• Massive March Patch Tuesday relaxes antivirus restrictions, but there are problems

    Home » Forums » Newsletter and Homepage topics » Massive March Patch Tuesday relaxes antivirus restrictions, but there are problems


    With 74 separately identified plugged holes, every version of Windows and Office gets goosed. No known exploits for any “Critical” vulnerabilities, bu
    [See the full post at: Massive March Patch Tuesday relaxes antivirus restrictions, but there are problems]

    3 users thanked author for this post.
    Viewing 22 reply threads
    • #175552

      UPDATE: Win7/Win2008 R2 Monthly Rollup KB 4088875 and Security-only KB 4088878 are causing problems on Server 2008 R2 because it blows away virtual Network Interface Cards and on Win7 because it overwrites static IP addresses. Discussion on Reddit and an apprently related post on KB 3125574.

      Thx @SwiftOnSecurity



      3 users thanked author for this post.
    • #175554

      As an average Jane, what are the chances that this applies to my pc? Win 32bit, about 7 or 8 years old? Have no idea what PAE and SSE2 are and how to check if I have those enabled/disabled enz. Any light on the matter would be much appreciated.

      A Stop error occurs if this update is applied to a 32-Bit (x86) machine with the Physical Address Extension (PAE) mode disabled

      A Stop error occurs on machines that don’t support Streaming Single Instructions Multiple Data (SIMD) Extensions 2 (SSE2)


      • #175565

        You can download Speccy to determine if your CPU has SSE2.
        SSE2 is an instruction set that will be listed under CPU > Instructions. (see attached screenshot)

        Most likely your CPU has both of these, as PAE has been around since the Pentium Pro and SSE2 has been around since the Pentium 4 days.

        Between the 2 issues, you’re more likely to have the PAE one but I would assume a machine 7-8 years old would have PAE enabled (as that’s when 4GB+ machines were becoming common). You’d have to check your PC’s BIOS to make sure, as neither Speccy (nor CPU-Z) indicate whether PAE is enabled or disabled. I would say it’s safe to assume that it’s enabled, and therefore you wouldn’t have the first problem you listed.

        1 user thanked author for this post.
        • #175815

          Thank you @zero2dash. Checked and it is a intel core i7 870. So probably in the clear.

        • #180651

          Hi, for this known issue

          A Stop error occurs on machines that don’t support Streaming Single Instructions Multiple Data (SIMD) Extensions 2 (SSE2)

          by stop error, is it mean there will error prompt/notification pop up when im using the computer? i want to install KB4100480 but i read the new post and looks like only this one have probability  to be happen on my pc.

          1 user thanked author for this post.
      • #175590

        Your best bet, average Jane, is to leave well alone until Woody reports that this update has been replaced with a fully working version and raises the DefCon rating to 3 or higher. There is unlikely to be any compelling reason for you to install any updates just yet.

        10 users thanked author for this post.
        • #175594

          **Definitely** agree with this.
          Don’t even touch these updates **especially** on Win7.
          Wait for Woody to sound the trumpets and give the ‘all clear’ first before doing anything.
          Again, you’re probably fine (re: your concerns), but yeah – leave these updates in the crock pot for a few weeks still.

          2 users thanked author for this post.
        • #175816

          @seff and @zero2dash: since discovering this site (in the time of the fullforce Windows 10-push whilst I NEEDED to stay on W7) I have never, ever installed updates within at least a week of their release 🙂

    • #175564

      ANOTHER UPDATE: It looks like the Word 2016 security patch KB 4011730 causes Word 2016 to crash when you double-click on a file with a DOCX filename extension. Uninstalling the patch fixes the problem.

      1 user thanked author for this post.
    • #175584
      2 users thanked author for this post.
    • #175608

      I guess the dust won’t settle soon

      2 users thanked author for this post.
    • #175615

      Another KB2976978? It’s dated March 13th, 2018…

      Antec P7 Silent * Corsair RM550x * ASUS TUF GAMING B560M-PLUS * Intel Core i5-11400F * 4 x 8 GB G.Skill Aegis DDR4 3200 MHz CL16 * Sapphire Radeon 6700 10GB * XPG GAMMIX S70 BLADE 1TB * SanDisk Ultra 3D 1TB * DVD RW Lite-ON iHAS 124 * Windows 10 Pro 22H2 64-bit
    • #175627

      Uhoh. I have static IP, and network settings set manually. Not a virtual NIC and not an Intel network chipset either (the Reddit thread seemed to indicate it’s an issue with Intel NICs), but… Am I likely to see trouble?

      — Cavalary

    • #175636

      KB4088875 caused my Windows 7 32Bit to reboot in a loop as soon as the “updates are configured” dialog should appear after the first reboot thst´s following the installation.
      I had to reboot in safe mode and uninstall KB4088875.

      3 users thanked author for this post.
    • #175662

      Did they pull KB4088875? I’m not seeing it in the updates available for Windows 7 (not that I will install it yet)… although KB2952664 is back as checked and important.

      1 user thanked author for this post.
      • #175677

        Did they pull KB4088875?

        Looks like KB 4088875 is showing up in Windows Update as Important, but unchecked. It’s still available in the Microsoft Update Catalog.


        That’s typical first-step behavior when MS pulls a patch. Not definitive, but certainly indicative.


        1 user thanked author for this post.
        • #175685

          (Same anon as #175662)
          Thanks for the response! It’s strange, though, because I don’t see KB4088875 at all; it’s under neither Important nor Optional updates, and I’ve checked for updates a few times today. Ah well, perhaps my update got pulled early, or maybe it will show back up in the next day or so…

          • #175699

            Since I have Win 7 Home, I was curious at what you were finding. I had hidden KB4088875 after it showed up. I unhid it… and ran Window Updates twice. It isn’t showing up anywhere, now.

            Non-techy Win 10 Pro and Linux Mint experimenter

            1 user thanked author for this post.
        • #175745

          Here’s a patch pulling data point for Win7 Pro SP1 x64 Intel i3-5005U Group B:

          The Feb Rollup and MSRT along with the .NET 4.7.1 install update and what I’ll simply call an ‘old’ KB 2952664 were offered through Windows Update until about noon on Tuesday, March 13. Then for about 8 hours they all disappeared except for the .NET 4.7.1. After that I got the March Rollup and MSRT and a ‘new’ KB 2952664 (still had the .NET 4.7.1).

          Then, late afternoon today (March 14), the March Rollup was replaced by the FEBRUARY Rollup! Still have the ‘new’ KB 2952664, MSRT and .NET 4.7.1.

          So, for me at least, the March Rollup has been pulled.

          2 users thanked author for this post.
          • #177237

            I still have that “New” KB 2952664 “Update” under Important and checked.  The topic 2000003 warns those with Win 7 to not install 2952664.  Has this changed?  Have I missed some info. about it?

            Being 20 something in the 70's was much more fun than being 70 something in the 20's.
            • #177254

              Hello Charlie,

              KB 2952664 has been identified as a telemetry update, in all of its multiple appearances. If you are avoiding telemetry updates (probably why you are Group B), then you don’t want to install this one.

              Non-techy Win 10 Pro and Linux Mint experimenter

              1 user thanked author for this post.
    • #175678

      My KB 4088875 is showing up in Windows Update as Important, but was checked, I also hid it again.

      1 user thanked author for this post.
    • #175692

      Looks like Windows 7 Important Updates (i.e. Quality/Security roll-ups) for March 2018 were not available yesterday using Windows Update. Only updates were Malicious Software Removal Tool and the usual update for Microsoft Security Essentials.

      Yes, my registry has the required entries showing I have an acceptable malware software installed. No Flash updates, no IE updates, no Framework updates…. go figure!

      The Optional updates still showed Preview Roll-up and Scurity Updates for 2018-2 (which I take to mean February).

    • #175709

      The KB articles for the March 13, 2018 security updates for Excel 2007, 2010, 2013, and 2016 note that: “A new registry key has been added to provide more control over object macros security.”

      1 user thanked author for this post.
    • #175711

      I can’t repro the crashing Word here, so there may be something else in the mix as a root cause.

      Win7 32bit Group A Fully updated with this months patches
      In my test box Im not seeing any problems with opening docx files within Word 2016.

      1 user thanked author for this post.
    • #175738

      Hi Woody, Just after reading your comment about the Kb4088875 being unchecked, I looked at my  Windows 7 windows update and found it was checked.  I decided to see what would happen if I checked for updates now.  After Update finished checking, I looked at the updates and found that KB4088875 was UNCHECKED.  At least that solves a potential issue for now.

    • #175740

      Looks like KB4088875 may have been pulled?  I was looking over the list of important updates and when I pressed the back button to take me to the main Windows Update screen, it showed one less important update that needed to be installed. 
      It was also gone from the list when I clicked back to important updates.

      EDIT html to text

    • #175806

      KB4088875 is currently listed in Windows Update as unticked by default. It may have been temporarily unavailable while its metadata was revised to change its listing from ticked by default to unticked by default.

      1 user thanked author for this post.
    • #175829

      Wish I’d known about this site yesterday! As you can see, I’m not an expert, but maybe this will be of help.

      around 9am [UK time] I installed the proffered updates [2952664, 4088875, 890830 & 4011720]  for Win 7 32bit.

      Windows restarted fine, I could login and then after 2 or 3 min the system closed down  – no BSOD. Monitor just showed ‘power saving’ mode sign. It then restarted and the whole process repeated – going down 2 or 3 mins after login. 🙁

      If I tried safe mode it failed even earlier – a few seconds after the login screen appeared.

      Given the crash regularity I dared not uninstall from within windows.

      Eventually [with help of a more knowledgeable friend] and a PC restore disc, we managed to return to the previous ‘safe configuration’.  Still crashed.

      So used the Win 7 disc to ‘repair windows’ and that seemed to do the trick.

      Interestingly, yesterday evening KB 4011720 and KB890830 were shown as having installed successfully, but KB4088875 and KB2952664 are marked as failed.

      During the crashing stage, I used the few minutes of grace to look at the updates and at that point KB4088875 and KB2952664 are marked as pending…

      Now all 4 are back for installation, but KB4088875 is unchecked.


      1 user thanked author for this post.
      • #175842

        Welcome to the Lounge!

        Sounds like a good to reason to simply avoid updating for now….

        1 user thanked author for this post.
        • #175853

          Indeed – a rather brutal lesson! Having a couple of cloned drives which I deliberately keep a couple of weeks out of date did give me some security whilst trying to correct it.

          Thanks too for the nice welcome and your hard work! much appreciated!

      • #176132

        Anytime I see KB 2952664 I avoid it like the plague.  This month (March) when the new updates came in to my WU I saw that 2952664 was in there as important and checked.  This is the first time I personally have had this happen since Win 10 was released.

        There’s no way I’m going to install 2952664!  It has been in my Optional list for at least a year, probably much longer.  I’m pretty sure Woody will agree with me about this.  Beware.

        Being 20 something in the 70's was much more fun than being 70 something in the 20's.
    • #175843

      When I started reading this thread again this morning I checked my Updates and found KB4088875 checked still. Partway through reading it I double-checked my Updates and it’s now unchecked.

      All I have now on one Windows 7 machine is the MSRT plus the usual MSE update (which I always install from MSE, never from Windows Updates), and I also had a Nvidia display update yesterday which I hid as always. When I last looked yesterday, the other Windows 7 machine also had 4 Office 2010 updates – one of which, KB4018314, was unchecked. Nothing installed yet, of course!

    • #175862

      One thing I noticed is that the March update dramatically slowed down (4-5 times) Windows 10 (1709). After checking task manager, it turned out that Windows Defender was the culprit. In the past, Windows Defender did not cause much load when reading text files (txt file extension), but now, it’s through the roof. In order to work around, I had to add the txt extension to the Windows Defender exclusion list. See also this old thread at answers.microsoft.com/en-us/windows/forum/windows_10-performance/windows-defender-real-time-protection-service/fda3f73e-cc0a-4946-9b9d-3c05057ef90c for details about how Windows Defender can cause performance issues and how to deal with.

      1 user thanked author for this post.
    • #175879

      I have a strange situation going on with my two 64 bit, Win 7 SP1 computers, both with MS Security Essentials as my anti-virus.  One is a desktop and the other is a laptop.  Windows Update on the laptop showed KB4088875 as checked and available for installation.  I deferred as usual waiting for MS-Defcon 3 to appear on your website.  I checked my desktop and all it showed as available were three optional updates: a .NET Framework 4.7.1 update, Windows MSRT, and a definition update for MS Security Essentials.  I remembered the advice about checking for the QualityCompat subkey in the registry since MS won’t allow security updates on Win7 if this key is not present.  I checked and sure enough, the key was not present in the registry of my desktop but it was present in the registry of my laptop.  Strange, since both computers have MS Security Essentials installed.  I edited the registry for the desktop and imported the QualityCompat subkey.  I rebooted and checked the registry and the QualityCompat subkey was in the registry.  I ran Windows Update and KB4088875 was not showing up, neither as checked or unchecked.  I checked the registry and the QualityCompat subkey had been removed.  What could be going on here?  Is it possible that Windows Update is removing the subkey for some reason?  The subkey should be there since I’m not using a third party anti-virus but it will not stay no matter how much I edit the registry.  In any case, KB4088875 is not available.  I downloaded KB4088875 from the MS Update Catalog but I’m not going to try installing it until MS-Defcon 3.

      • #175884

        KB4088875 has been demoted to UNCHECKED or pulled because it is buggy. I would delete the one you downloaded from the Catalog and wait for it to be re-released in Windows Update.

        Try updating MSE. If it is out of date it may not set the Regkey.

        1 user thanked author for this post.
        • #175890

          On the Norton-forum, there were several people complaining about the registry key disappearing over and over again. This happened prior to Patch Tuesday. See here (Norton)  and here (Wilders Security).


          ~ Annemarie

        • #176001

          I don’t remember any “Security” Monthly Rollup ever got pulled

          they get metdata revisions to postpone the auto deploy, or to exclude certain machines (i.e. AMD cpus in January)
          and they get fixes for their issues in preview rollups or OOB updates

        • #175943

          I updated MS Security Essentials on both computers.  I then ran Windows Update on both computers.  KB4088875 is missing from both computers, neither checked nor unchecked.  The laptop has the QualityComp subkey and the desktop does not have the QualityComp subkey.  When I edit the registry and put the subkey back in, something comes behind me and removes it.  This behavior is only happening on my desktop PC.

    • #176088

      Two issues have been added to the Windows 7 March 2018 Windows monthly rollup and Windows 7 March 2018 Windows security-only update.

    • #176291

      MS seem to have fixed the bug I found in search that was driving me crazy for months since they forced Cortana as the search interface. The post from which the quote comes from is dated March 9, 2018. But you need Fall Creator update for it, according to what is written. That terrible bug only took many many months to fix on rapid development cycle after what appears to be many insiders feedback.

      Search is no longer limited to your User Profile directory

      “Many Insiders have pointed out that Search was limited to certain folders on their PC (see Searching all files and folders with Cortana in the Feedback Hub). And they were right. Previously, Search would only cover the personal User Profile directory (e.g., C:\Users\MyName) by default. To expand the search, you’d need to filter your results to a specific type, such as Documents.

      Maintaining the balance between real-time search results and relevance can be tricky. However, we’re now able to search all indexed locations by default, as soon as you start typing. Want to expand which folders are indexed? Open the ‘Indexing Options’ tool and select ‘Modify’ to add additional locations. Note that adding additional locations may have performance implications on your PC and will impact battery life, depending on the size of the folder and frequency of changes.”

      It is interesting to note that this bug was actually a feature to speed up search. In what world would you provide the ability to modify indexing locations and expect that the system would just ignore all that when doing a general search and limits itself to the user profile directory???

    • #176330

      Issue added to March 13, 2018—KB4088875 (Monthly Rollup) and Cumulative security update for Internet Explorer: March 13, 2018: “After installing this update, Internet Explorer 11 may not launch for some users.”

      1 user thanked author for this post.
    Viewing 22 reply threads
    Reply To: Massive March Patch Tuesday relaxes antivirus restrictions, but there are problems

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: