News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Missed the September patches – now what?

    Home Forums AskWoody blog Missed the September patches – now what?

    This topic contains 18 replies, has 10 voices, and was last updated by  PKCano 1 month, 4 weeks ago.

    • Author
      Posts
    • #1977440 Reply

      woody
      Da Boss

      Just got a message from an old friend: Hello Woody: You briefly went to DEFCON-3 last week for installing the September updates, but then shortly afte
      [See the full post at: Missed the September patches – now what?]

      7 users thanked author for this post.
    • #1977634 Reply

      WildBill
      AskWoody Plus

      A message to Woody’s old friend: The last time Woody kept us at MS-DEFCON 1 or 2 was when he had us skip the July 2018 updates. It was the same situation as September 2019; M$ was messing up royally with patches.

      Windows 8.1, 64-bit, back in Group A... & leaning toward Windows 10 V1909. As long as it's a Lot Less Buggy!
      Wild Bill Rides Again...

      3 users thanked author for this post.
      • #1977771 Reply

        SueW
        AskWoody Plus

        @WildBill, thank you for a good reminder for all of us who missed the September patches! I went back to my notes for those August 2018 updates (DEFCON 4!), and saw that I installed both July’s and August’s Security Only patches plus August’s IE’s Cumulative patch. After checking for updates and hiding some of August’s updates and then checking for updates again, there were some July updates that also needed to be hidden.

        I suspect that this will be true once we get the go-ahead to install October’s updates — that there will be some September updates that will need to be hidden as well (Rollup & Preview).

        And, we’ll need to install the latest SHA-2 update (KB4474419) released 10/8 and the latest SSU (KB4516655).

        Win 7 SP1 Home Premium 64-bit; Office 2010; Group B; Former 'Tech Weenie'

    • #1977766 Reply

      anonymous

      Pardon my ignorance, but if we failed to install the Sept. 2019 updates and now we wait until the MS-DEFCON level changes to 3, 4, or 5 for Oct. 2019 updates.  Once we are ready to install again, do we install the Sept 2019 updates and then the Oct 2019 updates?  Or, do we skip the Sept. 2019 updates and install only the Oct 2019 updates?  I just want to be sure I understand.  Thanks for your patience.

      • #1977772 Reply

        PKCano
        Da Boss

        The Monthly Rollups for Win7/8.1 and the Cumulative Updates for Win10 are CUMULATIVE. That means the current one contains all the past ones plus any new changes. Therefore, there is no need to install Sept patches because they are contained in the Oct patches.

        If you are downloading the Security-only updates and manually installing them, that is a different story. The Security-only updates are NOT CUMULATIVE and each one is unique. So to be fully patched you will need to install all of them. But the IE11 Update IS cumulative, so you only need the latest one for manual installation.

        But we are still on DEFCON-1. WAIT.

        4 users thanked author for this post.
      • #1977773 Reply

        SueW
        AskWoody Plus

        Hi, anonymous, it depends 🙂  If you’re in Group A, the October updates are cumulative, and already include September’s, so you’ll only need to install October’s.  If you’re in Group B, see my post above yours.

        Oops — PKCano beat me to answering your question . . .

        Win 7 SP1 Home Premium 64-bit; Office 2010; Group B; Former 'Tech Weenie'

      • #1977774 Reply

        mn–
        AskWoody Lounger

        Well that depends.

        If you’re using rollups / cumulatives, the later ones are supposed to have everything.

        For the Security Only updates, you’re supposed to install all of them in chronological order, so as to not leave gaps.

        • #1977804 Reply

          Charlie
          AskWoody Plus

          Yeah, that’s what I thought too but was told you can skip them, especially since the IE S.O. updates are cumulative and the Sept. Windows updates are not really worth much according to Woody.

          Win 7 Home Premium, x64, Intel i3-2120 3.3GHz, Groups B & L

          • #1977807 Reply

            PKCano
            Da Boss

            There is no such thing as an IE SO.
            There is a Windows Security-only Update (which is NOT cumulative). You have to install each one to be fully patched. It is for manual download and install (not in WU).
            There is an IE11 Cumulative Update (which IS cumulative) and you only need the latest one (not in WU).
            There is a Windows Monthly Rollup (which IS cumulative) and is released through Windows Update.

            • #1977814 Reply

              Charlie
              AskWoody Plus

              Now I am confused.  This is what I go by:

              AKB2000003 Ongoing list of “Group B” monthly Security-only updates for Win7 and 8.1

              For Windows 7:

              Sep 2019 (IE11) KB 4516046 – Download 32-bit or 64-bit

              Sep 2019 (IE11) KB 4522007 – Download 32-bit or 64-bit (Released 9/23/2019 fixes remote code execution vulnerability CVE-2019-1367, prerequsites SSU KB 4516655 and KB 4474419 SHA-2 Code Signing Support )

              At any rate, it looks very much like I’ll be skipping the buggy Sept. IE update(s).

              Win 7 Home Premium, x64, Intel i3-2120 3.3GHz, Groups B & L

              • This reply was modified 2 months ago by  Charlie.
    • #1977809 Reply

      Charlie
      AskWoody Plus

      Are MS Office updates cumulative?  Not that I care, I managed to install them while on Defcon 3.  But for all those who didn’t, there will either be a slew of Office updates or just the Oct., depending.

      Also, the SHA-2 update KB4474419, and the mysterious KB4516655.

      Win 7 Home Premium, x64, Intel i3-2120 3.3GHz, Groups B & L

      • #1977812 Reply

        PKCano
        Da Boss

        You should install whatever Office updates you are offered CHECKED through Windows Update.

        You should install whatever KB4474419 SHA-2 coding support update you are offered CHECKED through Windows Update.

        KB4516655 is the Win7 Servicing Stack Update (not mysterious) which is the update for the Windows Updating mechanism itself. You should install it if it is offered CHECKED through Windows Update.

        BUT none of that while we are on DEFCON-1 = WAIT.

        2 users thanked author for this post.
        • #1977992 Reply

          alpha128
          AskWoody Lounger

          You should install whatever Office updates you are offered CHECKED through Windows Update.

          You should install whatever KB4474419 SHA-2 coding support update you are offered CHECKED through Windows Update.

          KB4516655 is the Win7 Servicing Stack Update (not mysterious) which is the update for the Windows Updating mechanism itself. You should install it if it is offered CHECKED through Windows Update.

          BUT none of that while we are on DEFCON-1 = WAIT.

          I’m running Windows  7  Pro x64.  All of my September updates have disappeared and I’m being offered October 8, 2019—KB4519976 (Monthly Rollup).

          However, prior to this I was offered SHA-2 code signing support update for September and now that’s gone.   I do have the 2019-08 version installed.  Do I need to download and install the 2019-09 version from the Microsoft Update Catalog when Woody changes the MS DEFCON level?

           

    • #1977848 Reply

      anonymous

      For Charlie. Hi, I wanted to add something I did not see in the several responses so far. The current status is optimistic, but still involves some chaos. Any specific directions given now may change as the remaining chaos resolves. Best directions will be available in the Computerworld article that Woody will write when it becomes appropriate. Guessing ahead of that event might lead in the wrong direction. Wrong directions create confusion. This is the longer explanation for the one word response to wait.

      1 user thanked author for this post.
    • #1978526 Reply

      cluffernut
      AskWoody Plus

      We had patched in September on our servers, seen lots of issues (SQL Data connections timing out, etc…) so we rolled backed.  We’re still seeing intermittent 2012 servers experiencing the black screen issue.  Only patch we didn’t/couldn’t roll back was the SSU (KB4512938).  I haven’t seen people complaining about this recently and there are no known issues on Microsoft’s site. It kinda has me scratching my head a bit.  Surprisingly, we’re not really seeing issues on our 2016 LTSB servers (1609).

    • #1979139 Reply

      TonyC
      AskWoody Lounger

      Windows 7 SP1 x64 Group B.

      I’ve read through the posts in this thread for an answer to my query, but I might have missed a post in another thread which answers it. If so, I apologise.

      I patched my system during the MS-DEFCON 3 window and, as far as I can tell, my system is running perfectly. What am I advised to do? Leave things as they are or uninstall the September patches?

      FYI, I installed only the following patches, all from the Microsoft Update Catalog:

      KB4516655 – the latest SSU
      KB4474419v3 – the latest SHA-2 update
      KB4516033 – 2019-09 SO update for Windows 7
      KB4516046 – 2019-09 IE11 CU for Windows 7

      1 user thanked author for this post.
      • #1979145 Reply

        PKCano
        Da Boss

        If you are not having any problems, leave things as they are.

        No need to uninstall anything.

        1 user thanked author for this post.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Missed the September patches – now what?

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Cancel