News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • MS-DEFCON 3: Get Windows XP, Win7 and associated Servers patched

    Home Forums AskWoody blog MS-DEFCON 3: Get Windows XP, Win7 and associated Servers patched

    This topic contains 288 replies, has 73 voices, and was last updated by

     SueW 12 hours, 4 minutes ago.

    • Author
      Posts
    • #1627867 Reply

      woody
      Da Boss

      If you’re running Win8, 8.1, 10 or related Server versions, stay on MS-DEFCON 2. Don’t install this month’s patches just yet. But if you have: Windows
      [See the full post at: MS-DEFCON 3: Get Windows XP, Win7 and associated Servers patched]

      Total of 24 users thanked author for this post. Here are last 20 listed.
    • #1628047 Reply

      weedacres
      AskWoody Plus

      You’re suggesting that we install the Windows 7 May updates that were just released yesterday?

      • #1628051 Reply

        Microfix
        Da Boss

        exceptional circumstances require action.’Rock and a hard place’ for Woody. IIRC this is the FIRST time OSes have been segregated for patching according to the MS-DEFCON level.

        ********** Peng/Wins x86/x64 **********

        8 users thanked author for this post.
        • #1628081 Reply

          woody
          Da Boss

          You’re right. It’s extremely rare.

      • #1628080 Reply

        woody
        Da Boss

        Yes. There are caveats, discussed in the article, but the threat is very real.

        IMHO, you’re better off patching now and picking up the pieces later, if need be. It’s been years since I’ve said that, but this situation’s potentially dire.

        5 users thanked author for this post.
        • #1628150 Reply

          willygirl
          AskWoody Plus

          I’ll do a system image and then update by day’s end. Will report in later with results.

          Win7 SP1 Home 64-bit; Office 2010; GrpA/B, when all is said, done and fixed, Mac OSX to help me sleep at night.

          3 users thanked author for this post.
      • #1628307 Reply

        PKCano
        Da Boss

        For those of you patching Group B:
        Please read these instructions – there is an extra step you will need to take.

        5 users thanked author for this post.
        • #1628824 Reply

          Ed
          Subscriber

          @pkcano

          Is there a way to verify that the “pciclearstalecache” file actually ran & did what it was supposed to do?

          I put both files in a folder on my Desktop with nothing else in the folder. After I launched KB4499175 the progress bar sat around the 25-30% area for quite some time before taking off again and completing. I watched the progress box constantly during the entire process but I didn’t see a command prompt briefly appear or for that matter I didn’t see even a “blink”. After completion and restarting the “trustedinstaller” process ran for quite a bit longer than it normally does and checking my Windows Update history now it shows KB4499175 as being installed successfully.

          • #1628840 Reply

            PKCano
            Da Boss

            There is a Registry change indication, but I can’t remember what it is. (I have a good memory, it’s just not very long).

            If you search the site for pciclearstalecache, you will find it mentioned somewhere in the first half of 2018 along with Internet connection problems and disappearance of fixed TCP/IP settings on networks.

            • #1628999 Reply

              Ed
              Subscriber

              After looking through a slew of posts going back as far as 5/2018 I couldn’t find anything of help so I still don’t know if putting both files in the same folder produced the desired outcome or not.

              If the pciclearstalecache file didn’t run would KB4499175 still show as installed successfully in the update history? I can’t believe I’m the only one wanting to verify the outcome of this!

            • #1629016 Reply

              PKCano
              Da Boss

              The information IS there – or just trust me for now. I don’t have time to look it up for you.

              UPDATE: The first information on the pciclearstalecash file I have is it was bundled with the April 2018 Monthly Rollup KB4093118 delivered through WU – that will give you something to go on for searching.

              1 user thanked author for this post.
            • #1629185 Reply

              JNP
              AskWoody Plus

              I don’t know if this indicates anything, but with both the security update and the IE update, and the “pciclearstalecache” file in the same folder with the other two files, once you hit the install tab, for a fraction of a second, you will see some sort of message flash about the cache file being enabled, or something like that.  As I’ve already installed the updates on my two computers, I am sorry I can’t provide the exact message that flashes.

            • #1629194 Reply

              PKCano
              Da Boss

              Go back and re-read those instructions. They tell you what you saw.

            • #1654864 Reply

              Ed
              Subscriber

              Here’s some additional information… a search of the Registry for either of the strings below came back empty after running the update with both files located in the same folder on 5/15/2019…
              pciclearstalecache
              SlotPersistentInfo

              However… I noticed that the pci.sys file itself in the System32\Drivers folder changed after running the update! Here’s what changed for both 32 and 64 bit Windows 7.

              BEFORE running the update the date modified on the pci.sys file was 2/10/2018 and the file version was 6.1.7601.24056.
              AFTER running the update the date modified is now 4/18/2019 and the file version is now 6.1.7601.24441.

              The only difference I see between 32 bit and 64 bit is the file sizes. 32 bit has a file size of 150 kb and 64 bit’s file size is 180 kb. NOTE: These file sizes are noted from the file’s Properties – NOT the file size that shows in Windows Explorer.

              1 user thanked author for this post.
            • #1679451 Reply

              walker
              Subscriber

              @pkcano:  I’ve not had computer access for a short time, and now I’m seeing this pciclearstalecache reference which I do not know what it is.   Could you please provide this information for me?  Apologies once again for being caught without needed information.  Thank you, as always, for your expertise, and knowledge in helping us all.

            • #1679452 Reply

              PKCano
              Da Boss

              @walker
              You are in Group A.
              You do not need the pciclearstalecache.
              It is for Group B people.

              1 user thanked author for this post.
            • #1679905 Reply

              walker
              Subscriber

              @pkcano:  Thank you so much for the information on this.  I am attempting to get caught up once again, and I appreciate your assistance with this.   YOU DESERVE A HUGE, HUGE “STAR”, from all who use the information you so patiently and freely provide.    Thank you once again for your help.    🙂

          • #1629238 Reply

            jburk07
            AskWoody Plus

            @ed:
            When we ran that pciclearstalecache.exe in 2018, you could look in Windows\Logs to see that the “date modified” had changed to the current date (or rather, the date it ran) for the PCIClearStaleCache.txt file. That’s how we could tell it had run then; don’t know if that’s the case this time.

            Group A Win7 x64 Home Premium SP1 Ivy Bridge

            3 users thanked author for this post.
            • #1630998 Reply

              byteme
              AskWoody Plus

              FWIW, I can report that I ran the 4499175 msu today (with the new pciclearstalecache .EXE file in the same folder), and the .TXT file in the Windows\Logs folder on my PC is still the one dated 4/28/18.

              3 users thanked author for this post.
            • #1636473 Reply

              Ed
              Subscriber

              Same here, mine is dated 5/10/2018 which is the same date other updates show were installed in my update history.

              My thoughts are either the file in the Logs folder should have been replaced with a new one or the date/time stamp should have changed. I’m also wondering if KB4499175 showing in the update history as successfully installed equates to BOTH processes completed successfully?

              I still have 15 more computers to run these updates on and I’m holding off on all of them until I find out how to verify the process actually went as it should. I just finished running the April updates on all of these systems a couple days ago and I certainly don’t want to re-visit these 16 computers a third time because this didn’t work!

              1 user thanked author for this post.
            • #1638221 Reply

              jburk07
              AskWoody Plus

              Microsoft’s article about the May *rollup* (not the SO) says pciclearstalecache is no longer included, starting with the April rollup:

              https://support.microsoft.com/en-us/help/4499164/windows-7-update-kb4499164

              “Administrators should ensure that any one or more of the Monthly rollups released between April 10, 2018 (KB4093118) and March 12, 2019 (KB4489878) have been installed prior to installing April 2019 and later updates. Each of these rollup updates includes PciClearStaleCache.exe.”

              Sort of sounds like maybe there was only one updated version that has to be run once, if I’m understanding what they’re saying. Maybe they keep including it in the Security Only patches since those aren’t cumulative?

              Group A Win7 x64 Home Premium SP1 Ivy Bridge

            • #1638300 Reply

              PKCano
              Da Boss

              The pciclearstalecache has NOT been included with the Security-only Updates until now. It was only included with the Monthly Rollups. May 2019 is it’s first appearance with the SOs.

              3 users thanked author for this post.
            • #1643911 Reply

              OscarCP
              AskWoody Plus

              I have looked into Born’s article on this, in the MS page for the May updates and around the Web (in the hits in a Google search), and all that turned up was that, while there was a mention of pciclearstalecache whenever the Rollup was mentioned (to the effect that it is no longer included in it and has to be put separately in the same place with the Rollup update), there was no mention of it wherever the Security Only update was mentioned.

            • #1644192 Reply

              PKCano
              Da Boss

              It is no longer bundled with the Monthly Rollup but it is now bundled with the May Security-only Update. See #1621530. This is the first time it has been bundled with the Security-only Updates.

            • #1644344 Reply

              OscarCP
              AskWoody Plus

              Oh, now I might finally understand this: the “pci..etc” file is already “bundled with” = “Part of ” the Security Only patch, so one does not have to download it and put it in the same directory with this patch. One has to do that only with the Monthly Rollup, because it is not “bundled” = not “part of” the Rollup for this month. That is why I can’t find a mention of pci…etc in connection to the Security Only patch, or so I hope. Right?

            • #1644372 Reply

              PKCano
              Da Boss

              “Bundled with” does not mean a part of, it means included with. There are two files. Please follow the link and read about it.

              1 user thanked author for this post.
            • #1644596 Reply

              OscarCP
              AskWoody Plus

              OK, I think I got it now: the Rollup came “bundled” with the pi…etc before, so two files were downloaded together, now the pci..etc is not included in the download of the Rollup, so it has to be downloaded separately and “by hand”. As to Security Only, things are same now as they were earlier for the Rollup, when both files were “bundled”. But both have to be still in the same directory when installing the Sec. Only. Thanks, PK.

    • #1628132 Reply

      arfurdent
      Subscriber

      makes you wonder what else is out in the undergrowth just waiting to be revealed

      or is it a cunning plan by Microsoft to enhance migration to Windows 10

      2 users thanked author for this post.
      • #1641029 Reply

        Charlie
        AskWoody Plus

        I’ve been thinking the exact same thing!

        Win 7 Home Premium, x64, Intel i3-2120 3.3GHz, Groups B & L

    • #1628126 Reply

      Arctic.Eddie
      Subscriber

      Is there any way of fixing that particular problem with a single file other than the whole monthly security update? There has not been enough time to find all the other flaws in the May update. Win XP has a single ~500K update.

      • #1628130 Reply

        PKCano
        Da Boss

        There are no individual updates available for Win7.

        3 users thanked author for this post.
      • #1628152 Reply

        Microfix
        Da Boss

        Windows XP had/has a completely different patching system addressing issues. With Win7 through to W10, this all changed in October 2016 where individual patches were rolled-up in SO (Security Only-from the MS catalog) and SQMR (Security Quality Monthly Rollup from Windows Update).

        I do believe there are ways to break them apart but, there are also caveats in doing so and I certainly would not recommend it.

        ********** Peng/Wins x86/x64 **********

        1 user thanked author for this post.
      • #1628205 Reply

        woody
        Da Boss

        fixing that particular problem with a single file other than the whole monthly security update

        That’s an enormous problem. See the article.

    • #1628209 Reply

      KarenS
      Subscriber

      So are you recommending that we install all of May’s patches….including the Monthly Rollup, NET patch and all office patches? Windows 7 Group A here!

      1 user thanked author for this post.
      • #1628219 Reply

        woody
        Da Boss

        At this point, as mentioned in the article, install all available checked Win7 patches (.NET, Office, too), particularly including the Monthly Rollup.

        I figure that’ll reduce your chances of hitting a bump in the road.

        9 users thanked author for this post.
        • #1680295 Reply

          walker
          Subscriber

          @woody:  Just wanted to verify that you are saying that it’s okay to install the Windows updates you mentioned here:

          But if you have:

          • Windows XP (including Embedded)
          • Windows Server 2003, Server 2003 Datacenter Edition
          • Windows 7
          • Windows Server 2008, Server 2008 R2

          you need to get patched right away

          It is so unusual I just wanted to verify.   Apologies for the question – – – Your wonderful advice is followed by us all.   Thank you so much for all of your help.

          • #1680552 Reply

            PKCano
            Da Boss

            Yes, @walker you need to go ahead and patch your Windows 7 now.

            • #1691397 Reply

              walker
              Subscriber

              @pkcano:  Thank you so much for the verification on installation of these updates.  I have two only to do, so hoping that all will go well.  Your knowledge of computers is absolutely the “very best“, and I do say “thank you, thank you, and thank you” once again for all of the outstanding expertise you possess and share with all of us.

            • #1692402 Reply

              walker
              Subscriber

              @pkcano:  I apologize for asking a question about the NET Framework update, as I just re-read the message where you stated to install ALL Windows 7 updates.   It appears to me that the only 2 updates I have are safe to install as you referenced in this message.

              Thank you once again.   I do appreciate your help more than words can ever adequately express.

    • #1628222 Reply

      James Bond 007
      Subscriber

      It seems to me, after 4 months of not patching (from January to April), that I will finally be patching my Windows 7 and 8.1 systems this month. That “wormable” vulnerability seems to be quite serious.

      Just not now. No, I am not doing it now, not until I know what kind of problems to expect from the Windows 7 May patches. I don’t trust Microsoft’s track record on these patches.

      I am running Windows 8.1 and MacOS Sierra / High Sierra in addition to Windows 7, and I believe I can afford to wait and see. I disabled Remote Desktop on every one of my Windows computers and I don’t think I am affected, even on Windows 7.

      Hope for the best. Prepare for the worst.

      2 users thanked author for this post.
      • #1628249 Reply

        warrenrumak
        AskWoody Plus

        As long as you aren’t exposing RDP to the outside world — and why the heck would you with unpatched systems? — you should be fine.

         

      • #1628258 Reply

        woody
        Da Boss

        I believe I can afford to wait and see. I disabled Remote Desktop on every one of my Windows computers and I don’t think I am affected, even on Windows 7.

        You would think so, wouldn’t you? It’s a reasonable conclusion. But I can’t find one, single statement from a Microsoft employee who’s willing to reassure folks that way.

        Like I said, there are many unanswered questions.

        3 users thanked author for this post.
        • #1630553 Reply

          Ascaris
          AskWoody_MVP

          And if you have Windows 7 Home, it doesn’t come with RDP functionality anyway, so if you didn’t install additional software to enable it, it’s already off.

          Group "L" (KDE Neon User Edition 5.15.5 & Kubuntu 18.04).

          2 users thanked author for this post.
          • #1635314 Reply

            hitokage
            Subscriber

            It’s possible that Windows 7 Home Premium is affected as well since it does have Remote Assistance, which is a limited/restricted version of RDP, and likely uses most of the same back-end.

            1 user thanked author for this post.
        • #1681541 Reply

          Northwest Rick
          Subscriber

          Is there a way to hide OS information from external probing?

      • #1628278 Reply

        anonymous

        JamesBond I agree. I will be waiting a few days too. We have “remote anything” turned off in the Services (disabled).

        So Woody, 1. can we be affected if the service is off? 2. I assume … the Security Only (SO) patch for May will have the patch just the same as the full monthly patch, correct?

        Thank you.

        Windows 7 64bit Group B

        1 user thanked author for this post.
        • #1628302 Reply

          PKCano
          Da Boss

          See my information about the May Security-only patch here. There is a precaution you need to take.

          • #1628448 Reply

            anonymous

            Thank you PKC that is good info. But, I would like a comment from Woody on “if the service for remote is disabled. is one still vulnerable?”

            Thank you again.

            Windows 7 64bit Group B

            • #1628766 Reply

              woody
              Da Boss

              I would like a comment from Woody on “if the service for remote is disabled. is one still vulnerable?”

              Excellent question. I would think so – but I don’t know.

              The problem is that the bug appears to be in something that’s a precursor to RDP authentication. Microsoft hasn’t given us enough information to say, definitively, that turning off RDP or blocking the RDP port, will also block the vulnerability.

              Unless MS comes out and says something official, I have no way to verify the hypothesis, one way or the other.

              4 users thanked author for this post.
    • #1628229 Reply

      anonymous

      For the record: Windows 7 Professional, Intel-based, no anti-virus other than Defender / Windows Firewall. Group A. Installed all “Important” updates that were offered and checked, which were three or four related to Office, the monthly rollup, a .NET rollup, and Defender definitions. (I skipped the virus scanning tool.)

      The installation proceeded with no abnormalities and so far everything is working as expected. It’s a bit early yet, but I’ve run a few programs so far as experiments and the system appears to be fine.

      4 users thanked author for this post.
      • #1628303 Reply

        anonymous

        (Correction: Oops, this particular machine is Home Premium, not Professional. Keep forgetting that.)

        2 users thanked author for this post.
    • #1628241 Reply

      Seff
      AskWoody Plus

      The MS information page for the Win7 monthly rollup KB4499164 is reporting problems with McAfee.

    • #1628243 Reply

      willygirl
      AskWoody Plus

      I believe I can afford to wait and see. I disabled Remote Desktop on every one of my Windows computers and I don’t think I am affected, even on Windows 7.

      I believe this threat goes beyond Remote Desktop, best to follow Woody’s advice.

      Win7 SP1 Home 64-bit; Office 2010; GrpA/B, when all is said, done and fixed, Mac OSX to help me sleep at night.

    • #1628244 Reply

      dinosaur
      Subscriber

      “If you’re running Vista, hang tight”.  I am doing just that in respect of a Vista machine (yes, some are still in use!)  and I hope that Microsoft will quickly rectify their omission.  The last time they issued a critical XP patch they did remember to issue one for Vista as well.

      1 user thanked author for this post.
      • #1637676 Reply

        Pim
        AskWoody Plus

        I was able to install the Server 2008 security only update on my Vista system.

    • #1628252 Reply

      TheOwner
      Subscriber

      In Win 7 patch “May 14, 2019—KB4499164 (Monthly Rollup)” is not mentioned “CVE-2019-0708 (Remote Desktop Services Remote Code Execution Vulnerability)”.

      So fix is not present?

