MS-DEFCON 4: Installing just the updates

Topic

New Reply

ISSUE 20.26.1 • 2023-06-27 By Susan Bradley If you recall, earlier this month Microsoft released an update that needed some additional steps — manuall
[See the full post at: MS-DEFCON 4: Installing just the updates]

Susan Bradley Patch Lady/Prudent patcher

10 users thanked author for this post.

The Surfing Pensioner, jburk07, LH, Microfix, Geo, DLivesInTexas, lmacri, abbodi86, Pim, Alex5723

Reply | Quote

Replies

This one is weird KB5021130: How to manage the Netlogon protocol changes related to CVE-2022-38023.

Read the whole article a couple of times and I don’t get it.

April 11, 2023 – Initial enforcement phase
The Windows updates released on or after April 11, 2023 will remove the ability to disable RPC sealing by setting value 0 to the RequireSeal registry subkey.

June 13, 2023 – Enforcement by Default
The RequireSeal registry subkey will be moved to Enforced mode unless Administrators explicitly configure to be under Compatibility mode. 

July 11, 2023 – Enforcement phase
The Windows updates released on July 11, 2023 will remove the ability to set value 1 to the RequireSeal registry subkey.

And then it says “the registry key RequireSeal is not added by the updates – you have to to it yourself.” So if I don’t create that key, nothing will be enforced??

Also, if I check the registry path, I notice a key RequireSignOrSeal, so what’s that doing?

Reply | Quote

Simon_Weel wrote:

So if I don’t create that key, nothing will be enforced?

Incorrect.

If you did nothing, RPC Sealing is already enforced:

Important Starting June 2023, Enforcement mode will be enabled on all Windows domain controllers and will block vulnerable connections from non-compliant devices.

June 13, 2023 – Enforcement by Default
…
Vulnerable connections from all clients including third-parties will be denied authentication.

Reply | Quote

Simon_Weel wrote:

So if I don’t create that key, nothing will be enforced??

Correct.
Because this is a change with immediate effect on a DC it must be done with care and planning.

cheers, Paul

Reply | Quote

this post is currently tagged as Plus members only – please make available to all

Reply | Quote

Yes, I made a post about this but it seems to have been deleted. Should this not be publicly available?

Reply | Quote

Fixed.  That said, please do consider becoming a member and donating.  If you get value from the alerts, then you value the site.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

The weekly Newsletters and the Alerts are paid content accessible to Plus+ Members only.
Along with donations, the funds keep AskWoody alive.
Please consider registering as a Plus+ Member.

Reply | Quote

The main page states that anyone can read that item which is consistent with Defcon alerts in the past.  Has something changed?

Reply | Quote

You are correct. Stand by.

Reply | Quote

Hang loose will fix.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

You talk about Microsoft wanting changes to registry keys for this update.  Unless someone reads the update info, how would someone even know about this?   The average user is just going to let their PC update and that’s it.

Reply | Quote

sheldon wrote:

The average user is just going to let their PC update and that’s it.

That’s all the average user needs to do. Susan said:

My position on this matter has been that I did not recommend taking the additional steps unless you knew that you or your firm was specifically being targeted. Microsoft’s notes indicated that it would be releasing a future update that would not require manual intervention

Reply | Quote

Hello Susan:

The free version of the Alert doesn’t seem to have link for it.  Not that I could find anyway.

Mark

Reply | Quote

Any comment on the .NET updates issues (see MS KB article) from this past Patch Tuesday? I assume anyone applying the June updates now will get the .NET patch referenced in that MS article.

Reply | Quote

I have applied the .NET OOB patchs to both Win8.1 and Win10 without problems.
Have not my Win11 yet, but will shortly.

3 users thanked author for this post.

jburk07, geekdom, Microfix

Reply | Quote

do realize that the .NET OOB updates are only available from the MS Update Catalog site and will not be offered thru WU (windows update) & WSUS (windows server update services), although for WSUS users, those OOB updates can be “imported” into WSUS

Reply | Quote

These .net’s are available from the Windows update.

https://devblogs.microsoft.com/dotnet/dotnet-framework-june-2023-security-and-quality-rollup/

“The Security and Quality Rollup is available via Windows Update, Windows Server Update Services, and Microsoft Update Catalog. The Security Only Update is available via Windows Server Update Services and Microsoft Update Catalog”

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

Coldheart9020

Reply | Quote

Thanks.

