The patches are starting to appear. I’ll keep this post updated as the situation becomes more clear. The master list — the Security Update Guide — i
[See the full post at: March 2018 Patch Tuesday]
![]() |
There are isolated problems with current patches, but they are well-known and documented on this site. |
SIGN IN | Not a member? | REGISTER | PLUS MEMBERSHIP |
-
March 2018 Patch Tuesday
Home » Forums » Newsletter and Homepage topics » March 2018 Patch Tuesday
- This topic has 113 replies, 40 voices, and was last updated 5 years, 2 months ago.
AuthorTopicViewing 35 reply threadsAuthorReplies-
PKCano
Manager -
Rawr
AskWoody LoungerKB2952664/KB3150513
KB3080149/KB3022345
Should combine the telemetry for the two listed below as you have done with the two listed above. They both require the first update as prerequisites in order for the second one to even show.
Right now you have it for Win7 as:
KB2952664/KB3150513
KB3021917
KB3022345
KB3068708
KB3080149
-
anonymous
GuestThese updates appeared on my WSUS server about an hour before the patch Tuesdays official release time at 10:00 AM PDT (Redmon time).
I don’t recall seeing the term “Server Next” since well before Windows 2016 was released. And I don’t ever recall seeing Windows 10 version next as a name.
Yet another head scratcher from Microsoft.Email from WSUS below:
New Update Alert
The following 5 new updates have been synchronized to WSUS2 since Tuesday, March 13, 2018 4:20 PM (GMT).Critical and Security Updates
2018-03 Cumulative Update for Windows Server Next for x64-based Systems (KB4087658)
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer.2018-03 Update for Windows Server Next for x64-based Systems (KB4087657)
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer.2018-03 Update for Windows 10 Version Next for ARM64-based Systems (KB4087657)
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer.2018-03 Update for Windows 10 Version Next for x86-based Systems (KB4087657)
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer.2018-03 Update for Windows 10 Version Next for x64-based Systems (KB4087657)
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer.Regards,
Jim
anonymous
GuestNoticed in the monthly rollup (KB4088876) that states:
“Provides cumulative Spectre and Meltdown protections for 32-Bit (x86) and 64-Bit (x64) versions of Windows except the KB4078130 update that was offered to disable mitigation against Spectre Variant 2.”
Given the recent announcement that MS would release microcode in addition to what OEM is doing, does the March Monthly Rollup include the microcode?
-
PKCano
Manager
anonymous
GuestHello, I have a new Windows 10 laptop still in the box, never turned on. I am wondering how you would recommend setting it up so it doesn’t automatically with the current updates as it starts up and goes through beginning stages. Also, for those updates that were found to have issues and they put “fixes” in new updates, what happens when people attempt to update after. Does it download the original and the fix or neither or does it ignore the bad one and the updated one takes care of them both? Thanks for the help! 🙂
-
PKCano
ManagerThe best way is to start up the first time disconnected from the Internet. That way you can choose a local ID and get all your settings right before you face the Microsoft update problem. Read on this site how to block the updates until you are ready.
The updates for Win10 are cumulative, so each one carries all the earlier updates plus the current fixes. So you don’t have to do a whole lot of patches to be up to date
b
Manager-
PKCano
Manager -
b
Manager -
OscarCP
MemberAcknowledging your spirit of sacrifice, we thank you for your service.
Our thoughts and prayers are with you.
Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).
MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV14 users thanked author for this post.
johnf,
David F,
woody,
Cybertooth,
b,
samak,
CADesertRat,
BobbyB,
Karlston,
lurks about,
JDeC,
MrJimPhelps,
fk5353,
Elly
-
Schnarph
AskWoody LoungerIt’s not nice to poke fun at those that trust MS updates only to have their main source of productivity/income replaced with trouble shooting the OS for days on end. If you truly believe they are all lying, that makes you the conspiracy theorist rather than those who stay informed reading sites like this one.
1 user thanked author for this post.
-
zero2dash
AskWoody LoungerNot speaking for b, only on what I’ve seen –
10 has the tendency of negative posts and ridicule on its own; some people take it too far IMHO. Yet when someone (such as b) posts something positive about 10 or its updates, they’re usually ridiculed more or its insinuated that they’re lying, a shill, or full of it.
What you say in your post is a 2 way street – keep that in mind (and it’d be nice if everyone actually did). Just because some people have trouble with an OS or a piece of software doesn’t mean everyone does; similarly, just because you don’t have trouble doesn’t mean others don’t. 10 isn’t for everyone, but at some point, everyone will have to “make a move” whether it’s running unpatched with an old version, upgrading and biting the bullet, or switching to Apple, Google (Chromebook), or a flavor of Linux.
Being that 1703 and 1709 have been flawless for me on all my machines, I (like b) have basically given MS a longer rope and I do install patches as they’re released. If a machine goes up a creek, I have daily backups to restore from. I’m glad to be in a place to not fret over updates like I did with all my 7 machines over the last several years. (And yes, I do have workstations for “work”, as you mention.) -
anonymous
GuestKeep in mind that b and zero2dash are Win 10 IT Admins running the Win 10 Ent edition and who are well-versed in testing and recovering Win 10 from botchy updates and upgrades – unlike the average Joe and Jane running the Win 10 Home or Pro edition.
Eg most average Joe and Jane do not have another test machine to test Win 10’s forced updates and upgrades before actually installing them on their “production” machine/computer. -
zero2dash
AskWoody Lounger@ “anonymous” above:
No sure if sarcastic or not…
Yes I am on a team that manages Win10 Enterprise (both 1511 and 1703 builds) via SCCM for a large company with about 2,200 Win10 machines in the field including desktops, laptops, and Surfaces. We do delay updates for approximately 3 weeks from gen pop….they push out to test 1 week after patch Tuesday, then a small subset (mainly IT) the 2nd week, then when it’s all clear, 3rd week they go out to gen pop.I do run 10 Pro at home and in my VM’s, and all my physical machines back up every night at 5:30am via Veeam Endpoint. Initially I deferred upgrades for 365 days and updates for 30 days but have since extended that MS rope and now the only update control I practice on my machines is changing the active time so when updates install, my machines only boot when they’re not being used.