      2 users thanked author for this post.
      • #1628255 Reply

        woody
        Da Boss

        Blame Microsoft’s lousy documentation. The RDP “wormable” bug is fixed in the Monthly Rollup. It apparently falls under this item:

        Security updates to Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Storage and Filesystems, Windows Cryptography, Windows Wireless Networking, Windows Kernel, Windows Server, and the Microsoft JET Database.

    • #1628259 Reply

      TheOwner
      Subscriber

      Blame Microsoft’s lousy documentation. The RDP “wormable” bug is fixed in the Monthly Rollup. It apparently falls under this item:

      Security updates to Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Storage and Filesystems, Windows Cryptography, Windows Wireless Networking, Windows Kernel, Windows Server, and the Microsoft JET Database.

      This is only general information, no details. So we cannot be sure.

      • #1628317 Reply

        b
        AskWoody Plus

        For more information about the resolved security vulnerabilities, please refer to the Security Update Guide. (from KB4499164)

        So you can be sure by reading the Security Update Guide for CVE-2019-0708

         

        Knuckle dragger Cannon fodder Chump Daft glutton Idiot Sucker More intrepid Crazy/ignorant Toxic drinker Saluted blockhead "Unwashed mass" (Group ASAP) Win10 v.1903

        1 user thanked author for this post.
    • #1628819 Reply

      teknews
      AskWoody Plus

      Installed the Updates on Win 7 Enterprise x64 and have had 2 bluescreens already. Haven’t had one of those in 10 months till today.

      2 users thanked author for this post.
      • #1629119 Reply

        woody
        Da Boss

        OUCH.

        If you uninstall the patch, does the bluescreen go away?

    • #1628821 Reply

      bobcat5536
      AskWoody Plus

      Windows 7 Pro…Group A…Just finished installing May updates and so far so good. (Knock On Wood )

      Update:  Windows explorer has failed to start, looking for a solution or something to that effect. It then started okay.

      This is the first time I have seen this on this computer. Will continue to monitor and see if it persist, and if it does, I will let everyone know. May or may not be a buggy update.

      3 users thanked author for this post.
      • #1628893 Reply

        LHiggins
        AskWoody Plus

        Just did the May updates on my laptop – Win 7 Home, Group A. All seems fine, though a bit sluggish. I haven’t seen any issues. Will restart again and see if all remains well. If it is, I’m going to go ahead on my desktop – also Win 7 Home, Group A. Fingers crossed!

        2 users thanked author for this post.
        • #1628943 Reply

          anonymous

          Hello LHiggins, Two things I do with every MS update session is to Reboot SEVERAL times and let it sit for several minutes. On the last reboot to go to the desktop and let it sit 45 to 60 minutes to “Process Idle Tasks” and let the trusted installer (as per PKCano) run if needed.

          It takes at least 20 minutes for the computer to realize you are not using it. If you notice the hard drive light flashing after that, it is “Process Idle Tasks”. Leave it alone (and not go to sleep) until the drive light stops flashing wildly, then reboot again since part of the “Process Idle Tasks” is to reorganize the startup file order.

          Hope this helps.

          Windows 7 Group B

          4 users thanked author for this post.
          • #1629140 Reply

            LHiggins
            AskWoody Plus

            Thanks so much for that explanation! I usually am very anxious to see if there are any issues so I get impatient. I’ll follow your advice from now on – several reboots and one long rest at the end!

            Thanks so much!

            LH

            • #1633251 Reply

              Elly
              AskWoody MVP

              @LHiggins-

              A more precise way of seeing if Window Updates have completed their mission is by opening the task manager, and checking CPU usage after the first reboot, and waiting until it drops below 10% before doing anything else. Rebooting again, before that, simply interrupts the process.

              I’m not sure why you would be doing multiple reboots for updates routinely?

              Win 7 Home, 64 bit, Group B

              4 users thanked author for this post.
            • #1633267 Reply

              anonymous

              Hello Elly, nice to talk to you again. Elly your idea is a good one of looking to see if any behind the scenes ‘Idle Tasks” are presently running. For the last few years I and others I deal with will install the MS patches one-by-one, with a reboot after each. I notice my computer runs odd after MOST of these MS updates. I then reboot the computer 2, 3 or more times until is seems to act more normal. I had one poster disagree and say this will all happen eventually with time. Yes, that is true, but I want my computer running properly “right now” (in 20 to 45 min) not in a few days.

              The other reason for the reboots is that the computer forces processes (install processes) to end/finalize and get written to disk, forces the registry to write to disk (hopefully before a blue screen happens) and recover normal operation faster. The 45 minute sit idle finishes any leftovers.

              I would also recommend people run disk defragmenter on a rotating drive and TRIM (optimize) on an SSD. (Note here at Woody’s there was a discussion of SSDs now being far superior to those of yesteryear and it was OK to run Disk defragmenter on these new drives. Some still say NO some say YES.) https://www.askwoody.com/forums/topic/langalist-i-know-to-de-fragment-my-hdd-and-not-to-de-fragment-my-ssd-do-i-de-fragment-my-hybrid-drive

              Thank you.

              3 users thanked author for this post.
            • #1633260 Reply

              anonymous

              Hello again LHiggins, the “rest” or idling afterwards is good. One item I forgot to mention was this month also has .NETs to install. Whenever a .NET is updated or installed, it then needs to run MSCORSVW to rebuild or consolidate the .NET image. his takes time and even though MS says it is transparent, one can feel the sluggishness it produces.

              If you or others here are interested, one can run the MSCORSVW .net image compiler (NGEN) manually. http://blogs.msdn.com/b/dotnet/archive/2013/08/06/wondering-why-mscorsvw-exe-has-high-cpu-usage-you-can-speed-it-up.aspx

              Hope this helps.

              Windows 7 Group B

              5 users thanked author for this post.
            • #1636796 Reply

              LHiggins
              AskWoody Plus

              Thanks!

              What I have noticed on both of my win 7 machines after the May updates is that they are both running SearchProtocolHost.exe for a long period of time – seemingly indexing every file on the computer! Is that a part of what this update should do? After about 2 hours, I did have to let both sleep, but it started right up again when I woke them this morning. Does that mean it starts over each time or does it pick up from where it left off?

              Is there a solution to that long run time? I also did see MSCORSVW running on my laptop, but I don’t recall it on the desktop.

              Any suggestions on getting that SearchProtocolHost.exe to stop running would be appreciated.

              Thanks!

            • #1640141 Reply

              anonymous

              Hello again LHiggins, every now and then I hear of an odd CPU issue with that which is the INDEX feature of Windows. On some machines we have it off on others it was left alone.

              You might want to investigate resetting or forcing a rebuilding of the index.

              https://www.winhelponline.com/blog/reset-rebuild-windows-search-index-fix-problems/

              Way back in 2013 people were complaining of this in the MS forum and some said that fixed them.

              Hope this helps. Let us know if it does or not.

              Windows 7 Group B

              3 users thanked author for this post.
            • #1641580 Reply

              LHiggins
              AskWoody Plus

              Thanks for the link and information. It seems to have settled down on both computers – it runs, but nothing like yesterday! Could it have been re-indexing everything after the MS Updates?

              A question – I had read that I can change the indexing options so that it doesn’t index everything. Is that a good idea? There are probably files and folders that I never search that might not need to be indexed.

              Or turn it off completely? Would I want to do that? This is Win 7, and other than after the updates yesterday, I didn’t really notice if it was running a lot or not.

              To tell the truth, until this latest update I really didn’t notice this search indexing running so much. I generally keep track of my memory usage with system monitor, but it was when I was looking at the actual disk activity that I noticed the many many files that were being indexed by searchprotocolhost.exe. I’ll have to pay closer attention when I restart from now on to see what it is doing.

              On my laptop, the memory usage is usually between 60-70% but the CPU isn’t usually very high – 10-15% depending on what is running.

              On the desktop, memory usage is generally between 15-20%, and CPU is pretty low unless something is actually running – right now, 0-1% while it is “idling”.

              Do those sound OK?

              I’ll take a look at the article, too and see if that might help. Thanks again!

              LH

            • #1657204 Reply

              anonymous

              Hello LHiggins, Hope things are going better for you. ” Could it have been re-indexing everything after the MS Updates?” Possibly. I am not an indexing expert. Like I said we have it off on some computers and left alone on the ones that didn’t give us any troubles. I would leave it on if you can. Someone like NOELC might want to comment.

              “A question – I had read that I can change the indexing options so that it doesn’t index everything. Is that a good idea?”. Again it is up to you on how you use your computer. How often do you have it look for a file? If you very seldom have it look then maybe turning off or adjusting the indexing to suit you would be better. If you do search for files regularly, then maybe the defaults are best. See,
              https://www.howtogeek.com/272158/how-to-choose-which-files-windows-search-indexes-on-your-pc/

              “On my laptop, the memory usage is usually between 60-70% but the CPU isn’t usually very high – 10-15% depending on what is running.” This appears to be straining. If you could add ore RAM that would help. 10-15% is OK if something is actually running you want. If it is always hovering at 10% then why? It should go to 1-2% when truly idle.

              “On the desktop, memory usage is generally between 15-20%, and CPU is pretty low unless something is actually running – right now, 0-1% while it is “idling”. This sounds very good.

              Windows 7 Group B

              1 user thanked author for this post.
            • #1675716 Reply

              LHiggins
              AskWoody Plus

              Thanks so much! I’ll check out that link about indexing.

              I agree that the laptop seems to be overworking. It has 4gb RAM and I was thinking of adding another 4 – that should help things a bit. There does seem to be a lot running in the background – I’ll need to really take a look and see what I might want to change.

              Things are better as far as the desktop. I guess next time I update, I’ll be sure to let it finish its work before doing anything, and also check to see if that odd indexing behavior happens again.

              Thanks for your help! Much appreciated!

    • #1628888 Reply

      anonymous

      Windows 7 Home, just installed the May updates I received (5 in total), things look okay so far… I will report back if something goes awry.

      2 users thanked author for this post.
    • #1628924 Reply

      T
      AskWoody Plus

      I was curious if there is a lounge thread on how people are going about disabling remote desktop. So far i’ve disabled remote desktop services within services and i always have the option ‘allow remote assistance connections to this computer’ unchecked.

      1 user thanked author for this post.
      • #1628981 Reply

        anonymous

        Hello T, one thing is to turn off remote access by removing the check.

        https://www.lifewire.com/disable-windows-remote-desktop-153337

        Another is to go to services.msc and go down to Remote Desktop Services and disable that services (be careful!) and any others that deals with remotely accessing your computer, such as Remote Registry.

        While you are there if you are on Windows 7, do you need to have error reports? If you feel you don’t consider disabling “Windows Error Reporting”.

        Do not disable services unless you researched them first. A service may be needed but look bad to you in its name.

        Hope this helps.

        3 users thanked author for this post.
    • #1628934 Reply

      anonymous

      Win 7 Pro x64, Group B. Did the SO as instructed, IE11 and SO .Net 4.6.1, then fired up WU and hid the rollups and updated Defender and two Office 2010 updates before shutting off WU again. Nothing is smoking. Suppose I should be grateful for small mercies…

      3 users thanked author for this post.
    • #1628947 Reply

      OscarCP
      AskWoody Plus

      I have RDP turned more or less permanently off (except when I need to swap files between it and my Mac) and, with the alternatives to Windows I have obtained already as a precaution (and, with no known evidence to the contrary, I must assume they are OK already after their very recent patching — cross my fingers), given the near-future EOL of Windows 7, I am also keeping my home Windows PC off the Internet for a few more days, to have some time to see how things develop. But, with the limited information available, what is the best way to ensure safety within any given situation (users of home, small business or corporate computers) still cannot be decided based on the  still not entirely clear information available from MS (something that Woody has pointed out in one of his entries here). So, good luck to all of us!

      Group B Windows 7 Pro, SP1, x64 + macOS & Linux Mint.

      1 user thanked author for this post.
    • #1628949 Reply

      rick41
      Subscriber

      Windows 7 64-bit, Group A.  Updated and all seems OK (so far…)  But — as now seems to happen more months than not — Windows Media Player has to be re-configured.  An annoyance, but a minor one since all options/settings are retained except for how often to check for updates.

      2 users thanked author for this post.
      • #1629001 Reply

        anonymous

        I agree, this is not needed and IMO, this is borderline harassment for having Window 7. I don’t have to reconfigure it every time I update my Windows 10 computer.

        1 user thanked author for this post.
    • #1628955 Reply

      fernlady
      Subscriber

      I installed kb4499406, kb4499164 and kb890830 and all went well. Came over here to post, clicked on the main title and the running conversation was no where to be seen. Clicked on recent replies and all could be seen. Anyone else have that surprise?

      Windows 7 Home Premium x64 AMD Group A Realtek PCLe GBE Family Controller

      2 users thanked author for this post.
      • #1628982 Reply

        PKCano
        Da Boss

        Always click on the “Comment on the AskWoody Lounge” link, NOT on the title of the Topic/blogpost.

      • #1630897 Reply

        anonymous

        Getting the same issue, I thought it was just me. Clicking on a news item on the front page up until yesterday used to bring up a page with the entire thread. Is removing this feature intentional to push us onto the “Comment on the AskWoody Lounge” link as PKCano suggested?

    • #1628958 Reply

      tom341
      Subscriber

      I’ll rely on my security suite and common sense, haven’t patched since Dec 2017

      1 user thanked author for this post.
      • #1629138 Reply

        woody
        Da Boss

        Danger, Will Robinson.

        If and when somebody turns this into a worm, as long as you have RDP exposed to the internet, you’re vulnerable.

        This is one of the rare instances when antivirus and common sense won’t help.

        4 users thanked author for this post.
      • #1637514 Reply

        EP
        AskWoody_MVP

        bad idea, tom341

        those using XP/Vista/Win7 should patch ASAP

    • #1628979 Reply

      Mr. Natural
      AskWoody Plus

      I have around 40 windows 7 machines that I’ll be pushing KB4499164. If I run into anything I’ll let you know. All the other May updates are on hold except for the flash updates. I still need to take a closer look at the .net patch with the issue. I’ll give that a couple days to see if any problems are reported.

      Red Ruffnsore reporting from the front lines.

      4 users thanked author for this post.
      • #1656359 Reply

        Mr. Natural
        AskWoody Plus

        Nearly all of the above mentioned Windows 7 systems now have KB4499164 installed with no issues to report.

        Red Ruffnsore reporting from the front lines.

        3 users thanked author for this post.
    • #1629149 Reply

      anonymous

      That pciclearstalecache.exe is showing up again and really I downloaded and ran that by accident twice when trying to install the May 2019 secrity only Windows 7 patch(Kb4499175).

      How about Microsoft you include some spaces between that download and the actual security update as they were are listed so close with no spaces inbetween them and I could have accidently clicked on the update without first clicking on the pciclearstalecache.exe option!

      Your Standalone installer packages need to have more messages that inform the user if the installer is auto setting a new restore point before installing any update done via the update catalog/standalone installer. I always manually create a restore point before each individual standalone update just to be safe.

      Also are there going to be any more updates of the windows updating/servicing stack(SSU) subsystems that have to be applied that are similar to servicing stack update KB4490628.

      Some folks need some whitespace between individual downloads if the standalone installer package is delivering more than the just the individual KB and May 2019’s came with that pciclearstalecache.exe and the Kb4499175 update. Microsoft some folks have bad eyesight so seperate the individual .exe and KBs/whatever choices by double spacing the individual entries.

      That CVE-2019-0708 ‘Wormable’ Flaw is actively exploited for things to go to DEFCON 3 for windows 7.  But I’m not noticing any issues currently with the May 2019 KBs so my other backup laptops(All windows 7) can wait a while longer as they only go online for new window updates mostly then its back to storage until the next round of KBs the following month…(Until Jan 2020). Even XP is getting some late love from MS for that one also.

    • #1629168 Reply

      anonymous

      Does this apply to Windows Home Server?

      1 user thanked author for this post.
    • #1629182 Reply

      dgreen
      Subscriber

      The MS information page for the Win7 monthly rollup KB4499164 is reporting problems with McAfee.

      You know, I’ve been thinking about the different AV not playing nice with Windows 7 rollups, updates, etc.  ie last month’s AV that were having issues, and now McAfee….
      I have MSE for my AV and so far, knock on wood, no problems.
      It would be interesting to find out if anyone with MSE is having issues.
      My money is on “no” they are not.
      Having said that,
      Is MS messing with all the other AV’s that run Windows 7 because they don’t want them to work anymore with Windows 7?
      I’m on the fence about continuing to keep W7 after EOL but was wondering what AV I could use.
      TBH, I don’t really trust MS with anything Windows 7.
      My RDP has always been off.
      I think I’m going to hold off a couple of days and stay tuned here to see what issues may or may not be reported.
      Years ago when I had XP and they wanted people to upgrade,
      I always felt that an update is what bricked my computer.
      I’m feeling this is a dejavu.

      Dell Inspiron 660 (new hard drive installed and Windows 7 reloaded Nov. 2017)
      Windows 7 Home Premium 64 bit SP 1  GROUP A
      Processor:  Intel i3-3240 (ivy bridge 3rd generation)
      chipset Intel (R) 7 series/C216
      chipset family SATA AHCI Controller -1 E02
      NIC Realtek PCLE GBE Family Controller

      MSE antivirus
      Chrome browser

       

      1 user thanked author for this post.
    • #1629184 Reply

      Bill C.
      AskWoody Plus

      Windows 7-64 Professional SP1 on Intel DX58SO2 motherboard and i7-960 CPU, 12 GB Ram, nVidia GTX 660Ti SC (3MB) and spinning HDDs, wired network, no wireless or bluetooth, no overclock. Home built.

      Patching as Group B, installed May 2019 Security Only and IE patches, no issues. Single reboot after each. Installed .NET updates via WU, no issue (required reboot). Office 2010 patches and MSRT installed via WU. Sitting at a walnut desk with knuckles knocking on wood, no issues so far after 2 hours. The installs seemed to take the standard amount of time. No flash of a CMD window from the pciclearstalecache.exe part, but that had been installed before.

      I see no loss of performance at this time.

      Hope this helps.

      I intend to install the XP patch from the Catalog on the offline XP machine just in case I go online, but for now it remains offlime.

      5 users thanked author for this post.
    • #1629212 Reply

      Installed KB890830-MRT, Rollup for .NET KB4499406, Rollup for Win 7 KB4499164;

      No issues so far, but it’s early. (Whew)

      (BTW, heckuva time for one of my backup drives to act goofy…but you all know the label on the machinery hatch cover: “In order to ensure malfunction, set clamps on all hatches, seal tightly, connect all cables, and start process.”  Or, “Whaddya mean, we have no flaps??“)

      Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", Group "A/B [negative] :)", Multiple Air-Gapped backup drives in different locations, "Don't check for updates-Full Manual Mode."
      --
      "...All the people, all the time..." (Peter Ustinov ad-lib from "Logan's Run")

      2 users thanked author for this post.
    • #1629219 Reply

      alpha128
      Subscriber

      I’m going to wait a bit.  My employer hasn’t patched my Windows 7 workstation yet. 

      The last time I pushed ahead and updated my home computer first was during the March 2018 update disaster, where I ended up having to uninstall the March patches before I could install the April ones. My employer did the right thing and bypassed the March updates entirely.

      I expect they’ll push out the 2019-05 patches tomorrow or Friday.

      2 users thanked author for this post.
    • #1629211 Reply

      anonymous

      W10 1809 – 17763.379 ……. Inst’d May Cum KB4494441; Adobe Flash Kb 4497932 ; Net Frmwk 4.72 Kb 4499405; C2R Stdnt-Hm Office ’16 ………

      W10 Updates + SSD/HDD are lightening fast and never an issue since Feb purchase and v1809 March 14 update. Caveat: I am a single desktop FF browser & Word/Excel user only with no complex add-ons.

    • #1629897 Reply

      Noel Carboni
      AskWoody_MVP

      I suggest that if you don’t NEED it, just don’t expose your Remote Desktop interface to the world wide web.

      Just disable it (you may never have ENabled it; it’s not enabled by default). This is from memory: Right-click on My Computer, choose Properties, Advanced system settings, Remote tab. Look in the Remote Desktop section.

      Home router between your system and the internet? Great! That’s an extra layer of protection since it normally – unless you’ve reconfigured it – will block incoming connection requests from reaching your computer. With almost all NAT type routers, you’d have to set it to pass ports through or set your whole computer to be in the DMZ in order for connection attempts to reach your computers on the LAN side at all. Don’t do that!

      -Noel

      • #1631710 Reply

        anonymous

        There is something called Remote Assistance that is by default enabled (on Windows 7 Home Premium, at least.) I believe that still works using RDP. It should also likely be turned off. (It is found in the same place you described, under the Advanced System Settings > Remote Access.)

        That said, I was curious why being behind a NAT was not being mentioned. I could not figure out how something was supposed to get in that isn’t a part of my network. Unless there is some way to exploit this by my going to a webpage (or otherwise making an outbound connection), I don’t see how it could get in.

        3 users thanked author for this post.
        • #1641256 Reply

          Blizzard
          Subscriber

          I, too, noticed the “Remote Assistance” section and am using Win7 PRO.  It was set to ENABLED by default.  I have just Disabled it now.  Also verified I had set the Remote Desktop section to “Don’t allow connections to this computer” some time in the past and will leave it set to that.  Then I had to hit the “Apply” button at bottom of the Remote Tab to make it all take effect.

    • #1630767 Reply

      woody
      Da Boss

      UPDATE: I’ve now seen one reliable report that there’s an RDP exploit in the wild. The attacks are said to come from China.

      I’m serious, folks. If your machine is connected to the internet, you need to install this patch.

      7 users thanked author for this post.
    • #1631255 Reply

      plodr
      AskWoody Plus

      I updated four Windows 7 computers – Group B: two are 64 bit Home, one is 32 bit Home and one is 32 bit Pro.

      4499175, 4498206, 4495612 and one computer also 4495593.

      I run MS Security Essentials and malwarebytes Pro.

      No problems on any computer but I always image before I update and I didn’t skip it this month.

      Got coffee?

      2 users thanked author for this post.
    • #1631289 Reply

      willygirl
      AskWoody Plus

      Installed Rollup KB4499164, Office 2010 KB4464567, MSRT KB890830, .NET Framework KB4499406. I always keep “give me recommended updates the same way I receive important updates” UNCHECKED. My Win7 machine is sitting at a nice idle with Norton performance tasks running in the background. After updating I let it sit for about an hour then ran a few programs, got on some websites I frequently visit, and it all seems to be holding steady with Chrome and common tasks. Haven’t noticed any slowdown after shutting down and powering up again a couple of times. So far it’s all good, thanks Woody, PK, for guidance, and to everyone who piped in with results and feedback. You all make this site a lifesaver for IT types, home users like myself, and companies operating on trust and efficiency. You’re the best!

      Win7 SP1 Home 64-bit; Office 2010; GrpA/B, when all is said, done and fixed, Mac OSX to help me sleep at night.

      2 users thanked author for this post.
    • #1631494 Reply

      byteme
      AskWoody Plus

      Win7 Home Premium, 64-bit, Group B.

      I installed the two msu’s today (with the new pciclearstalecache .EXE file in the same folder), and so far everything seems to be fine.

      I went to Services and found that both Remote Desktop Configuration and Remote Desktop Services were set to Manual — so if they’re both Disabled by default, and I had to guess, I’d guess maybe those settings got changed a few years ago when I let Norton support take over my PC.

      In any case, I’ve now changed the Startup Type for both services to Disabled.

      3 users thanked author for this post.
    • #1631257 Reply

      anonymous

      I’m confused, does Vista have a patch or not?

      • #1633501 Reply

        dinosaur
        Subscriber

        Not yet.  I looked through the MS patching information when I updated XP and Win7, and there is no mention whatsoever of Vista.

      • #1633587 Reply

        anonymous

        As far as I can tell, no. However, it seems unlikely that Vista is unaffected.

        For now, I would personally suggest at least disabling Remote connections by following Noel Carboni’s instructions. Right click on My Computer, choose properties, click Advanced Properties, and go to the Remote tab. Make sure any options you see in there are disabled.

        You may also want to run services.msc and makes sure that anything that mentions Remote Desktop, RDP, or Terminal Services is not currently running, and is set to either Manual or Disabled. This should be the case after turning off the above options, but it’s worth a quick check. (Don’t mess with anything else! And if you’re at all confused, just look, don’t touch.)

        I would hope that Microsoft would also release a fix for Vista or clarify that it is not affected.

        • #1638113 Reply

          Pim
          AskWoody Plus

          Because Server 2008 is affected and Server 2008 is based on the Vista kernel, it is highly likely that Vista is also affected. I was able to manually install the Server 2008 security only update on my Vista system, even though Microsoft has not said a word about Vista.

    • #1632272 Reply

      anonymous

      If you have remote desktop turned off on Windows 7 (Allow Remote Assistance connections to this computer is UNCHECKED) is this enough to fix THIS ONLY: “CVE-2019-0708 Remote Desktop Services Remote Code Execution Vulnerability” without installing any patch?

    • #1632751 Reply

      Tera
      AskWoody Plus

      First time I’ve ever posted although I’ve been reading the various incarnations of the newsletter since about 1997/98.  Anyway, FWIW, I was able to install the Win 7 rollup and Net rollup and everything seems to be working fine.  I have Win 7 Home Premium.  The Net rollup took a few tries (got error 80070020).  Googled the error then followed a  recommendation to install in safe mode with networking, which didn’t work.  I tried it one more time normally and it worked that time.  My version of Office is too old so I don’t get those updates.

      Edit: Removed HTML

      2 users thanked author for this post.
    • #1632925 Reply

      Demeter
      AskWoody Plus

      KB4499164, KB4499406 & KB890830 downloaded and installed slick and quick with a shiny new SSD on a 5 year old ZBook. As is my customary practice, patches applied/rebooted individually. All tickety-boo so far. Thanks Woody and all the MVP’s for the timely heads up. Win 7 Pro, x64 SP1, i-7core “Haswell” Grp. A.

      2 users thanked author for this post.
    • #1633114 Reply

      Geo
      AskWoody Plus

      Group A,  Win7 x 64,  Home Premium, AMD,  Microsoft Security Essentials,   no problems, no slow down.

      2 users thanked author for this post.
    • #1633208 Reply

      James Bond 007
      Subscriber

      Decided to do an experiment on one of my old machines used by my father (AMD FX-8320 CPU / 880G motherboard) to see if the 2019 updates cause any problems, and to familiarize myself with the procedure if I decide I need to patch my Windows 7 systems.

      The system was patched to December 2018 level, Group B style. I installed the 2019 updates on that machine in the following order :

      KB4480085 (.NET 3.5.1 Security-only update Jan 2019)
      KB4480076 (.NET 4.5.2 Security-only update Jan 2019)
      KB4480960 (Security-only update Jan 2019) Reboot
      KB4487345 (Fixes for KB4480960) Reboot
      KB4483483 (.NET 3.5.1 Security-only update Feb 2019)
      KB4483474 (.NET 4.5.2 Security-only update Feb 2019)
      KB4486564 (Security-only update Feb 2019) Reboot
      KB4490511 (Fixes for KB4486564) Reboot
      KB4489885 (Security-only update Mar 2019) Reboot
      KB4474419 (SHA-2 update) Reboot
      KB4490628 (Servicing Stack update)
      KB4493448 (Security-only update Apr 2019) Reboot (Twice)
      KB4495612 (.NET 3.5.1 Security-only update May 2019)
      KB4495593 (.NET 4.5.2 Security-only update May 2019)
      KB4498206 (IE11 Cumulative Security update May 2019) Reboot
      KB4499175 (Security-only update May 2019) Reboot

      The system so far seems to run without problems. Will continue to monitor. If necessary I can revert to the December 2018 image using Acronis True Image.

      As for my other systems, they are running both Windows 7 and Windows 8.1 (and MacOS Sierra / High Sierra), and I can use Windows 8.1 at this time while monitoring for any problems associated with the May 2019 updates. Will continue to wait until I decide it is time to patch.

      Hope for the best. Prepare for the worst.

      1 user thanked author for this post.
      • #1640703 Reply

        OscarCP
        AskWoody Plus

        Did you include pciclearstalecache.exe alongside the May updates Security Only and IE 11 Cumulative?

        • #1640745 Reply

          PKCano
          Da Boss

          See the procedure here for pciclearstalecache with the Security-only patch this month.

          1 user thanked author for this post.
        • #1647847 Reply

          James Bond 007
          Subscriber

          Did you include pciclearstalecache.exe alongside the May updates Security Only and IE 11 Cumulative?

          Yes, I did. However, I watched carefully when the KB4499175 update was installing, and did not see that “flash” (even though both files are in the same folder), which I took to mean that that thing did not launch. So before I rebooted the system I ran it myself, then restarted the system.

          That system seems to work fine so far.

          Hope for the best. Prepare for the worst.

    • #1633215 Reply

      Susan Bradley
      AskWoody MVP

      .NET core is the 2.2 version (I had to look that up because I was going … 2.2?  .NET core is a developer thing that I’ve yet to personally see.  .NET on desktop starts with version 3.5.

      They also have separate updates for .NET 4.8 Windows 10

      Susan Bradley Patch Lady

    • #1633252 Reply

      lylejk
      Subscriber

      Thanks for the head’s up, Woody.  Updated my WinXP VM a few minutes ago.   Yes; I like taking risks.   lol

       

      🙂

    • #1633323 Reply

      Pierre77
      Subscriber

      Installed KB4499406, KB4499164 and KB890830 on 3 PCs all running Windows 7 Home Premium x64. No problems at all. Did NOT install KB4464524 and KB4464567 both of which updates for Office 2010.

      Hope this helps other folks.

      2 users thanked author for this post.
    • #1633604 Reply

      willygirl
      AskWoody Plus

      @woody not sure what your advice is for Vista users but some folks here have asked about Vista concerning CVE-2019-0708. Found info on BornCity posted yesterday, https://borncity.com/win/2019/05/15/critical-update-for-windows-xp-up-to-windows-7-may-2019/
      Noted as follows – “For Windows versions that have already dropped out of support, the user must download the update himself. Users of Windows Vista can download the updates (Monthly Rollup or Security Online) of Windows Server 2008 from the Update Catalog and install them manually.”

      Win7 SP1 Home 64-bit; Office 2010; GrpA/B, when all is said, done and fixed, Mac OSX to help me sleep at night.

      3 users thanked author for this post.
    • #1634320 Reply

      anonymous

      If you have any Windows 7, 2008 or 2008 R2 devices that require Remote Desktop functionality to be enabled but can’t be updated, at least enable the Network Level Authentication (NLA) workaround. You only need to set a single policy for this to be active immediately. This policy forces authentication to be succesful before the vulnerability can be exploited.

    • #1635236 Reply

      anonymous

      (Oops, posted this already in the wrong topic, so here it goes again:)

      Didn’t want to wait anyway, so yesterday I installed these three updates on my Group B system without problems afterwards:
      IE KB 4498206
      SO KB 4499175
      .NET KB 4499406

      2 users thanked author for this post.
    • #1635528 Reply

      anonymous

      Born’s Tech and Windows World
      For Windows versions that have already dropped out of support, the user must download the update himself. Users of Windows Vista can download the updates (Monthly Rollup or Security Online) of Windows Server 2008 from the Update Catalog and install them manually.
      https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708
      Updated my VISTA 32, from the MS CATALOG
      https://www.catalog.update.microsoft.com/Home.aspx
      INSTALLED. OK !

      1 user thanked author for this post.
      • #1637517 Reply

        Pim
        AskWoody Plus

        For me it also worked to manually install the Server 2008 security only update (KB4499180) from the catalog on my Vista x86 system. The rollup (KB4499149) did not work, it got stuck at 50% when updating. I have not seen any issues, and will report when I do start seeing them.

        I am usually quite hesitant to install updates from another OS. I tried this for the first time when Vista went EOL. I then installed Server 2008 updates for 2 consecutive months, but in the second month Outlook stopped working. I could reproduce that the Server 2008 updates were the cause for this, so I stopped patching Vista with Server 2008 updates, restored an image from right after Vista went EOL and have barely used the system since. I will still upgrade to Windows 7 and then Windows 10, that is why I keep the system alive. If I browse the internet I open a remote desktop to a Windows 7 machine and browse on that one.

        2 users thanked author for this post.
        • #1641828 Reply

          Cybertooth
          Subscriber

          Terminology question: when it comes to Windows 7, I’m Group B so I pay no attention to “rollup” updates. Therefore, I’m not sure what a “rollup” such as KB4499149 for Server 2008 would include.

          If one were to install KB4499149, would it include all the Server 2008 patches that have been issued since Vista went EOL in 2017?

          • #1642226 Reply

            Pim
            AskWoody Plus

            I do not know. I did find that the rollups for Server 2008 started somewhere in 2018, but I could not find if older updates are also included. I assume they do not include all updates since Vista went EOL, because that was April 2017. But I did want to try the rollup and as you’ve read it failed. If it was successful I would have had more security updates than just the May 2019 one.

            1 user thanked author for this post.
      • #1638921 Reply

        dinosaur
        Subscriber

        If the Server 2008 security update is 100% compatible with Vista, why has Microsoft not listed it as a Vista update?  People are being presented with a very difficult decision here.

        • #1639665 Reply

          Pim
          AskWoody Plus

          I completely agree, that is why I am usually hesitant to do this (see the example in my message above). But in this case with this bug it was worth the risk of finding out whether it would work. Like you, I have no clue why Microsoft has not issued a patch for Vista, nor why they did not mention Vista at all. I think making a patch available for Vista would be quite easy, as they have already made it for Server 2008 which, as I wrote, is based on the same kernel. The only reason I can think of they just did not bother, because the market share of Vista is probably ridiculously low (I have not checked it).

          • #1647709 Reply

            dinosaur
            Subscriber

            I have now tried to install KB4499180 for Server 2008 on my Vista Home Premium machine.  It got part way into the updating process after restarting the computer but then produced a BSOD followed by a prompt to go into system repair mode, which restored things to their previous state (hopefully without any side effects).  Be warned!

            2 users thanked author for this post.
            • #1652031 Reply

              Pim
              AskWoody Plus

              I am sorry to hear that. This is why I am usually reluctant to install updates from another OS. One’s mileage may vary. Your example shows how important it is to make a system image before installing Windows Updates, let alone experiment with updates from another OS. Only after restoring such an image does one have certainty that the state is exactly how it was before the update(s). Did you check that the update was indeed not present anymore?

            • #1654848 Reply

              dinosaur
              Subscriber

              It is recorded as “failed” (and also as “important”) in my Windows update history.

            • #1676647 Reply

              dinosaur
              Subscriber

              I have now done a manual system restore to the point before the failed update, disabled remote desktop and put a specific block on TCP port 3389.  Unless Microsoft issue a Vista-specific patch, that is as far as I can go with this one.

              2 users thanked author for this post.
            • #1716639 Reply

              dinosaur
              Subscriber

              A bit more detail about the failed update on my Vista Home Premium desktop machine (which I have just repeated to remind myself of the point at which it crashed): post-restart stages 1 and 2 of the installation completed OK, but the stage 3 restart failed.  A pleasing thing about what happened is that the computer recovered so smoothly after crashing.  It has been many years since I last had a BSOD on this very reliable machine.

              2 users thanked author for this post.
          • #1659353 Reply

            Cybertooth
            Subscriber

            I took the plunge and just finished  installing KB4499149, the Monthly Rollup for Server 2008 SP2, on my Vista Home Premium SP2 laptop. Everything seems to have gone well, tried opening a few programs and they all worked. Also installed the mysterious “pcicompatforserialnumber” .EXE file that came along with it, for which I couldn’t find any information.

            Before installing KB4499149, I installed the Servicing Stack Update for Server SP2.

            FWIW, the installation order I chose was SSU, then pcicompatforserialnumber, and then finally KB4499149. A reboot was requested only after that last one.

            While looking into these patches, I learned that monthly rollups for Server 2008 SP2 began in September 2018 and that each rollup includes every Windows patch that came before it, the same model as for Windows 7 Group A. Patching for Server 2008 SP2 ends in January 2020, just as for Windows 7.

