot in between and just reboot after the 2 patches have been installed.

abbodi86 and PKCano seem to be saying that only the second patch is required (5459). That seems to be the more attractive option to me.

So, who do you have more confidence in, MS or our MVPs? Your opinion may differ, but to me it’s a no-brainer – I’ll put my money on our guys!

Of course, who knows what will happen in the following days? So, I’m waiting, as usual, until Defcon 3 or higher.

1 user thanked author for this post.

OscarCP

Reply | Quote

Thanks for the answers.

So, as I now see it and summing up, perhaps this situation might be best described by this well-known quote used here as metaphor:

“Well to tell you the truth, in all this excitement, I kind of lost track myself. But being that this is a .44 Magnum, the most powerful handgun in the world, and would blow your head clean off, you’ve got to ask yourself one question: ‘Do I feel lucky?’ Well do ya, punk?”

Not feeling particularly lucky today, I think I’ll go along with DrBonzo’s advice and just give this more time to get sorted out.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

Since Skipping Only the March Updates I’ve had good Win 7-64 successes in 2018.

Today (just updated Macrium Image at the Ready) the 1st attempt Froze on the 1st Update Install (Word ’10), so a Re-Start & Repeat netted Installs and the MS “Re-Start Now” button that produced a normal desktop. My usual 2nd Re-Start to “Oil” things resulted in what seemed like a 3-week “Preparing to Update Windows” routine (possibility) that you should be prepared for B4 a forced shut-down. THIS is at least the 2nd instance of “Preparing to Update Win/Don’t Turn-Off” showing on the 2nd Re-Start – NOT the 1st.

A little sluggish after Re-Start # 2, and back to Normal after Re-Start #3.  Net Framework Rollup was Un-Chk’d but based on having 4.72 and prior OK reports I chk’d it. (2010’s) Word, PPt, (2) Office, MSRT, Net Frmwk, July Rollup. A 2nd Net Frmwk (un-chk’d) was an Offline offering). FYI for Win 7-64 users.  Good Luck.

W10 Pro 22H2 / Hm-Stdnt Ofce '16 C2R / HP Envy Desk-Ethernet - SSD-HDD/ i5(8th Gen) 12GB / GP=2 + FtrU=Semi-Annual + Feature Defer = 1 + QU=0

Reply | Quote

Well now, that really cheered me up!

Have you seen the price of Tums? It's enough to give you heartburn.

Reply | Quote

abbodi86 wrote:

1- KB articles don’t contain accurate info about replacement in about 97 % of the time…

So very true. For us Group B users, we have to check the info shown for a given security-only update in the Microsoft Update Catalog. At least this is accurate 90% or more of the time. The KB articles are virtually worthless for Group B users in terms of mentioning what updates are replaced by any given security-only update.

2 users thanked author for this post.

Charlie, OscarCP

Reply | Quote

As of today, KB4338823 is a Security Only Update, and KB4345459 is NOT a Security Only Update.  So as of right now, unless it changes, KB4338823 must be installed first in order for Group B’ers to keep up the proper update line.

That’s the way it looks to me, I just checked the MS Update Site.  Thanks GoneToPlaid for bringing that to my (our) attention!

Have you seen the price of Tums? It's enough to give you heartburn.

1 user thanked author for this post.

OscarCP

Reply | Quote

May have missed it, but dont see much/any commentary in here regarding Windows 10 ver 1709 issues.

Per the Japanese chart the 7/10 July KB4338825 should be patched with 7/16 KB434542 (obviously an incomplete/incorrect number).

What is the correct 7/16 number? How will this come down the WU chute?

I have Win 10 Pro ver 1709, WU Group setting at 2, Semi-Annual Channel, Feature deferred 365 days, Quality Update (currently at 21 days due to July mess).  So for me will each of these KB’s be delayed 21 days from release, creating a delayed correction problem?

Never had a patch issue as this since I have been on Windows 10.

Reply | Quote

That should be KB 4345420 for 1709. You may not see it unless you car SAC (Targeted).

Reply | Quote

PK thx for the KB number.

I am not “Targeted” and dont intend to be due to pending 1803; however, how am I supposed to “fix” the problem that will be caused by letting WU install the July KB4338825 if WU doesnt also download KB4345420???  Seems they would both have to go in together before reboot to avoid the problem altogether – yes?

Are we going to have to by pass allowing the July update at all and await for the August Monthly cumulative Update?

Reply | Quote

Be patient. We are still on DEFCON-1. August updates are three weeks away. Much can happen in the meantime. WAIT.

Incidently, the .NET patches that are part of the CU are still bad.

4 users thanked author for this post.

Charlie, walker, GoneToPlaid, Elly

Reply | Quote

That’s about all we can do is wait, and hope that much will be done before the update deadline arrives (August Black Tuesday).  It’s now 7/30/18 and I’m still scratching my head and wondering what is really the proper way to do the KB4338823 / KB4345459 update.  You know it’s really a mess when we have this much discussion, and there are still doubts.

Hopefully this will get sorted out and definitively answered by Woody and crew.  Thanks and good luck!   🙂

Have you seen the price of Tums? It's enough to give you heartburn.

Reply | Quote