Am I the typical “John and Jane Doe”, no, I’m not, but that doesn’t mean “John and Jane Doe” are having problems either. People who have problems, complain. People who don’t, don’t. Taking /r/Windows10 as anecdotal evidence, probably <5% of Win10 installs have problems and therefore complain. You (and others) may wish those numbers were more skewed, and more worse, but the fact is, they’re not.
-
OscarCP
MemberDear zero2dash, et al.,
Speaking for the gen pop, or general population in normal-speak, I don’t see what the hurry is for us, gen-poppers, to update anything, or has ever been, after any Patch Day in living memory, except, perhaps, for the few occasions when some actual plague of malware was really unleashed on the world.
Sysadmins, who’s job is to take care of whole bunches of machines, have different priorities, so they tend to do things quite differently from us, gen-poppers (a.k.a. the hoi polloi.)
Not being anybody’s sysadmin but my own, I have decreed, for now and forever, with the most severe penalties imaginable to any trespassers regardless of who they might be, that I must wait a while, rather patch right away and be, in consequence, summarily condemned to join the 5% of those who are, using Woody’s expression, left “spitting nails.”
So, why is there even a discussion of this non-issue going on here?
My motto: Be Group B, or die!
Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).
MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV -
mindwarp
AskWoody PlusPersonally, I suspect that percentage of people who have complaints about Win10 is too low, actually. Keep in mind that there are many people who own computers who just know how to surf the web and send email, and at a very, very basic level at that – and they do own Win10 computers because they’re used to Windows. I help people like that with their laptops all the time, as part of my job (I work in the reference department at a public library, so we also do tech help). I hear a LOT of complaints about Win10 from average users on a regular basis, including update issues, and many of them would never think of even looking for a tech site to look for help, much less voice their complaints.
1 user thanked author for this post.
-
woody
ManagerNaw, @b isn’t lying. He sees the patching process differently from the rest of us. It’s an important point of view.
Keep in mind that major problems only crop up on a minority of machines. How few is open to debate — only Microsoft knows, and they ain’t tellin’. In the majority of cases (with unusual exceptions like January’s crop) the problems only hit 1 in 10 or 1 in 100 machines. If you’re the “1” you’re going to be spitting nails. And for good reason.
-
-
-
anonymous
GuestI’m glad things worked out for you this time.
Problem is, there’s a valid reason why folks react the way they do. And it’s not just here on AskWoody. Sure, this site tends to be more vocal because (I believe) the average technical ability is much higher here than at many other tech help communities.
I’m very familiar with your unique posting style and comment history. But one has to admit that (especially recently) MS patches haven’t had a great track record. People aren’t making this stuff up just because they dislike Microsoft. In many cases, people dislike Microsoft because of what Microsoft has done, whether it’s forced upgrades like GWX, countless buggy patches, and show-stopping compatibility issues. And it’s not a rare thing anymore, it’s become an almost monthly affair.
Windows 10 has changed so many things about Windows, and some of these changes are regressive.
1 user thanked author for this post.
zero2dash
AskWoody LoungerMy 1709 machines pulled down the updates and installed with no issues as well.
I’ll reiterate once more that I’ve had 0 issues with 1703 or 1709 or the updates for either, on several machines of varying configurations (some physical, some virtual). IME MS has done better on those versions with updates than all other versions of Windows.Microfix
AskWoody MVPKnown Issues for March 2018 updates
(Windows 7) SMB Servers may leak memory after installing the update — Fix in the works.
(Windows 7) Stop error on machines with the Physical Address Extension (PAE) mode disabled — Update is not delivered to 32-bit systems with PAE disabled.
(Windows 7) Stop error on machines not support Single Instructions Multiple Data (SIMD) Extensions 2 (SSE2) — Fix is in the works.
(Windows 7 and 8.1) No updates for systems without compatible antivirus solution or Registry key set — Set Registry key:XXX
XXX = unable to insert code due to security of WordPress, see Ghacks March 2018 updates
All the more reasons not to update until MS-DEFCON 3 if any of these specifications are relative to your system.
Thanks again to Martin Brinkmann for a rapid investigation to this months patches!
Keeping IT Lean, Clean and Mean!Pim
AskWoody PlusAnd again Office 2007, which officially “died” in October 2017 (EOL), received resuscitation: it received March updates. It has received monthly updates up till now without any exception. This does raise a question: are all vulnerabilities in Office 2007 still being patched or just some of them? The last couple of months Office 2007 received less patches than Office 2010, I noticed. This could mean two things: either Office 2007 has less vulnerabilities or not all vulnerabilities are patched. Because there is no statement whatsoever about why MS keeps patching Office 2007 that is a question I do not dare to answer. Fortunately I jumped to Office 2010 in August last year, so I do not have to worry about it. But this patching practice for Office 2007 is weird and certainly unclear.