             

            1 user thanked author for this post.
            • #1659380 Reply

              PKCano
              Da Boss

              See this procedure for Win7. I going to guess the .exe file you found installs the same way as pciclearstalecache does.

              1 user thanked author for this post.
            • #1675835 Reply

              Cybertooth
              Subscriber

              OTOH, after working to perfection on the laptop, KB4499149 failed spectacularly on my Vista tower: upon reboot, the machine went into a black screen with just the mouse pointer in the center; nothing that I did brought a display into view. Startup Repair didn’t help, in fact it even claimed it couldn’t find an operating system!

              Had to use a Windows installation disk to System Restore to just before the patch was applied. After booting successfully into Vista, a visit to the Windows Update history showed that KB4499149 had “Failed.”

               

              1 user thanked author for this post.
            • #1677232 Reply

              lmacri
              Subscriber

              Hi cybertooth:

              Is there any difference in the way you’ve applied the KB4499149 Win Server 2008 patches on your Vista SP2 laptop (successful) and desktop (failure)? For example, you mentioned in post # 1659353 you applied the April 2019 Servicing Stack Update for Win Sever 2008 and pcicompatforserialnumber.exe file before KB4499149 installed successfully on your laptop.  Is that the identical process you followed on the desktop, and have you applied other  Win Server 2008 updates on either of these machines since extended support for Vista SP2 ended on 11-Apr-2019?

              Pim stated in post # 1637517 that the KB4499149 (Monthly Rollup) failed on their Vista SP2 machine but that the KB4499180 (Security Only) update installed correctly.  Does anyone know if there are different prerequisites for these two May 2019 patches?

              I haven’t taken any action on my Vista SP2 machine yet except to confirm that Remote Assistance (Control Panel | System and Maintenance | System | Remote Settings) is disabled.  I’m still hoping that Microsoft will release an out-of-band patch for this Remote Desktop Services vulnerability (known as Terminal Services in older OSs) that is specifically targeted for Vista SP2 in the next few days.
              ————-
              32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0

              1 user thanked author for this post.
            • #1677824 Reply

              Cybertooth
              Subscriber

              Yes, actually there was a difference in the way that I applied the patch to the laptop vs. the tower PC. @pkcano suggested skipping the manual execution of pcicompatforserialnumber, and this sounded reasonable so I did it.

              I doubt, though, that that made such a dramatic difference. Here’s another data point: after the failure of KB4499149, I proceeded to install the Server 2008 SP2 patches for August 2018. (My machine was previously patched up to July 2018. Also, note FWIW that I’m on a 64-bit system.) There are six patches in my folder for that month’s updates. The first one, KB4338380,when clicked on reported that it did not apply to my system. The next two patches , KB4340397 and KB4340939, installed and required reboots that went fine.

              However, when I tried to install the Spectre/Meltdown patch KB4341832 and rebooted, the machine appeared to start loading Vista… and then entered into a black screen with just the mouse pointer showing. This is the same behavior observed when I tried to install KB4499149. I suspect that this, and not skipping the pcicompaforserialnumber, is the reason for the black screen.

              This is a bit of a problem, because Microsoft began implementing the Rollup model the very next month, September 2018. Rollups, of course, include every patch that’s come before them–which means that they include KB4341832 which cannot be separated out, so I can’t install the rollups on this machine.

              I haven’t tried the Security Only update for September (still working on the August patches), but if I understand it correctly the SO is not cumulative so it won’t contain the problem patch KB4341832. Bottom line is that I’ll have to install each month’s SO instead of being able to catch up all at once with the Monthly Rollup as I did with the laptop.

               

              1 user thanked author for this post.
        • #1708543 Reply

          lmacri
          Subscriber

          For Vista SP2 users who have experienced BSODs and other problems after installing a May 2019 Windows Server 2008 update (i.e., the KB4499149 Monthly Rollup or the KB4499180 Security Only update) to patch this Remote Desktop Services vulnerability (CVE-2019-0708), it might be worth noting that as of last month’s April 2019 Patch Tuesday the Windows Server 2008 patches will change the build number of Vista SP2 from build number from 6.0.6002.xxxxx (Build 2) to 6.0.6003.xxxxx (Build 3). This is a deliberate change by Microsoft – see the support article Build Number Changing to 6003 in Windows Server 2008 – but some users posting in Jody Thorton’s MSFN thread Server 2008 Updates on Windows Vista have noted that this change to build number 6.0.6003.xxxxx appears to be causing problems on their Vista SP2 systems.
          ————-
          32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0

          2 users thanked author for this post.
    • #1637241 Reply

      anonymous

      I installed KB4500331 to my XP home sp3 machine and now find Defender won’t update. Uninstalled the patch but no joy. Uninstalled Defender and reinstalled but still won’t update. Never had any issues with XP before this. ( The XP system is rarely used but this emergency patch has zapped Defender ). My win 7 & 8.1 machines can sit tight for now.

      • #1641251 Reply

        Cybertooth
        Subscriber

        If you open the XP’s Windows Defender GUI, what is the date of the latest virus definitions that it managed to install?

        I have an XP machine where the last Defender definitions are from April 12, which was last month’s Patch Tuesday and is also the date that Microsoft stopped issuing patches for XP POSReady systems. Both Defender and Windows Update on that machine can find the current definitions file and if prompted they try to install it, but the installation always fails. Manually downloading the mpas-fe.exe from the Update Catalog doesn’t do the trick, either.

         

        • #1678427 Reply

          anonymous

          @cybertooth, After reinstalling Defender it has been sent back to 1.0.0.0 25/01/2006 and fails to update through the GUI (error code 0x80070643), Windows update, and with the manually downloaded mpas-fe.exe.

          Before the latest patch KB4500331 was applied the defs were dated January 2019.

          Win 7 updated with no problems so far and windows update on XP still works but Defender has bugged out.

          1 user thanked author for this post.
          • #1678499 Reply

            Cybertooth
            Subscriber

            I suspect that this doesn’t have to do with having installed KB4500331, but that it’s an unfortunate coincidence, in that Microsoft happened to stop offering Defender updates to XP as of April’s Patch Tuesday. I have a couple of XP systems, neither of which has that patch installed, and neither of them has successfully installed any Defender updates since last month.

             

    • #1637505 Reply

      redknight
      AskWoody Plus

      I’m running Win 7 Pro x64.  Running Windows Firewall.  In the Inbound Rules, Remote Desktop (TCP-In) and Remote Desktop – RemoteFX (TCP-In) are both Enabled ‘N0’.

      Does this mean that Remote Desktop is not exposed to the internet?

      • #1638481 Reply

        woody
        Da Boss

        Good question. Sadly, the answer is you should be OK — but we still don’t have official word from Microsoft.

        The problem is that the bug shows up in RDP before the atttacker’s authenticated. It would make sense that turning off RDP would protect you. But I can’t guarantee it.

        1 user thanked author for this post.
    • #1637559 Reply

      JustAsking
      AskWoody Plus

      Running Windows 7 Home, I installed the recommended monthly rollup update (4499164) and after that also the Windows tool for removal of harmful software (KB890830).

      Then Windows wouldn’t shut down. Perhaps I didn’t wait long enough. I rebooted several times – some of the times a blue screen came. I could start up alright. Then I uninstalled the monthly rollup update. But the problem didn’t go away.

      Luckily I did an image backup before the Windows update (with Macrium Reflect), so I may have to revert to that. Unless someone has a good idea? (I have read suggestions about this and haven’t tried them all).

      1 user thanked author for this post.
      • #1638307 Reply

        willygirl
        AskWoody Plus

        @JustAsking are you by chance using McAfee AV?

        Win7 SP1 Home 64-bit; Office 2010; GrpA/B, when all is said, done and fixed, Mac OSX to help me sleep at night.

        1 user thanked author for this post.
        • #1639277 Reply

          JustAsking
          AskWoody Plus

          No – I am not using McAfee. I’m using Malwarebytes Antimalware Premium. But thanks for the suggestion.

          I went ahead and restored the whole disk (all partitions) from the Macrium Reflect image. But when starting up, I was met with this message:

          error – unknown file system

          Entering rescue mode

          grub rescue >

          Here I have to say I have a multiboot Linux system (Linux Mint 19.1). By using a “super grub2 boot” USB I was able to boot into Linux, and then do a couple of commands in a terminal to restore the boot menu. Then everything worked again!

          But I find it strange that the image recovery didn’t also restore the old boot menu.

          Looking forward to hearing when we can safely install the latest Windows Update to fix  that worm vulnerability …

           

          • #1640679 Reply

            anonymous

            Hello again JustAsking. “Here I have to say I have a multiboot Linux system (Linux Mint 19.1). By using a “super grub2 boot” USB I was able to boot into Linux”. We have seen some odd situations with “dual-boot”. We have even seen a cross-over from one partition to another with using dual-boot and differing MS Windows Versions. To each their own. But we gave up on dual-boot years ago, and yes I know it has been around for decades. We have used “removeable drives’ for the last few years and that works fine. Just sayin’…

            • #1640891 Reply

              JustAsking
              AskWoody Plus

              Thanks. In very old times they said dual boot were risky, and now you say the same. I have used not only dual boot but multi-boot for a long time, with Windows and different Linux versions (never with 2 Windows versions on the same computer). It has worked nicely up to now, and the grub fix also worked. The multiboot is used because I have a big SSD drive I want to make use of 😉

          • #1640890 Reply

            anonymous

            JustAsking, upon reading your post I saw Malwarebytes Premium mentioned. We have a computer using that and it appears to be beneficial. However, about once a year we run into an issue where the computer is causing a problem. After much investigation we turn off the background process of Malwarebytes. Problem gone. We then look at the Malwarebytes forum and people mention similar and there is a denial of it being Malwarebytes. After about a week a new version of Malwarebytes comes out and the problem is gone. This has happened MORE than once to us.

            If you get an answer to your blue screen, please let us know what it was.

            2 users thanked author for this post.
            • #1641196 Reply

              JustAsking
              AskWoody Plus

              Yes, I have also had some problems with blue screens when running Malwarebytes, and corresponded with their support about it. It happens rarely, but now I know how to fix it every time.

              It always happens during the scan of the memory. We could not determine the cause but I think I know it now. (See below). When it happens, we can usually reboot and run MB again without problems. Sometimes we can’t start MB, but then disabling all mbam* entries in the processes running (in Task manager) fixes that.

              The reason we suspect is rather odd. Sometimes at odd moments I get the message in a big window that Windows(7) is not genuine. That is not true but caused by my moving (cloning) the system from the old (small) SSD drive to a new larger one (using Macrium Reflect). That means Windows thinks it’s a new machine. Seems I have to reinstall Windows to fix that but that’s rather troublesome, and I can live with the small problem. I prefer to make frequent full image backups (in Macrium Reflect) to fix all kinds of ‘unsolvable’ problems. I’ve other small problems with Windows, e.g. the system recovery doesn’t work, but can also live with that.

              So we suspect that the blue screen happens if the message of “not genuine Windows” comes while MB is scanning the memory. Just a theory.

      • #1638325 Reply

        PKCano
        Da Boss

        Good question @willygirl
        There have been reports that McAfee is experiencing problems with updates in Win7 again this month. There may be lingering problems with Win7 updates and the AVs affected last month.

        2 users thanked author for this post.
      • #1640667 Reply

        anonymous

        Hello JustAsking, That is a bad situation. It could be the patch, but I would lean more towards something on the computer it does not like.

        You might consider running windows “Disk Cleanup”. Start menu, Programs, Accessories, System tools, Disk Cleanup.

        Start that and wait for it to finally open. Once it does click the button that says “clean up system files”. It will again recalculate and take a while to open. Once the box opens with items to clean, go for the temporary files, error files, internet cache, and “old MS updates and Previous Windows version OS” (some people are afraid of Disk Cleanup but it IS from MS and every Windows version has it). If you do run it, reboot afterwards.

        Please note that there have been times that we have run Disk Cleanup, Windows update files, old Windows Versions and the reboot took up to 45 minutes to complete. Usually it is not that long, maybe 5 to 8 minutes, but we have seen 45 minutes!

        We too, got worried but left it alone and finally made it to the Desktop.

        Just reboot, sit back and wait. It is finalizing the cleanup at that moment and it does take time to complete.

        Once that is done reboot and the FIRST thing you should do (after about 90 seconds) is install the MS patches. See if this helps. Please keep us posted on any results.

        Windows 7 Group B

        • #1640944 Reply

          JustAsking
          AskWoody Plus

          Thanks! I’ve used Disk Cleanup previously, and will do it again.

          – Done! – It didn’t take that long. That’s probably because I ran it some months back. Esp. the cleanup of Windows Update can take very long time because there can be several Gigabytes to delete 😉

          But everything works fine now.

          Thanks for the tips.

          I dare not install the latest Windows Update until some more reliability is reported.

           

           

    • #1638857 Reply

      Scribe
      Subscriber

      Can anyone confirm whether the KB4499164 rollup breaks Win7 Desktop Slideshow, as posted on Reddit? Because if so, I’m disinclined to install yet another buggy update despite the possible risk. https://old.reddit.com/r/windows/comments/bp6kv3/win_7_kb4499164_breaks_desktop_background/

    • #1640451 Reply

      mazzinia
      Subscriber

      Well, according to the document mentioned some posts before

      https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0708#ID0EUGAC

      disabling rds and making sure that port 3389 is blocked from the internet are actually enough to avoid applying the patch. I guess i’m going to stay on the fence using this approach for now.

      On a different note, I was thinking that KB4474419 was a prerequisite to obtain patches after march, but this month ones are being offered nonetheless. ( and if I instead just wrote an idiocy, sorry in advance)

      Edit: HTML removal – Please use the ‘Text’ tab in the post entry box when you copy/paste

      • #1640509 Reply

        PKCano
        Da Boss

        I believe the mandatory date for SHA-2 is in July.

        1 user thanked author for this post.
    • #1640572 Reply

      anonymous

      Windows 2003 and 2008 server updates and reboot went without a hitch last night except for Quest Desktop Authority script which needed to be resynced this morning.

      Our Windows 7 desktops run updates in waves. Only a few in the first wave, I included, who are generally tolerant of issues. I pushed up the other waves, which I would normally not do this soon, to run last night at 3 am. Some did and some didn’t.

      PC issues I’m working on today:

      1) We use Quest Desktop Authority login/out scripting. Files on distribution servers became corrupt. Early birds who logged in got an error and no mapped drives. Resolved by resyncing to the distribution servers and sending a link to those users to click and run the script again.

      2) For some, their Symantec client has firewall corruption issue. Rebooting twice resolved.

      3) On those computers who should have installed Windows Updates last night, this morning I can’t access Windows Updates on those computers to confirm. WU is red and clicking check for updates give this error, “Windows Update cannot currently check for updates, because the service is not running. You may need to restart your computer.” WU is running. Restarting doesn’t resolve it. On a test computer (she’s out today; lucky her), I troubleshooted by stopping WU service, renaming SoftwareDistribution folder, and restarting WU. Check for updates runs but shows a long list of 34 updates I know were already installed. Grr. I’m hoping there’s something different I can do to fix that issue instead.

      —–

      Win7 SP1 Pro 64-bit; Office 2010; Symantec SEP 14.2 On-premise; Group A

      2 users thanked author for this post.
      • #1642214 Reply

        woody
        Da Boss

        It’s a slow update. As if you needed me to tell you that.

        There’s also a NET update, which may be causing considerable slowdowns.

    • #1641542 Reply

      Cayennejim
      Subscriber

      Installed Win7 Home May updates 4499406, 4499164, Group A no issues. Installed separately, rebooted twice for each one. Avast Free and Malwarebytes Pro disabled for the updates. RDP disabled by default. Thanks, Woody.

      2 users thanked author for this post.
    • #1642166 Reply

      jburk07
      AskWoody Plus

      Installed the May rollup KB4499164 on 2 Windows 7 x64 systems and so far no problems.

      One system is Windows 7 Home Premium with Kaspersky and an old version of Malwarebytes; Malwarebytes wasn’t running while I installed the update. Let the machine sit for 30 minutes after the reboot and then turned Malwarebytes back on; so far everything seems to be OK.

      The other system is Windows 7 Ultimate running Avast and the old version of Malwarebytes. Followed a similar procedure with it and everything seems to be running OK so far on that one, too.

      Thanks to Woody and PKCano for the guidance and to everyone else posting here for all the helpful information. Good luck to everyone.

      Group A Win7 x64 Home Premium SP1 Ivy Bridge

      3 users thanked author for this post.
    • #1642821 Reply

      dgreen
      Subscriber

      UPDATE: I’ve now seen one reliable report that there’s an RDP exploit in the wild. The attacks are said to come from China.

      I’m serious, folks. If your machine is connected to the internet, you need to install this patch.

      Ok, after reading this post from woody………
      took a deep breath and installed the May rollup KB4499164
      Did not install the .net kb4499406….(not that brave yet)
      Did not install MSRT  (haven’t for several months now) and hid it
      Install went smoothly and having no issues.
      I’m adding my internet connection to my info

      Dell Inspiron 660 (new hard drive installed and Windows 7 reloaded Nov. 2017)
      Windows 7 Home Premium 64 bit SP 1  GROUP A
      Processor:  Intel i3-3240 (ivy bridge 3rd generation)
      chipset Intel (R) 7 series/C216
      chipset family SATA AHCI Controller -1 E02
      NIC Realtek PCLE GBE Family Controller

      MSE antivirus
      Chrome browser
      DSL via ethernet (landline)

       

      FYI: the only thing I find is that this site is verrrrrrry slow!
      Has been for a while now.

       

       

      2 users thanked author for this post.
    • #1642995 Reply

      ashfan212
      Subscriber

      Windows 7 x64 Home Premium Group A.

      KB4499164 and .Net  monthly rollups installed successfully. I just wanted to clarify that it is no longer necessary to manually disable the two Remote Desktop services given the successful installation of the monthly rollup.

      I also do not understand why the pci-clear-cache executable was removed from the monthly rollup starting with last month. I assume that Microsoft removed it for valid reasons, and that I probably don’t need to understand the rationale given that I am in Group A. Was it removed by Microsoft because the NIC error that occurred around March, 2018 had been resolved recently?

      1 user thanked author for this post.
      • #1643115 Reply

        PKCano
        Da Boss

        It was removed because it was no longer needed by people that have been installing the Rollups.

        2 users thanked author for this post.
    • #1642851 Reply

      Alan_uk
      AskWoody Plus

      Just read right through this post and nobody has my problem with this update 🙁

      Win 7 Prof 64 on AMD PC. Ran Windows Update and selected KB4499406 Net F/W, KB4499164 Monthly Roll up, KB890830 Malicious Removal Tool and KB915597  Defender.

      Updates went like this (with  2 reboots):

      • KB915597  Defender OK
      • KB4499406 Net F/W   Failed Err0r 643 unknown error
      • KB890830 Malicious Removal Tool   OK
      • KB4499164 Monthly Roll up   OK
      • Servicing Stack Update for Windows 7 for x64-based Systems KB4490628  OK

      Try to apply KB4499406 twice more and both failed.

      On our other PC which is very similar in spec the update went OK.

      Suggestions please.

      PS 1 I’m confused. I thought the RDP bug has only just been announced but according to https://support.microsoft.com/en-us/help/4499164/windows-7-update-kb4499164  the PciClearStaleCache.exe fix has been updated since April 10, 2018.

      PS 2 Applied the RDP fix to an XP Virtual PC by downloading the fix as it was not available via Windows Update. That was a single file but the Win7 equivalent is 2 files. Do I still need to apply this and do I run both files, if so in what order:

      pciclearstalecache_d243a607b50db10ed50f03cff570498018c61a59.exe

      windows6.1-kb4499175-x64_3704acfff45ddf163d8049683d5a3b75e49b58cb.msu

      Edit: Removed HTML

    • #1643171 Reply

      L95
      AskWoody Plus

      I’m in Group B and have Windows 7,   and installed the May updates   My antivirus program tried to prevent me from installing the Office and .NET Framework updates with a message saying “cannot guarantee the authenticity of the domain to which encrypted connection is established” for the URL watson.microsoft.com.   I ignored the warning and continued on with the installation.  Did I do the right thing by ignoring the warning from my antivirus program?
      Also, the update for Windows Defender KB915597 had to be installed a second time, even though the update history showed that the first installation was successful. Why would that happen?

    • #1643476 Reply

      GeoffB
      Subscriber

      I am Win 7 x64 Group A: I successfully downloaded/installed the May rollup. I haven’t updated the.net framework for a few months: I have the .net patches in the hidden updates. Do I need to instal the previous .net patches before installing the May .net update, or can I just go ahead and download/instal the May .net update and skip installing the hidden .net updates.

      Appreciate your advice on this.

      GeoffB

      • #1702263 Reply

        anonymous

        Hello @geoffb. Just saw your question, sorry no earlier replies. Suggest this:

        Open Windows Update, and _”Restore” all hidden .Net updates_ (note: depending on your WU settings, you may need to “Check for updates” before you’re able to see & restore previously-hidden updates).

        Then, after .Net updates have been restored, just install offered .Net updates using Windows Update (I’d probably install .Net updates sequentially, one-at-a-time, in reverse chronological order, oldest-first… maybe not necessary, but that’s probably how I’d choose to do it).

        Hope this helps.

    • #1645684 Reply

      Blizzard
      Subscriber

      Took Woody’s advice and went for it prior to the Def-Con baking cycle being fully completed for the “May” items.

      Group A running Win7 PRO 32bit on an old Wolfdale version of Intel Core2 Duo in an HP dc7900 sff.  I disabled my Norton Internet Security and then installed each of these one at a time and with about 45 minute wait after each install followed by a reboot.  All went without any noticeable issues or sluggishness.  Been back on the PC for about 2 hours without any hint of trouble.

      1st on deck was the May RU KB4499164, followed by May .net KB4499406, and lastly the MSRT KB890830.  After all these were completed, I reran the check for updates and found none (except for a couple optional that I ignored per standard protocol).

      I ran the Disk Cleanup tools and then rebooted one last time after making sure TrustedInstaller was no longer showing in Task Manager.

      1 user thanked author for this post.
      • #1649569 Reply

        byteme
        AskWoody Plus

        FWIW, I’ve been using Norton, and manually installing Windows (and Office) updates, for many years, and I have never disabled Norton, and that’s never caused a problem. The risk of disabling the protection may be small, because you’re only disabling for a limited amount of time, but I’m inclined to think it’s a greater risk than the risk that not disabling Norton will somehow mess with the updates.

        Don’t forget that Windows updates get installed automatically on most users’ PCs, so Norton clearly doesn’t get disabled when those updates are happening.

        2 users thanked author for this post.
        • #1659672 Reply

          Blizzard
          Subscriber

          Thank you for your inputs!  I have, except for this one instance, done as you indicate.  I took a chance this time, but will likely go back to doing it as you say for my future updating.  Grateful for your thoughts and I do agree that AV protection being active makes sense unless the gang starts noticing issues with NIS…  Enjoy the weekend, All !

    • #1647786 Reply

      anonymous

      Windows 7 – 64 Home Premium with McAfee (home) Security Center provided by my ISP. I also have the latest Malwarebytes free. Group A.

      I installed the cumulative and Net updates and the malware removal tool and haven’t had any problems including slowdowns.

      As a side note: Askwoody.com has been a lot slower to load since the merger process and almost unreachable in the last day or two. But since the time the “test post” disappeared the load times have been quick. 🙂
      -firemind.

      1 user thanked author for this post.
    • #1649804 Reply

      James Bond 007
      Subscriber

      On a “test bench” that I setup (AMD 990 motherboard / Phenom II X6 1090T), I tried to run the May 2019 Rollup KB4499164 (previously has the December 2018 Rollup KB4471318 installed) to patch the system, but I was presented with a message that said something like “This update was not installed”. I tried THREE times and was presented with this message every time.

      I tried to install it from Windows Update twice, and again the installation failed with the 8000FFFF error message, every time.

      Frustrated, I then turned to the Security-only updates and installed them in the order in this post, omitting the .NET updates this time. And this time all the security-only updates installed successfully.

      Edit : Now that I think about it again, I have neglected to install the Servicing Stack update KB4490628, which probably may have prevented KB4499164 from installing. But when I attempted the installation from Windows Update I don’t remember seeing that update being offered in Windows Update. Maybe I have to try it again and see if this is the problem.

      Hope for the best. Prepare for the worst.

      1 user thanked author for this post.
    • #1650184 Reply

      GoneToPlaid
      AskWoody Plus

      Hello LHiggins, Two things I do with every MS update session is to Reboot SEVERAL times and let it sit for several minutes. On the last reboot to go to the desktop and let it sit 45 to 60 minutes to “Process Idle Tasks” and let the trusted installer (as per PKCano) run if needed.

      It takes at least 20 minutes for the computer to realize you are not using it. If you notice the hard drive light flashing after that, it is “Process Idle Tasks”. Leave it alone (and not go to sleep) until the drive light stops flashing wildly, then reboot again since part of the “Process Idle Tasks” is to reorganize the startup file order.

      Hope this helps.

      Windows 7 Group B

      I disagree, and I disagree with with the last sentence in your last full paragraph. Windows bootup is divided into four stages. Everything which loads when Windows boots, loads under one of the following four sequences:

      StartType=0x0 ; SERVICE_BOOT_START 0x00000000 (Anything set to 0x0 loads instantly after the kernel loads. OS uptime is the instant when the kernel loads.)

      StartType=0x1 ; SERVICE_SYSTEM_START 0x00000001 (Low level drivers including AV drivers and backup utility drivers. These load immediately after all 0x0 has completed, and usually have completed loading during the first minute after zero OS uptime.)

      StartType=0x2 ; SERVICE_AUTO_START 0x00000002 (Other services. These usually have completed loading within 5 minutes of zero OS uptime.)

      StartType=0x3 ; SERVICE_DEMAND_START 0x00000003 (More stuff, such as programs which check for updates, Windows Update, or programs which you have chosen to launch via Startup. These usually have completed loading within 10 minutes of zero OS uptime.)

      The upshot is that, unless there is something seriously wrong with your computer, then after 15 minutes, Windows 7 should be fully booted up and should be in a stable state with the hard drive activity LED flashing once per second.

      Yet there is one thing which could possibly affect achieving this stable state: the Windows Disk Defragmenter. This bad puppy, if not correctly configured, can kick in after the 0x2 and 0x3 startup stages to cause a royal mess in terms the Win7 OS achieving a stable state within 15 minutes of OS bootup. My preference is to disable Disk Defragmenter in Task Scheduler and to instead manually run it when I choose to do so.

       

      1 user thanked author for this post.
    • #1652399 Reply

      MrChaz
      Subscriber

      Our windows 7 pro 32bit laptop now updated. Encountered no apparent system problems and the event viewer is normal. Thank you for the warning and the work you do here.

    • #1656812 Reply

      Morty
      AskWoody Plus

      I’m running Microsoft Windows 7 Professional, Version    6.1.7601 Service Pack 1 Build 7601
      System Type    x64-based PC. With Microsoft Security Essentials automatically updated daily.
      I did a full backup the other night, then ran the update yesterday afternoon. It installed:

      2019-05 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 and Server 2008 R2 for x64 (KB4499406)
      2019-05 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4499164)
      Windows Malicious Software Removal Tool x64 – May 2019 (KB890830)

      After I restarted the computer, I got the message that I installed new updates. Then I got another message: I had no internet connection. I ran the troubleshooter and it told me I had no Ethernet connection because I had no driver. And it couldn’t find any driver or solution.

      I tried rebooting but that didn’t help.

      Finally, I ran a system restore and undid the update.

      Now what?

      • #1658431 Reply

        Cybertooth
        Subscriber

        Assuming that you got your Ethernet driver back following the System Restore (since you were able to post here), you might try installing each of those three patches separately (install/reboot, install/reboot, install/reboot) so as to isolate the problem patch.

         

        1 user thanked author for this post.
        • #1659319 Reply

          Morty
          AskWoody Plus

          Thank you.

          Will try it.

          1 user thanked author for this post.
          • #1659383 Reply

            Morty
            AskWoody Plus

            So far, so good. Just installed

            2019-05 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 and Server 2008 R2 for x64 (KB4499406)

            And, thank Heaven, nothing exploded.

            On to the next.

            • #1660755 Reply

              Morty
              AskWoody Plus

              OK. Survived

              Windows Malicious Software Removal Tool x64 – May 2019 (KB890830)

              Now for the big one.

              2019-05 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4499164)

              One way or another, I’ll be offline until Saturday night. Will report then.

              Wish me luck…..

              1 user thanked author for this post.
            • #1660891 Reply

              PKCano
              Da Boss

              Good luck @morty

              1 user thanked author for this post.
            • #1686151 Reply

              Morty
              AskWoody Plus

              Thanks. But I guess I needed more than luck.

              When I installed

              2019-05 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4499164)

              I lost my Ethernet connection again. I had to roll back with System Restore.

              Device-driver-not-successfully-installed

              explorer_2019-05-18_23-52-08

              Attachments:
              1 user thanked author for this post.
            • #1686536 Reply

              anonymous

              Morty, glad to see you’re back, but sorry your lost your connection. You said, “I’m running Microsoft Windows 7 Professional, Version 6.1.7601 Service Pack 1 Build 7601
              System Type x64-based PC. With Microsoft Security Essentials…”

              What is your CPU, Graphics and Network card manufacturer? Along with the OS, we like to know what NIC/drivers you have so others can be forewarned.

              Thanks.

              1 user thanked author for this post.
            • #1687841 Reply

              Morty
              AskWoody Plus

              What is your CPU, Graphics and Network card manufacturer? Along with the OS, we like to know what NIC/drivers you have so others can be forewarned.

              Thank you. Here’s what I found:

              Processor    Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz, 3401 Mhz, 4 Core(s), 8 Logical Processor(s)
              BIOS Version/Date    Dell Inc. A11, Fri 12/30/11

              Name    Intel(R) HD Graphics
              PNP Device ID    PCI\VEN_8086&DEV_0102&SUBSYS_047E1028&REV_09\3&11583659&0&10
              Adapter Type    Intel(R) HD Graphics Family, Intel Corporation compatible
              Adapter Description    Intel(R) HD Graphics
              Adapter RAM    (2,084,569,088) bytes
              Installed Drivers    igdumd64.dll,igd10umd64.dll,igd10umd64.dll,igdumd32,igd10umd32,igd10umd32
              Driver Version    9.17.10.3517
              INF File    oem4.inf (iSNBD0 section)

              Name    [00000000] WAN Miniport (SSTP)
              Adapter Type    Not Available
              Product Type    WAN Miniport (SSTP)
              Installed    Yes
              PNP Device ID    ROOT\MS_SSTPMINIPORT\0000
              Last Reset    Sun 05/19/19 12:01 AM
              Index    0
              Service Name    RasSstp
              IP Address    Not Available
              IP Subnet    Not Available
              Default IP Gateway    Not Available
              DHCP Enabled    No
              DHCP Server    Not Available
              DHCP Lease Expires    Not Available
              DHCP Lease Obtained    Not Available
              MAC Address    Not Available
              Driver    c:\windows\system32\drivers\rassstp.sys (6.1.7600.16385, 82.00 KB (83,968 bytes), Mon 07/13/09 8:10 PM)

              Name    [00000001] WAN Miniport (IKEv2)
              Adapter Type    Not Available
              Product Type    WAN Miniport (IKEv2)
              Installed    Yes
              PNP Device ID    ROOT\MS_AGILEVPNMINIPORT\0000
              Last Reset    Sun 05/19/19 12:01 AM

              Is that the right info?

            • #1691200 Reply

              anonymous

              woooooooo, OK let’s see Morty.

              Intel(R) Core(TM) i7-2600 CPU That is a good one I7.
              Intel(R) HD Graphics OK that is good but what model. Driver Version 9.17.10.3517 nice.

              Go to Control Panel, System, Device Manager.
              Under Display Driver it should say Intel with more info on its name/model.
              Under Network Adapters what is the name(s) there?? There may be one for wireless and one for wired. If so which are you using?

              Thanks.

              1 user thanked author for this post.
            • #1692108 Reply

              anonymous

              @morty

              Different anonymous here than the one you’ve been dealing with.

              Last year, many folks were having the exact problem you are with their networking cards after installing the monthly rollups for Windows 7…no network card functionality. So, Microsoft published some advice to help those folks out of their tight situation. I copied and pasted it last year in the event it happened to me, so here it is below, word for word in two separate “paragraphs”:

              To locate the network device, launch devmgmt.msc (the Device Manager from Control panel as described in the other anonymous’ post just above this one); the network card may appear under Other Devices. To automatically rediscover the NIC and install drivers, select Scan for Hardware Changes from the Action menu.

              a. Alternatively, install the drivers for the network device by right-clicking the device and choosing Update. Then choose “Search
              automatically for updated driver software” or “Browse my computer for driver software”.

              The steps above are written from the viewpoint of having already installed the monthly rollup and having no network card functionality as a result, so you’ll have to install the rollup first.

              For the first quoted paragraph above, I added some wording for clarity’s sake.

              Either one of us can help you through re-enabling your networking card, so feel free to ask, especially if you feel you’ve gotten in over your head.

              Another good idea would be to start a new thread to be able to fully troubleshoot this issue, as we’re getting off topic for this one.

              1 user thanked author for this post.
            • #1692637 Reply

              anonymous

              Morty, anonymous 1686536 “6536” here, You have several helping you now.

              anonymous 1692108 “2108” Thank you for that information. I had not made it that far, but remembered “this happened last year.” That is good data and since it happened to you you are familiar with it. My NICs didn’t have any issues last year.

              1 user thanked author for this post.
    • #1656672 Reply

      anonymous

      Win7 32bit Group A with Avira free, i have installed the May rollup and the .Net rollup and have experienced no problems, although the May rollup was a very slow update.

       

      1 user thanked author for this post.
    • #1659268 Reply

      deuce120
      AskWoody Plus

      I have done the updates as advised by Woody and crew on a Windows 7 Pro running ESet and Malwarebytes Pro. No adverse effects that I am aware.

      1 user thanked author for this post.
    • #1659273 Reply

      JustAsking
      AskWoody Plus

      Made the update of the monthly rollup  for Windows 7 – KB4499164. (Waiting with the NET opdate). Did the monthly update tool for removal of malware first separately (KB890830).

      All went well. There was a pretty long closing time (perhaps 5-10 minutes) after the installation. Next reboot went smoothly.

      My troubles previously perhaps were related to the fact that being impatient I reset the machine before it had finished closing second time (there was no message “Don’t shut down the computer” as there was during installation). Anybody agrees with this? (Just to recapitulate the former troubles: the multiboot system (grub) was disturbed resulting in not being able to boot anything).

      2 users thanked author for this post.
      • #1659277 Reply

        PKCano
        Da Boss

        That sounds reasonable. You have to be patient with Windows (in more ways than one). Jump the gun and you just shoot yourself in the foot sometimes.

        5 users thanked author for this post.
      • #1680436 Reply

        anonymous

        Hello JustAsking, your anonymous buddy from above. I must say I agree with PKCano. There do seem to be times that Windows is stumbling around with the hard drive light flashing wildly, yet no mention to wait. I, SueW and others will wait for a few minutes if needed for that drive light to settle down before we click restart. I always install one-by-one and reboot after each patch. After the last patch installs (you are finished), let the computer sit an hour and not go to sleep so the idle tasks, and .NET MscorsVW compiler can run or you might have an annoyingly sluggish computer.

        Windows 7 Group B

        Edited a section to prevent confusion.

        1 user thanked author for this post.
    • #1659959 Reply

      OscarCP
      AskWoody Plus

      Sorry to have too ask, but I cannot find “pciclearstalecache” in the places where I have looked: the MS Catalog (I expected to be in the same place as the Security Only  update, but found only the .msu file there.)

      I tried searching for it in the MS site, but got the message that there were NO entries on that subject. Probably there was some problem because I entered “pciclearstalecache” (without the capitals that I could not remember where they went, and after also trying it as above but with”.exe”) as the objective of the search).