Reply | Quote

Again if you get value out of something, remember to help it grow.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Did not see any side effects on either 10 or 11’s- and I use QuickBooks based on .net.  You will see this more in self built business applications.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Just wanted to point out that Firefox is actually at 114.02 now.  The Master Patch list for June 27th says to update to 114.01.

Reply | Quote

I’ll be refreshing the list tonight as the optional windows updates just came out.  I’ll update the Firefox entry as well.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

No problems encountered with June patches via WU and catalog OoB on two 22H2 win 10 devices (x86 and x64). The ‘out of support’ Win8.1 x64 devices have had their patches and OoB patches with no adverse effects to the systems over the last couple of weeks.

Windows - commercial by definition and now function...

2 users thanked author for this post.

jburk07, geekdom

Reply | Quote

Guinea Pig Update (Moments, Moments, Moments)
Version and build after update: Win11Pro 22H2.22621.1928

WuMgr downloaded and installed:

• 2023-06 Cumulative Update Preview for Windows 11 Version 22H2 for x64-based Systems (KB5027303)

Installed without error and the system rebooted without error.
System rebooted twice during update.

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

2 users thanked author for this post.

Berserker79, fernlady

Reply | Quote

Just a heads up.

I installed the 2023-06 Cumulative Update Preview for Windows 11 Version 22H2 for x64-based Systems (KB5027303) today. No problems except I discovered it turned the snipping tool back on which I had turned off weeks ago.

Windows 11 Pro
Version 23H2
OS build 22631.5189

2 users thanked author for this post.

Berserker79, geekdom

Reply | Quote

(reposting more accurately under the June 2023 updates post here)

The June updates for Office 2013 seem to be missing from the latest (June 27th) updates list, which still lists the May updates.

I’ve received the updates below to install. I’ve checked for any possible alerts about them elsewhere on the net, but find nothing, so should I assume these are OK?

• KB5002414 — Security Update for Microsoft Excel 2013
• KB5002382 — Security Update for Microsoft Outlook 2013

Many thanks for any help on these.

1 user thanked author for this post.

KP

Reply | Quote

Susan Bradley wrote:

My apologies I could have sworn I updated that section.  When there are .NET updates they suck the lifeblood out of me.

I have not seen side effects from these updates:

Excel 2013	Description of the security update for Excel 2013: June 13, 2023 (KB5002414)
Outlook 2013	Description of the security update for Outlook 2013: June 13, 2023 (KB5002382)
Visio 2013	June 6, 2023, update for Visio 2013 (KB5002343)

For reference, Susan answered this at my first post under the initial June 2023 updates announcement.

Thank you again, Susan!

Reply | Quote

Just noticed there are updates for Office 2013 while it is EOS Apr 2023.

Reply | Quote

Office 2007 got extra 6 months past EOS, likewise Office 2010
Office 2013 would be the same, or less

2 users thanked author for this post.

KP, windbg

Reply | Quote

2016 office updates some of the KB#s are incorrect.

Reply | Quote

Up until recently, I was using Windows 7 with ESUs,  but I have recently bought a Windows 10 computer to replace it,  and I’m in the process of trying to figure out how to block the monthly updates until Susan Bradley gives the OK to go ahead and update for each month.  The computer is a Windows 10 Professional Edition with Version 22H2 and an ethernet connection.  I purchased Woody’s book “Windows 10 All-in-One for Dummies”,  and that book indicated that I could use a Metered Connection method to block the updates,  and so that’s what I tried for the month of June.  So the metered connection has been on until Susan changed the DEFCON to Level 4 on June 27,  at which time I turned the metered connection off.  However, when I looked at my update history today to see whether updates were installed as a result of turning the metered connection off,  I see that there weren’t’ any updates installed after turning the metered  connection off,  but there was an update installed back on June 20,   namely security update KB5027215,  and there were also a couple of .NET Framework updates installed on June 17 and June 20 .  I was surprised by this because the book says the “…the metered connection setting guards against just about any patches except Microsoft Defender updates….”.   So I have a few questions:  (1) Why didn’t the Metered Connection setting prevent the updates that occurred on June 20 and June 17?     (2) It appears like I might need to supplement the metered connection method by also using the “Pause Updates”  method.  Is that correct?     (3)  Should I also be  disabling the Office updates for Office 2021 until such time as Susan gives the go-ahead each month for the Windows Operating System?  Or is the go-ahead for Office on a different schedule from the Windows Operating system?

I will appreciate any advice you can provide.

Reply | Quote

Just my two cents, until/unless someone of the more experienced users on the forum can provide better/more complete answers:

(1) My experience from when I was relying only on turning on the “Metered connection” setting to prevent updates is that WU will ignore that you are on a (supposedly) metered connection and still download certain updates. I can thus assume that KB5027215 and those .NET Framework updates are installed regardless that you have set your connection as metered. I seem to remember that also the periodical re-release of KB4023057 can bypass metered connections.

(2) Yes, if you want to avoid updates until you are ready to install them one solution is to use the “Pause Updates” method. However, keep in mind that when the pause period ends (or you hit the “Resume Updates” button), WU will download and install all pending updates, including those you might wish to avoid (if any).

(3) I don’t recall the approval for Office updates being on a different schedule than Windows updates. However, sometimes non-security updates for Office are released before the next Patch Tuesday and those are not included in the go-ahead to install updates from the previous Patch Tuesday. Also, I don’t have Office 2021, but assuming its updates work the same as Office 2013 updates, then you should not need to separately disable updates in Office 2021. I never had Office 2013 updates install behind my back with a metered connection and using “Pause Updates” also prevents Office 2013 updates. However, Office 2021 might be a different beast in this respect.

BTW, in case it is helpful, I stopped using metered connection and Pause Updates entirely and now I only use WUMgr to handle the updates process on both W10 and W11. I have set WUMgr to block automatic Windows Updates, which prevents any updates (except Defender updates) from downloading and installing automatically. When we have the go-ahead to install updates, I let WUMgr download and install only the updates I really wish to install and hide anything I do not want (e.g. KB4023057).

1 user thanked author for this post.

L95

Reply | Quote

Berserker79 wrote:

Also, I don’t have Office 2021, but assuming its updates work the same as Office 2013 updates, then you should not need to separately disable updates in Office 2021. I never had Office 2013 updates install behind my back with a metered connection and using “Pause Updates” also prevents Office 2013 updates. However, Office 2021 might be a different beast in this respect.

It is different. Click-to-run updates are not via Windows Update:

How to disable updates for Microsoft Office apps on Windows 10 & 11

(But the master patch list always says “install” for these, not defer.)

2 users thanked author for this post.

L95, Berserker79

Reply | Quote

Thanks for the clarification b. I don’t have experience with Office 2021 and did not know it is updated via Click-to-run updates rather than Windows Update. If those updates are always listed as “install” in the Master Patch list, is it correct to say that the answer to L95’s question (3) is that there is no need to disable updates for Office 2021?

1 user thanked author for this post.

L95

Reply | Quote

Yes.

1 user thanked author for this post.

L95

Reply | Quote

See AKB2000016 for information on how to control updates in Win10 Pro using wushowhide.diagcab and Group Policy. There are screenshots at the bottom showing the location of the settings.

1 user thanked author for this post.

Coldheart9020

Reply | Quote

The Patch Listing as of 28/06/2023, 04:51:19 has two Win 10 entries for KB5027215 and both reference the same versions 22H2/ 21H2.  The first says Defer – Preview patch, the second says Install.  Am I missing something?  Thanks.

Reply | Quote

Try it now?

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Great! Thanks Susan, removes my confusion (easily confused!). Much appreciated, as always.

Reply | Quote

Installed without issue the June updates on my Windows 10 Home 22H2 PC. Still need to update the Windows 11 Pro 22H2 machine and will update this post once done.

2 users thanked author for this post.

MrToad28, jburk07

Reply | Quote

June updates installed successfully also on my Windows 11 Pro 22H2 machine.

2 users thanked author for this post.

MrToad28, geekdom

Reply | Quote

Made a full disk image in Macrium Reflect, then installed this month’s updates. I had the same experiences as seen reported in this thread, insofar as the 2023-06 .NET Framework CU (KB5027538) prompted a restart before the June CU (KB5027215) had finished installing. Then, once both had completed the ‘Cleaning up’ phase took a few minutes to complete – again, as I’ve seen reported in this thread. However, I then signed in as normal and have faced no apparent issues since.

Running sfc /verifyonly did find some integrity violations which were easily rectified with the /scannow switch and a reboot immediately afterwards. In the clear, it would seem.

2 users thanked author for this post.

geekdom, jburk07

Reply | Quote

Hello Susan,  A question regarding the Master patch list for Windows 11 22h2.  The master patch list shows:

Version 22H2 5027303 6/27/2023 Defer Install IF you have 22H2 Cumulative update Preview patch  – do not install

This entry shows defer install but if you have 22h2 then install then it states Preview patch Do not install.  It is a bit confusing as to what one should do.  The write up states: “Co> preview releases and will make it into the July patch releases.”  So should I install the  preview or wait for the July releases?  Thanks very much for providing the information and  expertise.

Reply | Quote

It’s a preview; wait for July.

(Unless you need one of its 28 obscure fixes.)

Reply | Quote

Hello Everyone:

Perhaps I am in the wrong forum, and I know that I am jumping ahead, but July 11 isn’t too far away.  I wonder if InControl will protect my computer from the Moments 3 update of Windows 11?

Please tell me if you know.  If InControl doesn’t, what will?  Thanks.

Mark

 

Reply | Quote

InControl does not control individual updates. It controls version updates (Win10 -> Win11) and feature updates (like 21H2 -> 22H2).
So far, “Moments” aren’t really controllable.

1 user thanked author for this post.

Mark

Reply | Quote

Are you sure?  From what I read on Ghacks, Moment 3 seems like a mini feature release.

Mark

Reply | Quote

Moments are not feature releases.

Reply | Quote

OK, thanks.  I am not familiar with the terminology or the differences between different updates.

Mark

 

Reply | Quote

Pro or Home?  And honestly in my testing I haven’t found the “gate” that Microsoft provides to hold back much.  Fortunately most of the “moments” have been either minor or ‘eh’ sort of things.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Sorry, I should have mentioned Windows 11 Pro.  Thanks.

How can I block it?

Mark

 

Reply | Quote

Look for this in group policy

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

Mark

Reply | Quote

Thanks, Susan.

I will try it when I am on Windows.  I am on Ubuntu now.  I have Ubuntu Pro and updates go smoothly with Pro.

It will be the first time I use Group Policy.

Mark

 

Reply | Quote

Excuse me Susan-I need you to debunk something regarding the update ending in 31? Should you skip the install if it effects the chrome browser since there’s a note about not installing the feature update?

Reply | Quote

Installed the June updates (CU KB5027215 and .NET KB5027797 and KB5027538) today on our Windows 10 Pro laptop without a problem. Winver is now 19045.3086. Thanks to everyone here for all the information.

Linux Mint Cinnamon 21.1
Group A:
Win 10 Pro x64 v22H2 Ivy Bridge, dual boot with Linux
Win l0 Pro x64 v22H2 Haswell, dual boot with Linux
Win7 Pro x64 SP1 Haswell, 0patch Pro, dual boot with Linux,offline
Win7 Home Premium x64 SP1 Ivy Bridge, 0patch Pro,offline

3 users thanked author for this post.

Coldheart9020, MrToad28, geekdom

Reply | Quote

Another batch of .NET Framework OOB updates:
June 29, 2023-KB5029008 Update for .NET Framework 3.5 for Windows 11, version 22H2
June 29, 2023-KB5029007 Update for .NET Framework 3.5 for Windows 11, version 21H2
June 29, 2023-KB5029006 Update for .NET Framework 3.5 for Windows 10, version 22H2/21H2
June 29, 2023-KB5029009 Update for .NET Framework 3.5 for Windows 10, version 1809 / Server 2019
June 29, 2023-KB5028919 Update for .NET Framework 3.5 for Windows Server 2022

3 users thanked author for this post.

Microfix, geekdom, PKCano

Reply | Quote

Addresses an issue where .NET framework 3.5 scenarios might crash during startup whenever an instrumenting profiler is active.

Ref: https://support.microsoft.com/en-us/topic/june-29-2023-kb5029006-update-for-net-framework-3-5-for-windows-10-version-21h2-and-windows-10-version-22h2-9a088bde-6973-4e71-a04b-d4bcb82d6c22

Windows - commercial by definition and now function...

Reply | Quote

I get a stubborn ERROR 0x800f0831 with this month’s update (KB5027215). My first update problem in a very long time, believe it or not.

Tried everything I could find:

https://learn.microsoft.com/en-us/troubleshoot/windows-client/deployment/additional-resources-for-windows-update#reset-windows-update-components-manually

https://learn.microsoft.com/en-us/troubleshoot/mem/configmgr/update-management/error-0x800f0831-installing-update

Manually downloaded from catalog.update

 

Windows 10 22H2 (OS Build 19045.2965)

 

Reply | Quote

Restart before attempting the install.
Run these from an admin Command Prompt:
sfc /scannow
dism /Online /Cleanup-Image /RestoreHealth

Try again.

cheers, Paul

1 user thanked author for this post.

Perq

Reply | Quote

It may not work, but you could try Settings -> System -> Troubleshoot -> Other Troubleshooters -> Windows Update.

Mark

 

Reply | Quote

PKCano wrote:

InControl does not control individual updates. It controls version updates (Win10 -> Win11) and feature updates (like 21H2 -> 22H2).
So far, “Moments” aren’t really controllable.

Someone should invent a Moment Killer.😄

Mark

1 user thanked author for this post.

PKCano

Reply | Quote

22H2 Win 10 Pro desktop, ethernet/ Lan only. (Preface: June 10th, I  did inplace repair install. Went well, sfc/dism clean and operating). Use winshowhide & TRV.

Today in prep for June updates, checked past weekly recent restore points-all gone?

Ran sfc scannow & dism (no errors). Did Macrium b/up, double verified-no errors.

Proceeded with unhiding and installing June updates CU, .Net as per patch page. Took 30 min. Ignored the .Net ‘restart’ prompt to wait for CU to install.

Post restart, ran sfc=100 errors. (Sfc logs show none). Restart. Ran  Dism found no errors, yet the dism log shows a-plenty of fixes. Restart.

Have yet to check all stgs, will report if anything untoward. Thought I’d post as others were having issues with lost restore pts. Only other anomaly was Edge update today did very odd things to Ublock Origin extension (faint red dotted lines & wouldn’t update filters. Restart rectified, thus reinstall not nec.) Note: I only use this PC/Edge for this site-this is no longer my daily device. Not many programs on here, count on one hand.

Reply | Quote

I know they are defcon 4 here now, but would you all say this update is safe? I am hearing a lot of strange tings about this one. I can point to no common error but many seems to have their pc messed up really bad. Better to wait and install after the 11th?

Reply | Quote

Not seeing any bad stuff reported here and my two boxes updated fine.

Waiting until the 11th puts you into July update territory. I’d make an image backup and then update.

cheers, Paul

Reply | Quote

I report here my anomalies, ‘edge cases’ aka not the norm. For Susan to track. The numerous followers at AW that have success don’t always post. I would surely update with June’s (as Paul said, with a backup if possible). Don’t hold off, it can only get….? 🙃 Post if you encounter a problem, the crew here will help you.

PS the lost restore pts occurred when I went online today pre updating. Held since.

Reply | Quote

Thank you Paul and Deo for clarification.

Reply | Quote

Updated 3 Win 10 pro & one Win 11 pro without incident.

1 user thanked author for this post.

geekdom

Reply | Quote

I installed the following updates on 3 Win 10 Pro systems last week:

2023-06 Cumulative Update for .NET 3.5, 4.8 and 4.8.1   KB5027538

2023-06 Cumulative Update for Win 10 22H2 x64   KB5027215  (Build 19045.3086)

Windows Malicious Software Removal Tool x64 – v5.114   KB890830

No problems have been noticed.

1 user thanked author for this post.

geekdom

Reply | Quote

Updated 2 W10 Pro and 1 W10 Home over the weekend each with the Monthly Rollup (KB5027215), .NET 3.5, 4.8, and 4.8.1 (KB5027538), and the MSRT. I did not install any of the .NET out of band patches.

All is well, although took about 20% longer than usual.

1 user thanked author for this post.

geekdom

Reply | Quote

FYI

.NET 6.0.19 (KB5028613) June 22, 2023
labelled Critical Updates as oppose to Security Update for .NET 6.0.18

https://www.catalog.update.microsoft.com/Search.aspx?q=.net%206.0

1 user thanked author for this post.

geekdom

Reply | Quote

Question! Is it safe to install update
KB5027231?

Reply | Quote

Assuming you are on W11 22H2, yes.

The detail is in the Master Patch List
https://www.askwoody.com/patch-list-master/

cheers, Paul

Reply | Quote

But, from what I heard, after people install that update they’ve been having trouble opening or installing Google Chrome. Plus, according to the master patch list:

https://www.askwoody.com/forums/search/KB5027231/

So that’s why I asked. I use Google Chrome as my browser and, if I install the update, I might lose access to my Chrome.

Reply | Quote

Master Patch List says “Install”.

Reply | Quote

If Chrome is your default install it.

I only say issues opening Chrome when it WASN’T default.

Install the June updates.

BTW I never have just one  browser. Always plan on having more than one.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

magigreen1 wrote:

I use Google Chrome as my browser and, if I install the update, I might lose access to my Chrome.

Not if Chrome is the default browser. If it isn’t make Chrome default.

Reply | Quote

I think Chrome is my default browser. I mean, I use it every day and made it my prime browser.

Also, if you saw my attachment, there is a note by the update number regarding not installing the feature update and I saw posts on how it effects Chrome browser users.

Reply | Quote

The feature update referred to is 11/22H2, so the comment is now outdated.

Reply | Quote

So it’s safe to install the cumulative update, but what about Chrome? Like I said, I haven’t installed it yet because people had issues trying to open Chrome.

Reply | Quote

Can someone explain what’s going on with the June cumulative update? Is it safe to install? Do I have to set Chrome to my default browser before installing the update and is the conflict only when Malwarebytes conflicts with Chrome because I don’t have Nalwarebytes on my PC?

I’m a little confused and need some clarification on this before Sunday.

Reply | Quote

You need to install June updates which are safe before July 11.
Chrome isn’t a problem

Reply | Quote

Okay So once I install the updates, even the June cumulative, nothing will happen to Chrome right? I didn’t set it as default browser and I don’t have Malwarebytes on my computer so I should be okay to install without any issues right? Just want to make absolutely sure.

Reply | Quote

As pointed out in the original link to this problem and all those posts your search found, it only effects Chrome if you’re using certain 3rd party anti-virus S/W (primarily Malwarebytes) and the “temporary” work-around was to make Chrome your default browser.

Malwarebytes, and other 3rd party anti-virus providers, have issued updates since this problem first appeared that fixed the problem without having to change anything about how Chrome works.

So, if your anti-virus product is “up-to-date“, you should be good-to-go.

Of course, as always, it’s your call whether to install an update or not.

1 user thanked author for this post.

b

Reply | Quote

So I should maybe apply making chrome my default browser just in case?

Reply | Quote

You need to make an image backup and install the updates.
If Chrome is not happy after the update you can either re-install it or restore the backup.

cheers, Paul

Reply | Quote

Or maybe I can skip the cumulative update just to be safe?

Reply | Quote

To install, or not to install, that is the question.

We’ve provided you with more than enough info to make an “informed” choice so please, make YOUR decision!!

2 users thanked author for this post.

b, SueW

Reply | Quote

A bunch of out-of-band .NET updates were released on July 5th for older .NET versions like 3.5/3.51 and 2.0/3.0 for Server 2008 SP2.

https://support.microsoft.com/help/5028920

Only install if experiencing this specific issue; otherwise it’s not necessary to download & install these out-of-band .net updates.

Reply | Quote