ASRock Beebox J3160 - Win7 Ultimate x64
Asus VivoPC VC62B - Win7 Ultimate x64
Dell Latitude E6430 - Win7 Ultimate x64, Win10 Pro 22H2 x64 (multiboot)
Dell Latitude XT3 - Win7 Ultimate x86
Asus H170 Pro Gaming - Win10 Pro 22H2 x64Elly
AskWoody MVPKB 2952664 disappeared from Windows Update (even the hidden ones) on Saturday when I checked…
It’s back… and thinks its important, too! So important, that it is tucked away, safely hidden once more…Non-techy Win 10 Pro and Linux Mint experimenter
-
Cascadian
AskWoody LoungerI had wondered if the metadata change would have made the reissued and promoted KB2952664 appear on the KBNew list from headliner links near top of page. Many old patches have had edited articles listed and caught by MrBrian’s listing machine. But not our dear friend. Microsoft likes to keep its mysteries to themselves.
anonymous
GuestT
AskWoody PlusDon’t tell me how Edge is so much more secure than IE.
Likewise, don’t tell me how Win10 is so much more secure than 7 or 8.1 despite attempts of microsoft pr to convince us otherwise. The number of vulnerabilities every single month is proof enough.
1 user thanked author for this post.
SkipH
AskWoody PlusAm I the only one that has noticed that a link to a Microsoft web page given in the main “March 2018 Patch Tuesday” article on the Home page gives a 404 error, Sorry, Page not found:
https://support.microsoft.com/en-us/help/4091666
There’s at least one other invalid link to another MS page:
https://support.microsoft.com/en-us/help/4091664
Note that these are errors on a major MS page discussing ‘fixes’ to various problems. Apparently, MS does not check its web page ‘programming’ any better than it checks it patches.
PS: another one,
-
abbodi86
AskWoody_MVP -
abbodi86
AskWoody_MVP -
abbodi86
AskWoody_MVP1703 and 1607 ones are up
https://www.catalog.update.microsoft.com/Search.aspx?q=KB4091663
https://www.catalog.update.microsoft.com/Search.aspx?q=KB40916641 user thanked author for this post.
RetiredGeek
AskWoody MVPWoody,
you’d have to be a real glutton for punishment — and a daft one at that
Well, that certainly sounds like me! ???
So away we go… Of course this was done on my backup computer which has just been imaged 2 days ago!
Haven’t found a problem yet…
FYI: Dell XPS 8700 Win 10 16299rs3_release 170928-1534.
-
woody
Manager
WildBill
AskWoody PlusThis is related to Intel Microcode Updates for the Meltdown/Spectre problems which haven’t occurred in the wild yet. When they are applied during MS-DEFCON 3 or higher, will they be obtained through Intel or Microsoft? Still not sure which will be the source. BTW, here’s the Intel Microcode Revision Guidance PDF as of March 6. More have gone to Production, including Ivy Bridge, which is my product.
Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...-
CADesertRat
AskWoody Plus -
MrBrian
AskWoody_MVP -
walker
AskWoody Lounger@Mr.Brian: I found the name of my Core-3, a long time ago, and at that time it was considered to be safe. I did not write it down at the time, and can’t recall which one it was. Is there the procedure I used the first time to locate it still available? Thank you for any information you may be able to provide, and all of the other invaluable advice which all members are very grateful for. 🙂
-
anonymous
GuestFinally, Microsoft felt that Windows 10 Pro 1709 boxes should receive cumulative updates again and removed the block preventing updates showing up via Windows Updates. It’s remarkable that Microsoft refused to provide Windows 10 Pro 1709 users Windows updates for more than 2 months.. Nonetheless, most of Microsoft’s sites (i.e. msdn.microsoft.com) no longer play well for Internet Explorer 11. Looks like the deliberately mess with their sites to force users switch to a different Web browser.
anonymous
Guest-
PKCano
Manager -
anonymous
Guest
-
Justin42
AskWoody LoungerFred
AskWoody Plusdononline
AskWoody LoungerWell, this just ain’t my day. I almost had this comment finished and hit a wrong key or something and lost it. I’ll try to do another one.
So, I have all the known — at least to me — settings in place on all three of my WIN 10 1607 Pro computers to keep MS from force feeding any of them the WIN 10 1709 Upgrade. I’m not going to take the time to list all the settings I’ve made and programs I use to accomplish this again (I’m a “hunter and pecker” typist and I’m too upset to go through that again), but trust me, I have my computers locked down like the gold at Ft. Knox, doing all the things we’ve talked about here in the Lounge.
Today, on my Desktop Computer, I fired up Windows Update Blocker to turn Services back on so I could check for updates with Windows Update Mini-Tool, and hide them until Woody goes to MS-DEFCON 3 this month. (I check often for updates and apply any Windows Defender virus definitions immediately, which is usually every day.)
But today? Surprise, surprise, surprise! After I had hidden all the monthly updates and had updated the Windows Defender virus definitions, before I could go back to Windows Update Blocker to turn Services back off, guess what popped up? Why, it was the good old Windows 10 Update Assistant and the upgrade to WIN 10 1709 was speeding right along!
I cursed a few times, shut down the computer with the ON/OFF Button on the CPU, unplugged the router power cord to shut down the Internet connection, and cursed a few more times.
So, right now I have a pretty little shortcut to the Windows 10 Update Assistant on my desktop, and two new folders on the root of my C:/ drive: $GetCurrent and Windows 10 Upgrade. The $GetCurrent folder is created during the upgrade process. It contains a log file about the last Windows upgrade. The Windows 10 Upgrade folder has a slew of files and folders and, since it contains Windows10UpgraderApp.exe, I’m guessing it’s the files for the upgrade to 1709.
Now mind you, all this is AFTER uninstalling the Update for Windows 10 for x64-based Systems (KB4023057) through Revo Uninstaller, and running CCleaner, System Mechanic and the Windows Disk Cleanup program, set to Clean up System Files. I see that the Windows 10 Update Assistant has magically reappeared in Revo Uninstaller also.
But that ain’t all, folks! I checked my other two computers, where both have had Services turned off with Windows Update Blocker and Protect Service Settings checked, and have NOT run the Windows Update Blocker to turn Services back on. In other words, all settings have been in place to keep MS from forcing the WIN 10 1709 Upgrade. All I did was turn them on today and boot them up.
OK, right now I know what you’re thinking … I bet you’re thinking that the Update for Windows 10 for x64-based Systems (KB4023057) and the Windows 10 Update Assistant has automagically appeared on the other two computers, right? Well, you’d be wrong … only the Update for Windows 10 for x64-based Systems (KB4023057) has automagically appeared on the other two computers! Somehow, it’s made it’s way through all the settings and Applications to keep MS from force feeding them the WIN 10 1709 Upgrade! Only after KB4023057 installs does Windows 10 Update Assistant appear.
Well, that’s my story and I’m sticking to it. But I can’t tell you how angry I am right now. I’ve taken my anxiety meds, [edited – please keep on topic, and remember the Lounge Rules]
Really, I’m so sick of dealing with all this insane WaaS stuff I’m getting real dad-gummed close to getting this piece of crud off all of my computers and replacing it with, oh, I don’t know, Linux? Vista? XP? Anything but the “greatest Windows operating system ever!” I call bullsh*t on that.
So, I just don’t know where to go from here. I’ve got that danged Update for Windows 10 for x64-based Systems (KB4023057) just sitting there on all three of my computers just waiting to get it’s fat, sweaty palms on the Windows Update Service so it can do it’s dirty deed. And as far as I know, you can’t get rid of it. And if you do … it’ll be back. I’m sure Satya and his merry band of mischief makers will eventually figure out a way around Windows Update Blocker, too. Don’t doubt me on that, folks. We’re all going to eventually succumb to WaaS and it’s dastardly ways, or else!
Well, I’m just going to sit tight right where I am until I’m in a better mood and can think straight again. Right now, I’m so angry I can’t. If anyone has any suggestions, I’d appreciate them. Really. I’m utterly at a loss.
Thanks for taking the time to read all this. I know it’s really long, and probably confusing. You folks are the greatest!
P.S. Double clicking the Windows Update Assistant on my desktop presented me with the following propaganda. Yea, right … but at least cancel update on the second window does in fact cancel the update.
4 users thanked author for this post.
Susan Bradley
ManagerIf you manually kick a check for updates, you trigger a potential check in to the Windows 10 feature update. What deferrals did you have in place and do you have CBB/semi annual set to be deferred 365 days? As if you just have it deferred until it’s declared current branch for business, 1709 has been declared as “baked”. You need to push off that deferral for the 365 day value.
Susan Bradley Patch Lady
-
dononline
AskWoody LoungerHi, Susan. Welcome to AskWoody. Your knowledge and articles are a great big plus to a great Website!
In Group Policy, I have both Select when Feature Updates and Quality Updates are received set to Disabled. I think this was part of the setup instructions when I started using the Windows Update MiniTool to manually control updates and upgrades, I don’t remember for sure.
However, I’ve been using WUMT for quite a while now, and it’s worked flawlessly, except for one Cumulative update that wouldn’t finish installing until I turned off my antivirus program, which had nothing to do with WUMT, naturally. It’s been great for postponing the monthly updates until Woody lights up MS-DEFCON 3, or skipping updates completely, and for skipping the 1703 Upgrade completely, and the 1709 Upgrade … until yesterday.
It seems MS has made some changes that has blown up my current update/upgrade plan. As soon as it detects Windows Update Service running, it immediately begins upgrading to the latest version of Windows 10. Looks like we all may eventually be forced to update/upgrade according to MS’s plans, not ours.
They began by ignoring the deferral settings in 1703. Looks like their next step is to get everyone forced onto the latest version whenever they like, no matter the user settings. When called on it, they just say, “Oops”, and keep on rollin’.
Thanks for your input. I’m stuck with all three of my computers locked down where, hopefully, MS can’t get through to install the 1709 Upgrade. I’m hoping to be able to wait until 1804 is ready before doing another upgrade. I hate it that I may not be able to do any updating, either, though, in order to keep 1709 at bay. I definitely have some thinking and deciding to do.
anonymous
GuestMrBrian
AskWoody_MVPA problem with some Windows 10 update blocking methods is that when updates are turned on, automatic updates may start downloading and installing. Perhaps that’s what happened to you. In my opinion, what is needed is a method that stops automatic Windows 10 updates; I will be testing this method for hopefully doing so soon.
KB4023814 is an update that installs the Windows 10 Update Assistant. See this post for how to get rid of the Windows 10 Update Assistant.
1 user thanked author for this post.
-
dononline
AskWoody Lounger@MrBrian … I followed the instructions you provided for how to get rid of the Windows 10 Update Assistant to the letter. Since the Assistant had been installed on the desktop computer, every step was pertinent to it. BTW, when I booted the desktop this morning, up popped the Update Assistant again and installation of 1709 began. There was, indeed, a Scheduled Task set to run the Assistant at startup. Unbelievable!!
On the other two computers only the KB4023057 Update was installed, so it was mostly just uninstalling that and checking that the other items were already as they should be.
One other strange thing, though, is that I’ve been keeping KB4023814 hidden, along with KB4049411, KB4033631, and KB4056254, and none were ever installed on any of my three computers. I did a search just to make sure, and they couldn’t be found. Anyhow, hopefully I now have everything cleaned up and blocked again, For now. But as soon as any of my computers connect to Windows Update Service again …
Thank you very much for your help.
-
Terry Muench
AskWoody LoungerSupposedly (KB4023814 => Windows 10 Update Assistant) cannot be uninstalled, at least not easily.
I have seen many posts on how to disable the totally obnoxious Update Assistant; yes you use the Task Scheduler, but no need to get into triggers or anything else; simply disable the three tasks listed below
> Microsoft > Windows > UpdateOrchestrator
UpdateAssistant
UpdateAssistantCalendarRun
UpdateAssistantWakeupRun
So far on my three home PCs, Microsoft has not yet re-enabled these tasks. Don’t be surprised if they do, so check regularly.
1 user thanked author for this post.
-
dononline
AskWoody LoungerThanks, Terry. Doing what you suggests was part of the routine suggested by MrBrian, and I’ve done that on all three of my computers. So far, so good.
How do you suggest we proceed with hiding the monthly updates until Woody gives us the MS-DEFCON 3 light, and postponing and/or skipping any upgrades we don’t want? I’m at a loss right now. I’m stuck with all three of my computers locked down where, hopefully, MS can’t get through to install the 1709 Upgrade. But as soon as MS sees that Windows Update Service is on, updating they go!
-
dononline
AskWoody LoungerReplying to one’s own post isn’t kosher, I know, but I could think of no other way to thank everyone for your help and suggestions. As soon as I get a little more sleep and rest, I’ll begin acting on each of your suggestions and input individually. I’ll probably have more questions also, but right now, I just need a some napping and resting time.
Thanks again, and, please, anyone with more help to offer, keep it coming! 🙂
I’m a stubborn old cuss and just hate to “surrender” to MS’s complete takeover of my computers! A great day to everyone and thanks again!
1 user thanked author for this post.
MrBrian
AskWoody_MVPMore info: If I recall correctly from testing in 2017, the Windows Update service must be enabled in order for wushowhide to function properly. When the Windows Update service is enabled, then, depending on your settings, automatic updates might start to download and install before you’re able to hide updates with wushowhide. One of the updates that might be downloaded and installed by automatic updates is KB4023814, which installs the Windows 10 Update Assistant, and then the fun begins.
1 user thanked author for this post.
-
dononline
AskWoody Lounger
anonymous
GuestNoel Carboni
AskWoody_MVPOut of curiosity, what build revision is this update supposed to bring Win 10 v1709 up to?
From my test system that’s on 16299.251, I ran Windows Update and it just showed MSRT, an Adobe Flash update, and a Windows Defender definitions update.
I don’t know how I’ve gotten it into this state, but as far as I can see I have one of the few Win 10 setups that’s hesitant to install new updates. I like it! Wish I knew which of the many things I’ve done that’s led to this enviable state. 🙂
I do currently see Cumulative Update KB4088776, dated March 10, in the catalog… I think I’ll pull that onto this test system manually and see how it goes…
-Noel
-
zero2dash
AskWoody Lounger
Rick59
AskWoody Loungerb
ManagerInternet Explorer 11: 7 vulnerabilities, 2 critical, 5 important
Microsoft Edge: 16 vulnerabilities, 12 critical, 4 importantDon’t tell me how Edge is so much more secure than IE.
By that criteria, Edge is more secure than Firefox (which got 18 security fixes today) and Chrome (which got 45 security fixes last week).
Would you expect a 22-year-old browser to have more bugs than one being actively developed?
Windows 11 Pro version 22H2 build 22621.1778 + Microsoft 365 + Edge
-
samak
AskWoody Plus -
anonymous
GuestEdge and IE are updated monthly. Google Chrome and Mozilla Firefox aren’t on a set monthly cycle. For example, Mozilla last released security updates for Firefox around the end of January 2018.
Edge had 12 critical and 4 important.
Firefox had 2 critical, 4 high, 7 moderate, and 5 low.
Regarding Edge, it’s not Woody who’s saying Edge is more secure than IE. Microsoft has touted Edge’s security features in ads inside Windows 10 (among other areas). Thing is, most of those claims come from an older NSS labs report where SmartScreen was doing the heavy lifting. But the web evolves.
Yes, Microsoft really wants us to use Edge, and security issues aside, the compatibility is still evolving. Hopefully Edge will fully supplant IE for all the right reasons.
1 user thanked author for this post.
-
radosuaf
AskWoody LoungerWould you expect a 22-year-old browser to have more bugs than one being actively developed?
I would expect Microsoft to tell the truth. Too much, I know.
ASUS PRIME Z270-K * Intel Core i7-6700 * 2 x 8 GB Corsair Vengeance LPX DDR4 2133 MHz * Aorus Radeon RX 570 4GB * Samsung 840 EVO 250GB SSD * SanDisk Ultra 3D 1TB SSD * DVD RW Lite-ON iHAS 124 * Creative X-Fi XtremeGamer PCI * Windows 10 Pro 21H2 64-bit1 user thanked author for this post.
anonymous
GuestHello again.
Once again Error 80070057 trumps my March’s IE security update. Never thought such error could be that resilient. *sigh*
But no, I shall not let such cold-blooded error spoil my month as I will remain vigilant and optimistic. If what Gone to Plaid said about IE security updates not being cumulative was true, then I’m not going to waste my anxiety over this matter.
– “Failed to Install KB” Anonymous
FakeNinja
AskWoody LoungerMrBrian
AskWoody_MVPThis issue was added to some Windows 10 KB articles (example): “Users with Windows 10 Version 1709 Enterprise that have installed the January 2018 Delta package may encounter failure issues when installing the February and March 2018 updates from the Microsoft Update Catalog. Specifically, the Windows 10, version 1709 February Delta Update may silently fail.”
Quazi11
AskWoody LoungerI’ve been interested in this too. Earlier months the “Windows Next” updates were labled as TEST, but these look official. My assumption would be they apply to 1803 which has probably been locked down at this point.
Looking at the update details, some have links that go to dummy pages (KB4087657), one is a Server Next update (KB4087658), but the page is about a compatibility update for Win 10 1803 upgrade. I’m going to guess the veil will be removed when 1803 drops.
anonymous
GuestDaft person here. On all three virtualized (ESXi) Windows 2008 R2 servers that we installed the updates on, the network adapters (vmxnet3) got removed and recreated. Had to go in and reassign the static IPs. Our physical 2008 R2 server that updated, virtual 2008 R2 server that didn’t update, and virtual 2016 server that updated were all fine.
-
woody
Manager
BillBecker
AskWoody PlusNot sure if this is a Patch Tuesday issue since it’s now Wednesday, but my fully patched Win 10 machine (FCU build 1699.309 – Asus Haswell era) just received a list of 27 (yikes!) driver updates from Windows update. Maybe half of the descriptions have dates, – all in 2016 or 2017. I hate driver updates! Anybody else seeing this?
anonymous
GuestBefore, I had Spectre protection on my Ivy Bridge computer. How I got it, I don’t know – perhaps from Firefox. Then I installed KB 4088879, and now my computer runs slower.
InSpectre reports that I now have Meltdown protection on my computer, but no Spectre protection. InSpectre will not disable the Meltdown protection (although it tries to) so unless I uninstall KB 4088879, I am stuck with a slow computer.
Windows 8.1 Group B
Thanks PKCano.
1 user thanked author for this post.
-
walker
AskWoody LoungerThe reference to FIREFOX caught my eye! I haven’t installed anything since March 10th, and that was: KB4076492. I just left the MSRT there, and probably the WD update as well. I normally don’t install those. Win 7, Home Prem., x64, Group A.
The FIREFOX caught my eye because I had a huge problem trying to install the new version (think it’s 59.0.1) today. I went to the website, and it wouldn’t accept my password, so I was forced to get a new password. I have had this browser for “years”, and have never had such an exasperating experience!!! Got it straightened out, however it does make me wonder “what is the reason” that this occurred. I only installed the one update patch as listed above.
I had about 2 or 3 prompts between yesterday and today to update the browser, and then decided to just update it from the “Help” menu, at which time I encountered these problems.
Anyone else have any problems similar to the one I had? Makes one wonder exactly what the issue was that caused this. In other words how could something such as this be “changed” in such an invasive manner??
-
Bob99
AskWoody PlusHi walker!
Sorry to say, but I’ve never been asked for a password on Mozilla’s site at all. Also, I’ve never had to use a password to update Firefox, dating all the way back to Firefox 3 or 4.
I’ve always used the built-in updater in the Help menu, as you did this time, to check for and apply updates, except once when Mozilla changed Firefox enough so that we all had to download a completely new copy, and restore our profiles from a backup.
When you said “I went to the website, and it wouldn’t accept my password, so I was forced to get a new password”, were you speaking of the Mozilla website for obtaining a new copy of Firefox (firefox.com) or was it their support website login at https://support.mozilla.org/en-US/users/auth possibly?
If so, you don’t need to login to that support website to get the latest version of Firefox, just use the feature that’s built-in to the browser like you did earlier today, although I still don’t see why even that feature asked you for a password. That issue (updater in the help menu asking for a password and user account login) makes it sound as if you might be infected with some password stealing malware. 🙁
1 user thanked author for this post.
-
walker
AskWoody Lounger@Bob99: Hi, again! No, I have never had to log into anything to update Firefox either. Only when I am accessing the Mozilla Support site (to ask a question), and that link is:
Support.mozilla.org/en-US/questions/new/desktop/other/form?search=Partially+encrypted+connection+in+secure+site+(Yahoo%2C+after+signing+in)&step=aaq-question
This site is down today for updating work, according to the message there. On this website one must have a “name” and password both. Have never had a problem logging in there, however it just would not accept my password, so it was necessary to obtain a new one. I too have used Firefox “forever”, however never had the problem you described in your post.
Like you, I have usually just used the method available on the browser for updating, and never had any problems. This time was different, and I was unable to update. Therefore I was able to contact them and request a new password. I hope I never have that problem again, as it was very upsetting after using this browser for so many years and never having a problem with it.
Thank you for citing your history reflecting that you have never had any problems. I hope I never do again. 🙂
-
-
CraigS26
AskWoody Plushttps://newsroom.intel.com/wp-content/uploads/sites/11/2018/03/microcode-update-guidance.pdf
Above is about — “Revised”2nd-G Sandy Bridge CPUID 306A7 (InSpectre shows this for me) – And – 3rd-G Ivy Bridge CPUID 306A9 — Patches for Meltdown-Spectre and they show “PRODUCTION” as status.
My Gateway DX4860 is NOT on the Acer page but I thought I’d post this in case someone benefits from it as Patch releases occur. Can’t make much of it with my readings so far — But FYI. Remove Hyperlink/Paste doesn’t work for posting the URL’s so always Save As .TXT & Then Paste to be safe.
W10 Pro 22H2 / Hm-Stdnt Ofce '16 C2R / HP Envy Desk-Ethernet - SSD-HDD/ i5(8th Gen) 12GB / GP=2 + FtrU=Semi-Annual + Feature Defer = 1 + QU=0
cesmart4125
AskWoody LoungerMacrium is reporting issues in Win 7/10 computers following the recent Windows updates. Their release notes contain the following:
A Windows Update on the 13th March has caused some Windows 7 and 10 32 bit systems to fail to load Windows after updating. The error occurs when kernel mode driver ‘pssnap.sys’ loads at boot time. This update removes ‘pssnap.sys’ from boot time configuration. Note: Simply deleting the file is insufficient to resolve the problem.
We recommend that 32 bit installations of Macrium Reflect on XP, Vista, Windows 7, and Windows 10 upgraded from Windows 7, 32 bit operating systems update to this release.
If you have already updated Windows and experience this error then please see this KB article for a solution:
https://knowledgebase.macrium.com/display/KNOW7/Windows+7+32+bit+BSOD+after+MS+Windows+UpdateIf you have not yet updated Windows then please update to this version of Macrium Reflect to enable Windows to update without problems.
After updating, XP, Vista and Windows 7 32 bit systems, will no longer have ‘pssnap.sys’ available. If MS VSS shadow copies fail, then your backups will no-longer fall back to using ‘pssnap’. Please ensure that any VSS errors are resolved to successfully complete your backups.
Edited for HTML. Please use text tab when using copy and paste in your replies.
MrBrian
AskWoody_MVPNote added to March 13, 2018—KB4088875 (Monthly Rollup) (Win 7) and March 13, 2018—KB4088878 (Security-only update) (Win 7): “If the version of PCI.SYS file is less than 6.1.7601.21744, please follow the step-by-step instructions outlined below before applying this update to physical or virtual machine:”
MrBrian
AskWoody_MVP-
MrBrian
AskWoody_MVP
DrBonzo
AskWoody PlusSeriously??!! There’s no way I’m going to attempt that and I’ll bet there’s no way a typical home user would attempt it either. Then again, I’m not being offered the Rollup in Windows Update, so I’ll just wait until I am, at which point I’ll also assume I won’t need to run scripts.
Um… I would be right in assuming that at some point these patches should not require the user running a script, and that they would just install on their own after I click an OK to install button??
1 user thanked author for this post.
-
MrBrian
AskWoody_MVP
Bob99
AskWoody PlusWhat @MrBrian mentions in post 178189 just above,
This script needs to be run with admin privileges.
and what @DrBonzo mentions in post 178197 also above,
Seriously??!! There’s no way I’m going to attempt that and I’ll bet there’s no way a typical home user would attempt it either. Then again, I’m not being offered the Rollup in Windows Update, so I’ll just wait until I am, at which point I’ll also assume I won’t need to run scripts. Um… I would be right in assuming that at some point these patches should not require the user running a script, and that they would just install on their own after I click an OK to install button??
are, I believe, the biggest reason(s) that MS pulled KB4088875 from being offered through the WU channel to users. They probably figured that most folks using that method to install rollups wouldn’t be able to or wouldn’t desire to install that patch with anything other than the proverbial click of a mouse.
Notice that the word “most” is in italics above, as I know there are still folks who are being offered the patch via WU, but that it’s unchecked by default for them.I was initially offered the update for both of my machines, but it has since been pulled, and has been replaced by the preview offering for next month, which shall remain uninstalled as I don’t install any previews of MS patches, only “production” releases. Production is in quotes because, with MS patches lately, most seem to be a preview anyway with their assorted problems each month. 🙁
1 user thanked author for this post.
Bob99
AskWoody PlusNote added to March 13, 2018—KB4088875 (Monthly Rollup) (Win 7) and March 13, 2018—KB4088878 (Security-only update) (Win 7): “If the version of PCI.SYS file is less than 6.1.7601.21744, please follow the step-by-step instructions outlined below before applying this update to physical or virtual machine:”
@MrBrian, I also happened to notice that KB4088875 was last updated today, the 25th of March, so maybe the note you mention is what was changed in it.For everyone else reading this thread, if you don’t recall where the file pci.sys is and want to find it, it’s probably in your System32/drivers folder.
-
DrBonzo
AskWoody PlusYes, my PCI.SYS file is in Windows > system32 > drivers.
I’m assuming that since the last five digits on my file are 17514 that’s it’s older than a file that has 21744 as its last 5 digits and that therefore I would need to run the script. Still think I’ll wait before doing anything. MS needs to fix this.
1 user thanked author for this post.
MrBrian
AskWoody_MVPMrBrian
AskWoody_MVPAdditional problems with KB4088878 (Win 7) and KB4088875 (Win 7) reported at https://social.technet.microsoft.com/Forums/windowsserver/en-US/e38d59ab-f8af-4f8c-bc4a-e39c3af88d62/kb4088878-kb4088875-causes-network-connectivity-issues-on-windows-server-2008-r2-or-windows-7?forum=winservergen.
MrBrian
AskWoody_MVPMore updates released today:
Stop error 0xAB when you log off a Windows 7 SP1 or Windows Server 2008 R2 SP1 session
Stop error 0xAB when you log off a Windows Server 2008 session
Stop error 0xAB when you log off a Windows Server 2012 session
1 user thanked author for this post.
-
geekdom
AskWoody_MVPMore updates released today…
In keeping with minimalism, are any of these patches absolutely necessary?
Carpe Diem {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1778 x64 i5-9400 RAM16GB HDD Firefox114.0b8 MicrosoftDefender -
MrBrian
AskWoody_MVP
-
MrBrian
AskWoody_MVPMicrosoft has released update KB4099950:
“This update addresses issues introduced in KB4088875 and KB4088878 for Windows 7 Service Pack 1 (SP1) and Windows Server 2008 R2 SP1 where a new Ethernet Network Interface Card (NIC) with default settings may replace the previously existing NIC, causing network issues. Also addressed, is an issue where static IP address setting are lost after applying the update. These symptoms may be seen on physical computers and virtual computers running VMWare.”
1 user thanked author for this post.
-
MrBrian
AskWoody_MVP -
abbodi86
AskWoody_MVPSo it’s the easy automated version of the vbs script
it checks if KB2550978 hotfix is installed (or any superseder)
the hotfix actually describe the mess with NIC and March updates in very informative wayi wonder why Microsoft didn’t roll out that important fix years ago through WU
1 user thanked author for this post.
-
MrBrian
AskWoody_MVP-
samak
AskWoody Plus“Important: This update must be installed prior to installing KB408875 or KB408878″
Congratulations to MS who can’t even get the KB numbers correct – only 6 digits ? Great quality control…
Windows 10 Home 22H2, Acer Aspire TC-1660 desktop + LibreOffice, non-techie
-
PKCano
Manager -
geekdom
AskWoody_MVPKB4088875 was released March Patch Tuesday. Time flies backward.
Carpe Diem {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1778 x64 i5-9400 RAM16GB HDD Firefox114.0b8 MicrosoftDefender1 user thanked author for this post.
MrBrian
AskWoody_MVPAfter installing KB4099950, it creates log file \windows\logs\PCIClearStaleCache.txt.
The contents of my PCIClearStaleCache.txt on a virtual machine:
Path = C:\Windows\system32\drivers\pci.sys
pci.sys file version is 6.1.7601.17514
Pci.sys indicates KB2550978 or later KBs *NOT* installed
Deleting the PCI SlotPersistentInfo registry keys…
Deleted PCI SlotPersistentInfo registry keys successfully1 user thanked author for this post.
MrBrian
AskWoody_MVPUpdate KB4099950 repeatedly refused to install in my virtual machine via Windows Update, with error 80243004. I looked up the error message at https://support.microsoft.com/en-us/help/938205/windows-update-error-code-list: “0x80243004 WU_E_TRAYICON_FAILURE A failure occurred when trying to create an icon in the taskbar notification area.” A web searched led to this link, whose solution fixed the issue. If you don’t want to use this solution, I also found that manually installing KB4099950 via the Catalog works fine.
TheOwner
AskWoody Lounger-
GoneToPlaid
AskWoody Lounger
Viewing 35 reply threads -

Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 11, Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.
Search Newsletters
Search Forums
View the Forum
Search for Topics
Recent Topics
-
Gigabyte motherboards backdoor
by
Alex5723
31 minutes ago -
numbering in a table
by
RopyDavits
3 hours, 24 minutes ago -
LMDE 5 32-bit dual boot on seperatd drives
by
bassmanzam
1 hour, 33 minutes ago -
Microsoft ends 2017 Surface Book 2 support
by
Alex5723
14 hours, 40 minutes ago -
My monitors won’t turn on
by
Rush2112
8 hours, 3 minutes ago -
AMD Software Failed to Launch Because Windows Update Has Replaced the AMD…
by
Alex5723
1 day ago -
Microsoft : New macOS vulnerability, Migraine, could bypass System Integrity…
by
Alex5723
1 day, 2 hours ago -
Remove One Drive
by
crudolphy
1 day, 8 hours ago -
Firefox users on Windows 7, 8 and 8.1 moving to Extended Support Release
by
Alex5723
19 hours, 19 minutes ago -
How to change “User Account Control:Run as administrator”
by
DKThompson
1 day, 12 hours ago -
Two monitors, want different “fixed” wallpaper on each one
by
MauryS
1 day, 19 hours ago -
Microsoft forcing move to Microsoft account?
by
Tom
1 day, 16 hours ago -
Event 2545 Device Management – Enterprise – Diagnostics – Provider
by
Tex265
1 day, 20 hours ago -
QBot malware exploits Windows WordPad EXE to take over
by
Alex5723
2 days, 15 hours ago -
Laptop powers off during KB5026361 update
by
dhunter
2 days, 15 hours ago -
How to enable Sleep in Shut down menu?
by
Alex5723
2 days, 17 hours ago -
Beware of Google’s .ZIP domain and password-embedded URLs
by
B. Livingston
58 minutes ago -
Longstanding feature requests, and their status
by
Mary Branscombe
3 days, 1 hour ago -
Three typing tutors — no more “hunt and peck”
by
Deanna McElveen
3 days ago -
Is online banking secure?
by
Susan Bradley
17 hours, 48 minutes ago -
Bluetooth audio not working on older Lenovo T420 with Win 10
by
WSmsc0357
2 days, 6 hours ago -
Using wildcards in search and replace
by
Bob Karrow
3 days, 10 hours ago -
How is Windows XP a security risk?
by
Curious
1 hour, 22 minutes ago -
Is using VPN a good idea?
by
Tex265
3 days, 6 hours ago -
How to prevent/disable Bitlocker Automatic Device Encryption?
by
EricB
3 days, 18 hours ago -
Unexplained aspects of installing the latest update of Office 2021
by
TonyC
3 days, 17 hours ago -
Getting started with macOS Disk Utility: RAID, images, and repairs
by
Alex5723
4 days, 2 hours ago -
Getting started with macOS Disk Utility: Resizing, snapshots, and journaling
by
Alex5723
4 days, 3 hours ago -
Are you ready for AI?
by
Susan Bradley
20 hours, 24 minutes ago -
Windows 11 Insider Preview build 25375 released to Canary
by
joep517
4 days, 5 hours ago
Recent blog posts
- Beware of Google’s .ZIP domain and password-embedded URLs
- Longstanding feature requests, and their status
- Three typing tutors — no more “hunt and peck”
- Is online banking secure?
- Are you ready for AI?
- MS-DEFCON 4: Skip those Secure Boot scripts
- Getting started with winget
- No NumLock key? Problem solved! Here’s the fix.
Key Links
S | M | T | W | T | F | S |
---|---|---|---|---|---|---|
1 | 2 | 3 | ||||
4 | 5 | 6 | 7 | 8 | 9 | 10 |
11 | 12 | 13 | 14 | 15 | 16 | 17 |
18 | 19 | 20 | 21 | 22 | 23 | 24 |
25 | 26 | 27 | 28 | 29 | 30 |
Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.
Mastodon profile for DefConPatch
Mastodon profile for AskWoody
Home • About • FAQ • Posts & Privacy • Forums • My Account
Register • Free Newsletter • Plus Membership • Gift Certificates • MS-DEFCON Alerts
Copyright ©2004-2023 by AskWoody Tech LLC. All Rights Reserved.