      Looked up the April Win 7 updates on “gehacks”, but found nothing there about where that file might be. Their only links were to the Catalog page for Win 7 I had already visited without success.

      So some help finding this item will be sincerely appreciated. My thanks to you for this in advance.

      Group B Windows 7, SP1, x64 + macOs (Mojave)+Linux (mint)

      • #1660076 Reply

        PKCano
        Da Boss

        I believe I gave you this link before, but here it is again. You can download it from AKB2000003 – the links are direct downloads from the MS Catalog (NOT stored on this site).

        Also the file is in the Catalog in the same download popup as the SO. You just have to download both.

        • #1660440 Reply

          OscarCP
          AskWoody Plus

          Sorry, not there, at least that I can see. I used the link to the Security Only update for Win 7, x64 in AKB2000003: Downloaded and got only the .msu.

          Maybe someone could explain this more clearly?

          • #1660607 Reply

            PKCano
            Da Boss

            There is a picture about 3-4 posts down from that link, with a BIG RED ARROW on it showing where it is in AKB2000003.

            Here is a PICTURE from the MS Catalog;
            Screen-Shot-2019-05-17-at-2.36.44-PM

            Attachments:
            1 user thanked author for this post.
            • #1660960 Reply

              OscarCP
              AskWoody Plus

              This is very strange. Both the .msu and the .exe files have shown up together just now, when I looked again for the Security Only, by typing KB4499175 in Google’s search field and got, again the page of the Catalog for the Sec. Only and then clicked on the “download” button for the Win 7, x64 patch there.

              Sorry I did not take screen shots when I looked earlier for this update in the Catalog, because, believe it or not, it only showed the .msu. And when I clicked on the link in AKB2000003, I only got the .msu downloaded. Believe it or not. Cross my heart and hope I die. One more of life’s little mysteries?

              Well, thanks PKCano. You’ve been patient enough.

            • #1661018 Reply

              PKCano
              Da Boss

              Sorry, I’m not a believer.

    • #1664924 Reply

      SueW
      AskWoody Plus

      Didn’t I just post my April feedback not too long ago?? 🙂  Here’s May’s:

      1 – imaged my disk with Macrium Reflect

      2 – downloaded Updates KB4499175 (May SO), pciclearstalecache, and KB4498206 (IE11 May Cumulative)

      3 – installed the May SO and IE11 Updates and then rebooted; waited 15 minutes

      4 – checked “Windows Update” => 5 Important (all checked): 2 Office 2010 and 3 Win 7; 1 Optional: unchecked

      5 – unchecked and hid “Important” Update KB4499164 (May Rollup)

      6 – hid the unchecked “Optional” Definition Update for Microsoft Security Essentials

      7 – checked “Windows Update” again => 4 Important: 2 Office 2010 and 2 Win 7: all checked; 1 Optional: unchecked

      8 – hid the unchecked “Optional” Definition Update for Microsoft Security Essentials (again)

      9 – checked “Windows Update” again => 4 Important: 2 Office 2010 and 2 Win 7: all checked

      10 – unhid 0 hidden updates to install

      11 – installed 4 Updates: 2 Office 2010 (KB4464567 and KB4464524), .NET Framework (KB4499406), and MSRT (KB890830)

      12 – rebooted and waited around 45 minutes

      Notes: KB4499175 (May SO) was 100 mb (about twice as its usual size) and Windows Media Player needed to be reconfigured again.

      Many thanks to Woody, PKCano and her enormous patience (!), and everyone else who continue to contribute their time and expertise, or who post their own results!

      Win 7 SP1 Home Premium 64-bit; Office 2010; Group B; Former 'Tech Weenie'

      3 users thanked author for this post.
      • #1665453 Reply

        anonymous

        SueW, thank you for your post. They are always detailed and I feel people benefit from them. I am still holding off for a while and will post my update When the time comes.

        Windows 7 Group B

        1 user thanked author for this post.
        • #1666503 Reply

          SueW
          AskWoody Plus

          @anonymous, thank you.  I considered holding off myself, but after reading the many MVP comments about the risk, I decided to go ahead and update.  So far, so good.  I look forward to reading your post!

          Win 7 SP1 Home Premium 64-bit; Office 2010; Group B; Former 'Tech Weenie'

    • #1666691 Reply

      alpha128
      Subscriber

      I updated my Win 7 64-bit home system on Thursday 5/16, and my employer patched my Win 7 work computer 5/17. 

      If you’ve disabled the libraries feature you will need to restore default settings BEFORE installing the May patch. That was also the case for April.

      1 user thanked author for this post.
    • #1669896 Reply

      hmw3
      AskWoody Plus

      I run Windows 7 Pro (64  bit) SP1. All the post in this thread (for the new patch)  refer to disabling Remote Desktop.

      I can find  no such file on my computer.  What I do  find is RemoteApp and Desktop Connections, which according to Windows Help…”is a feature in this version of Windows that you can use to access programs and desktops (remote computers and virtual computers) published for you by your workplace network administrator.”

      Is this the same as Remote Desktop?

      Harry

      Edit removed HTML. Please use the “Text” tab view when pasting from web sites

      • #1677574 Reply

        b
        AskWoody Plus

        Use the settings at Control Panel, System, Advanced system settings, Remote (tab):

        How to Block Remote Desktop Access

        Knuckle dragger Cannon fodder Chump Daft glutton Idiot Sucker More intrepid Crazy/ignorant Toxic drinker Saluted blockhead "Unwashed mass" (Group ASAP) Win10 v.1903

        • #1679419 Reply

          hmw3
          AskWoody Plus

          b:

          Thanks. I made the change and UNchecked Allow Remote Assistance. What was strange was before I posted, on  Control Panel->All Control Panel Items->Remote App and Desktop Connections, it said that there were currently no connections available on this computer, which I took to mean that none were set up.

          Harry

      • #1679449 Reply

        hmw3
        AskWoody Plus

        Moderator said:

        Edit removed HTML. Please use the “Text” tab view when pasting from web sites

        Sorry. The issue did not appear  until I posted, and at that point I could not find a way to edit the message.

        Harry

    • #1679117 Reply

      Bill C.
      AskWoody Plus

      I had reported on May 15th that I had installed the May 2019 Group B security patches (See post #1629184).

      Today I ran the Belarc Advisor and it reports that I am missing the February 2019 monthly Security Only Patch (KB4486564) for Windows 7-64Pro_SP1.

      I know I had installed that patch in very late February. I checked my WU installation history and it said it was successfully installed on February 27. I checked the WU installed updates list, and it is not present. I did a search by KB number and it is not present.

      I attempted to reinstall it and it said the update was not applicable to my system.

      Question: Is this a supercedence issue? Or did a subsequent May 2019 patch remove and/or replace the February 2019 Security Only Monthly (KB4486564) patch? The package details tab in the Catalog for the May 2019 Security Only patch does not have it replacing the February 2019 KB number.

      • #1679270 Reply

        PKCano
        Da Boss

        The only thing I could suggest is to be sure you got the right bitedness. If you did not, it would say the update was not applicable.

        1 user thanked author for this post.
      • #1679908 Reply

        anonymous

        BillC, that is an odd situation. Like PKC said could you had the wrong bit or maybe “embedded” version of update by mistake? I do have both the history and installed KB4486564 in my Windows 7.

        I did see where a person at reddit with a 2008 server had a similar issue and part of his solution was to make sure he had the new version of Windows Update Agent. Are you up to date on your WU (windows update) and SSU (servicing stack update)?

        KB4486564 still Shows As Required Long after Successful Installation

        KB4486564 still Shows As Required Long after Successful Installation from SCCM


        “specific to my lone 2008R2, it was a combination of an out of date WUA agent and just refreshing the state message”

        How to update the Windows Update Agent to the latest version
        https://support.microsoft.com/en-us/help/949104/how-to-update-the-windows-update-agent-to-the-latest-version

        Keep us posted.

        1 user thanked author for this post.
        • #1692634 Reply

          Bill C.
          AskWoody Plus

          For Anonymous and PKCano:

          It was the correct version for Win7-64:  2019-02 Security Only Quality Update for Windows 7 for x64-based Systems (KB4486564) or exact file name of (windows6.1-kb4486564-x64_ad686ee44cfd554e461c55d1975d377b68af5eca.msu)

          I just re-downloaded the February 2019 SO patch and compared the full file name, and the file size with my archived version and it is identical.  I maintain an archive of every SO patch since the new patching system started.  I will try to install again using the new version, but expect the same result.  This is a new patching wrinkle for me.

          I am using the most current Servicing Stack Update with the SHA-2 capability.

          Update: Here is a screenshot of the exact notice that the attempted install gives:

          Installation Notice for KB4486564-x64

          Attachments:
          • #1692787 Reply

            Volume Z
            Subscriber

            Don’t keep messing with this one. It’s clearly a matter of supersedence. It cannot be applied after the April 2019 one. Also, disk cleanup removes it. This has happened before with the January 2017 Security-Only update.

            Regards, VZ

            1 user thanked author for this post.
            • #1695096 Reply

              Bill C.
              AskWoody Plus

              Thanks. That was my thought also.

              I tried once to re-install, so that is it. I am not one to really tinker with a glitch if it not having a negative effect.

              I also remember one back in 2018 where the original SO (and rollup) patch was buggy and then MS released an out of band replacement(s). I installed the replacement and that time Belarc showed the original as missing for months, and then suddenly it did not.

    • #1680783 Reply

      Alex5723
      AskWoody Plus

      Visited my brother today who has a Windows 7 Home x64 with auto updates and GWX Control Panel.
      Checked to see May update status.

      First update : KB4499164 – failed.
      Second update : KB4499406 – passed.
      Third update : KB890830 – passed
      Forth update (re-installed) : KB4499164 – passed.

    • #1686155 Reply

      anonymous

      First let me say, that I have become exhaustively tired of having to hold my breath every month for the last couple of years, when it’s time to monthly Windows 7 update. And constantly expecting an explosion of either epic proportions (the total loss of Windows due to a non-working system backup), which happened, or a BSOD, of course it happened. I think I have lost at least 5 years of my life with the MMWW (Monthly Microsoft Windows Worries). However, I still remain a proud Windows 7 Home Premium 64 bit SP 1 Intel Core i5 520UM Arrandale 32nm Group B owner & user.

      Well, after reading hints and tips from the people in the know on this sight, like disabling the Remote Desktop & Remote Configuration, disabling the disk defragmenter, my antivirus is not one of the problem ones, though I made sure it was totally updated, and I am using the GWX Control Panel Monitor. I bit the bullet last night, and using SueW’s excellent how-to update list for May (thank you SueW! I really do look forward to your lists!), I downloaded Updates KB4499175, pciclearstalecache, and KB4498206, placed them in a folder created on desktop. I had a minor problem with the KB4499175 installation.  It always takes only 3-4 minutes to install the SO update. Usually within seconds, the percentage of completion message pops up (from 7% to 30%) with the message, ‘Please don’t shut off computer’. There was no % message. Period. I waited 1/2 hour. The only message was ‘Configuring download… Please down shut off computer’. Finally after 30 minutes I did shut down computer, waited 15 minutes, turned it back on, and the same message appeared on the desktop, but the percentage crept up to 30%, as usual, the computer shut down, and the desktop appeared normally. Yeah!! I waited 1/2 hour, installed KB4498206 without incident, waited another 1/2 hour, then checked Windows update. I don’t have Office and don’t use Microsoft Security Essentials, so I hid that, and just installed NET Framework (KB4499406), rebooted and waited 1/2 hour. As of this moment, everything is working well.

      Thanks again so much to SueW, Elly, Woody, PKCano, and so many others who have made this possible nightmare into just a bad dream.

      2 users thanked author for this post.
      • #1692163 Reply

        SueW
        AskWoody Plus

        Hi anon, I’m glad you were successful despite having to hold your breath.

        May’s SO update (KB4999175) was 100 mb in size; it’s usually been about half that size in previous months.  So that might have been the cause of a longer than usual installation time.

        Do you actually shut down your computer, or do you click on ‘Restart’ in the Windows Update box and let Windows do its thing?  If you’re shutting down your computer, then I would think that any processes in progress would also be shutdown (prematurely?), and then when you turn your computer back on, those processes would resume.

        Since I’ve been following the “Group B” instructions, I first download both the SO and IE Updates, and then I always install the Security Only Update first, then I install the IE Cumulative Update next, and then I click on ‘Restart’ to let Windows reboot my computer.  (I know that others install each Update separately, ‘Restarting’ in between.)

        I just wonder if shutting down your computer and then turning it back on might have led to the delay(s) that you encountered.

        Thank you for reporting your results — I’m glad everything is working well.

        Win 7 SP1 Home Premium 64-bit; Office 2010; Group B; Former 'Tech Weenie'

        • #1694105 Reply

          anonymous

          @suew

          I click on ‘Restart’ in the Windows Update box after installing the SO update, wait 15 minutes and then install IE update & again click on ‘Restart’ wait 15 minutes. In the past, I tried once installing them both, the SO then the IE Cumulative, and then clicking ‘Restart’, but it didn’t work (received error message). So for the last 6 months or so I install each Update separately, ‘Restarting’ in between. The only time I’ve ever completely shut down the computer during an installation was last night when there was no percentage processing message for the 1/2 hour. I pressed the shutdown button, waited another 1/2 hour then turned it on. It went to the desktop, and began showing the proper processing message. This afternoon, turning it on, everything seems to be working properly, except that I had to reconfigure my media player. No biggy!
          Thank you again so much for showing concern. Both you and so many other people on ‘Ask woody’ are genuinely caring individuals.

          1 user thanked author for this post.
    • #1686541 Reply

      anonymous

      Windows 7 Pro, Intel I5, 8 gigs Intel NIC.

      Installed patches in this order.

      4498206 IE11
      4499175 .net 4.6.1
      4499175 security only
      KB4495612 .net 3.5.1

      Installed fine. The SO was very slow in getting back to the desktop, and did not see any flash of the PCIclear file running.

      Internet was OK.

    • #1692755 Reply

      Morty
      AskWoody Plus

      Another good idea would be to start a new thread to be able to fully troubleshoot this issue, as we’re getting off topic for this one.

      Thanks. How do I start a new thread? Any suggestion what to call it so we’re all on the same page (literally and figuratively)?

      • #1692795 Reply

        Bluetrix
        AskWoody MVP

        Thanks. How do I start a new thread?

        @morty,
        A Thread or Topic is started the same way you started THIS ONE.

        Select from Forums on top tool bar the correct venue for your Topic (or Thread).

        Your Topic will reflect the issue you are having.

        Detail the issue you are having in your post.

         

        Windows10 Home 1809 | Mint19 on VM

        2 users thanked author for this post.
    • #1692769 Reply

      Morty
      AskWoody Plus

      Under Display Driver it should say Intel with more info on its name/model. Under Network Adapters what is the name(s) there?? There may be one for wireless and one for wired. If so which are you using?

      It says Driver date: Thu 03/20/14
      Driver version: 9.17.10.3517

      Network Adapter: Intel(R) 82579LM Gigabit Network Connection
      Driver date: Thu 02/21/13
      Driver version: 12.6.45.0

      Thanks again.

    • #1692770 Reply

      Morty
      AskWoody Plus

      Before I leave this thread (I typed that threat and was tempted to leave it), my other machine is backed up but I’m waiting to see what happens with this before I do the update. Should I not wait?

    • #1695289 Reply

      Irene
      AskWoody Plus

      I had wanted to update my Windows 10 Home, 64 bit, HP version 1803 to version 1809 as recommended by Woody in the end of April/early May, but I could no longer find the update in my hidden patches.  I searched the Windows update catalog for 1809, I searched how to find it in the internet, but I could not find it so I installed the April cumulative update to 1803 successfully.

      It seemed to me finding the update in the catalog would be easy, but it eluded me.

      Perhaps this has been asked and answered, so I apologize for not seeing it, but life has just been crazy, and my friends are all idiots who stopped updates ages ago by having some tech turn them off. I can’t ask them anything.  Of course one got a virus, had 7 reinstalled but still has updates off.

      I still would like to move to version 1809 for Windows 10 Home.  What do I search for in the MS catalog to find version 1809 ? Can some kind soul provide me a link or even just the search term?

      Thank you ahead of time!

      • #1695316 Reply

        PKCano
        Da Boss

        What you need is the Window Media Creation Tool. Google it and download it from Microsoft.

        1 user thanked author for this post.
        • #1695788 Reply

          Irene
          AskWoody Plus

          Thank you PK!  With the Windows Media Creation Tool am I then able to find the correct download from the MS catalog?  I would be happiest going to the catalog because I do not want to have to fight with MS about what version I get of updates.  If the tool doesn’t decide, do I not need details to be sure I get the correct update?

           

           

          • #1695866 Reply

            PKCano
            Da Boss

            You can’t get the UPGRADE from the Catalog.
            You can download it through Windows Update.
            OR
            You can download the Media Creation Tool which creates the install media on your PC.
            You will need a bootable 16-32 GB USB drive or a Double Layer DVD (DVD+R DL)
            To upgrade, run the Media Creation Tool.
            Choose “for another computer”
            It will create an ISO.
            Burn the ISO to the DVD or USB drive.

            There is a procedure for upgrading from an ISO. The versions are different, but the procedure is the same. Just substitute your 1803 -> 1809 for the 1703 -> 1709.

            • #1705602 Reply

              Irene
              AskWoody Plus

              PK,  Would it be acceptable to go from 1803 directly to the next big update–the one that came out in the fall of 2018?  Just curious–I am just a person, not extremely knowledgeable about computers….

              Thanks for your patience with me!

               

            • #1705892 Reply

              PKCano
              Da Boss

              Yes, the one that came out in the fall or 2018 is v1809.

            • #1716020 Reply

              Irene
              AskWoody Plus

              Okay, but I got the dates mixed up.  Woody had stated that an all new version was being pushed out–not the last fall version or not 1809.  Can I just wait and go from 1803 to the newest release when Woody says it is safe to move there, and just skip 1809?

              I know this all seems obvious stuff to you, and so many others here, but I am just a user who wants to be safe and who excels in another field entirely.

              Thanks so much!

            • #1716186 Reply

              PKCano
              Da Boss

              The one to be released later this month is 1903. You can wait for it until any time before Nov. 2019 – that is when 1803 will be EOL.

              The thing you shouldn’t do is upgrade to a new version immediately after it is released, because it will be full of bugs. I would give 1903 AT LEAST three months (depending on reports) after release to even consider upgrading to it.

              1 user thanked author for this post.
            • #1721220 Reply

              Irene
              AskWoody Plus

              This is good news.  I must have read incorrectly in the end of April that there was something else being pushed that came out later than 1809, and it would try to download on my Win 10 home when I searched for updates.  I must be confused.  Hopefully if I do a check for updates I won’t get anything other than 1809.  Am I wrong about the order of the updates as to what Home will get.  We can’t put things off. unless we hide them.

               

              Many thanks!

            • #1721226 Reply

              PKCano
              Da Boss

              Don’t “Check for Updates” and you should be OK.

              1 user thanked author for this post.
        • #1699114 Reply

          Irene
          AskWoody Plus

          Thank you PK! I will give it a go!

    • #1699588 Reply

      Morty
      AskWoody Plus

      A Thread or Topic is started the same way you started THIS ONE.

      Waddayaknow?! I don’t even remember doing that.

      Well, before I start a new thread, let me see if I can figure out what to do with what I’ve been told.

      Thanks again.

      1 user thanked author for this post.
    • #1699957 Reply

      Morty
      AskWoody Plus

      so feel free to ask, especially if you feel you’ve gotten in over your head.

      Argh. That about sums it up. I appreciate all the advice from anonymous “6536” and anonymous “2108.” But I’m way over my head here. Any chance MS might fix this update?

      • #1700464 Reply

        Cybertooth
        Subscriber

        Hi @morty, if you’re game to try installing that problematic rollup again, here’s something you might try: before installing the rollup, find the name of the Ethernet driver that you’re losing when the rollup gets installed and copy it to a different, safe folder.

        To do this, go into Device Manager and find your Ethernet driver. Right-click on it and then click on Properties at the bottom of the context menu. Then go to the Details tab and click on the little arrow that’s at the right end of the button just below where it says “Property.”

        Now scroll down the menu that will drop down, and look for “Inf name”. Once you find it, select it with the mouse and the field named “Value” will show you the name of the relevant file.

        Now go to your Windows directory in Windows Explorer and do a search for the file with that name. (It’s probably in the C:\Windows\inf folder.) Right-click on the search result for that .INF file and select “Open file location.” Now you can copy the file to a different folder–say, the Documents folder; the idea is to place it somewhere you’ll remember. Make sure to copy it and not to move it to that other folder. Also make sure to write down the folder where Search found the file, so that you can put it back there later if necessary.

        Now install the problematic rollup (before this, make sure that System Restore is still turned on). Reboot when requested.

        If, after rebooting back into Windows, you find that you’ve lost your Ethernet connection once again, go back into Device Manager and “update” the driver, although in this case it’s simply bringing back what you already had. When it asks where to find the driver, type in the folder where you stored the copy of the .INF file.

        I know this method works because I did it just three days ago on a Vista machine that I was putting into service. (Don’t ask…  🙂 ) After a certain round of patches to bring the OS more up to date, the machine lost its Ethernet driver and I had to do a System Restore to get it back, then I carried out precisely the same procedure that I described above.

        If this doesn’t work for you, you can use System Restore to put things back they way they were before the rollup and you’ll be no worse off than you were before.

        Give a holler if you get stuck at any of these steps. I thought about adding screenshots, but this post is already quite long.

         

        1 user thanked author for this post.
        • #1706461 Reply

          Morty
          AskWoody Plus

          OK. Bracing myself to try it again. I just started with a manual new restore point. (I ran a full backup a few days ago.)

          Thank you and thanks, 6536.

          Gulp…………..

      • #1702292 Reply

        anonymous

        Hi Morty 6536 here, Yes Microsoft will or should eventually get the problem fixed. The last time this happened they came out with the below about 3 weeks later.

        NIC settings are replaced or static IP address settings are lost after you install KB4088875 or KB4088878
        https://support.microsoft.com/en-us/help/4099950/nic-settings-are-replaced-or-static-ip-address-settings-are-lost-after

        Keep your eyes on Microsoft patches.

        Another idea that goes against PKcanos advice, is to run the PCIClearStaleCache.exe file like Jamesbond did. https://www.askwoody.com/forums/topic/ms-defcon-3-get-windows-xp-win7-and-associated-servers-patched/#post-1647847 If it works then great, if not then restore and look at Cybertooth’s plan.

        Cybertooth has a good way to fix it if you want to follow him. He is a good guy. He, I and others worked on a problem he had last November/December, in the “windows-7-pc-gets-very-sluggish” forum here.

        Keep us posted Morty.

        2 users thanked author for this post.
    • #1706582 Reply

      Morty
      AskWoody Plus

      Now scroll down the menu that will drop down, and look for “Inf name”. Once you find it, select it with the mouse and the field named “Value” will show you the name of the relevant file. Now go to your Windows directory in Windows Explorer and do a search for the file with that name. (It’s probably in the C:\Windows\inf folder.) Right-click on the search result for that .INF file and select “Open file location.”

      They headed me off at the pass. I found the file name but, lo and behold, search tells me there’s no such file as oem11.inf.

      I’m going back to a typewriter…..

      Attachments:
      2 users thanked author for this post.
      • #1706655 Reply

        Cybertooth
        Subscriber

        This is weird, but I had the same non-result when I looked up the Ethernet driver on my Windows 7 PC just now. Over the years, I’ve found that Windows Search isn’t the most reliable feature of Windows. In this case I had to go into the C:\Windows\inf folder myself to find it there.

        Try repeating the search from within that folder, and if that fails, then scroll slowly up and down the contents of the folder (as I had to) until you find that oem11.inf file.

        Another, almost equally tedious, way to do it would be to tell Explorer to search for all .INF files by typing *.inf in the search bar. You’ll get a ton of results, but that worked for me too.

         

        1 user thanked author for this post.
        • #1706745 Reply

          Morty
          AskWoody Plus

          Thanks. I checked the folder and it jumps from oem10.inf to oem14.inf (see screenshot). I also searched with WizFile and it drew a blank too.

          Curiouser and curiouser.

          Attachments:
          1 user thanked author for this post.
          • #1707020 Reply

            Cybertooth
            Subscriber

            That IS strange. Is the PC where you can’t find the Ethernet driver, the same PC where you’re posting to Woody’s from? If so, it would mean that you have a working Ethernet driver (since you can get on the ‘Net) but Device Manager is giving you the wrong information.

            One way around this would be to visit your PC manufacturer’s website, find their page for your model, and download their Ethernet driver to a safe place, then proceed to install the rollup.

            1 user thanked author for this post.
            • #1709628 Reply

              Morty
              AskWoody Plus

              Thanks. Yes, it is the same PC, just with KB4499164 removed. As soon as I installed it (twice) it zapped my Ethernet connection.

              One way around this would be to visit your PC manufacturer’s website, find their page for your model, and download their Ethernet driver to a safe place, then proceed to install the rollup.

              I’m coming to the firm belief that there’s no safe place on a computer.

          • #1707771 Reply

            anonymous

            Hi Morty 6536 here, CyberTooth is right, I looked on my Win 7 and did have the OEM11.inf file in C:\windows\inf folder, so that is weird.

            I posted before 2 places to get the driver, and as CyberTooth said, if you have a Dell (you said previously – BIOS Version/Date Dell Inc. A11, Fri 12/30/11) you should be able to go to DELL and with your “tag number” or model find the drivers for that PC. Dell is usually VERY easy to find drivers.

            Drivers:
            Intel Site:
            https://downloadcenter.intel.com/product/47549/Intel-82579-Gigabit-Ethernet-Controller
            Intel Network Adapter Driver for Windows 7 Version: 23.5.2 (Latest) Date: 2/6/2019, 54.44 MB

            Windows Catalog: (this is what you probably have an MS driver being version 12…)
            Intel – LAN, LAN (Server) – Intel(R) 82579LM Gigabit Network Connection (64bit)
            Windows 7,Windows Server 2008 R2, 11/12/2015 12.15.31.0 608 KB
            https://www.catalog.update.microsoft.com/Search.aspx?q=82579LM

            Don’t give up yet Morty.

            2 users thanked author for this post.
    • #1708590 Reply

      anonymous

      ? says:

      hi, Morty

      hope you have fixed your nic problem. have you tried using pnputil.exe?

      https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/pnputil

      using admin cmd>pnputil -e you can get a list of oem drivers in .inf section. i update my intel wifi cards quite often and the driver you are using is from 5 years ago? which updating “may,” solve your connectiion difficulties.

      please let us know what happens

      3 users thanked author for this post.
      • #1709916 Reply

        Cybertooth
        Subscriber

        That’s a very cool command, thank you for sharing it!

      • #1710049 Reply

        Morty
        AskWoody Plus

        using admin cmd>pnputil -e you can get a list of oem drivers in .inf section. i update my intel wifi cards quite often and the driver you are using is from 5 years ago? which updating “may,” solve your connectiion difficulties. please let us know what happens

        Thanks. Here’s what it gave me:

        Microsoft Windows [Version 6.1.7601]
        Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

        C:\Windows\system32>pnputil -e
        Microsoft PnP Utility

        Published name :            oem10.inf
        Driver package provider :   Broadcom
        Class :                     Network adapters
        Driver date and version :   06/16/2009 1.0.0.1
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem30.inf
        Driver package provider :   ZTE Corporation
        Class :                     Ports (COM & LPT)
        Driver date and version :   01/13/2011 5.2066.1.8
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem31.inf
        Driver package provider :   Silicon Labs Software
        Class :                     Universal Serial Bus controllers
        Driver date and version :   02/06/2007 3.1
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem40.inf
        Driver package provider :   Logitech
        Class :                     Sound, video and game controllers
        Driver date and version :   09/21/2012 13.51.823.0
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem14.inf
        Driver package provider :   Intel
        Class :                     IDE ATA/ATAPI controllers
        Driver date and version :   09/10/2010 9.2.0.1011
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem32.inf
        Driver package provider :   Dynastream Innovations, Inc.
        Class :                     Unknown driver class
        Driver date and version :   04/11/2012 1.2.40.201
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem15.inf
        Driver package provider :   Intel
        Class :                     System devices
        Driver date and version :   11/20/2010 9.2.0.1016
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem33.inf
        Driver package provider :   Google, Inc
        Class :                     Unknown driver class
        Driver date and version :   06/25/2009 1.0.0010.00001
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem16.inf
        Driver package provider :   Intel
        Class :                     System devices
        Driver date and version :   09/10/2010 9.2.0.1011
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem34.inf
        Driver package provider :   HS Incorporated
        Class :                     Universal Serial Bus controllers
        Driver date and version :   10/20/2010 2.0.0.8
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem17.inf
        Driver package provider :   Intel
        Class :                     Universal Serial Bus controllers
        Driver date and version :   09/16/2010 9.2.0.1013
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem26.inf
        Driver package provider :   Brother
        Class :                     Printers
        Driver date and version :   03/04/2013 1.1.0.0
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem35.inf
        Driver package provider :   ZTE Corporation
        Class :                     Ports (COM & LPT)
        Driver date and version :   01/13/2011 5.2066.1.8
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem18.inf
        Driver package provider :   Intel
        Class :                     System devices
        Driver date and version :   09/10/2010 9.2.0.1011
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem27.inf
        Driver package provider :   Brother
        Class :                     Printers
        Driver date and version :   12/17/2012 1.0.0.0
        Signer name :

        Published name :            oem36.inf
        Driver package provider :   ZTE Corporation
        Class :                     Network adapters
        Driver date and version :   06/21/2009 6.0.6000.16384
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem28.inf
        Driver package provider :   ZTE Corporation
        Class :                     Ports (COM & LPT)
        Driver date and version :   01/13/2011 5.2066.1.8
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem37.inf
        Driver package provider :   ZTE Corporation
        Class :                     Ports (COM & LPT)
        Driver date and version :   01/13/2011 5.2066.1.8
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem29.inf
        Driver package provider :   ZTE Corporation
        Class :                     Modems
        Driver date and version :   01/13/2011 5.2066.1.8
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem38.inf
        Driver package provider :   Logitech
        Class :                     Universal Serial Bus controllers
        Driver date and version :   09/21/2012 13.51.823.0
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem39.inf
        Driver package provider :   Logitech
        Class :                     Imaging devices
        Driver date and version :   09/21/2012 13.51.823.0
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        C:\Windows\system32>pnputil -e
        Microsoft PnP Utility

        Published name :            oem10.inf
        Driver package provider :   Broadcom
        Class :                     Network adapters
        Driver date and version :   06/16/2009 1.0.0.1
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem30.inf
        Driver package provider :   ZTE Corporation
        Class :                     Ports (COM & LPT)
        Driver date and version :   01/13/2011 5.2066.1.8
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem31.inf
        Driver package provider :   Silicon Labs Software
        Class :                     Universal Serial Bus controllers
        Driver date and version :   02/06/2007 3.1
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem40.inf
        Driver package provider :   Logitech
        Class :                     Sound, video and game controllers
        Driver date and version :   09/21/2012 13.51.823.0
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem14.inf
        Driver package provider :   Intel
        Class :                     IDE ATA/ATAPI controllers
        Driver date and version :   09/10/2010 9.2.0.1011
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem32.inf
        Driver package provider :   Dynastream Innovations, Inc.
        Class :                     Unknown driver class
        Driver date and version :   04/11/2012 1.2.40.201
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem15.inf
        Driver package provider :   Intel
        Class :                     System devices
        Driver date and version :   11/20/2010 9.2.0.1016
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem33.inf
        Driver package provider :   Google, Inc
        Class :                     Unknown driver class
        Driver date and version :   06/25/2009 1.0.0010.00001
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem16.inf
        Driver package provider :   Intel
        Class :                     System devices
        Driver date and version :   09/10/2010 9.2.0.1011
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem34.inf
        Driver package provider :   HS Incorporated
        Class :                     Universal Serial Bus controllers
        Driver date and version :   10/20/2010 2.0.0.8
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem17.inf
        Driver package provider :   Intel
        Class :                     Universal Serial Bus controllers
        Driver date and version :   09/16/2010 9.2.0.1013
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem26.inf
        Driver package provider :   Brother
        Class :                     Printers
        Driver date and version :   03/04/2013 1.1.0.0
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem35.inf
        Driver package provider :   ZTE Corporation
        Class :                     Ports (COM & LPT)
        Driver date and version :   01/13/2011 5.2066.1.8
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem18.inf
        Driver package provider :   Intel
        Class :                     System devices
        Driver date and version :   09/10/2010 9.2.0.1011
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem27.inf
        Driver package provider :   Brother
        Class :                     Printers
        Driver date and version :   12/17/2012 1.0.0.0
        Signer name :

        Published name :            oem36.inf
        Driver package provider :   ZTE Corporation
        Class :                     Network adapters
        Driver date and version :   06/21/2009 6.0.6000.16384
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem28.inf
        Driver package provider :   ZTE Corporation
        Class :                     Ports (COM & LPT)
        Driver date and version :   01/13/2011 5.2066.1.8
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem37.inf
        Driver package provider :   ZTE Corporation
        Class :                     Ports (COM & LPT)
        Driver date and version :   01/13/2011 5.2066.1.8
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem29.inf
        Driver package provider :   ZTE Corporation
        Class :                     Modems
        Driver date and version :   01/13/2011 5.2066.1.8
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem38.inf
        Driver package provider :   Logitech
        Class :                     Universal Serial Bus controllers
        Driver date and version :   09/21/2012 13.51.823.0
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        Published name :            oem39.inf
        Driver package provider :   Logitech
        Class :                     Imaging devices
        Driver date and version :   09/21/2012 13.51.823.0
        Signer name :               Microsoft Windows Hardware Compatibility Publisher

        C:\Windows\system32>

    • #1709627 Reply

      Morty
      AskWoody Plus

      Don’t give up yet Morty.

      Thanks. I needed that…..

      2 users thanked author for this post.
      • #1709915 Reply

        Cybertooth
        Subscriber

        Hi @morty,

        Looks like the network (Ethernet) adapter isn’t safe where it normally lives in the C:\Windows\inf folder during the process of installing that Rollup. How about doing the following sequence of steps:

        1. Download the Ethernet driver from Dell as anonymous 6536 proposed, then
        2. Save the driver to a different and easy-to-find folder, then
        3. Install the Rollup, and then if the existing Ethernet driver is (as expected) lost from its normal spot in C:\Windows\inf, reboot and then
        4. Install the Ethernet driver that you downloaded from Dell.

        Now proceed to use the computer normally and see if Internet connectivity survives.

         

        1 user thanked author for this post.
    • #1710207 Reply

      anonymous

      ? says:

      wow, that is a loooong list of oem drivers. i keep 6-8 on my win 7’s and as part of my maniacal cleaning problem(s) i take out the one’s i will never use again to avoid potential conflict problems. i guess the best thing to do is download the Dell driver for your card and/or the shiny new Intel driver (which i update as often as they are made available) from their website (shown above in another post) thern install the troublesome patch, roboot then run the pciclearstalecache? and then install the driver of your choice and reboot as necessary. personally, i did not get any action from pciclearstalecache.exe this time maybe because it is already there? from the last time it was called for. any way where is VolumeZ when he probably knows what to do to fix it all in one easy swoop?

      hope you have already gotten to the promised land and are surfing with ease…

      1 user thanked author for this post.
    • #1710376 Reply

      anonymous

      KB4499164  causes my Win 7 64-bit to boot up and go to blue screen and hang.  Uninstalled the update and back to normal.  Disabled remote computer options in Remote tab of Advanced System Settings.

      Edit to remove HTML. Please use the “Text” tab in the entry box when you copy/paste.

      1 user thanked author for this post.
    • #1717220 Reply

      Morty
      AskWoody Plus

      hope you have already gotten to the promised land and are surfing with ease…

      Not quite yet, but I’m on my way.

      Meanwhile, I’m still afraid to update my other computer. Is it safe to wait?

      • #1717775 Reply

        anonymous

        Hi Morty, “Meanwhile, I’m still afraid to update my other computer. Is it safe to wait?”
        This is where it gets more frightful.

        1. You can try the update on your other computer but first make a registry restore point to go back as you have with computer #1 you are dealing with. It may install just fine.

        2. You can wait like I am since woody said there is a “proof of concept’ but there are NOT any attacks happening now 5-21-19.

        3. you can try a Group B method this time and next month go back to Group A’s monthly rollups. CyberTooth what do you think?

        From the catalog you can download and run these 2 patches. Then get the dot nets from windows update.

        2019-05 Security Only Quality Update for Windows 7 for x64-based Systems (KB4499175)
        2019-05 Cumulative Security Update for Internet Explorer 11 for Windows 7 for x64-based systems (KB4498206)

        There is no worry at this moment Morty, but one day Woody will say look-out!

        anonymous 6536

        1 user thanked author for this post.
        • #1718349 Reply

          Cybertooth
          Subscriber

          3. you can try a Group B method this time and next month go back to Group A’s monthly rollups. CyberTooth what do you think?

          anonymous 6536, that makes sense to me. The Security Only patch is bound to have less “stuff” going on, so it may dodge the Ethernet driver issue that Morty is running into. (Assuming that his other PC is susceptible to this problem.)

          I’m still curious if Morty tried downloading the driver from Dell to store in a different folder and then install if/when the Monthly Rollup nukes the existing driver.

           

          1 user thanked author for this post.
        • #1718572 Reply

          Morty
          AskWoody Plus

          I feel like the young man in Frank Stockton’s story “The Lady or the Tiger.” Only now I have four doors instead of two.

          I’m beginning to think that it might be better to wait for the storm to pass. Am I being foolhardy?

          Thank all of you again for being there for me!

          1 user thanked author for this post.
          • #1718601 Reply

            Cybertooth
            Subscriber

            Hi @morty,

            I’m beginning to think that it might be better to wait for the storm to pass. Am I being foolhardy?

            Please go to the site that @gonetoplaid suggests here, and then click on the button labeled “Probe THIS Port” near the top. It will tell you whether the port involved in this Remote Desktop issue is open, closed, or stealthed.  If the result comes back as Closed, you’re OK. If it comes back as Stealth, you’re even better off: according to Steve Gibson, having a port in Stealth mode is better than Closed since with the former, a potential attacker won’t even know that there is something to attack.

            With either a Closed or Stealth result, you should be all right holding off on this problematic Windows patch.

             

            7 users thanked author for this post.
            • #1718618 Reply

              Morty
              AskWoody Plus

              Thanks again. Bless you. Bless all of you.

              I’m going to have to try this a little later. Stay tuned.

              (Steve Gibson, wow. I used to have a program of his called Guards Up or something like that. Does he still make SpinRite?)

              1 user thanked author for this post.
            • #1718889 Reply

              anonymous

              Good post @cybertooth! Thank you @gonetoplaid. Once again Steve Gibson comes through with a way to test. People should investigate GRC.COM Shields-Up. Mine was stealth.

              anonymous 6536

              2 users thanked author for this post.
            • #1718944 Reply

              Microfix
              Da Boss

              GRC has always been my first website visit when setting up a new PC/Router. Shields up and instant UPNP Exposure Test are excellent online checks for your set-up. He also has a few utilities which are of the same calibre never10, inspectre and unplug ‘n’ pray 😉
              Steve’s stuff is highly recommended, the guy is a star in my book!

              ********** Peng/Wins x86/x64 **********

              6 users thanked author for this post.
            • #1722198 Reply

              Morty
              AskWoody Plus

              Thanks again!

              I ran Probe THIS Port and it came up as “stealth.” Then I ran ShieldsUP and got these results:

               

              <span style="color: #000066; font-family: Verdana,Arial,Helvetica,Sans-Serif,MS Sans Serif;"><span style="color: black; font-family: courier new,courier; font-size: medium;">----------------------------------------------------------------------
              
              GRC Port Authority Report created on UTC: 2019-05-22 at 02:20:54
              
              Results from scan of ports: 0, 21-23, 25, 79, 80, 110, 113, 
                                          119, 135, 139, 143, 389, 443, 445, 
                                          1002, 1024-1030, 1720, 5000
              
                  0 Ports Open
                  0 Ports Closed
                 26 Ports Stealth
              ---------------------
                 26 Ports Tested
              
              ALL PORTS tested were found to be: STEALTH.
              
              TruStealth: FAILED - ALL tested ports were STEALTH,
                                 - NO unsolicited packets were received,
                                 - A PING REPLY (ICMP Echo) WAS RECEIVED.
              
              ----------------------------------------------------------------------
              
              
              
              
              </span></span>

               

              2 users thanked author for this post.
            • #1722534 Reply

              Cybertooth
              Subscriber

              You’re welcome, Morty–glad to help!

              And FWIW, my system, too, passes the Unsolicited Packets test, and it shows those 26 ports as Stealth, but then fails the Ping test. It’s nothing that I’ve ever worried terribly about.

               

              2 users thanked author for this post.
            • #1725917 Reply

              anonymous

              Hi Morty, It looks like your provider, computer or router is doing a good job at protecting you. Now the question is for CyberTooth and myself, what are your plans with the MAY updates? Which method are you going to use or are you going to sit back and wait until next month’s patch tuesday? You don’t want to be the first, but not the last either. Remember that saying back last year in post #223122?

              anonymous 6536

              1 user thanked author for this post.
            • #1726076 Reply

              Cybertooth
              Subscriber

              Hi anonymous 6536,

              Well, I decided to follow Woody’s DEFCON advice and start applying the May updates to my Windows 7 systems this week.

              The experience has been, umm, interesting. Did the Security Only KB4499175 on a little (SFF) tower PC and it seems to have gone fine. Since it doesn’t have Internet Explorer 11 (still on IE8, I really should get around to bringing it up to date but it’s seldom used), it was not eligible for the IE11 patch. The .NET update also installed without issues.

              I waited a day to make sure that nothing untoward was happening and moved on to the next Win7 computer. KB4499175 went fine. Now this machine does have IE11… but when I try to install KB4498206, it claims that the patch is not applicable to my system!?! (The bitness is correct.)

              Not sure what to make of this. These are my two test beds before proceeding to the work computer, so I hesitate to try the IE11 patch on that one until I find out why it won’t install on the test computer.

              Wait a minute–I decided to get the exact wording of the “does not apply” message to post here, so tried installing KB4498206 once again… and this time it worked. How weird, it took three tries for it to finally “catch”.

              Guess I’ll let the IE11 patch simmer for a while, see how things work out, and then go on to the main PC if there is no further strangeness.

               

              1 user thanked author for this post.
            • #1726799 Reply

              anonymous

              Hi CyberTooth, Yes that does seem “interesting”. I usually install the IE11 patch first. Was this install the first patch and was it the very first thing you did upon booting the computer? Everyone has their own procedures and mine is to run ccleaner, reboot, make a registry restore point reboot again. After rebooting let it sit a minute or three and then manually install the Windows Catalog file I just downloaded that day for Windows 7.

              I usually do NOT have any issues with the IE11 patch.
              Keep us posted CyberTooth!
              anonymous 6536

            • #1727624 Reply

              Cybertooth
              Subscriber

              Hi 6536,

              This is the first I ever remember having an issue with an IE patch. Typically I’ll install the Windows SO update first, then reboot, then wait for the PC to settle down, next install the IE update, reboot, and after it settles down re-enable Windows Update to find any miscellaneous patches (.NET, MRT, etc.). I admit that there’s no particular reason for that installation order.  🙂

              Nor do I typically reboot before installing the first Group B patch, I’ll just disable Windows Update and then start the first manual patch. In my case, I’ve found that Windows will create its own restore point prior to installing a manual patch.

               

            • #1726149 Reply

              Morty
              AskWoody Plus

              Frankly, I’m petrified. I’ve always been a last adopter. I only gave up XP when the box died. Meanwhile, I circled the wagons….

              Thank you and @cybertooth.

              All the best.

              2 users thanked author for this post.
    • #1718598 Reply

      Morty
      AskWoody Plus

      wait for the storm to pass

      Sorry about the mixed metaphor. Sigh.

      • #1726291 Reply

        geekdom
        AskWoody Plus

        But I like mixed metaphors.

        Group G{ot backup} Win7Pro · x64 · SP1 · i3-3220 · TestBeta
        1 user thanked author for this post.
    • #1718946 Reply

      alphacharlie
      AskWoody Plus

      Thanks again. Bless you. Bless all of you.

      I’m going to have to try this a little later. Stay tuned.

      (Steve Gibson, wow. I used to have a program of his called Guards Up or something like that. Does he still make SpinRite?)

      Yes and in fact Mr. Gibson has promised a new faster version of spinrite.

      1 user thanked author for this post.
    • #1719688 Reply

      columbia2011
      AskWoody Plus

      We’ve had several machines where Skype for Business 2015 would crash upon launch, after receiving monthly patches.

      KB4464547 is the only Lync related patch.

      It is listed 3 times in in the “View installed updates” and all have the same install date.

      Not all machines experience the issue; it seems to be pretty random.

      I had uninstalled the KB and reboot, and Skype works again.

      Reinstall the patches, and Skype still works.

      I don’t see any listed “Known issues” on the MS KB page.

      Anybody else experiencing similar?

      Found hot topic on Reddit with May 14 security update of Skype 2015 for business.

      Skype for Business closing automatically after May 14th, 2019 security updates from sysadmin

      1 user thanked author for this post.
      • #1719961 Reply

        b
        AskWoody Plus

        The fact that it only crashes at first but not later sounds a bit like a recent Skype for Business 2016 issue:

        After you install recent updates of Windows 10, the Microsoft Skype for Business 2016 client may crash on the first run after a fresh start of Windows.
        To fix this issue, install the May 7, 2019, update (KB4464532) for Microsoft Skype for Business 2016.
        Skype for Business 2016 crashes after you install recent updates of Windows 10

        Knuckle dragger Cannon fodder Chump Daft glutton Idiot Sucker More intrepid Crazy/ignorant Toxic drinker Saluted blockhead "Unwashed mass" (Group ASAP) Win10 v.1903

    • #1726508 Reply

      Morty
      AskWoody Plus

      But I like mixed metaphors.

      In Modern English Usage, H.W. Fowler seemed to be enjoying poking some fun at journalists:
      “The gentlemen of the Press regularly devote a small percentage of their time to accusing each other of mixing metaphors or announcing that they are themselves about to do so … the offense apparently being not to mix them, but to be unaware that you have done it.” https://hamodia.com/columns/eating-words-muphrys-law/

      1 user thanked author for this post.
    • #1736147 Reply

      lmacri
      Subscriber

      UPDATE for Vista SP2 users, please note that MS support article Customer Guidance for CVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability: May 14, 2019 was modified on 23-May-2019 and now recommends that Vista SP2 users patch this vulnerability with the Win Server 2008 KB4499180 (May 2019 Security Only) update. Kudos to Vistaar for posting that information <here> in the Vista Forums. Also note that the release notes for KB4499180 at https://support.microsoft.com/en-us/help/4499180/windows-server-2008-update-kb4499180 states the following:

      Before installing this update Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes.

      If you are using Windows Update, the latest SSU (KB4493730) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the Microsoft Update Catalog.

      I’ve ensured that Remote Assistance (Control Panel | System and Maintenance | System | Remote Settings) is disabled, and when I checked the status of Port 3389 at https://www.grc.com/port_3389.htm and clicking Probe THIS Port as suggested <here> by GoneToPlaid my status is reported as Stealth (the best rating according to https://www.grc.com/su/portstatusinfo.htm. Given the number of Vista SP2 users who have reported system instabilities after installing a May 2019 Win Server 2008 security update I’ve decided to hold off installing the Win Server 2008 KB4493730 (April 2019 Servicing Stack Update) and KB4499180 (May 2019 Security Only Update) until I’m sure it’s safe to do so.

      Two questions I still have. AFAIK, the Security Only updates are not cumulative updates like the Monthly Rollups, so is it necessary to install the latest SSU (April 2019 KB4493730) before KB4499180 (May 2019 Security Only)?  Secondly, I know that the Win Server 2008 KB4499149 (the May 2019 Monthly Rollup) changes the Vista SP2 from build number from 6.0.6002.xxxxx (Build 2) to 6.0.6003.xxxxx (Build 3) per the MS support article support article Build Number Changing to 6003 in Windows Server 2008. However, does the recommended KB4499180 (May 2019 Security Only update) also increase the build number?
      ————-
      32-bit Vista Home Premium SP2 * FF ESR v52.9.0 * Norton v22.15.2.22

      • This reply was modified 1 day, 19 hours ago by
         lmacri. Reason: Changed "KB44991180" to"KB4499180"
      1 user thanked author for this post.
      • #1736151 Reply

        PKCano
        Da Boss

        Servicing Stack updates should be installed exclusively (by themselves) and before Rollups or Security-only updates.

        Install the SSU, reboot, wait 15 minutes after login before installing other updates.

        • #1736490 Reply

          lmacri
          Subscriber

          Installing any Win Server 2008 update on a Vista SP2 OS (especially for users who have not been applying these updates on a monthly basis since the Vista SP2 EOS on 11-Apr-2017) seems to be a risky prospect at the moment.

          It’s definitely a hit-or-miss proposition. I have a little-used Vista x86 for Business machine where the July 2018 patch KB4339291 caused a BSOD on reboot. Whaddayaknow, System Restore had been turned off somehow and there were no restore points. Plus, since it’s a tertiary PC the most recent backup image I had was from January 2014. Ouch!

          The same patch (KB4339291) worked perfectly on my Vista x64 laptop, but the installation failed (no BSOD) on the Vista x64 tower PC.

          I’m no longer applying patches to the x86 tower (the effort-to-reward ratio is too great) but am keeping up the two x64 systems. The laptop and tower both installed that SSU KB4493730 without issue; however, while the May 2019 Monthly Rollup KB4499149 installed great on the laptop, it left the tower in an unusable state with just the mouse pointer showing in the center of a black screen. (Thank you, System Restore.) So whereas previously I’d install each month’s Server 2008 patches first on the laptop as a test and then on the tower, the laptop got completely up to date in one stroke while the tower is still catching up (August 2018).

          I’m not sure what I will do past the August 2018 patches. On the tower, that month’s patch KB4341832 led to the same kind of black screen as the May 2019 rollup. Because Microsoft, in its infinite wisdom, stopped releasing individual patches as of September 2018, every Server 2008 rollup will presumably now contain KB4341832 and give me a black screen. I’ll try the Security Only bundles for each month in turn and see how they go.

          EDIT: This is VERY strange. That was me, Cybertooth, who wrote this post about KB4339291 etc., but it’s credited to @Imacri to whom I thought I was simply replying!!!

          Mods, please modify the post info so that it reflects who wrote it.

          ALSO, Imacri’s post to which I was replying seems to have disappeared (replaced by mine??).

           

           

          • This reply was modified 1 day, 16 hours ago by
             Cybertooth.
          • This reply was modified 1 day, 16 hours ago by
             Cybertooth.
          • This reply was modified 1 day, 16 hours ago by
             Cybertooth.
          1 user thanked author for this post.
          • #1739240 Reply

            Cybertooth
            Subscriber

            Update on my post just above, incorrectly attributed to @lmacri whose post mysteriously disappeared when I replied to it:

            Tonight I tried installing the Security Only patch bundle for September 2018 on the Vista x64 tower. It didn’t work: the computer booted to a completely black screen. Tried again ande this time I got a black screen with a mouse pointer that I could move around, but no other display of any kind.

            Am currently running a Startup Repair and will probably end up using System Restore to go back to the August 2018 patch level.

            It’s not looking promising for getting this system updated past that month.

             

    • #1740904 Reply

      anonymous

      Windows 7 SP1 64bit, with Broadcom network card. Group B.

      Installed May’s updates; IE KB4498206, SO KB4499175 and .NET KB4495612 (SO 3.5.1) today.

      From the catalog; Installed IE KB4498206 1st, SO KB4499175 2nd, SO .NET KB4495612 3rd, and MSRT (from WU) last.

      Did NOT install the IE KB4505050 since they are going to fix it next month anyway.

      Installed one at a time. Rebooted in between each update letting it sit 1 or 2 minutes after update was installed (one took 5 minutes to have the hard drive settle down).

      No network issues. No oddities – other than slow 1st boot after SO update and 15 minutes @ 100% CPU after the .NET install.

      Rebooted 3 times and let it sit for several minutes. (15 min after .NET for Disk activity and CPU to settle.)

      I would recommend people on the last reboot to go to the desktop and let it sit 45 to 60 minutes to Process Idle Tasks, let the trusted installer (as per PKCano) do its thing and let the NGEN recompile the .NET image.

      If you or others here are interested, one can run the MSCORSVW .net image compiler (NGEN) manually. (I do).
      http://blogs.msdn.com/b/dotnet/archive/2013/08/06/wondering-why-mscorsvw-exe-has-high-cpu-usage-you-can-speed-it-up.aspx

      You can force the Idle Tasks if you want by the administrative command prompt: rundll32 advapi32.dll,ProcessIdleTasks

      You can enter that then walk away for 15 to 20 minutes. If the drive light is still on, it is still running, walk away again. Do not allow the computer to go to sleep. Reset the Power Options to 1 hour sleep if needed. Laptops make sure you are on AC power not battery!

      There you go SueW!

      Thanks to all here.

      2 users thanked author for this post.
    • #1741686 Reply

      Volume Z
      Subscriber

      is it necessary to install the latest SSU (April 2019 KB4493730) before KB4499180 (May 2019 Security Only)?

      No.

      does the recommended KB4499180 (May 2019 Security Only update) also increase the build number?

      Yes.

    • #1741980 Reply

      SueW
      AskWoody Plus

      Way to go, @anon!!

      Win 7 SP1 Home Premium 64-bit; Office 2010; Group B; Former 'Tech Weenie'

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: MS-DEFCON 3: Get Windows XP, Win7 and associated Servers patched

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Cancel