News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • MS-DEFCON 4: It’s time to get the June Windows and Office patches installed

    Home Forums AskWoody blog MS-DEFCON 4: It’s time to get the June Windows and Office patches installed

    This topic contains 112 replies, has 41 voices, and was last updated by

     Tex265 6 days, 6 hours ago.

    • Author
      Posts
    • #1866825 Reply

      woody
      Da Boss

      There are a few nuances — if you run an iSCSI array, or have custom views in Event Viewer, there are some potential conflicts. But for most people, n
      [See the full post at: MS-DEFCON 4: It’s time to get the June Windows and Office patches installed]

    • #1867036 Reply

      honx
      AskWoody Lounger

      installed group b patches on both computers (kb4508772 – win7, kb4508773 – win8.1, kb4508646 – ie). funny fact: kb4508772 only shows “update for windows” in update log. NOT “security update”, same for kb4508773.  ie kb4508646 identifies as “security update” on win7, but only as “update” on win8.1 notebook. 😀

      after reboot i installed the only one available security update for word 2010 (kb4461619) this month, it was “important” and checked. and like every month i also installed msrt, defender, flash player update (win8.1).

      of course i did NOT install that update for microsoft filter pack 2.0 (kb3114879) yet. i wait until july patches to be installed. on windows 7 machine filter pack update was “important” but not checked. on windows 8.1 it was “important” AND checked, so i unchecked it.

      the second non-security update for office 2010 (kb3114397) wasn’t offered to me, not on win7, also not on win8.1. so i could not install it, even if i wanted to. 😀

      PC: Windows 7 Ultimate, 64bit, Group B
      Notebook: Windows 8.1, 64bit, Group B

      2 users thanked author for this post.
      • #1868093 Reply

        abbodi86
        AskWoody_MVP

        KB3114397 is only ment for east asia languages IME (janpan, china, korea)

    • #1867038 Reply

      Alex5723
      AskWoody Plus

      Remember Microsoft advised users to use Restore Points after admitting deprecation of auto Registry Backups https://support.microsoft.com/en-us/help/4509719/the-system-registry-is-no-longer-backed-up-to-the-regback-folder-start ? Windows doesn’t create a restore point before a major CU .
      Create your own manually.

      • This reply was modified 1 week, 5 days ago by
         Alex5723.
      3 users thanked author for this post.
      • #1867059 Reply

        rc primak
        AskWoody_MVP

        My sequence is to run third party updates, then create a restore point, then run MS Updates. Also, you can enable automatic Registry Backups, but you have to edit the Windows Registry to do so.

        If drivers are updated, the Driver Store File Repository should also be backed up before MS Updates gets a chance to change any drivers.

        -- rc primak

      • #1868771 Reply

        GoneToPlaid
        AskWoody Plus

        That is a major “heads up” for Win10 users. Restoring the old auto behavior sounds like a good way to go.

        1 user thanked author for this post.
    • #1867047 Reply

      fernlady
      AskWoody Lounger

      Installed kb4503292 and kb890830. All went A-Ok.

      Windows 7 Home Premium x64 AMD Group A Realtek PCLe GBE Family Controller

      4 users thanked author for this post.
      • #1867365 Reply

        OldBiddy
        AskWoody Lounger

        Yes, I also updated with these two updates and it seems to have gone ok. Haven’t kept too close tabs on the forums recently, but it seems that we have to do something extra before the July updates can be installed. There’s so much content and advice here that it’s hard to keep up!

        1 user thanked author for this post.
        • #1870822 Reply

          Lars220
          AskWoody Lounger

          but it seems that we have to do something extra before the July updates can be installed.

          Yes, thanks go to PKCano Da Boss who is extemely helpful, and has info about this:

          “will be required to have SHA-2 code signing support installed on their devices by July 2019.”

          MS-DEFCON 2: Make sure Windows Update is de-fanged. Patch Tuesday’s tomorrow.

          #1831967     Read this post number – #post-1831967

          KB4041681/KB4041678

          #1858587    Read this post number – #post-1858587

          Thank you PKCano for all you do!

          Edited by Lars220 because the automatic link only went to the beginning of the topic and not to the specfic post by PKCano that I wanted to be seen. Please stop changing the link to only text, and leave the full url address showing so that people can read the info and see what post # is being referred to.  Thank you.

          • This reply was modified 1 week, 1 day ago by
             Lars220. Reason: edit for more info
          1 user thanked author for this post.
          • #1871055 Reply

            OldBiddy
            AskWoody Lounger

            @lars220 thanks very much for the helpful pointers and reminders. And of course to PKCano and everyone else here who work hard to help Windows users. Their efforts in no small measure ensure that Windows environments stay secure and up to date everywhere. Very grateful!

            1 user thanked author for this post.
    • #1867060 Reply

      rc primak
      AskWoody_MVP

      The Event Viewer Bug also may affect Automatic Maintenance. So, head over to the MS Updates Catalog and get the non-MS Updates patch which corrects the issue. Once this patch is manually applied, at least for Version 1809, things get back to normal. Checking for driver events in the Device Manager is also wrecked if Custom Views are munged.

      -- rc primak

      3 users thanked author for this post.
      • #1867097 Reply

        CADesertRat
        AskWoody Plus

        For 1809, I assume you mean KB 4501371 which has a ton of fixes.

        Don't take yourself so seriously, no one else does 🙂
        4 Win 10 Pro currently 1809 (3 Desktops, 1 Laptop).

        2 users thanked author for this post.
    • #1867072 Reply

      anonymous

      If in Group B for Win 7, for security-only updates should we install both KB 4503269 and KB 4508772  for June’s security-only updates, or just (only) KB 4508772?  And for IE updates, should we install both KB 4503259 and KB 4508646, or just KB 4508646?  Thanks in advance for clarifying.

      • #1867084 Reply

        PKCano
        Da Boss

        The MS pages for KB4508772 say:

        This update for Windows 7 SP1 and Windows Server 2008 R2 SP1 includes the quality improvements from KB4503269 (released June 11, 2019), in addition to these key changes:

        • Addresses an issue that may display the error, “MMC has detected an error in a snap-in and will unload it.” when you try to expand, view, or create Custom Views in Event Viewer. Additionally, the application may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs.

        The IE11 updates are CUMULATIVE, so you only need the latest one.

        3 users thanked author for this post.
        • #1867391 Reply

          anonymous

          Thanks, PK.  So reading this quote you thankfully included, appears that only KB 4508772 needs to be installed (aside from the IE update)?

          • #1868645 Reply

            Charlie
            AskWoody Plus

            We run into this snafu almost every month.  Is it four updates, or is it two.  If it’s two, then why are there still four listed in the Group B list (Topic 2000003)?  I’m still not absolutely positive what to do.

            Win 7 Home Premium, x64, Intel i3-2120 3.3GHz, Groups B & L

            • #1868784 Reply

              PKCano
              Da Boss

              This is the very reason Woody continues to say:

              If you’re very concerned about Microsoft’s snooping on you and want to install just security patches, realize that the privacy path’s getting more difficult. The old “Group B” — security patches only — isn’t dead, but it’s no longer within the grasp of typical Windows customers.

              We follow Microsoft’s information. If you don’t understand what needs to be done, in what sequence, you should not be using Group B methods. Sooner or later you may have a problem, and it won’t be the fault of AskWoody or the advice you got here you didn’t understand.

              3 users thanked author for this post.
            • #1868831 Reply

              Bob99
              AskWoody Lounger

              For those in Group B, as your signature says you are, there are four patches for this month, two of which are patches for patches:

              KB4503269, which is the initial security-only patch for Windows 7 for June, released back on June 11th.

              KB4503259, which is the initial IE11 cumulative security update for June, released on June 11th

              KB4508646 fixes errors within IE 11’s handling of files with SVG (scalable vector graphics markers) that was introduced by a prior patch for IE11. Install this if you have the stated problem.

              KB4508772 fixes a bug that may come up within the Windows Event Viewer if you have any custom filters established within the Event Viewer to view any particular event types within the viewer without looking at all of them. This bug was introduced by a prior patch. Per instructions elsewhere on this site about the cumulative nature of IE patches, this one supersedes the one issued on June 11th.

              So, that’s why four patches are listed for the month of June. That’s also why there are more than two patches listed for May…some of the ones listed are patches for patches.

              • This reply was modified 1 week, 4 days ago by
                 Bob99. Reason: Added clarity regarding KB4508772
              2 users thanked author for this post.
            • #1869117 Reply

              Bob99
              AskWoody Lounger

              Ok folks, stop the presses. I was mistaken above when I said that KB4508772 was a patch for IE11:

              Per instructions elsewhere on this site about the cumulative nature of IE patches, this one supersedes the one issued on June 11th.

              KB4508772 is a patch for the security-only patch (KB4503269) for Windows 7, NOT for IE11.

              My humble and sincerest apologies to anyone who was confused by the misstatement in my prior posting.

              This post is due to not being able to edit my post just above this one by the time I realized the error of my posting.

              2 users thanked author for this post.
            • #1869207 Reply

              byteme
              AskWoody Plus

              The two later msu’s are not patches of the earlier pair. They replace them.

              Anyone who installs all four is doing two unnecessary installs.

              And PKCano addressed that early in this thread, and anyone who wants any further confirmation can just check out the sizes of the msu files.

              1 user thanked author for this post.
            • #1869603 Reply

              Charlie
              AskWoody Plus

              Thank you so very much.  That’s all I needed to know.  It’s not a big deal and/or beyond my ability to understand.  Just a simple yes or no answer to this question would have sufficed.

              All four updates or just two.

              Win 7 Home Premium, x64, Intel i3-2120 3.3GHz, Groups B & L

            • #1870432 Reply

              TonyC
              AskWoody Lounger

              The two later msu’s are not patches of the earlier pair. They replace them.

              … and yet the documentation for KB4508772 clearly states “This update doesn’t replace a previously released update.”! Furthermore, Topic 2000003 adds to the confusion by not stating that KB4508772 replaces KB4503269, whereas some other updates listed in that topic are stated as replacing earlier ones. You can’t blame people for noticing these inconsistencies and querying them.

              In my opinion, the root cause of this confusion is the poor quality of Microsoft documentation. What would it cost Microsoft to be more explicit and clear in their documentation for KB4508772 by stating something like, “You can install KB4508772 without having previously installed KB4503269. You then don’t need to install KB4503269.” (… assuming the statement is true, of course!)?

              (I posted this originally at the end of the topic by mistake. If somebody could delete post #1870417, I would be grateful. Thank you.)

              2 users thanked author for this post.
            • #1870496 Reply

              Charlie
              AskWoody Plus

              Thank you Tony!  You said what I was thinking to say but didn’t want to keep going on and on. I’ve thought for many years that Microsoft’s “explanations” of things are often very confusing.

              🙂

              Win 7 Home Premium, x64, Intel i3-2120 3.3GHz, Groups B & L

            • #1870670 Reply

              byteme
              AskWoody Plus

              Just in case it helps reassure anyone, I will specifically note that the first-round June Win7 security-only update (4503269) is 80MB, and that’s twice as large as usual. And the second-round update (4508772) is 81MB, and it is inconceivable to me that that 81MB of lovingly-compiled MSFT code is just spent patching the problems with the first-round (80MB) file.

    • #1867114 Reply

      anonymous

      I have written here previously (and most comprehensively in https://www.askwoody.com/forums/topic/we-continue-at-ms-defcon-1-dont-install-any-of-the-july-patches/#post-209829 ) about W8.1 file explorer problems which reappear following (security only) updates every few months.

      These reappeared again following the July 2019 update. I was unable to drag and drop a file between folders. Windows claimed it could not “find” the file even though it was displaying it in an explorer window showing the source folder.

      As usual I fixed the problem by deleting the 2 Registry sub-keys:

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6365D5A7-0F0D-45E5-87F6-0DA56B6A4F7D}]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444B-8957-A3773F02200E}]

      and then restarting the PC. (The background to this fix is described at the link above 🙂 )

      I updated two 64 bit W8.1. PCs a few days ago and I have seen no other problems with the July updates. (I no longer have W8.1 running on my older 32 bit PC so I do not know if it would have had the same problem.) I have seen no problems with the W7 updates.

      HTH. Garbo.

       

    • #1867211 Reply

      davinci953
      AskWoody Plus

      What are your thoughts on installing KB4465065: Intel microcode updates? My processor isn’t listed in the processor list, so I have it hidden for now.

      • #1867252 Reply

        PKCano
        Da Boss

        I have not installed any of the Intel microcode patches. At present, there is no exploit in the wild to require I do so.

        1 user thanked author for this post.
        • #1867351 Reply

          Seff
          AskWoody Plus

          Agreed, plus the Knowledge Base article from Microsoft carries this advice:-

          Important Install this update for the listed processors only”

          If your processor isn’t on the list then this update does not apply to you, irrespective of the wisdom or otherwise of installing third party updates through Windows Updates.

          • This reply was modified 1 week, 5 days ago by
             Seff.
    • #1867366 Reply

      dgreen
      AskWoody Lounger

      Reporting In installing June Updates

      KB4503292 (roll up) installed smoothly.
      The only little hiccup was when my computer restarted,
      and the “windows” logo screen came up and stayed for longer then usual.
      finally my log in page appeared.
      All is fine!

      That’s the only update I had except the MSRT.
      I have not installed MSRT since January.

      takes a deep breath

      Dell Inspiron 660 (new hard drive installed and Windows 7 reloaded Nov. 2017)
      Windows 7 Home Premium 64 bit SP 1 GROUP A
      Processor: Intel i3-3240 (ivy bridge 3rd generation)
      chipset Intel (R) 7 series/C216
      chipset family SATA AHCI Controller -1 E02
      NIC Realtek PCLE GBE Family Controller
      MSE antivirus
      Chrome browser
      DSL via ethanet (landline)

       

      5 users thanked author for this post.
    • #1867386 Reply

      anonymous

      Windows 7 SP1 64bit, with Broadcom network card. Group B.

      Installed one May and all June’s updates; IE KB4505050 (from late MAY), KB4503259, KB4508646, SO KB4503269, KB4508772 and MSRT today.

      From the catalog; Installed IE KB4505050 1st, KB4503259 2nd, KB4508646 3rd, SO KB4503269 4th, KB4508772 5th, and MSRT (from WU) last.

      Installed one at a time. Rebooted in between each update letting it sit 1 or 2 minutes after update was installed.

      No network issues. No oddities – but, IE after KB4508646 seemed sluggish for a while and a slow 1st boot after SO KB4503269 update.

      Rebooted 3 times and let it sit for several minutes. (15 min.)

      I did notice MSCORSVW of .net run for a few minutes. It seems a .NET 2.0 minor file update had happened from what I saw.

      I would recommend people on the last reboot to go to the desktop and let it sit 45 to 60 minutes to Process Idle Tasks, let the trusted installer (as per PKCano) do its thing and that short run of MSCORSVW .net get done.

      If others here are interested, one can run the MSCORSVW .net image compiler (NGEN) manually. (I do).
      http://blogs.msdn.com/b/dotnet/archive/2013/08/06/wondering-why-mscorsvw-exe-has-high-cpu-usage-you-can-speed-it-up.aspx

      You can force the Idle Tasks if you want by the administrative command prompt: rundll32 advapi32.dll,ProcessIdleTasks

      You can enter that then walk away for 15 to 20 minutes. If the drive light is still on, it is still running, walk away again. Do not allow the computer to go to sleep. Reset the Power Options to 1 hour sleep if needed. Laptops make sure you are on AC power not battery!

      Thanks to all here.

      3 users thanked author for this post.
    • #1867538 Reply

      T
      AskWoody Plus

      From the article…

      May had a hair-raising threat from a worm that still hasn’t emerged, but if you’re using Windows 7, 8.1, XP, Vista, or one of the Server variants and skipped the May patches, you need to drop everything and get the May or June patches installed. BlueKeep is coming. Those of you who blocked a specific port to keep BlueKeep at bay may be in for a nasty surprise.

      I’m curious what this means since it’s not actually addressed in the article, particularly the bit i emphasised. Why are those of us who blocked the port in for a nasty surprise?

      • #1867947 Reply

        Alex5723
        AskWoody Plus

        From the article…

        May had a hair-raising threat from a worm that still hasn’t emerged, but if you’re using Windows 7, 8.1, XP, Vista, or one of the Server variants and skipped the May patches, you need to drop everything and get the May or June patches installed. BlueKeep is coming. Those of you who blocked a specific port to keep BlueKeep at bay may be in for a nasty surprise.

        I’m curious what this means since it’s not actually addressed in the article, particularly the bit i emphasised. Why are those of us who blocked the port in for a nasty surprise?

        RDP BlueKeep exploit shows why you really, really need to patch

        RDP BlueKeep exploit shows why you really, really need to patch

        • #1868422 Reply

          T
          AskWoody Plus

          Yes, I know. I’m well aware of the vulnerability and how potentially serious it is but there’s still no confirmation on whether disabling RDP and/or blocking the port in firewall will stop this exploit. My point is that the intro to woody’s article is suggesting that even if you block the port you’re still vulnerable but it’s not addressed in the main body of the article.

          • #1868521 Reply

            Alex5723
            AskWoody Plus

            Yes, I know. I’m well aware of the vulnerability and how potentially serious it is but there’s still no confirmation on whether disabling RDP and/or blocking the port in firewall will stop this exploit. My point is that the intro to woody’s article is suggesting that even if you block the port you’re still vulnerable but it’s not addressed in the main body of the article.

            Sophos says: Patch & close ports

            So please, if you haven’t already updated your Windows computers, do so right now. We feel it’s only a matter of time before someone weaponizes this, and the best defense you might have is that patch.

            In addition, please close any firewalls that expose RDP (no matter what port it is running on, though its default is 3389/tcp) to the open internet

        • #1868520 Reply

          Sessh
          AskWoody Lounger

          ..or you can just uninstall RDP (KB925876) entirely and be done with it.

          • #1868615 Reply

            b
            AskWoody Plus

            I think that’s just the client, not host; and only for WinXP, not Win7 SP1.

            Knuckle dragger Cannon fodder Chump Daft glutton Idiot Crazy/Ignorant Toxic drinker Blockhead Unwashed mass Seeker/Sucker "Ancient/Obsolete" (Group ASAP) Win10 v.1903

            • #1869692 Reply

              Sessh
              AskWoody Lounger

              Partially true. It will work on Windows 7 if there’s no SP1. I didn’t realize that, thanks.

              I will experiment with deleting/renaming remotepg.dll which would make it impossible for any remote services to run and any related exploits would be made null.

              Apparently, you can delete services from an elevated command prompt such as:

              sc delete SessionEnv

              ..would delete the Remote Desktop Configuration service.

              It used to be possible to remove Remote services entirely, so they must not be an important part of the OS. I know I never use them and never will use them nor does anything depend on their existence.

    • #1867560 Reply

      davinci953
      AskWoody Plus

      Agreed, plus the Knowledge Base article from Microsoft carries this advice:-

      Important Install this update for the listed processors only”

      If your processor isn’t on the list then this update does not apply to you, irrespective of the wisdom or otherwise of installing third party updates through Windows Updates.

      • This reply was modified 1 week, 5 days ago by

         Seff.

      That ‘important’ note is what initially caught my attention. It appears WU just pushes the patch out to all machines regardless of the processor. I installed it on my laptop that had the processor listed. There’s nothing unusual to report.

      • #1867562 Reply

        CADesertRat
        AskWoody Plus

        It appears WU just pushes the patch out to all machines regardless of the processor

        Yes, my AMD cpu has gotten every one of the Intel micro-code updates and so far there have been no ill effects that I can tell. They just install and are listed in Installed updates but don’t seem to do anything, LOL.

        I have also gotten them on my Intel 3770 CPU and they don’t “seem” to have done anything detrimental to that either.

        Don't take yourself so seriously, no one else does 🙂
        4 Win 10 Pro currently 1809 (3 Desktops, 1 Laptop).

        • #1868085 Reply

          abbodi86
          AskWoody_MVP

          AMD have a separate MC file mcupdate_AuthenticAMD.dll, updating the intel one mcupdate_GenuineIntel.dll will have no effect

          1 user thanked author for this post.
          • #1868430 Reply

            CADesertRat
            AskWoody Plus

            AMD have a separate MC file mcupdate_AuthenticAMD.dll, updating the intel one mcupdate_GenuineIntel.dll will have no effect

            By the “KB” # it just shows that it’s an Intel Micro-code on my AMD if I look up the KB # online. It doesn’t mention anything about AMD.

            Don't take yourself so seriously, no one else does 🙂
            4 Win 10 Pro currently 1809 (3 Desktops, 1 Laptop).

            • #1869470 Reply

              abbodi86
              AskWoody_MVP

              That’s what i said 🙂
              if you install th update on your AMD machine, it has no effect

              likewise, if i install the update on Intel machine which don’t have new microcode in the update, also no effect

              2 users thanked author for this post.
    • #1867814 Reply

      byteme
      AskWoody Plus

      Win7 Home Premium 64-bit. Group B: the few, the proud, the paranoid.

      I installed the 2nd June Win7 64-bit Security Update (4508772) — which supersedes 4503269, so there’s no need to install that, as has previously been noted — and rebooted.

      After a while I installed the 2nd June IE 64-bit Security Update (4508646) — which supersedes 4503259, so there’s no need to install that, as has previously been noted — and rebooted.

      After another while I installed the Security Update for Word 2010 (32-bit), and shortly thereafter I installed the MSRT.

      No fireworks so far, so I’m assuming all is well.

      5 users thanked author for this post.
      • #1867918 Reply

        anonymous

        Byteme, I do basically agree with you, but the titles of the patches were slightly differing, one saying it had security in the title and the other not, KB4508646 “includes the quality improvements from KB4503259”. What about the security aspect? I can assume it is there but…

        Also in this Woody site it does not say one supersedes the other, only that it was released and what it fixed. https://www.askwoody.com/forums/topic/2000003-ongoing-list-of-group-b-monthly-updates-for-win7-and-8-1/

        I would rather overpatch with a cumulative patch overlaying the previous and not worry about missing something. But YES, a cumulative patch -should- have everything the previous one did.

        Ohh and Happy 4th of July!

        Thank you.

        2 users thanked author for this post.
    • #1867905 Reply

      willygirl
      AskWoody Plus

      Monthly Rollup KB4503292 installed fine.
      MS Word 2010 Security Update KB4461619 was next after a restart, let the machine sit for about 20 minutes to process everything, something I do with each monthly update. Moving forward.

      Win7 SP1 Home 64-bit; Office 2010; GrpA, when all is said, done and fixed, Mac OSX to help me sleep at night.

      1 user thanked author for this post.
      • #1867926 Reply

        anonymous

        Hello Willygirl, Good post. I would however consider a little longer idle time if you are going for Idle Tasks because it takes about 20 minutes for the computer to realize you are not using it before it starts processing idle tasks. But, if you have good luck and all works well for you, “go with what you know”. Happy 4th!

        1 user thanked author for this post.
    • #1867927 Reply

      KB 4503292 installed here, with a weird glitch:

      Upon reboot, for 5 seconds, got a black screen with a little white box in the upper left of my screen that said something like (went by fast) “configuring your desktop…” and POOF! it vanished.

      MSFT, you are so weird.

      Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", Group "A/B [negative] :)", Multiple Air-Gapped backup drives in different locations, "Don't check for updates-Full Manual Mode."
      --
      "...All the people, all the time..." (Peter Ustinov ad-lib from "Logan's Run")

      1 user thanked author for this post.
    • #1868190 Reply

      E Pericoloso Sporgersi
      AskWoody Plus

      YES! Finally!

      The past months Windows Update always refused to give me 1903.
      I did receive all 1809 updates but nothing further, and only vague explanation and even less promise.

      But yesterday, 3 July, I finally reached digital nirvana: Windows 10 Home 1903 build 18362.207 did install. It took a while (hours) but it did finish.

      And up to now NO ISSUES that I noticed.

      s(n)idenote: No MS Office, free LibreOffice instead.

    • #1868522 Reply

      anonymous

      Read the above instructions for Win7 Group B security only patch(s) for June, and I’m also confused.  Should we only install KB4508772 and NOT first install KB4503269?  Thanks everyone for the assistance.  Appreciated.

      • #1868595 Reply

        PKCano
        Da Boss

        The answer to your question is in #1867084.

        • #1868723 Reply

          anonymous

          I had read that post. It’s not clear if we should just install only KB 4508772 or first KB4503269 before KB4508772? Would appreciate you confirming if it’s simply just (e.g. only) installing KB4508772, which is how I interpreted your advice? Thanks.

          • #1868764 Reply

            PKCano
            Da Boss

            I can give you a link to my sources. Please read Microsoft’s information for KB4503269 and KB4508772. Perhaps there is something there I missed.

            Also see #1868784.

          • #1868903 Reply

            OscarCP
            AskWoody Plus

            This is my two-cents contribution to the cause of Group B updating:

            As PKCano  #1867084  has already noted, and according to https://support.microsoft.com/en-us/help/4508772/windows-7-update-kb4508772 :

            This update for Windows 7 SP1 and Windows Server 2008 R2 SP1 includes the quality improvements from KB4503269 (released June 11, 2019), in addition to these key changes

            So, according to this MS article, it is enough to install kb4508772 . But if one is not doing something that is likely to have the problems listed in that site, so “these key changes” are not needed, then the previous Security Only update should be enough. It is up to the users to decide. If one is not sure about what to do, then it is better to install kb4508772, as it will not cause problems doing so (as far as it is known at this time, at least). As to the update to IE 11, I think that Byteme’s  #1867814 recommendation to install the last June one to come out is correct, as these updates are cumulative. But, as far as I know, if one is not using IE 11 for browsing (unlike the Windows operating system, that is always using it for its own reasons) then waiting until the July update is declared to be OK might do as well, because the July update will include the relevant June ones and only those, again, as these updates are cumulative and also because one would hope things this month will be simpler than they were in June.

            2 users thanked author for this post.
      • #1868598 Reply

        anonymous

        Hello Anonymous, I installed win 7 group B 5 updates and it went fine. Byteme installed about half saying that they were cumulative (for IE) and did well. The page PKC manages has a site on suggested installs here at woody’s, https://www.askwoody.com/forums/topic/2000003-ongoing-list-of-group-b-monthly-updates-for-win7-and-8-1/

        I would go down PKC’s list unless they chime in and say differently since win 7 Group B is not cumulative but group A is.

        Happy 4th!

    • #1868599 Reply

      Alex5723
      AskWoody Plus

      I don’t remember any update regarding the USB 1903 upgrade bug.
      Was it fixed with June updates ?

    • #1868611 Reply

      Blizzard
      AskWoody Lounger

      Group A, Win7 Pro 32bit @ SP1, HP dc7900 SFF PC using Wolfdale Intel Core2 Duo E8400 3GHz

      Monthly Rollup KB4503292 installed after I fully imaged my HD.  No oddities observed.

      Waited until task manager showed TrustedInstaller had concluded its activity, then rebooted and proceeded to install the current MSRT.  Again, no oddities observed.  Rebooted several times after TrustedInstaller no longer showed active.  All seems well here.

      No issues observed with my network connections or WMP, BTW…

      Thank yous out to the many fine contributors who help build my confidence to proceed with such updates once the MS-DEFCON level is appropriate.

      • This reply was modified 1 week, 4 days ago by
         Blizzard.
      • This reply was modified 1 week, 4 days ago by
         Blizzard.
      3 users thanked author for this post.
    • #1868715 Reply

      Tex265
      AskWoody Plus

      The MS pages for KB4508772 say:

      This update for Windows 7 SP1 and Windows Server 2008 R2 SP1 includes the quality improvements from KB4503269 (released June 11, 2019), in addition to these key changes:

      Addresses an issue that may display the error, “MMC has detected an error in a snap-in and will unload it.” when you try to expand, view, or create Custom Views in Event Viewer. Additionally, the application may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs.

      So is there no similar, stand alone KB catalog fix for this issue for those of us on Windows 7 – Group A  – KB4503292 CU?  Or does it not have this issue?

      Windows 10 Pro x64 v1803 and Windows 7 Pro SP1 x64
      • #1868722 Reply

        PKCano
        Da Boss

        For Group A the Event Veiwer Customs View issue was fixed in the 2019-06 Preview Rollup KB4503277  which is an UNCHECKED OPTIONAL patch, or you can wait for the July Monthly Rollup.

        2 users thanked author for this post.
    • #1868718 Reply

      anonymous

      Recent Replies

      PKCano on MS-DEFCON 4: It’s time to get the June Windows and Office patches installed
      6 minutes ago

      It is 12:48 CST and this was posted an hour ago.

      There seems to be an hour or so delay in the updating of the Recent Replies section on the right.

      TY

      • #1868725 Reply

        PKCano
        Da Boss

        Yes, it would seem there is a delay in updating of  in the Recent Updates list in the right hand panel.

    • #1869003 Reply

      anonymous

      I am in Group B with Windows 8.1. I only installed Jun 2019 KB 4503290 and Jun 2019 (IE11) KB 4503259 and the flash update. Now Skype keeps signing me out automatically every 5-10 min. Is in the June 2019 Updates that are causing it? Or what might be causing it?

      1 user thanked author for this post.
    • #1869200 Reply

      Sueska
      AskWoody Plus

      I am also in Group B with Windows 8.1.

      Installed the following updates on 6/24/19; Word 2013 Security Update for June KB4464590, IE11 KB4508646 cumulative update, and the June Security Only updates KB4503290 and KB4508773.

      Issue #1 – Not certain if related, but a few days after installing the updates, I got numerous odd errors when visiting microsoft secure sites “This page can’t be displayed in IE 11 – Turn on TLS 1.0, TLS 1.1, and TLS 1.2 …” These protocols were already enabled in IE 11. A reset of IE 11 fully corrected the issue.

      Issue #2 . All 4 of the updates I installed on 6/24/19 are visible in “View Update History”. However, when I select “Installed Updates” I find 77 additional Office Updates installed on 6/24/19. There is no way these very old office updates from 2015-2018 were installed on this date. If any one has any ideas, would be appreciated. Otherwise guess I should just be glad everything seems to work fine now.

      1 user thanked author for this post.
    • #1869344 Reply

      GoneToPlaid
      AskWoody Plus

      Staying on Group B is a bit difficult.

      I both number and rename the downloaded updates, such that the file names include important information. In this fashion, I can easily reinstall and update Windows 7 while avoiding occasional issues and pitfalls which were fixed in superseded updates.

      The attached screen captures of the folder containing my downloaded and renamed Windows 7 Security Only updates should give you a good idea about my methods for staying on Group B while avoiding issues.

      For example, do you really want Windows Update to get taken down because you have either a newer AMD CPU or an older CPU which triggered Windows Update to shut down? System Restore does NOT fix this issue, as I discovered when Windows Update got taken down simply because three of my computers have Core I5 Sandy Bridge CPUs. Uninstalling the April 2017 security only update, which caused the issue, didn’t work either. This is why the update numbered 09 needs to be installed before installing the updates numbered 10 and 11.

      On the other hand, abbodi86’s instructions for killing Windows 7 telemetry after installing monthly rollups are really slick. See here:

      2000012: Neutralize Telemetry & Sustain Win 7, 8.1 Monthly Rollup Model

       

      • This reply was modified 1 week, 3 days ago by
         GoneToPlaid. Reason: grammar
      • This reply was modified 1 week, 3 days ago by
         GoneToPlaid. Reason: Added information
      Attachments:
    • #1869369 Reply

      Alex5723
      AskWoody Plus

      Just took a peek at my 1809 pro update history after June update KB4503327 (17763.557) and I didn’t find May 21, 2019—KB4497934 (OS Build OS 17763.529)

      Starting with update KB4497934, we are introducing functionality that allows you to decide when to install a feature update. You control when you get a feature update while simultaneously keeping your devices up to date.

      Maybe Microsoft’s AI decided the Pro users with Advanced Options deferrals /GPEdit don’t need KB4497934 ?

      • #1869447 Reply

        PKCano
        Da Boss

        May 21, 2019—KB4497934 (OS Build OS 17763.529) is a non-Security Preview, not a Feature Update. If you have Pro set at SAC (not Targeted) you should not see. in Windows Update, (without being a “seeker”) the Preview updates released between Patch Tuesdays. And you should not see any of the May (or earlier) patches show up in the Windows Update pending queue after you install the June CU anyway.

        • #1869464 Reply

          Alex5723
          AskWoody Plus

          non-Security Preview

          Shouldn’t a non-Security Preview be bundled with next month’s updates ? Is the new ‘download and Install’ feature baked into recent 1809 pro updates regardless of deferrals ?

          • #1869468 Reply

            PKCano
            Da Boss

            The Preview updates/fixes released between Patch Tuesday are included in the following Patch Tues. Security CU.

            The new ‘download and install now’ feature, I think, was initially in the late May Preview patches, but was acquired through Windows Update beginning with the June Patch Tues. CUs. We still haven’t determined (to my knowledge) exactly how this new “feature” is going to work. Microsoft’s pages say it will show “Feature Updates” = upgrades. But some reports say it is also showing Preview Updates (non-Security CUs between Patch Tues.s).

            1 user thanked author for this post.
    • #1869738 Reply

      davinci953
      AskWoody Plus

      Version 1903 is knocking on the door. I had the following notification on the WU page when I installed the June updates. I think the only thing keeping it at bay is that I have the feature update deferral setting set to 180 days.

      wu

      Attachments:
      • #1869827 Reply

        Alex5723
        AskWoody Plus

        Version 1903 is knocking on the door

        Are you on 1803 or 1809 ?

        • #1869904 Reply

          davinci953
          AskWoody Plus

          Currently on 1809.

          • #1870185 Reply

            Alex5723
            AskWoody Plus

            Currently on 1809

            That is strange. 1803 should get this message as 1809 EOL is 2020-05-12 / 2021-05-11

            I am on 1809 Pro and haven’t seen this message.

            • #1870501 Reply

              davinci953
              AskWoody Plus

              It seems to be random. I have 1809 Pro on my laptop also, and the 1903 message doesn’t show. It shows only on my desktop that is a newer system.

    • #1869828 Reply

      anonymous

      Anyone else experience this?

      I’ve seen the error below  on both a Windows 10 and a Windows 2016 box with 2019-06 cumulative updates from earlier in the month, but installing the cumulative update from 6/26 or 6/27 resolves the error: https://www.catalog.update.microsoft.com/Search.aspx?q=%222019-06+cumulative+update+for+windows%22

      Update Status – There were some problems installing updates, but we’ll try again later. If you keep seeing this and want to search the web or contact support for information, this may help: (0x8024401f)

      Microsoft has some suggestions on fixing Windows Update errors, https://support.microsoft.com/en-us/help/10164/fix-windows-update-errors. One of the suggestions for fixing errors when the windows troubleshooter fails and the servicing stack updates are current is to use the most current cumulative update for the OS. In both cases that I’ve seen, this resolves the error above when a rebuild of c:\windows\SoftwareDistribution does not.

      • #1869885 Reply

        anonymous

        Just to clarify, this error comes from checking online for updates after earlier June cumulative updates are installed using ConfigMgr/WSUS

    • #1869898 Reply

      Tex265
      AskWoody Plus

      I’m getting ready to install the June CU – KB4503286 on my Win10 Pro ver 1803.

      Per rc below, I should also go to the MS Catalog, download, and manually install KB4503288 to fix the Event Viewer Bug.

      Is most everyone in agreement with this?  If yes to do, do I need to install both or just get KB4503288 from the Catalog and ignore installing KB4503286 via WUpdater?

      The Event Viewer Bug also may affect Automatic Maintenance. So, head over to the MS Updates Catalog and get the non-MS Updates patch which corrects the issue. Once this patch is manually applied, at least for Version 1809, things get back to normal. Checking for driver events in the Device Manager is also wrecked if Custom Views are munged.

      Also, I assume this/these updates will change my WU to the “new” version?  Will my Feature delay 365 days, Quality delay up to 30 days, Group Policy 2 – ask before downloading, and wushowhide app still remain/work?

      Windows 10 Pro x64 v1803 and Windows 7 Pro SP1 x64
      • #1869908 Reply

        PKCano
        Da Boss

        KB4503288 says it is a Cumulative Update, so you should not need KB4503286.
        The new WU settings should be included.
        I do not think the deferrals disappear in 1803 and 1809, and the GP setting of 2 should keep it or Feature Updates from downloading without permission.

        BUT. Can you trust Microsoft, because the pages also say:

        When Windows 10 devices are at, or within several months of reaching, end of service, Windows Update will begin to automatically initiate a feature update. This keeps those devices supported and receiving the monthly updates that are critical to device security and ecosystem health.

        The Windows 10 April 2018 Update will reach end of service on November 12, 2019 for Home and Pro editions. We will begin updating devices running the April 2018 Update and earlier versions of Windows 10 in late June 2019 to help ensure that we keep these devices in a serviced, secure state

        • #1869938 Reply

          Tex265
          AskWoody Plus

          PK, thanks

          Do you agree that the Event Viewer issue is significant enough to go the Catalog/Manual install route? Or wait for the July CU?

          I normally dont install any of the mid-month non-security releases but rc seems to think it is important this time and Woody thanked him on his post, so what say you?

          Finally, if I manually install KB4503288 does KB4503286 disappear from the queue?

          Thanks

          Windows 10 Pro x64 v1803 and Windows 7 Pro SP1 x64
          • #1869951 Reply

            PKCano
            Da Boss

            Personally, I installed the Patch Tues CU and I do not install the Previews (my choice).
            If you install the Preview, you do not need the earlier CU. It probably will no longer be offered.
            But the July update is only four days away. What’s your rush?

            1 user thanked author for this post.
            • #1869963 Reply

              Tex265
              AskWoody Plus

              But the July update is only four days away. What’s your rush?

              My concern (perhaps unfounded) is unless I get something installed before the July updates come out I’ll be stuck for another month since we won’t get a Defcon go-ahead until the end of July at best.

              And without the “new” WU settings, I’ll be out of touch with the forums ongoing dialogue – but then maybe not updating would help hold off MS?

              Windows 10 Pro x64 v1803 and Windows 7 Pro SP1 x64
            • #1869964 Reply

              PKCano
              Da Boss

              The “new” settings are in all the June CUs – Patch Tuesday CU or Preview. Take your pick.

            • #1870925 Reply

              Tex265
              AskWoody Plus

              About 1 hour ago I installed the June CU KB4503286 update onto my Windows 10 Pro x64 ver 1803 computer.

              I let the KB come down via the Windows Updater. Windows Update Group setting at 2 required I select the Download button. Upon clicking the button, the Download started and under the download Status details a new paragraph showed that said

              “You’re currently running a version of windows that’s nearing the end of support. We recommend you update to the most recent version of Windows 10 now to get the latest features and security improvements.”

              Other than that, the download and installation proceeded as normal and requested a restart (all the while retaining the above paragraph on the screen).

              Upon restart my system came back up – no problems. Going back into Settings>Update & Security>Windows Update, the screen looks exactly as it did before the June update with only the Check for Updates button. Nothing new or added (the new paragraph above was also gone from the screen).

              Advanced options remain the same as they were with ability to still set Branch Readiness level, Feature deferral, and Quality update deferal.

              I did another restart and no change from above.

              Botton line, so far nothing has changed from what I had before that I can see.  Anyone else seen something different?

              I did not hit the Check for updates button so will see if anything changes when system performs an automatic update tomorrow.

              PS: I may manually download and install KB4503288 tomorrow to correct the Event Viewer issue. We probably all have this issue since I noted that my Windows 7 and 10 came standard with Administrative Events as a Custom View.

              Windows 10 Pro x64 v1803 and Windows 7 Pro SP1 x64
              1 user thanked author for this post.
            • #1870957 Reply

              Tex265
              AskWoody Plus

              To add to my post above since too late to Edit:

              Implied but to specifically say: There is no appearance of the new “Download and install now” link or separate Feature Upgrade area that has been heavily discussed here at AskWoody.

              Windows 10 Pro x64 v1803 and Windows 7 Pro SP1 x64
            • #1872521 Reply

              Tex265
              AskWoody Plus

              Update: I have now received 2 separate automatic Windows Updates over 2 days for Windows Defender definitions. Due to my Group Policy setting to require “ask before downloading” I need to select the Download button to approve any download to install.

              Each time when I select the Download button, I get the paragraph below, and the download and install proceeds.

              “You’re currently running a version of windows that’s nearing the end of support. We recommend you update to the most recent version of Windows 10 now to get the latest features and security improvements.”

              After install completes and I close the Settings screen and reopen, the paragraph is gone and everything is back to the way it always was in 1803.

              Perhaps my deferral settings are keeping the new “Download and install now” link and 1903 away?

              Windows 10 Pro x64 v1803 and Windows 7 Pro SP1 x64
      • #1872518 Reply

        rc primak
        AskWoody_MVP

        Replying to Tex265:

        Per rc below, I should also go to the MS Catalog, download, and manually install KB4503288 to fix the Event Viewer Bug.

        Do you agree that the Event Viewer issue is significant enough to go the Catalog/Manual install route? Or wait for the July CU?

        I normally don’t install any of the mid-month non-security releases but rc seems to think it is important this time and Woody thanked him on his post…

        I think I’ve reconsidered how important restoring the Event Viewer Custom Views really is for most folks.

        I had a specific reason for restoring the functioning of the Event Viewer. Windows said it had reinstalled one of my drivers. I went into the Device Manager to look at any driver related Events. This brings up a Custom View, which exposed the Event Viewer bug. I only applied the Catalog-only patch to restore the Event Viewer so that I could see the driver related Events.

        It turned out that the driver was reinstalled, but remained the OEM driver I wanted to keep. I could not have determined this information if I had not fixed the Event Viewer bug.

        Most folks will not run into something like this, so waiting for a fix in next month’s (July) Cumulative Update for Version 1809 would seem to be the best (and easiest) way to go.

        This means that manually installing the update from the MS Update Catalog is not necessary for most folks, unless you believe strongly in letting Windows Automatic Maintenance run on some set schedule. This is also not an issue for most Windows 10 users. Automatic Maintenance can wait a month or two for most folks.

        -- rc primak

        • This reply was modified 6 days, 6 hours ago by
           rc primak.
        • This reply was modified 6 days, 6 hours ago by
           rc primak.
        1 user thanked author for this post.
    • #1870099 Reply

      singbluesilver
      AskWoody Lounger

      Hello anonymous (the one quoted below – we have several by that “name”  🙂 ) and all:

      I’m in a fairly similar situation as the Anonymous who posted the question as far as cumulative updates.  My situation just goes farther back.

      Firstly: I have two desktop/tower computers, both running Windows 7; one running Home and one running Pro, both 64-bit.

      I’ve been in Group B since “Patchocalypse” started.  Then in or about June of last year, 2018, I went to Group X due to prevailing non-computer related circumstances.  In other words, I haven’t done any updates for about a year.

      Now that circumstances are calmer, I want to remain in Group B.  I feel that I’m living dangerously in Group X.  My question in a nutshell is, how far back should I go with installing security-only patches?  I remember that there was a great debate about what was cumulative and what was not around June 2018 (and what wouldn’t install at all with installing Patch XYZ first), and I still have that bookmarked.  Should I go back that far and install each month’s security-only patches from Woody’s link as I’d always done?  Or are there cumulative patches in more recent months that will save me that labor?  Hopefully at least no farther back than January 2019?

      I’m not so good at searching the forum, but I’m fairly adept at understanding and enacting updates.  And I’d of course image both hard drives before doing anything, and make a system restore point before starting any updates and after each month’s update after I saw that all was well.

      Thanks a million.

      SBS

      Hello Anonymous, I installed win 7 group B 5 updates and it went fine. Byteme installed about half saying that they were cumulative (for IE) and did well. The page PKC manages has a site on suggested installs here at woody’s, https://www.askwoody.com/forums/topic/2000003-ongoing-list-of-group-b-monthly-updates-for-win7-and-8-1/

      I would go down PKC’s list unless they chime in and say differently since win 7 Group B is not cumulative but group A is.

      Happy 4th!

      Windows 7 HP SP1 64-bit, Group B

      • This reply was modified 1 week, 2 days ago by
         singbluesilver. Reason: Clarification about restore point
      • This reply was modified 1 week, 2 days ago by
         Bluetrix.
      • This reply was modified 1 week, 2 days ago by
         Bluetrix.
      • #1870133 Reply

        singbluesilver
        AskWoody Lounger

        I can’t edit for some reason.

        Let me try to pare down my question to, are security-only updates (Group B) for Windows 7 still never ever cumulative?  It seems the case from this post:

        BUT I just wanted to double check when the “non-cumulative” factor started.  I haven’t updated for a year as mentioned and before I start downloading and installing from July 2018 onward, I wanted to make extra sure.

        Thank you again.

        Moderator note: Rapid editing a post can get your post caught by our SPAM filter.
        In this instance it did.

        Windows 7 HP SP1 64-bit, Group B

        • This reply was modified 1 week, 2 days ago by
           singbluesilver. Reason: Corrected a link
        • This reply was modified 1 week, 2 days ago by
           singbluesilver. Reason: Undid quoted post
        • This reply was modified 1 week, 2 days ago by
           Bluetrix.
        1 user thanked author for this post.
        • #1870178 Reply

          Elly
          AskWoody MVP

          You will need to be aware of the Servicing Stack updates… which require all updates in Windows Update to be installed or hidden. If you haven’t done this for a year, each time you hide the Monthly Quality and Security update and check for updates again, the previous Monthly Quality and Security update will show up… repeat hide and check until no new Monthly Quality and Security updates show up… when there are no other updates showing up in WU, the servicing stack update should show up for installation. Better to do that first.

          The Group B Security only updates are not cumulative, and you will need to install all of them.

          As Group B installs the IE 11 cumulative update, you can install the latest IE 11 update to bring it up to date.

          Go through the Group B list and follow the steps… you don’t have to install them one at a time before rebooting (other than the Servicing Stack update).

          Win 7 Home, 64 bit, Group B

          1 user thanked author for this post.
          • #1870625 Reply

            singbluesilver
            AskWoody Lounger

            Thanks so much, Elly.  I’d never heard of Servicing Stack updates.  I’ll be on special lookout for them!  I felt like I was asking a stupid question that already had an answer in the post that I quoted, but now I’m VERY glad that I asked.

            Thank you again.

            SBS

            Windows 7 HP SP1 64-bit, Group B

            1 user thanked author for this post.
      • #1870240 Reply

        anonymous

        Hello singbluesilver, I am anon #1868598.

        “Now that circumstances are calmer, I want to remain in Group B. ”
        I think that is a good idea. I am doing group B myself as are my friends. However I will ask you to look at what Canadian tech has done, by not updating. He has gone over 2 years without updating and has had no issues (as far as I know a few months back).
        CT said, “The really interesting aspect is that since we stopped ALL Microsoft updates of any kind in May 2017, these machines have become extremely stable and reliable. My workload in support has fallen of to well below 50% of what it was. Clearly, the age-old rage for updating is just plain wrong– at least at this point for private owners.”

        Usage share blips — Win7 goes up, Win10 goes down


        For your reference here is an article he has on restoring a new copy of Win 7. http://www.canadiantech.info/for-techies/re-build-windows-7/rebuild-windows-7-july-2018/

        “in or about June of last year, 2018, I went to Group X ”
        “Should I go back that far and install each month’s security-only patches from Woody’s link as I’d always done? Or are there cumulative patches in more recent months that will save me that labor? ”
        Yes, go back to June 2018. Group B patches are NOT cumulative. IE11 is and you should be OK with the latest cumulative IE11 patch.

        I would go down PKCano’s list for Group B, https://www.askwoody.com/forums/topic/2000003-ongoing-list-of-group-b-monthly-updates-for-win7-and-8-1/
        But in my opinion, you should also either 1) get the normal .NET patches as they arise from time to time or 2) get the Security ONLY .NET patches as I do since I consider those Group B also. The easy route is the normal .NET patch from Windows Update since it will give you what you need. BUT again, try not to install every new .NET offered to you from Microsoft. Why install .NET 4.7 if you do not have a program or need for that version? I only have version 3.5.1 .NET since that came with Windows 7. I only install the SO from the catalog for 3.5.1. I have read that if you go over .NET 4.6.1, you get the telemetry of newer .NETs. Others here may disagree and that is fine, my computer is running great and I am staying with what works.

        1 user thanked author for this post.
        • #1870631 Reply

          singbluesilver
          AskWoody Lounger

          Thanks so much anon #1868598, now anon #1870240   🙂

          That is a wealth of information!  I’m very glad to hear about Canadian Tech, that he has had no problems, per @Noel Carboni‘s common sense surfing and downloading and etc.  I haven’t had a malware or other problem either in this year without updates.

          I’m with you on .NET!  I’m not a user of “heavy” software or games etc, and I don’t feel that I need the latest (and usually not greatest) .NET either.  But it does seem to be a security hole and I’m very glad that you reminded me of it.

          Thanks again, very very much.

          SBS

          Windows 7 HP SP1 64-bit, Group B

      • #1870569 Reply

        Noel Carboni
        AskWoody_MVP

        Contrary to popular lore, if you understand what you’re doing and can weigh the risks and rewards yourself, avoiding patching an OS that works for what you need it for isn’t a recipe for disaster. Not knowing what you’re doing, actively doing irresponsible things, and/or hoping for someone else to take care of your security can be, however.

        Microsoft and others would like you to believe that even though they could not design the software to be secure, a hastily prepared patch will be perfect and never unacceptably degrade performance. Stop for a moment and think about how ridiculous that is.

        -Noel

        4 users thanked author for this post.
        • #1870611 Reply

          b
          AskWoody Plus

          Microsoft and others would like you to believe that even though they could not design the software to be secure, a hastily prepared patch will be perfect and never unacceptably degrade performance. Stop for a moment and think about how ridiculous that is.

          When did Microsoft ever pretend that patches are perfect?

          They’re better than the alternative, e.g.:

          US Cyber Command warns nation-state hackers are exploiting old Microsoft Outlook bug. Make sure you’re patched!

          You patch your software too. Why is that necessary?

          Knuckle dragger Cannon fodder Chump Daft glutton Idiot Crazy/Ignorant Toxic drinker Blockhead Unwashed mass Seeker/Sucker "Ancient/Obsolete" (Group ASAP) Win10 v.1903

    • #1870554 Reply

      Noel Carboni
      AskWoody_MVP

      but if you’re using Windows 7, 8.1, XP, Vista, or one of the Server variants and skipped the May patches, you need to drop everything and get the May or June patches installed. BlueKeep is coming.

      Win 8.1, really?

      -Noel

    • #1870571 Reply

      Mele20
      AskWoody Lounger

      The “new” settings are in all the June CUs – Patch Tuesday CU or Preview. Take your pick.

      I’m on 1803 and I waited for the Defcon level to be raised and I then installed KB4503286 yesterday. Today, I tried to open Event Viewer and saw that I have the error that causes it to unload and be closed.

      That error is corrected in KB4503288. So, my choices are to (1) install the preview cumulative update or (2) simply wait another month until July’s cumulative update is given the go ahead here. Correct?

      I do hope to avoid an update to 1809 (I just installed 1803 on April 7) until October. I have the same question as Tex265. Plus, what are these new WU settings? Those come with KB4503288? Will fixing the event View error by installing KB4503288 obliterate my group policy settings regarding upgrade to 1809?

      Edit: I just tried Event Viewer again and it opened normally this time. I know the problem involves custom views but I didn’t think I was using any! I must have been though because it opened to custom view and then unloaded. Just now, it opened to normal view so I guess I can just avoid custom views for a month and that way I won’t need to install KB4503288.

      • This reply was modified 1 week, 1 day ago by
         Mele20.
      • #1870579 Reply

        PKCano
        Da Boss

        if you really need the Custom Views, you can install KB4503288. But the fix will be in the July updates if you can wait. Installing KB4503288 should respect your Group Policy settings.

        The new settings will give Home users a chance to pause updates up to 35 days for the first time. They are supposed to also present Feature Updates on a voluntary “download and install now” basis, instead of “surprise, we got you.” We still haven’t had time to confirm how they work.

        1 user thanked author for this post.
        • #1870930 Reply

          Tex265
          AskWoody Plus
        • #1871029 Reply

          RTWinzz
          AskWoody Plus

          I have win 7 and just installed KB4503292 and immediately on starting Event Viewer got the error message and it crashed.  I did have an old custom view defined and decided to see if eliminating that view would stop the crashes.  I went to Programdata\Microsoft\Event Viewer\Views folder and relocated the custom view (mine was named View1.xml).  Once I relocated the file, I could open Event Viewer normally without any crashes.  This worked on 3 different PCS running Win 7 Pro.  Since I really don’t need the custom view anymore, I decided this was an easier and less dangerous fix than installing another buggy patch from MS that was produced quickly and tested to their usual rigorous standards.  YMMV.

    • #1870923 Reply

      Seff
      AskWoody Plus

      I’ve installed the monthly rollup KB4503292 today on my main Win7 desktop, seemingly without any issues as yet. I hope to get to install it along with the Office 2010 update KB4461619 on my other desktop before the July patches hit, but that machine is currently at the local repair shop although it should hopefully be back in time.

    • #1871016 Reply

      glnz
      AskWoody Lounger

      Here’s a possible nuance for Win 7 Pro 64-bit Group A:

      I’m fully updated through the June patches, but now I cannot get Task Manager’s position and size to stick.  I’m one of those nerds that has set Task Manager to start on every reboot.  I like to set it to open on the right side of the screen, with max vertical size from top of screen down to top of “tray”.

      But that won’t stick any more!

      On every reboot, Task Mnager now reopens at top left and skinnier and shorter than I want it.  I can’t figure out why the size and position settings don’t stick.

      One of the April, May or June patches ???

      • This reply was modified 1 week, 1 day ago by
         glnz.
      • #1871089 Reply

        anonymous

        ginz, try this idea. with IE and other screens one can force a permanency by setting the size and shape you want and hold the control key down and click the “X” to close the screen. You may have to do it more than once or even try the Shift key when closing. But Usually the Ctrl key and closing the screen forces a writing to the registry of that position. Let us know if it worked or not.

        1 user thanked author for this post.
        • #1871125 Reply

          glnz
          AskWoody Lounger

          Hey, anonymous – my previous try of CTRL + X button did not work, but your post inspired me to try it in SAFE MODE.  So, in SAFE MODE, I closed Task Manager with every combination of CTRL, ALT and SHIFT the X button, and on reboot into normal 7 it’s working!

          Thanks.

          • This reply was modified 1 week ago by
             glnz.
    • #1871032 Reply

      rick41
      AskWoody Lounger

      Group A.  3 Win 7 machines, two with 64-bit Pro and 1 with 64-bit Home Premium.  Installed the Monthly Rollup and MSRT on all three, plus Microsoft Filter Pack 2.0 update (KB 3114879) on the applicable Pro machine.

      Everything seems fine, although — unlike Blizzard — I did have to reconfigure Windows Media Player on all three machines.  This seems to be required more often than not these days.

      1 user thanked author for this post.
    • #1871609 Reply

      Marcus Weldby
      AskWoody Lounger

      Maybe I missed it, but I don’t see .NET patches listed in the new Master Patch List Excel spreadsheet. I’m specifically looking for the recommendation on 4489486 which came out on 5/23/2019. It is showing up in my WSUS server.

      • #1871624 Reply

        Marcus Weldby
        AskWoody Lounger

        I don’t see Office updates either. Maybe I’m just not looking in the right place?

        • #1871832 Reply

          Susan Bradley
          AskWoody MVP

          https://www.askwoody.com/patch-list-master/  Are you looking at the top here?

           

          That .NET is an optional update/preview and is not needed at this time.

          Susan Bradley Patch Lady

          • #1871844 Reply

            Marcus Weldby
            AskWoody Lounger

            Whoops, there it is staring me right in the face, I’ll chalk it up to being Monday.

            In my WSUS console it shows the June 18 .NET update as being a Preview, but I was wondering about the May 23 one as it is just called an “Update”, not a Preview.

            Thanks!

    • #1871631 Reply

      SueW
      AskWoody Plus

      Here’s my feedback after updating last night:

      1 – imaged my disk with Macrium Reflect Free

      2 – downloaded Updates KB4508772 (June SO) and KB4508646 (IE11 June Cumulative)

      3 – installed the June SO and IE11 Updates and then rebooted; waited 15 minutes

      4 – updated MS Security Essentials’ Virus & Spyware Definitions manually to eliminate Windows Update’s “Optional” ‘Definition Update for Microsoft Security Essentials – KB2310138’

      5 – checked “Windows Update” => 4 Important (3 checked): 2 Office 2010 and 2 Win 7; 2 Optional: both unchecked

      6 – hid the unchecked Important Update KB3114879 (Microsoft Filter Pack 2.0 32-Bit Edition)

      7 – unchecked and hid “Important” Update KB4503292 (June Rollup)

      8 – hid the unchecked Optional update KB4503277 (June Preview Rollup)

      9 – hid the unchecked Optional update KB4503865 (Preview of Quality Rollup for .NET Framework for Windows 7 for x64)

      10 – checked “Windows Update” again => 2 Important: 1 Office 2010 and 1 Win 7: both checked; 2 Optional: both unchecked

      Note: the 2 unchecked Optional were from May: KB4499178 (May Preview Rollup) and KB4505050 (IE May Cumulative) . . .

      11 – hid both unchecked Optional updates

      12- checked “Windows Update” again => 2 Important: 1 Office 2010 and 1 Win 7: both checked

      13 – unhid 0 hidden updates to install

      14 – installed 2 Updates: 1 Word 2010 (KB4461619) and MSRT (KB890830)

      15 – rebooted and waited around 45 minutes

      Note: Windows Media Player needed to be reconfigured again.

      Many thanks once again to Woody, PKCano, and everyone else who continue to contribute their time and expertise, or who post their own results!

      Win 7 SP1 Home Premium 64-bit; Office 2010; Group B; Former 'Tech Weenie'

      3 users thanked author for this post.
    • #1871788 Reply

      Sparky
      AskWoody Lounger

      Am I missing something?
      On the Master Patch List page, under:

      (“JUNE UPDATES
      June 30, 2019 — Update Status
      It’s now time to wrap up June’s Windows and Office updates. They’re not perfect, but there are no showstoppers.
      Below are the update Master Patch List charts in both Excel and PDF formats.”)

      Some PDF & Excel links don’t work.
      And the Pre-Windows 10 versions PDF chart does not show any patches.
      In previous months the patches were laid out in columns showing Safe to install?

      Thanks,
      Sparky

      HP W7 Home Premium, SP1, 64-bit, AMD Phenom II, Group A

      1 user thanked author for this post.
      • #1871804 Reply

        Microfix
        Da Boss

        Thanks for the keen eye feedback!
        Win10 PDF – Pre Win10 versions Excel (both missing)
        Susan will fix these when she has the time, stay tuned..

        ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

        1 user thanked author for this post.
        • #1871814 Reply

          Marcus Weldby
          AskWoody Lounger

          Microfix,

          Did you see my questions above regarding .NET and Office updates?

          Thanks!

        • #1872194 Reply

          Sparky
          AskWoody Lounger

          Microfix,

          The are working now.
          As for the PDF Charts showing no patches.
          I have egg on my face, I didn’t realize that there is more than one page in the in PDF. Takes me awhile to break the crust off in the morning.

          Thanks,

          Sparky

           

          HP W7 Home Premium, SP1, 64-bit, AMD Phenom II, Group A

          1 user thanked author for this post.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: MS-DEFCON 4: It’s time to get the June Windows and Office patches installed

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.