• MS-DEFCON 3: Should you patch? It depends.

    Home » Forums » Newsletter and Homepage topics » MS-DEFCON 3: Should you patch? It depends.


    ISSUE 20.43.1 • 2023-10-24 By Susan Bradley The October updates have been either mildly annoying or downright hostile. Stop the presses: I’m urging ca
    [See the full post at: MS-DEFCON 3: Should you patch? It depends.]

    Susan Bradley Patch Lady/Prudent patcher

    Viewing 28 reply threads
    • #2596585

      Some of us received three updates, each of which triggered a reboot.

      Multiple reboots never happen when using WUmgr.
      WUmgr downloads and installs all updates and ask for reboot.

    • #2596591

      There’s no indication as to what operating system/s are affected by multiple boots post patching. I only experienced one reboot on four different W10 Pro devices this month using WUMgr and the native WU..

      Win8.1/R2 Hybrid lives on...
      • #2596651

        Same here – one reboot. I am using Windows Update, not WUMgr.
        But I wait till all updates have completed downloading/installing and request restart, before I do restart.

        • #2598470

          Exactly. Consider this condition, where the Cumulative update is installing and Reboot is requested. One hand doesn’t know what the other hand is doing and it puts up the reboot prompt prematurely.


          [in a whiny voice] Coordinating things is so harrrrrrd.


    • #2596597

      Hi Susan:

      Regarding the comment about certain HP models in your MS-DEFCON alert:

      Got an HP?

      If you’ve been installing updates since July on certain HP computers and have been able to boot each month,review this month HP’s list of impacted models. Without a needed BIOS update, you may brick the computers and need a replacement system board….

      Did you mean “… have not been able to boot..”?

      • #2596607

        I read it to mean (added text in bold)

        If you’ve been installing updates since July on certain HP computers and have been able to boot each month up to now, review this month HP’s list of impacted models. Without a needed BIOS update, installing another Windows Cumulative update you may brick the computers and need a replacement system board….

    • #2596614

      With reference to Susan’s comment

      “three updates, each of which triggered a reboot.”

      Last month my download dropped down to a crawl of a few KB’s every few minutes. In desperation I did a restart and downloading took off to MBs’ every few minutes.

      Same thing today’s update. This time I did not waste an hour and went ahead and did a restart after the download dropped to a crawl. After the restart almost a GB downloaded in a few minutes.

      SO, apparently now there is actually a need for multiple reboots between the individual updates. Will this also be for the future? Who knows?

    • #2596617

      For me: Only one intermediate reboot (after .Net 6),and one at the end.

      Otherwise uneventful.

      Dell Inspiron 7580 i7 16GB Win 10 pro 22H2 (19045.3930), Microsoft 365 Version 2401 (17231.20182) Location: UK

    • #2596644

      Updated with no problems, one restart.

      2023-10 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems (KB5031354)

      2023-10 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 for x64 (KB5031323)

      Windows Malicious Software Removal Tool x64 – v5.118 (KB890830)



      Edition Windows 11 Pro
      Version 23H2
      Installed on ‎10/‎19/‎2022
      OS build 22631.3155

    • #2596650

      Two questions:

      1. You are recommending to install 356 to Win 10 22H2 even though it may n ot install?
      2. Does Gibson In COntrol just put a GUI to my blocking updates in Group Policy or does it do something else?


      • #2596659

        InControl only controls Product/Feature Updates (22H1 -> 22H2). It does not control monthly Cumulative Updates. InControl puts entries in the Registry that control the changes (like ProductVersion = Windows 10 orWindows 11 and TargetReleaseVersion = 22H1 or 22H2).

        It does not control monthly Build changes (like 19045.3448 -> 19045.3570 or 22621.2283 -> 22621.2428)

    • #2596654

      How does a “known-issue rollback” work?

      • #2596684
        • #2596844

          Hi @b:
          About the “Known-issue rollback” link:

          I read the information at the link. For me, KB5031356 is hidden in WUSHOWHIDE right now. As I understand the information in the link, when this CU is unhidden, it will be downloaded from the cloud. The downloaded CU will have the fix in it.

          There’s something at Windows 10, version 22H2 update history — October 10, 2023—KB5031356 in the “Known Issues” section about a 48-hour wait. When I looked at this on Oct 12, it said that the device can’t be sleeping during this wait.

          If my device was sleeping during the 48-hour wait,
          a) should I do the Dism /online /cleanup-image /RestoreHealth? If so, do I issue this command before I unhide the CU? or after I unhide it? {In GP, I have Local Computer Policy | Computer Configuration | Administrative Templates | Windows Components | Windows Update > Configure Automatic Updates Enabled (2=notify for download and auto install) }.
          b) should I do a Restart before I unhide it? or after I unhide it?

          • #2597474


            All good questions – me too.   What have you done regarding the October Updates?

            My KB501148 .NET 4.8.1  update also disappeared from wushowhide.

            Interesting though I have KB5031224 .Net October Cumulative Update in wushowhide, but I also still have KB5030180 .NET Cumulative Update from September that I never installed in wushowhide.  I would think the September CU would have disappeared being replaced by the October CU?  Doesn’t October CU include everything to-date?

            Do I need to install both or just October CU?

            Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)
            • #2597498

              Windows Update correctly detects the .NET Framework updates your computer needs.

              Install whatever updates it offers you.

            • #2597509

              Do I need to install both or just October CU?

              Follow PKCano’s advice above.

              You might want to look at @Imacri ‘s post, most notably the screenshots from WU history and Uninstall an update. I suspect that KB5030180 will install KB5030649, its 4.8.1 child. If so, you will see KB5030649 in Installed updates, and not KB5030841, its 4.8 child.

            • #2598115

              @WCHS and @PKCano

              Thanks, your answers address the .NET Framework items.

              What  about the KB5031356 KIR questions?

              If my device was sleeping during the 48-hour wait


              Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)
            • #2599452

              I suspect that KB5030180 will install KB5030649,

              Installed the September .NET.   Windows Update History shows KB5030180 installed.  Control Panel uninstall show KB5029923 as installed.

              What about the KIR questions in #2596844 ?

              Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)
              1 user thanked author for this post.
            • #2599494

              Hi @Tex265,
              Did you install the October KB5031224? If so, what does Windows Update History show? And what does Control Panel Uninstall Updates show?

    • #2596658

      1 reboot here. win11, Home menu in settings has changed to show various ‘blocks’ containing stuff like cloud storage (which is convenient),  Bluetooth devices, personalize your device (why when there is already an option on the left hand menu), nagging about adding a phone number (used to show as a badge on the start menu), and nagging about Microsoft 365 (don’t even use as this computer is a gaming computer.)

      Other than the above, no other noticeable changes. And no I rarely if ever use Edge, so Copilot probably got added too.

    • #2596664

      Really good timing Susan!

      I manage several Hyper-V clusters with “many” guest VM’s running Server 2019/22 and this coming weekend is our scheduled cluster-aware patching date. We also use Veeam . . .

      Looks like I might pause them until the MSFT and Veeam get their act together regarding the Oct ’23 CU for Server 2019 and 2022.

      Thank you!

      ~ Group "Weekend" ~

    • #2596668

      How does a “known-issue rollback” work?

      How Known Issue Rollback works for the end user
      When Microsoft decides to rollback a bug fix in an update because of a known issue, we make a configuration change in the cloud. Devices connected to Windows Update or Windows Update for Business are notified of this change and it takes effect with the next reboot.


    • #2596679

      I have wondered about this for a while:

      Every month before updating I run a system Image using Windows Backup & Restore (Windows 7).  At the end it always ask if I want to make a system repair disc.  Is there any reason to make a new sys repair disc every month?  How often should I make one?

      • #2597820

        Is there any reason to make a new sys repair disc every month?

        No.  You should test your current repair disk(s) to make sure they will boot your computer.

        How often should I make one?

        If your repair disk(s) are valid, creating more is not necessary.

        Win 10 home - 22H2
        Attitude is a choice...Choose wisely

        1 user thanked author for this post.
    • #2596706

      In the process of installing updates on a number of HP Windows 10 workstations and laptops.

      So far, no intermediate reboot.

      However, we had to disable the new ‘Search Highlights’ feature.

    • #2596713

      As happened with the September updates, The October updates (Susan gave a conditional go-ahead), My desktop icon text again has shadow font and once again I have tried all the ways that I can find through a google search. The “Visual Effects Performance Options” for drop shadows is unchecked, the registry HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced DWORD ListviewShadow is set to zero. I looked in group policy editor on the desktop, desktop and there is no longer a switch to disable the shadows.

      My solution again was to roll back the updates which resolved the font shadows issue.

      I did not receive any helpful suggestions to the last post so I am hoping someone can offer a true solution.

      I am out of update pauses (will happen November 1st).

      I am positioning myself to do a full rebuild of my “C” drive but would prefer not to do that.

      Again, any suggestions?

      • #2596720

        The “Visual Effects Performance Options” for drop shadows is unchecked

        In addition, uncheck the “Smooth edges of screen fonts,” which is two items above drop shadows. This smooth edges setting is actually the one that does the trick for this issue. It doesn’t seem like the drop shadows setting actually makes a difference.

        I did notice that despite eliminating the shadow, the icon text font quality is still poor. I also saw this on Edge tab text. Uninstalling the last CU fixes this issue. Many other with this problem have uninstalled the CU and are waiting for MS to hopefully address it in a future update.

        1 user thanked author for this post.
      • #2597030

        I also encountered this problem with the drop shadow on the icon captions.

        The only other option is to roll back the update.  Otherwise you will have to restore the backup. (or live with the drop shadow).  Maybe Microsoft will restore the option in the next update – who really knows?




    • #2596807

      Just finished updating my PC running Windows 11 Pro 22H2. Patches installed using WUMgr, the system required only one reboot after the patches finished installing. In particular, the following were installed:

      – KB5031354 – 2023-10 Cumulative update for Win11 22H2
      – KB5031323 – 2023-10 Cumulative .NET Framework update for Win11 22H2
      – KB890830 – MSRT update

      The system is now at build no. 22621.2428 and everything seems to be working correctly. No apparent changes to my Start menu and no trace of Copilot (but I’m in the EU so Copilot might have not shown up for that reason).

      On the other hand, I just realized that when I access the Settings window a new “Home” section (with annoying nagging to use a Microsoft Account) is shown by default rather then the “System” section. No idea if this is a change introduced with the October updates or something from earlier updates that I entirely missed. Looks pretty much useless btw: in addition to the (unnecessary) MS Account nag thing, this Home section offers access to screen customization settings, Bluetooth device settings and links to access some “Suggested settings”, i.e. stuff we can readily access from other tabs of the Settings window.

      • #2597276

        Now updated also my PC running Windows 10 Home 22H2. Patches installed using WUMgr, the system required only one reboot after the patches finished installing. In particular, the following were installed:

        – KB5031356 – 2023-10 Cumulative update for Win10 22H2
        – KB5032874 – .NET 6.0.24 Security Update (dated 24/10/2023)
        – KB890830 – MSRT update

        The system is now at build no. 19045.3570 and everything seems to be working correctly. I did have the search icon reset to a search box, but the system prompted me to confirm whether I wanted to keep that change or cancel and pressing “Cancel” brought back the search icon which was my setting.

        • This reply was modified 4 months, 1 week ago by Berserker79. Reason: Corrected the KB numbers
    • #2596771

      Looks like Microsoft put out an out-of-band Security Update for ,NET 6 & 7

      Latest Security Updates are ,NET 6.0.24 & .NET 7.0.13


      Might want to snag these before regular November Updates,

      1 user thanked author for this post.
    • #2596837

      Home user, just a few weeks behind the latest version of Win10 Pro this morning. I needed two reboots and just under 20 minutes to get up-to-date today at 6:30pm Eastern, which is a bit annoying but not out-of-norm, for either MS or Apple in monthly updates, in my experience. I’d rather it be done right than done fast.

      Then again, yes, Susan, M$ did re-introduce for me its Search window in the taskbar with this update, which I don’t want and have killed time and again. I do “love” it when a big corporation puts its own needs ahead of what its paying customers want.

    • #2596889

      Hmm. Again these multiple reboots are happening. I wonder, are people pushing the restart now button before the updates have finished installing again? Is your machine set to reboot automatically?

      1 user thanked author for this post.
      • #2596963

        Jim, every month my Windows 10 machine gets two or three Cumulative Updates which, due to their size, download and install at different speeds. Which means, more often than not, I’ll get more than one reboot message as each update completes, all of which I ignore, because the other updates are still downloading and installing. It isn’t until everything has been downloaded and installed that I finally hit the reboot button. Multiple downloads; one reboot.

    • #2596970

      No issues with this month’s patches on Win 10 or 11.  Single reboots.  Only negative thing I saw was Microsoft’s anti-consumer decision to re-enable the taskbar search box on Win 10.

    • #2596981

      Did two laptops so far, one 11th gen Intel & one 12th gen. Win 11 pro 22H2.

      Each initiated an intermediate reboot right after the black screen with spinner reached

      “You’re almost there…30%”

      As always, I was careful to let every component finish completely before giving it permission to restart. No problems noted on either post install.

    • #2597089

      Looong update for 356 tonight. A little more than 30 minutes from click update to desktop after install. Only one reboot. All seems fine. But slow. Seemed to stay on 22% and then 74% for long times.

    • #2597096

      In the September Master Patch List we we told to defer Office 2016 Patch Number 5002457 9/12/2023 but there is no mention of it in the current patch list. So is it okay to install it now or not?

      • #2597102

        Forgot to put this in the notes:

        Ensure you install both KB5002498 and KB5002457.  That should get you to where you don’t see the error message.

        Susan Bradley Patch Lady/Prudent patcher

        2 users thanked author for this post.
    • #2598119

      Just a quick question – the list of HP laptops and computers  affected by the need for a BIOS update is the final list? I have an HP Envy laptop – not on the list, so it isn’t affected?  I’ve installed each monthly update as it came along – no issues with booting.

      I really don’t want to mess around with a BIOS update if it isn’t needed, and just wanted to check to be sure that HP hasn’t added any models to that list.


      • #2598155


        Have you installed HP Support Assistant on your HP Envy laptop?

        If so, you can click on Updates and HP will advise you if you need a BIOS update.

        We use this approach on all of our workstations and laptops.

        1 user thanked author for this post.
    • #2598261

      Hi Kathy and thanks for this reminder! I do have the HP Support Assistant, but rarely have used it, so it was a good reminder for me! I did check and there are no updates showing, so I guess I am good to go with the October patches.

      Thanks for the help and great suggestion!


      1 user thanked author for this post.
    • #2598574

      This evening, 3 Desktop Win10 Pro 22H2 PC – Macrium backup – WUMGR Updates (Individual KB with restart as requested for each) – no issues.  NOTE for below – all these machines I always go back to WU and see what the screen pops as and it says you are Up to Date.

      One DELL Inspiron 15 Win11 Pro 22H2 AMD – second Month with major issues.

      Last Month – Added InControl – Had Target Feature set in Group Policy – Macrium backup – WUMGR Updates including 22H2 Feature Update (Individual KB with restart as requested) – check WU and “Up to date”.  Wanted to use CleanMgr to clean up leftover Feature Update remnants.  CleanMgr appeared to work properly.  Done, ready to Shut Down – system will not shutdown, stuck in restart loop.  Checked all power settings, researched online fixes (Some Dell owners with same issue after Updates).  Never could resolve, thought maybe too aggressive with Cleanmgr, MACRIUM restore to 21H2 and redid Feature Update and Sep Updates.  System cleared and restart loop cleared.

      Tonight – Macrium Backup – WUMGR individual with restarts – ready shutdown, back to restart loop – checked WU and all October Updates shown as not installed.

      This is work/school laptop so needed immediate fix, brought home and decided to let WU install what it wanted. WU did not indicate any “already installed” but the page cleared after restart but still in restart loop.  Opened WU one more time and no updates listed, still restart loop.  Tried one more Start Menu Shutdown and then one power button hold and system finally cleared.

      I think for this machine next month I’m going to just let WU run after hiding any KB marked in the Master Patch list in time for WU daily to register the hides before letting it update and see if it completes w/o the restart loop.


    • #2599780

      In windows 10 and 11, if there are problematic patches can the user prevent the installation of patches until the next period by selecting ‘Resume updates’ and then quickly pausing updates for up to 5 weeks?

    • #2600291

      In order skip the problematic Oct. updates, I implemented the RESUME UPDATES – PAUSE TO MAX TIME strategy on 3 Win10 Pro & 1 Win11 pro and it worked without a hitch. I did restore points  beforehand. In update settings I resumed updates, the pause button then shows available, hit pause several times and that’s it: Updates delayed till 12/9 by which time I hope Microsoft has fixed the issues.

    • #2600451

      Just updated. As always for me, 1 reboot. Everything seems normal, patching took a little while this time but nothing to unusual.

    • #2600809

      I am Win 10/Pro 22H2 on two PCs
      Downloaded and installed these October Tuesday patches, one by one: — no problems so far::
      1) KB5031356 CU from downloading to ‘Restart Now’ took 30 minutes. 2 cycles of 30% to 100% on the blue screen.
      2) KB5031244 .NET Framework 3.5, 4.8, and 4.8.1 – from downloading to ‘Restart Now’ took 1 minute- one cycle on the blue screen
      3) KB5022974 .NET 6.0.24 from downloading to ‘Restart Now’ took 1 minute- one cycle on the blue screen.
      4) MSRT version 5.118-downloading and install was instantaneous – no Restart

      sfc /verifyonly no integrity errors.

      Now at Build 10.0.19045.3570 and SSU 19045.3562

    Viewing 28 reply threads
    Reply To: MS-DEFCON 3: Should you patch? It depends.

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: