News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • March 2019 Patch Tuesday patches

    Home Forums AskWoody blog March 2019 Patch Tuesday patches

    This topic contains 124 replies, has 36 voices, and was last updated by  anonymous 1 month, 1 week ago.

    • Author
      Posts
    • #340663 Reply

      woody
      Da Boss

      They’re starting to roll in. The Microsoft Update Catalog lists 124 patches. Individual Windows KB articles aren’t updated yet. More as the day unfold
      [See the full post at: March 2019 Patch Tuesday patches]

      5 users thanked author for this post.
    • #340673 Reply

      anonymous

      Win  8.1 x 64 updated – no problems found.
      XPmode updated (14 updates) – no problem found.

      1 user thanked author for this post.
    • #340687 Reply

      PKCano
      Da Boss

      Group B Security-only patches have been updated on AKB2000003 on Mar 12, 2019.

      UPDATE:
      Win7 Users
      will also need the Servicing Stack KB4490628 – Download 32-bit or 64-bit
      Please install it FIRST and wait 10-15 minutes to give the installation time to complete. Then reboot the computer before installing anything else.

      These are direct download links from the Microsoft Catalog.

      • #341363 Reply

        Skider86
        AskWoody Lounger

        I really don’t get the MS notes… I get that in theory it would be great to install the Servicing Stack all alone, but I have PCs that are off the network, turned off for vacations, etc. There is no way I can approve just this one patch on WSUS and get it to install before other updates in the real world.

        Edit to remove HTML

      • #341854 Reply

        anonymous

        I find myself unable to install the KB4490628? I let Windows Update do its thing on 13th but when I checked, it listed two updates as ‘Pending’ (KB4474419, KB4489878) and the Stack update KB4490628 failed. I’ve tried to install it multiple time, using both Update and standalone installs but with no success. Would appreciate some advice pls 🙁

        • #341861 Reply

          PKCano
          Da Boss

          What error code(s) are you getting?

          Have you tried running the Windows Update Troubleshooter?

        • #349463 Reply

          anonymous

          On a Windows 7 Pro SP1, Group A, the 2019-03 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4489878) will not progress beyond 56%.  This loop occurs after the “Successfully Installed” reboot.  I did follow PKCano’s instructions:
          Hide all the other pending (checked and unchecked) updates in the Important Updates.
          Check for updates.
          Install Servicing Stack KB4490628 (succeeded)
          Wait 10-15 minutes to give the install time to complete. Then reboot.
          Nothing has made the 2019-03 Rollup work.  I officially give up on the 2019-03 Rollup.  Woody had noted that on April 3, 2019, Microsoft admitted that there’s an issue that is fixed in next month’s Preview, but that seems to be a risk I am not willing to take.

    • #340692 Reply

      jabeattyauditor
      AskWoody Lounger

      Just patched home system (1809 Pro) with no obvious issues. Patch application speed was improved from previous months.

      If they’d be bothered to transition that performance enhancement to Server 2016, I’d be a happier camper.

      1 user thanked author for this post.
    • #340699 Reply

      Microfix
      Da Boss

      Martin Brinkmann over at ghacks has published the excellent detailed rundown of MS patches released today for various OSes.

      ********** PengWins x86/x64 **********

      2 users thanked author for this post.
    • #340695 Reply

      anonymous

      Windows 7, SP1       I was offered March KB4474419 security update to update to SHA-2  ?  How badly is this going to bork systems, if at all. Hard to be optimistic about these out of the blue updates as they pop up.

      • #340726 Reply

        woody
        Da Boss

        Yep, I’ve been talking about that since November. You’re going to need it, in order to install patches after July.

        2 users thanked author for this post.
    • #340709 Reply

      EP
      AskWoody_MVP

      hi woody.

      The KB4489899 cumulative update for Windows 10 version 1809 has two known issues listed:
      https://support.microsoft.com/en-us/help/4489899/windows-10-update-kb4489899

      Those using Win10 v1809 should definitely wait for the next update in late March rather than install KB4489899

      2 users thanked author for this post.
      • #340713 Reply

        jabeattyauditor
        AskWoody Lounger

        To be fair, the folks who might be affected by the first issue need some remedial education.  🙂

        The second issue (related to internal/external audio devices) seems more likely to be of consequence for the AW crowd with better-than-average hardware.

        • #340727 Reply

          woody
          Da Boss

          Those using Win10 v1809 should definitely wait for the next update in late March rather than install KB4489899

          Absolutely. Also, note that the same acknowledged bug also appears in the March 1 “February” cumulative update.

        • #340732 Reply

          Alex5723
          AskWoody Plus

          “The second issue (related to internal/external audio devices) seems more likely to be of consequence for the AW crowd with better-than-average hardware.”

          Like every gamer out there, and some non-gamers.

        • #340741 Reply

          b
          AskWoody Plus

          To be fair, the folks who might be affected by the first issue need some remedial education.

          They got it:

          ADV190010 | Best Practices Regarding Sharing of a Single User Account Across Multiple Users

          Cannon fodder Chump Daft glutton Idiot Sucker More intrepid Crazy/ignorant Toxic drinker Saluted blockhead "Unwashed mass" (Group ASAP) Win10 v.1903

          2 users thanked author for this post.
    • #340719 Reply

      Barry
      AskWoody Plus

      Very strange. For the first time ever that i can remember the patches were already installed and waiting a restart.

      Even though i am usually pretty quick on the draw on patch tuesday i always have to hit check for updates.

      Also no notification that the computer was awaiting a restart.

       

      Barry (Seeker)

    • #340721 Reply

      bbearren
      AskWoody MVP

      Desktop – Routine Definition Updates for Windows Defender plus
      KB2538243 – Security Update for Microsoft Visual C++ 2008 Service Pack 1 Package

      NAS – Routine Definition Updates for Windows Defender plus (with restart)
      KB4486553 – Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809 for x64
      KB4482887 – Cumulative Update for Windows 10 Version 1809 for x64-based Systems

      Latitude E5420 – Routine Definition Updates for Windows Defender, nothing further.

      Create a fresh drive image before making system changes, in case you need to start over!
      "The problem is not the problem. The problem is your attitude about the problem. Savvy?"—Captain Jack Sparrow
      "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns

      "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

      • #341359 Reply

        alQamar
        AskWoody_MVP

        just as many other C++ updates available via MS download pages also this package is still outdated

        KB2538243 – Security Update for Microsoft Visual C++ 2008 Service Pack 1 Package

        use All in One Runtime from computerbase.de to fix your security holes with C++. MS does not care. 

        The only way to get the secure versions is this great tool (skip other installations) or dl them via Visualstudio portal.

        more information:
        https://borncity.com/win/2017/12/19/the-problem-with-c-redists-3rd-party-security-patches-i/

         

        Edited for HTML. Please use Text tab for copy/paste

         

    • #340722 Reply

      Alex5723
      AskWoody Plus

      Microsoft will pester Windows 7 users to upgrade to Windows 10 with pop-up notifications

      “This is a courtesy reminder that you can expect to see a handful of times in 2019. By starting the reminders now, our hope is that you have time to plan and prepare for this transition. These notifications are designed to help provide information only and if you would prefer not to receive them again, you’ll be able to select an option for “do not notify me again”, and we will not send you any further reminders. Just as software has changed over the years, so has hardware. To learn more about the latest line-up of modern PCs and information for moving from Windows 7 to Windows 10, just click on the “learn more” button on the notification.”

      https://blogs.windows.com/windowsexperience/2019/03/12/making-the-transition-to-windows-10-and-office-365/

      1 user thanked author for this post.
    • #340723 Reply

      ashfan212
      AskWoody Lounger

      Windows 7 x64 Home Premium, Group A

      Does anyone know whether the new SSU update KB4490628 needs to be installed exclusively? Or if WU offers it along with the March rollup KB4489878 that Windows will “know” to install the SSU update prior to the rollup? I am recalling that when the previous SSU update KB3177467 was offered that it was marked as exclusive, meaning that all other offered updates had to be hidden in order for WU to offer KB3177467.

      • #340725 Reply

        PKCano
        Da Boss

        The SSU should be installed exclusively.

        See #340687 above

        2 users thanked author for this post.
        • #340730 Reply

          ashfan212
          AskWoody Lounger

          Thank you for the reply. Any idea whether WU will initially only offer KB4490628? Or will the SSU update be offered concurrently with the March rollup, MSRT, Office updates, the .Net rollup, etc.? If the SSU update is offered concurrently with other updates, is it sufficient to uncheck all updates except the SSU update or will I need to physically hide all other concurrently offered updates, install the SSU update, and then physically unhide the hidden updates?

          • This reply was modified 2 months, 1 week ago by
             ashfan212.
          • This reply was modified 2 months, 1 week ago by
             ashfan212.
          • #340748 Reply

            woody
            Da Boss

            Wait until the MS-DEFCON level hits 3 or 4 or 5.

            At that point I’ll have full instructions. But the short answer is you don’t need to check or uncheck anything: the installer will put things together in the proper order.

            At least, it has in the past.

            1 user thanked author for this post.
        • #340752 Reply

          anonymous

          Windows 7 SP1…….Do you see any harm or potential problems with installing this update today, so that I don’t overlook it before installing the March updates later or should I wait for the all clear later on and install it then before updating the March updates?

          • #340757 Reply

            Microfix
            Da Boss

            If in any doubt yourself, follow the MS-DEFCON system, that’s what it is there for 😉

            ********** PengWins x86/x64 **********

            4 users thanked author for this post.
      • #340863 Reply

        abbodi86
        AskWoody_MVP

        Luckily, KB4490628 is not exclusive, that’s why it’s offered normally with other updates

        i don’t know if Windows Update will handle the installation logic correctly, but just to be safe, uncheck all updates and only check/install KB4490628 alone
        then you can proceed to other updates including the Rollup

        1 user thanked author for this post.
        • #340876 Reply

          Volume Z
          AskWoody Lounger

          I’m experiencing the opposite. Please reconsider.

          Regards, VZ

          • #341020 Reply

            abbodi86
            AskWoody_MVP

            I actually did not had Win7 machine to check 🙂
            i was talking based on analyzing KB4490628 msu/cab file and update.mum precisely, it does not have any “exclusive” attribute like KB3177467

            so it can be integrated offline normally (tested that)
            it also should be show on WU normally with other updates, unless they manipulated the metadata

            i will check that soon

            1 user thanked author for this post.
        • #341579 Reply

          Skider86
          AskWoody Lounger

          I approved all of the updates on WSUS for my test VMs and the SSU update for Win7 did not come first and did not come with the other patches.  WSUS offered it to clients after they restarted from installing the other patches.

          EDIT TO REMOVE HTML. Please use the “Text” tab in the entry box when you copy/paste

      • #340883 Reply

        anonymous

        I got mine KB4490628 after restarting from the core patch.

    • #340793 Reply

      anonymous

      Waited to install February patches until now.  Installed all but KB 4487000 due to a few reports of blue screens.  After reboot checked updates and KB 4487000 wasn’t there anymore. Only March security rollup 2019-03 (KB4489881) is available in updates. Wondering if I made the best decision in this case. Will wait until Defcon 4 before March updates are installed.

      • #340799 Reply

        PKCano
        Da Boss

        If you hide the March security rollup 2019-03 (KB4489881), the Feb patch KB 4487000 will show up in Windows Update.

        • #340848 Reply

          anonymous

          Didn’t hide any updates from February.  Installed all but the security rollup and rebooted. Checked updates and the Feb rollup update was no longer there.

          • #340858 Reply

            PKCano
            Da Boss

            Checked updates and the Feb rollup update was no longer there.

            Of course not. It was superceded by the March update (that contained it) that you installed.

            1 user thanked author for this post.
    • #340801 Reply

      ashfan212
      AskWoody Lounger

      According to the MS support pages, neither the SHA-2 update KB4474419 nor the new SSU update KB4490628 has any prerequisites. Therefore, installing KB4474419 followed by KB4490628 followed by the March updates appears to be the intended order.

      Windows 7 x64 Home Premium, Group A

      1 user thanked author for this post.
      • #340804 Reply

        PKCano
        Da Boss

        It would probably be better to install the SSU KB4490628 first and give it time to finish the installation (10-15 minutes) before installing the other patches.

        See #340687 above.

        • #340807 Reply

          ashfan212
          AskWoody Lounger

          If I am understanding you correctly, you are advising to install the SSU update by itself rather than in conjunction with the other March updates. I assume that you do not disagree with installing the SHA-2 update KB4474419 prior to the new SSU update KB4490628.

          • #340808 Reply

            PKCano
            Da Boss

            It would probably be better to install the SSU KB4490628 first and give it time to finish the installation (10-15 minutes) before installing the other patches,

            I meant FIRST.
            The SSU has to be installed EXCLUSIVELY – that means BY ITSELF.
            It is the update for the Windows Updating system.
            It cannot be installed with other updates.
            In fact, it may not show up in the WU Important queue until there are no other pending updates.
            Which means, you may have to temporarily HIDE all the other pending updates to be offered the SSU.

            See #340687 above.

            The SHA-2 patch is not mandatory until July.

            6 users thanked author for this post.
            • #341119 Reply

              Tex265
              AskWoody Plus

              Windows 7 Pro SP1 x64  Group A   Updates current thru February

              Just checked on March updates received:

              KB4489878, KB4474419, MSRT

              But no KB4490628

              Should I hide first 3 and hope KB4490628 appears?  Or manually download KB4490628 from the MS Catalog?

              IF KB4490628 should be exclusively installed FIRST, why does it not appear until the update que is empty (logically indicating one would have installed them, not hid them?)

              And if it is not necessary until July, why cant the normal March updates be installed first and then KB4490628 when if appears later?

              Just askin”

              Windows 10 Pro x64 v1803 and Windows 7 Pro SP1 x64
            • #341132 Reply

              PKCano
              Da Boss

              Did you read the post directly above?
              There is no reason to repeat it.

    • #340919 Reply

      bbearren
      AskWoody MVP

      Desktop – Routine Definition Updates for Windows Defender plus KB2538243 – Security Update for Microsoft Visual C++ 2008 Service Pack 1 Package NAS – Routine Definition Updates for Windows Defender plus (with restart) KB4486553 – Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809 for x64 KB4482887 – Cumulative Update for Windows 10 Version 1809 for x64-based Systems Latitude E5420 – Routine Definition Updates for Windows Defender, nothing further.

      Second round, Desktop:
      KB4489899 – Cumulative Update for Windows 10 Version 1809 for x64-based Systems
      KB4489907 – Security Update for Adobe Flash Player for Windows 10 Version 1809 for x64-based Systems
      KB4482887 – Cumulative Update for Windows 10 Version 1809 for x64-based Systems

      Second round, NAS:
      KB4489899 – Cumulative Update for Windows 10 Version 1809 for x64-based Systems
      KB4489907 – Security Update for Adobe Flash Player for Windows 10 Version 1809 for x64-based Systems

      Second round, Latitude E5420
      KB4489899 – Cumulative Update for Windows 10 Version 1809 for x64-based Systems
      KB4489907 – Security Update for Adobe Flash Player for Windows 10 Version 1809 for x64-based Systems
      KB4018363 – Update for Microsoft Access 2010 64-Bit Edition
      KB4461626 – Update for Microsoft Office 2010 64-Bit Edition
      KB4462229 – Update for Microsoft Outlook 2010 64-Bit Edition
      KB2589339 – Update for Microsoft Office 2010 64-Bit Edition
      KB4462226 – Update for Microsoft Office 2010 64-Bit Edition
      KB4486553 – Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809 for x64

      Create a fresh drive image before making system changes, in case you need to start over!
      "The problem is not the problem. The problem is your attitude about the problem. Savvy?"—Captain Jack Sparrow
      "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns

      "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

      1 user thanked author for this post.
    • #340933 Reply

      Rick Corbett
      AskWoody_MVP

      I updated a Win 10 1809 test laptop today without any apparent issue. However, reading the release notes for KB4489899 I wondered:

      a) why release an update if you already know there’s 2 issues with it?

      b) why are you using the phrase ‘Windows Linux’?

      windows-linux

      It’s ‘Windows Subsystem for Linux’ (WSL)… stop trying to subsume, Borg!

       

      Attachments:
      1 user thanked author for this post.
      • #340953 Reply

        b
        AskWoody Plus

        However, reading the release notes for KB4489899 I wondered:

        a) why release an update if you already know there’s 2 issues with it?

        You think they shouldn’t fix 36 issues, some critical, because of two obscure issues affecting a tiny percentage of users which were already known in previous updates? Microsoft should not release any update until it was capable of fixing every outstanding issue? I hope that never happens.

        Cannon fodder Chump Daft glutton Idiot Sucker More intrepid Crazy/ignorant Toxic drinker Saluted blockhead "Unwashed mass" (Group ASAP) Win10 v.1903

        1 user thanked author for this post.
        • #341026 Reply

          mn–
          AskWoody Lounger

          … because of two obscure issues affecting a tiny percentage of users which were already known in previous updates?

          Actually… how common is the MSXML6 dependency anyway?
          Because, well, according to Microsoft one of the affected applications is the Group Policy editor…

          Then again it now seems to be a known issue in all of this year’s Windows 10 cumulatives, including January. Yes, also 1607 / Server 2016, 14393.2724 and later builds.

          Really should keep a revision history of those MS KB articles or something, just to keep track of when “known issue” entries get modified…

          • This reply was modified 2 months, 1 week ago by
             mn--. Reason: Where did that blockquote tag come from?
    • #340940 Reply

      PKCano
      Da Boss

      OK, here’s my experience with the Servicing Stack KB4490628 for Win7:.
      It acts like any other Servicing Stack.
      It does not show up in the Windows Important Update queue unless there are no other pending updates in the Important Update queue.

      To install it FIRST, by itself. this is what you should do:
      Hide all the other pending (checked and unchecked) updates in the Important Updates.
      Check for updates.
      Install Servicing Stack KB4490628
      Wait 10-15 minutes to give the install time to complete. Then reboot.
      Unhide any of the updates you want to install and install them.

      6 users thanked author for this post.
      • #340975 Reply

        anonymous

        ? says:

        hi PK,

        when the time is right could a person get the KB4490628 from:

        https://www.catalog.update.microsoft.com/Search.aspx?q=KB4490628

        and run it from the desktop?

        • #341050 Reply

          PKCano
          Da Boss

          Yes, the Servicing Stack can be downloaded from the Catalog and manually installed.
          After doing so, wait 10-15 minutes before installing anything else to give the installation of the Servicing Stack time to complete.

          See #340687 above.

          2 users thanked author for this post.
      • #341042 Reply

        Seff
        AskWoody Plus

        Thanks PK.

        Given that the servicing stack update isn’t required until July, an alternative to hiding everything now in order to get it offered and installed with a view then to revealing the hidden updates to get them installed is presumably to forget about it for now, have the regular updates installed normally and then install the servicing stack update when it is offered? All, of course, when the Defcon rating moves to 3 or higher.

        Depending on how reliably the servicing stack update goes, a further alternative may well be to leave it well alone until May or even June in order that any necessary hotfixes can be applied to it in the meantime while still getting it installed in time for July.

        • #341045 Reply

          DrBonzo
          AskWoody Lounger

          The servicing stack is KB4490628, and according to the MS support page for the March Win 7 Rollup and also for the Security Only, is required before either is installed.

          KB4474419 is the SHA-2 update, and is the one required by July (although my notes say its required by August, but I could be wrong).

          4 users thanked author for this post.
        • #341057 Reply

          PKCano
          Da Boss

          @drbonzo is correct. It is the SHA-2 update KB4474419  that is not mandatory until July.
          You need the Servicing Stack KB4490628 now.

          See #340808 above.

          4 users thanked author for this post.
          • #341322 Reply

            Seff
            AskWoody Plus

            Thanks for clarifying the two different updates. The advice seems to be that KBKB4490628 needs to be installed first.

            However, I am not being offered KB4490628 as a pre-requisite to being offered the usual monthly updates (roll-up and MSRT) plus KB4474419. That suggests MS intend that I should install those updates first, and then when there are no important updates left they will – presumably – offer me KBKB4490628. If I needed that one first, why would it not be offered to me first?

            I won’t know the reality of that sequence in practice, of course, until the Defcon rating is raised! However, I do know what is being offered to me (I keep my secondary machine set to “Check and notify but do not download or install” precisely so I can interpret what is being said here in relation to what I am being offered, while keeping my primary machine set to “Never check” until I’m ready to install the updates – after the Defcon rating has been raised and the updates have been installed with no issues up to 48 hours later on my secondary machine), and it isn’t the one that I’m being told here that I need to install first.

            I’m not contesting anything anyone is saying, just pointing out that what I’m being offered doesn’t comply with that advice.

            For the record, I’m also being offered five Office 2010 updates. All so-called Important updates are checked.

            • This reply was modified 2 months ago by
               Seff.
            • #341325 Reply

              PKCano
              Da Boss

              Please see #340940  and #340808 above

            • #341357 Reply

              Seff
              AskWoody Plus

              I already did. That’s why I wrote what I said!

            • #341362 Reply

              PKCano
              Da Boss

              The answer to WHY you are not seeing the SSU and HOW to make it show up and install first are in those two links.

            • #341381 Reply

              Seff
              AskWoody Plus

              Yes I know that PK, as I said I’m not contradicting the advice given, merely saying it doesn’t match what MS are offering.

              I appreciate your assistance as always, but users not committed to Group B aren’t going to go searching for information on updates that need to be installed but which aren’t being offered, nor are they likely to download an update from the catalogue. They’ll install the offered updates first, and if KBKB4490628 is then offered they’ll install that one too. Do we know of any way in which their system will be compromised by following this sequence as set by MS? Why are MS saying KBKB4490628 needs to be installed first while only offering it later? What is the practical issue that will arise if we simply follow the sequence in which the updates are offered?

              These are the sort of questions I’m hoping there are clear answers to before Woody has to put his recommended practice together when raising the Defcon rating. They’re critical to the advice he will give at that time.

              1 user thanked author for this post.
            • #341385 Reply

              PKCano
              Da Boss

              I can’t tell you why MS does what it does. But I do know it can cause a problem – it did the last time MS released the v2 of the last Servicing Stack KB3177467 (does that sound familiar, that was last Oct?) it was the same issue. At one point, the SSU becomes a prerequisite but it isn’t offered until last. All I can say is – crazy!

              3 users thanked author for this post.
            • #342417 Reply

              mi2bobs
              AskWoody Plus

              I’m running win7 pro 64bit and before applying march 2019 updates i was fully patched to feb 2019. I use WU (most of the time) and set “Check for updates but let me choose…..”. I’ve only used the MS Catalogue previously when there have been issues with some updates and i have wanted to install specific updates in a particular sequence.

              For march 2019 WU offered me same as @seff stated –

              Windows Malicious Software Removal Tool x64 – March 2019 (KB890830)

              2019-03 Security Update for Windows 7 for x64-based Systems (KB4474419)

              2019-03 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4489878)

              I installed these 3 updates successfully and WU then offered –

              2019-03 Servicing Stack Update for Windows 7 for x64-based Systems (KB4490628) which I installed successfully.

              I have done a quick check running the apps I typically use and all ok.

              However I recommend applying MS patches according to Askwoody Defcon rating irrespective of the update method used.

              1 user thanked author for this post.
            • #341369 Reply

              The Surfing Pensioner
              AskWoody Plus

              You’re not expecting M/S to be logical in its update sequence?

            • #341383 Reply

              Seff
              AskWoody Plus

              No indeed, although that would be good! What I am hoping is that by the time Woody gets to make his recommendations on raising the Defcon rating we can get to the bottom of why there’s a disparity in the way KBKB4490628 is being described as essential to be installed before it is being offered.

            • #341590 Reply

              The Surfing Pensioner
              AskWoody Plus

              Well, for a die-hard Group B-er like me it’s no problem: you download the patches you really, really want from the Update Catalogue and install them manually and individually, then you go to WU for the odds and sods. It sounds like a bit of a nightmare for anyone in Group A.

            • #341641 Reply

              OscarCP
              AskWoody Plus

              I’m guessing that “ods” and “sods” mean “Office patches” and “./NET (if  listed as “OK” to install” in the Master Patch List. Also the MSRT du jour. All that should have shown up already in “Control Panel/System Security/Action Items/Windows Update

              assuming Windows Update is set to “Check for updates and let me know, but let me install the patches” or words to that effect.

            • #341661 Reply

              The Surfing Pensioner
              AskWoody Plus

              That’s about it, and odd socks like the Silverlight update I installed on the 1st February because I was feeling sentimental (no, seriously, someone said it would be a good idea). My WU is routinely set to Never Check, but I change the settings to Check but Let Me Decide whether to Download and Install when I turn it on once a month. Then it gets turned off again and the little red cross on my Action Centre flag reassures me that my drawbridge is up.

            • #342146 Reply

              OscarCP
              AskWoody Plus

              There might be other good reasons for installing Silverlight, but the one I know for sure is that, if one has IE11 and Windows 7, the only way to watch videos from, for example, Netflix, using the Win 7 version of IE 11 that, unlike the Win 8.1 version, does not have an HTML5 converter, is with Silverlight installed and, preferably, kept up to date. But the need to use IE11 for that purpose is undermined, these days, by the availability of other browsers compatible with Win 7 and that come with HTML5 converters (Chrome, FF — finally, after at FF much resisting it, because of their opposition to DRM — Waterfox, etc.)

              1 user thanked author for this post.
            • #342189 Reply

              The Surfing Pensioner
              AskWoody Plus

              No, I don’t watch videos on IE11! but I seem to remember someone said if you’ve got Silverlight, keep it updated and I didn’t want to unistall it just in case. It’s not hurting anything, whilst updated. By the way, I’m reading with interest about your adventures with Linux, because if you get on all right with it I may well go for a Linux OS myself before the end of the year. Got to jump in some direction!

              1 user thanked author for this post.
        • #341181 Reply

          EP
          AskWoody_MVP

          note that the KB4490628 servicing stack update supersedes/replaces the KB3177467 servicing stack update (all versions of that) as Microsoft said so in MS KB article 4490628:

          Update replacement information
          This update replaces the previously released update 3177467.

          2 users thanked author for this post.
      • #342255 Reply

        georgea
        AskWoody Plus

        <<It does not show up in the Windows Important Update queue unless there are no other pending updates in the Important Update queue.>>

        This part is incredibly important.  I don’t have Windows 7 WU set to auto [life is too short for that].  Also, I never run the monthly “Windows malicious software removal tool” important update.  I don’t hide it — I just uncheck it.  That means I won’t get offered the SSU update, since hiding the tool  just makes the previous month’s tool show up, and thus the queue is never empty.  Hide, scan.  Hide, scan.  etc etc.  After about 6 of these loops the SSU was finally offered.

        So it seems you should manually install the SSU (unless for some strange reason you have WU set to auto)

         

    • #341003 Reply

      anonymous

      Yesterday I made a clean installation of windows 10, I installed several
      updates, including kb4482887, which was installed correctly. However,
      after today’s updates were installed, the update history shows that
      kb4482887 was not installed correctly with error 0x80070643. But yesterday
      it showed a correct update. Someone else happened to this?

      Edited for HTML. Please use Text tab for copy/paste.

    • #341019 Reply

      DrBonzo
      AskWoody Lounger

      I have an interesting (to me, at least) observation about my Win 7 Pro SP1, x64 computer that I update according to Group B. For many consecutive past months Windows Update has offered KB2952664, along with the monthly Rollup, etc. Now, with the offering of the March Rollup, etc., KB2952664 is no longer offered. I have Windows Update set for ‘check for updates but let me decide whether to download and install’. I am completely up to date through February patches. Whenever I have in the past hidden KB 2952664, it has just kept coming back, so I don’t hide it, but rather ignore it and am just careful to never install it.

      I’m wondering what the significance of it’s disappearance is? Has MS given up on KB2952664 (seems highly unlikely), are they going to replace it with some other update (seems more likely), have they incorporated it into some other update without telling anyone (seems pretty likely to me), or something else? Maybe it has something to do with their plan to show Win 7 users pop-ups stating that Win 10 is the preferred operating system. OR,…

      Anybody else seen this and/or have any thoughts?

      • #341051 Reply

        PKCano
        Da Boss

        The KB2952664 functionality was integrated into the Rollup Preview in Sept 2018 and has since been a part of the Monthly Rollup. That may be why it it is not being offered to you through Windows Update, it would be redundant. And since you are using Security-only updates, you would not use it anyway.

        1 user thanked author for this post.
    • #341085 Reply

      Lugh
      AskWoody_MVP

      1803 Home patches installed without any apparent problem. ShutUp10 shows all settings held their previous status.

      Lugh.
      ~
      Alienware Aurora R6; Win10 Home x64 1803; Office 365 x32
      i7-7700; GeForce GTX 1060; 16GB DDR4 2400; 2 x 256G SSD, 4TB HD

    • #341102 Reply

      anonymous

      On my windows 7 pro machine the Servicing stack kb4490628 showed up after all the other updates.  I installed those and rebooted the machine.  Then noticed the servicing stack showed up.  Should i do anything?  According to what I’m reading the servicing stack should have been installed first before other updates.  But that is not what windows updated did in my case.  I never checked for updates they were just there when I turn on the machine.  Should I do anything or just leave it alone.

      • #341105 Reply

        PKCano
        Da Boss

        If you have already installed the March patches, YES, you need to go ahead and install the Servicing Stack.

        Most people here wait for a while after Patch Tuesday before installing the updates to be sure there’s no “gotcha” and to wait for instructions on how to patch safely. You can read about that DEFCON system by clicking on the “MS-DEFCON System” button in the top menubar.

        • #341107 Reply

          anonymous

          What I need to do is install the updates on a Server 2008R2 thats for some reason never shows all the updates, only some.  It only showed the Malicious software removal tool.  So I need to manually do the others.  But I want to get the right order when I do decide to do it. Is it all that important to do them in any certain order?  As I stated on the windows 7 machine it automatically installed all the updates except the servicing stack kb4490628.  When I went back to look after the reboot it was there waiting to be installed.  So on the server should I install the servicing stack first, then the monthly rollup and ShA-2 patch?

    • #341106 Reply

      CraigS26
      AskWoody Plus

      1st Win 10 Monthly WU / 1803 Home – I’m set for Update Other MS Products & didn’t meter this time but only got KB4489868 March Cum Update/ KB4489907 Flash/ KB2538243 Visual C++ ….  Office ’16 File/Acct shows Auto Update-Inst BUT – 0 – Updates…. Will others come in stages or will I manually Install the rest? 6 Critical + 27 Important Total per AW Thread …

      Sorry to be dense on this but clarify one more time & I’ll learn.

      Win 10-1809 / Hm-Stdnt Ofce '16 C2R / i5-8400/ 12 GB / 256 SSD + 1 TB HDD

      • #341120 Reply

        PKCano
        Da Boss

        Are you running Office 2016 persistent version or are you running Office 2016 Click-to-Run?
        The patches released through Windows Update are for the .msi (persistent) version installed locally.
        The Office 365 and C2R versions have their own updating system, not through Windows Update.

    • #341171 Reply

      CraigS26
      AskWoody Plus

      Are you running Office 2016 persistent version or are you running Office 2016 Click-to-Run? The patches released through Windows Update are for the .msi (persistent) version installed locally. The Office 365 and C2R versions have their own updating system, not through Windows Update.

      Not the 365 /Best Buy Hm-Stdnt $99 Card has 25 digit#,  Nets Download/Inst with different 25# Prod Key. An open Word doc/ File/ Account … on the right Office Updates: Automatically downloaded & installed; Drop-dn arrow for Update Now/ Disable/ View/ About.

      With 3 Macrium Bkups I can try Update Now, or Wait til Defcon rises. Just Presumed with No Meter that Office would Auto-download. Thanks for Reply.

      EDIT: Thanks, Woody for EDIT capability remaining active!! Per PKC’s Reply below I DID clk Download Now for what IS – Click2Run Office ’16 -. Believe there is NO WU History Record for C2R but all is well. Main WU shows Up-to-Date but there’s No way to prove 6 Critical and 27 Importants were Inst’d with Only March CU and 2 others showing.

      Win 10-1809 / Hm-Stdnt Ofce '16 C2R / i5-8400/ 12 GB / 256 SSD + 1 TB HDD

      • This reply was modified 2 months ago by
         CraigS26.
      • #341173 Reply

        PKCano
        Da Boss

        Sounds like you are running Click-to-Run (C2R). It does not update through Windows Update. It has its own updating system.

        2 users thanked author for this post.
    • #341213 Reply

      anonymous

      W7 Starter 32-bit & W7 64-bit March WU.
      Installed 3-WU, OK. Followed by KB 4490628.
      Not looking forward to MS W7 – W10 pop-ups.

    • #341352 Reply

      alQamar
      AskWoody_MVP

      hi woody. The KB4489899 cumulative update for Windows 10 version 1809 has two known issues listed: https://support.microsoft.com/en-us/help/4489899/windows-10-update-kb4489899 Those using Win10 v1809 should definitely wait for the next update in late March rather than install KB4489899

      the solution is to follow MS advice and uninstall IE. There are more capable, speedy and less troublesome browsers. IE was s*** and keeps being it.

    • #341361 Reply

      alQamar
      AskWoody_MVP

      … because of two obscure issues affecting a tiny percentage of users which were already known in previous updates?

      Actually… how common is the MSXML6 dependency anyway?

      MSXML4 and 6 should be uninstalled or at least patched manually (while removing the older SPs). On W10 they are no longer needed.

      • #341434 Reply

        abbodi86
        AskWoody_MVP

        MSXML 3 and 6 are inbox components since Windows 7, they cannot be uninstalled

    • #341518 Reply

      CraigS26
      AskWoody Plus

      To ALL 1803’s ….. 1809 Install (likely @ Chk for Updates)  repeatedly was Stuck at – Installing 91% – UNTIL I DISabled Eset Security, Mbam, and SuperAS. Many UNinstalled their AV and Unchk’d all Non-MS members of Startup Tab in Task Mgr, so I was Lucky to avoid that. Google “Win 10 1809 Stuck at 91%” scenario and you will have much company & advice – IF needed.

      Win 10-1809 / Hm-Stdnt Ofce '16 C2R / i5-8400/ 12 GB / 256 SSD + 1 TB HDD

      • This reply was modified 2 months ago by
         CraigS26.
      • This reply was modified 2 months ago by
         PKCano.
      • #341662 Reply

        rc primak
        AskWoody_MVP

        Uninistalling third party antimalware products has been a requirement for any major Windows upgrade or feature update for a long time, if not forever. You can reinstall them after the upgrade.

        -- rc primak

    • #341545 Reply

      autosoftie
      AskWoody Lounger

      Has anyone checked out or opined about the new Intel driver patches? Available from:

      https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00189.html

      There are patches for several Intel hardware drivers. I first saw this at:

      https://www.theregister.co.uk/2019/03/14/intel_march_patches/

      • #341668 Reply

        rc primak
        AskWoody_MVP

        I use Intel’s own tools or visit their site and enter my specific PC make and model to determine which drivers need to be updated. I NEVER update Intel drivers on a per-component basis. Go to the manufacturer of your whole device and get new drivers from there if any are available. NEVER let Microsoft Update download or install ANY drivers!

        If a driver is ever changed during an update or Feature Update, roll it back to the previously working OEM or installed driver. You do back up the System32 DriverStore FileRepository folder before each monthly round of updates, don’t you? That’s your local source for a driver restoration in Windows 10 if anything makes any unwanted changes.  Check for any changes and roll back as needed after any Feature Update.

        -- rc primak

        1 user thanked author for this post.
        • #342602 Reply

          Tex265
          AskWoody Plus

          rc interesting comment:

          If a driver is ever changed during an update or Feature Update, roll it back to the previously working OEM or installed driver

          When I feature updated from 1709 to 1803 last October the process changed just about all my drivers including Nvidia card drivers to an earlier version.

          I posted and most here said it happens all the time and to leave well enough alone.

          Since I did not make your suggested driver backup, best I could do now is go to my component manufacturers sites and install a more current version of each driver vs a restore from the past. But, should I do this? Leave well enough alone? Or, obtain specific drivers like Nvidia and Asus MB components?

          Even if I make the suggested backup, should I/we restore them after a feature backup if all seems to be working with what the feature update installs?

          Windows 10 Pro x64 v1803 and Windows 7 Pro SP1 x64
          • #342871 Reply

            rc primak
            AskWoody_MVP

            Depending on how your components are performing, it might be a good idea to take the most important ones, like the NVidia graphics drivers, and a few at a time, gradually rebuild the OEM versions of all affected drivers. (The ASUS MB Drivers should exist all in one place, so they would be next in line for OEM restoration from the manufacturer’s site.) Then back up the DriverStore FileRepository as is suggested in my post. Continue making this backup whenever MS Updates look like they are coming your way, even the monthly CUs.

            Even if I make the suggested backup, should I/we restore them after a feature backup if all seems to be working with what the feature update installs?

            That’s essentially what I do after every Feature Update, if MS has messed with any of my drivers. But then, I have a single tool from Intel which will do that for me in one easy process. Then back up the FileRepository folder.

            -- rc primak

            • This reply was modified 2 months ago by
               rc primak.
    • #341885 Reply

      mn–
      AskWoody Lounger

      So, aside from the big batch, were some of these just late? Because I see there’s a kb4480730 for Windows 10 up to 1803, “Reliability improvement to Windows 10 update components” … appears to touch Cuassistant.dll and Culauncher.exe with tuesday’s date.

      1 user thanked author for this post.
      • #341891 Reply

        woody
        Da Boss

        And I see that the KB article now has a date of March 14.

        See https://www.askwoody.com/2019/did-microsoft-just-re-release-kb-4480730-the-reliability-improvement-to-windows-10-update-components/

        • This reply was modified 2 months ago by
           woody.
    • #341901 Reply

      LTL
      AskWoody Plus

      Today I checked what Windows Update offers on my 2 OS’s:

      Windows 10 1809:
      KB 890830 MSRT > installed with WuMgr > o.k.
      KB 4487038 Flash > installed with WuMgr > o.k.
      KB 4489899 CU > pending
      I hid KB 4480116 a while ago, but now it’s gone all over sudden.

      Windows 7 Pro SP1, Group B:
      KB 890830 MSRT > will install later
      KB 4489878 MRU > Group B: SO 4489885 > will install later
      KB 4474419 SHA-2 > will install later
      Strangely enough KB 4489873 IE March is not offered (yet).

      • #341910 Reply

        PKCano
        Da Boss

        KB 4489873 is available through AKB2000003 (unless MS pulls it).

        1 user thanked author for this post.
        LTL
    • #342243 Reply

      anonymous

      https://www.askwoody.com/patch-list-master/master-patch-list-february-2019/

      The February Master Patch List says “.NET updates – included no new security updates, thus can be skipped this month”. There were security .Net updates last month wasn’t there?

      • #342246 Reply

        PKCano
        Da Boss

        Yes, there were Feb .NET Security Rollups and .NET Security-only Rollups

        1 user thanked author for this post.
    • #342584 Reply

      anonymous

      “Yes, there were Feb .NET Security Rollups and .NET Security-only Rollups”

      The https://www.askwoody.com/patch-list-master/master-patch-list-february-2019/ should be updated to reflect that.

      • #342591 Reply

        PKCano
        Da Boss

        Both patches are on the list. KB4487078 Security Rollup and KB4487121 Security-only Rollup.

    • #342756 Reply

      anonymous

      Win 10 1709 64 bit – March delta update, followed by Office 2013 updates installed OK on tw0 machines, stable for 2 days.   Blocked KB4480730 and Win 10 1803 with Wushowhide util.

    • #342862 Reply

      anonymous

      Hi all,  I normally have used auto install without issue..but this update to my Win 7 Pro system froze my machine during the install at 54% and no amount of coaxing would fix that.    I had to manually shift back to a previously good image.  I’ve tried allowing the autoinstall to run again..but everytime it freezes at the same spot.  KB4489878 and KB4474419 remain as fails.

      Other than turning off auto install (done), any thoughts of actions I should take?   Thank you!

      • #342872 Reply

        PKCano
        Da Boss

        There is a servicing stack KB4490628 that needs to be updated, but it won’t show up in Windows Update unless there are no other updates in the important list.

        You can try this:
        + Temporarily hide all the updates in the important list.
        + Check for updates. KB4490628 should show up after you have hidden all the rest.
        + Install KB4490628, wait 10 minutes, reboot your computer.
        + Unhide the updates you hid earlier and see if they will install.

    • #343037 Reply

      deanwmn
      AskWoody Plus

      Just checked and found that 3 security updates were installed on my Win 7 SP1  PC on March 4th. Not by me, last time I checked and installed anything was on Feb 26th.  These were all Security updates that Microcrud took the liberty of installing themselves – KB4491113, KB4486474 and KB4486564.  I haven’t had any major problems with my PC since then but have been experiencing some small things.  It really irritates me that they would take the liberty of doing that and makes me want more and more to just hang up the PC forever and switch to Mac.  I need to switch to something that works with Ancestry, but that should be no problem.

      1 user thanked author for this post.
      • #343044 Reply

        Elly
        AskWoody MVP

        Hello @deanwmn-

        Have you checked the Windows Update settings lately? Woody suggests setting to Never Update.

        KB4486564 is a Security Only Update, which would have required manually downloading and installing. It would not show up in Windows Update, no matter what the update setting was.

        Win 7 Home, 64 bit, Group B

        1 user thanked author for this post.
        • #343274 Reply

          deanwmn
          AskWoody Plus

          I did not download these patches! None of them. As I said before, the last time I even checked was on Feb. 26th.  Nor do I use IE11 – at all!  I use Chrome and if for some reason I’m unable to, I use Firefox. 11 is on my computer only because Microcrud, in all its great wisdom, won’t let me remove it!  But I removed the icon from my desktop and never use it.  I don’t like it, too many problems.  I thank you all for your input, but I assure you that I did not download those updates nor do I use IE 11.

        • #343276 Reply

          deanwmn
          AskWoody Plus

          My computer has been set to NO updates for well over a year now – more like two!  I do not allow updates to be downloaded unless they’re done by me.

          • This reply was modified 2 months ago by
             deanwmn.
          • #343286 Reply

            geekdom
            AskWoody Plus
            • Bring up Internet Explorer
            • Click on Help
            • In the drop down menu, click on About

            Is “Install new versions automatically” checked?

            Group G{ot backup} Win7Pro · x64 · SP1 · i3-3220 · TestBeta
      • #343050 Reply

        PKCano
        Da Boss

        KB4486474 is the IE11 Cumulative Update and KB4491113 is a out-of-band fix for IE11. None of those updates were released through Windows Update.  All three are manual download and manual install. Someone did what we call a Group B update to your computer.

        1 user thanked author for this post.
        • #343071 Reply

          anonymous

          If deanwmn actively uses IE11 for her Ancestry work, would this account for updates being applied without Windows Update or manual download?

          • #343092 Reply

            DrBonzo
            AskWoody Lounger

            I’ve used IE 11 regularly for certain things for the last decade or so, and have never had an update that I did not either do or approve (Windows Update set to check for updates but let me decide whether to download and install)

            • #343097 Reply

              OscarCP
              AskWoody Plus

              I agree with DrBonzo: Rarely have I had a problem while using IE11, since it first came out. Very occasionally it has frozen and I ‘ve had to kill it from the Task Manager. But such problems seemed to have been caused by some incompatibility with software in the Web sites I was browsing at the time. In general, it is not a bad browser and has lots of useful items in the tool bar menus, making it easier to set it up at an advanced level, compared to other browsers that require entering line commands in the URL field. Its major limitation, I’ve found, is that the version for Windows 7 (but not for 8.1) lacks an HTLM5 decoder for viewing some (e.g. Netflix’s) streaming videos, so one needs to install, use, and keep on updating, Silverlight for that. As to patching IE11, if one does it separately and by hand, as Group B, then, same as with anything else, one should wait until it seems safe to do it, according to what people report happened after they patched it as Group B, whether Susan recommends installing the patch or holding for now, in her Master Patch List, etc. And, whether one uses it as a browser or not, one has to keep patching it, because it is used, or some of its components are used, by the Windows system in several of its tasks, including some the user might not be even aware of, besides browsing.

              Those patching as Group A will get the IE11 patch installed with the rest of the monthly S&Q rollup. So they only need to worry that the rollup is OK to install, again according to the reports of other Group A users and as indicated in the Master Patch List, etc.

        • #343381 Reply

          anonymous

          Hello, #post-343071 here again. I should have used more words. All other browsers I use check for updates upon launch, or during a defined idle period while running. You may select from the usual options Auto/Ask/Never. My question was not about the appropriateness of IE11. I only wondered if it might do that same function without a human opening the Windows Update display, or calling from the catalog. I recognize IE11 has the benefit of system update channels that other browsers do not. Microsoft does seem to use all methods available to them, and I did not know if this could be another one.

          I believe DrBonzo has described that does not happen, in his long experience. And deanwmn has added that does not describe her use anyway.

          I remain curious how this happened, and concerned that this comment stream is suggesting she has allowed another human physical access. I would rather read the technical reasons that remote access or a system triggered event has been ruled out. Maybe in a question topic.

          • #343433 Reply

            DrBonzo
            AskWoody Lounger

            @anonymous – It seems that perhaps both of us are playing a bit loose with our words. When I used the word ‘update’ in my post above I was referring to updates of the type one is offered through Windows Update that are released (typically) on various Tuesdays of each month by Microsoft. In that context, I stand by the statements I made above.

            Regarding IE11, when I go to Help —> About Internet Explorer, I get a pop-up window that gives “Version”, “Update Version”, and a box that I have checked to “Install New Versions Automatically”. I believe this box is referring to “Version”, but NOT to “Update Version”. Whenever I check “Update Version” it gives me the latest IE 11 patch (usually from a second Tuesday release) that I have manually installed. In contrast, I believe that “version” is something that is checked automatically every time I open IE 11, but I have never manually installed such a patch. I believe MS is using the word “Version” in a manner analogous to how Firefox uses “update”. If I recall correctly, FF is now at 65.0.2, a number I think MS would refer to as a “Version”.

            Hopefully that clarified rather than confused things. 🙂

          • #343439 Reply

            Elly
            AskWoody MVP

            Perhaps a new program or malware might reset the Windows Updates settings. A new program would be likely to reset to automatic updating. Malware would be likely to block updating, so that it could continue to function and avoid detection. But neither is likely to install Group B (Security Only) updates, which need to be manually downloaded and executed.

            Why would someone who has gone to the trouble to install remote access use it to do Group B updating rather than cause other malicious trouble? It just isn’t how someone or something with malignant intentions hides what they are doing…

            I’m pretty much a hands on expert on having a chronic foggy brain and getting unexpected or unremembered results, and trying to walk back what it was I did to get there… and remembering or recording a wrong date is only one way I have messed things up. Combine that with a history of domestic violence, and stalking… well, I have to really check things out to avoid personal crazy-making. Mistakes happen to regular people… and/or it isn’t unknown that a friend or family member might want to ‘help’ by updating. It is much easier to rule out those sorts of things than doing a deep dive into malware scans, researching services and processes and monitoring internet connectivity through a firewall… It would need a separate topic to detail ways to insure your computer is remaining your computer, but again, the fact that Group B updating (which is manual) is involved, makes it unlikely @deanwmn has a need for that at this time.

            Win 7 Home, 64 bit, Group B

      • #343337 Reply

        Elly
        AskWoody MVP

        @deanwmn-

        It is always disturbing to find unexpected changes with one’s computer. At this point, you should be confident that the particular patches you mentioned would have to be manually downloaded and installed.

        I’m curious as to what patches you installed on February 28th. Are you following Group A or B patching, or have been going it alone?

        Just to consider- It was March 4th that Woody recommended installing the February updates.

        Also, whether you use IE 11, or not, it is part of Windows 7, and some of its components are used by other programs. It is best practice to keep it updated due to its integration within the OS, even for those of us who never use it.

        Those patches are easy to uninstall, if you really don’t want them… but they would be appropriate for bringing Group B patching current.

        If you come to the conclusion that someone else must have installed the patches, it may be time to review your security- who has physical access, what accounts (and what permissions they have) are on your computer, and changing passwords.

        Win 7 Home, 64 bit, Group B

        1 user thanked author for this post.
    • #344010 Reply

      j22rs
      AskWoody Lounger

      Microsoft is going to start changing the build numbers of Windows Server 2008 with each update now.  They started with this month’s preview rollup.

      https://support.microsoft.com/en-us/help/4495374/build-number-changing-to-6003-in-windows-server-2008

      1 user thanked author for this post.
    • #344030 Reply

      EP
      AskWoody_MVP

      aww – KB4023057 is back again, this time new date 3/19/2019 on MS Update Catalog:
      https://www.catalog.update.microsoft.com/Search.aspx?q=4023057

    • #344055 Reply

      snalmond
      AskWoody Plus

      I’ve been running Win10 1803 for several months without problems so far.  As usual on the day before the most recent Patch Tuesday, I opted to delay updates for 35 days.  I was surprised this afternoon to be greeted by a “We have an update for you…” window.  I checked Update & Security > Advanced and found that the delay button was “Off”.  I clearly remember turning the delay on and have no idea how it was turned off.  The update scheduled to be installed on the next restart is the infamous and regularly recurring KB4023057.  Assuming at this point that there’ s no reasonable means to prevent the installation on restart, I plan to uninstall that update after it has been installed.  Creation of a new disk image is now in process and will be completed before the next restart.

      Windows 10 Pro 64 bit, 1803

      • #344061 Reply

        PKCano
        Da Boss

        In Group Policy:
        Administrative Templates>Windows Components>Windows Update
        Configure Automatic Updates = Enabled, set value to 2 (notify download/install)

        Taht way, they won’t download without your clicking on “Download.”

        1 user thanked author for this post.
    • #344105 Reply

      snalmond
      AskWoody Plus

      In Group Policy: Administrative Templates>Windows Components>Windows Update Configure Automatic Updates = Enabled, set value to 2 (notify download/install) Taht way, they won’t download without your clicking on “Download.”

      Done.  Many thanks!

    • #345988 Reply

      rontpxz81
      AskWoody Lounger

      Almost April and no word on if it’s safe to install the March updates for Windows 7-64bit-

      KB4489878 monthly rollup

      KB4474419 Security update

      Getting late in the month and still no word-

      • #345991 Reply

        PKCano
        Da Boss

        It’s OK. Woody changes the DEFCON number when he thinks it’s safe. There is almost two weeks left before April Patch Tues.

        Patience, Grasshopper.

        2 users thanked author for this post.
    • #347391 Reply

      Dascombe
      AskWoody Lounger

      Didn’t see any too much mention of KB4489881. My mother contacted me yesterday complaining that her Win 8 Dell laptop was spontaneously rebooting. Took a look and it was Windows trying to repair itself and failing. Dug around a bit and found this:

      https://answers.microsoft.com/en-us/windows/forum/all/windows-81-constantly-crashing-after-windows/911e794d-53d2-44fb-a027-060e56b83016

      Sure enough, removed 4489881 and it’s been running fine.

      1 user thanked author for this post.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: March 2019 Patch Tuesday patches

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information: