News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • MS-DEFCON 4: It’s time to get the June Windows and Office patches installed

    Home Forums AskWoody blog MS-DEFCON 4: It’s time to get the June Windows and Office patches installed

    Viewing 36 reply threads
    • Author
      Posts
      • #1866825 Reply
        woody
        Da Boss

        There are a few nuances — if you run an iSCSI array, or have custom views in Event Viewer, there are some potential conflicts. But for most people, n
        [See the full post at: MS-DEFCON 4: It’s time to get the June Windows and Office patches installed]

      • #1867036 Reply
        honx
        AskWoody Lounger

        installed group b patches on both computers (kb4508772 – win7, kb4508773 – win8.1, kb4508646 – ie). funny fact: kb4508772 only shows “update for windows” in update log. NOT “security update”, same for kb4508773.  ie kb4508646 identifies as “security update” on win7, but only as “update” on win8.1 notebook. 😀

        after reboot i installed the only one available security update for word 2010 (kb4461619) this month, it was “important” and checked. and like every month i also installed msrt, defender, flash player update (win8.1).

        of course i did NOT install that update for microsoft filter pack 2.0 (kb3114879) yet. i wait until july patches to be installed. on windows 7 machine filter pack update was “important” but not checked. on windows 8.1 it was “important” AND checked, so i unchecked it.

        the second non-security update for office 2010 (kb3114397) wasn’t offered to me, not on win7, also not on win8.1. so i could not install it, even if i wanted to. 😀

        PC: Windows 7 Ultimate, 64bit, Group B
        Notebook: Windows 8.1, 64bit, Group B

        2 users thanked author for this post.
        • #1868093 Reply
          abbodi86
          AskWoody_MVP

          KB3114397 is only ment for east asia languages IME (janpan, china, korea)

      • #1867038 Reply
        Alex5723
        AskWoody Plus

        Remember Microsoft advised users to use Restore Points after admitting deprecation of auto Registry Backups https://support.microsoft.com/en-us/help/4509719/the-system-registry-is-no-longer-backed-up-to-the-regback-folder-start ? Windows doesn’t create a restore point before a major CU .
        Create your own manually.

        • This reply was modified 1 year, 3 months ago by Alex5723.
        3 users thanked author for this post.
        • #1867059 Reply
          rc primak
          AskWoody_MVP

          My sequence is to run third party updates, then create a restore point, then run MS Updates. Also, you can enable automatic Registry Backups, but you have to edit the Windows Registry to do so.

          If drivers are updated, the Driver Store File Repository should also be backed up before MS Updates gets a chance to change any drivers.

          -- rc primak

        • #1868771 Reply
          GoneToPlaid
          AskWoody Plus

          That is a major “heads up” for Win10 users. Restoring the old auto behavior sounds like a good way to go.

          1 user thanked author for this post.
      • #1867047 Reply
        fernlady
        AskWoody Lounger

        Installed kb4503292 and kb890830. All went A-Ok.

        Windows 7 Home Premium x64 AMD Group A Realtek PCLe GBE Family Controller

        4 users thanked author for this post.
        • #1867365 Reply
          OldBiddy
          AskWoody Lounger

          Yes, I also updated with these two updates and it seems to have gone ok. Haven’t kept too close tabs on the forums recently, but it seems that we have to do something extra before the July updates can be installed. There’s so much content and advice here that it’s hard to keep up!

          1 user thanked author for this post.
          • #1870822 Reply
            Lars220
            AskWoody Lounger

            but it seems that we have to do something extra before the July updates can be installed.

            Yes, thanks go to PKCano Da Boss who is extemely helpful, and has info about this:

            “will be required to have SHA-2 code signing support installed on their devices by July 2019.”

            MS-DEFCON 2: Make sure Windows Update is de-fanged. Patch Tuesday’s tomorrow.

            #1831967     Read this post number – #post-1831967

            KB4041681/KB4041678

            #1858587    Read this post number – #post-1858587

            Thank you PKCano for all you do!

            Edited by Lars220 because the automatic link only went to the beginning of the topic and not to the specfic post by PKCano that I wanted to be seen. Please stop changing the link to only text, and leave the full url address showing so that people can read the info and see what post # is being referred to.  Thank you.

            • This reply was modified 1 year, 3 months ago by Lars220. Reason: edit for more info
            1 user thanked author for this post.
            • #1871055 Reply
              OldBiddy
              AskWoody Lounger

              @Lars220 thanks very much for the helpful pointers and reminders. And of course to PKCano and everyone else here who work hard to help Windows users. Their efforts in no small measure ensure that Windows environments stay secure and up to date everywhere. Very grateful!

              1 user thanked author for this post.
      • #1867060 Reply
        rc primak
        AskWoody_MVP

        The Event Viewer Bug also may affect Automatic Maintenance. So, head over to the MS Updates Catalog and get the non-MS Updates patch which corrects the issue. Once this patch is manually applied, at least for Version 1809, things get back to normal. Checking for driver events in the Device Manager is also wrecked if Custom Views are munged.

        -- rc primak

        3 users thanked author for this post.
        • #1867097 Reply
          CADesertRat
          AskWoody Plus

          For 1809, I assume you mean KB 4501371 which has a ton of fixes.

          Don't take yourself so seriously, no one else does 🙂
          4 Win 10 Pro at 1909 (3 Desktops, 1 Laptop).

          2 users thanked author for this post.
      • #1867072 Reply
        anonymous
        Guest

        If in Group B for Win 7, for security-only updates should we install both KB 4503269 and KB 4508772  for June’s security-only updates, or just (only) KB 4508772?  And for IE updates, should we install both KB 4503259 and KB 4508646, or just KB 4508646?  Thanks in advance for clarifying.

        • #1867084 Reply
          PKCano
          Da Boss

          The MS pages for KB4508772 say:

          This update for Windows 7 SP1 and Windows Server 2008 R2 SP1 includes the quality improvements from KB4503269 (released June 11, 2019), in addition to these key changes:

          • Addresses an issue that may display the error, “MMC has detected an error in a snap-in and will unload it.” when you try to expand, view, or create Custom Views in Event Viewer. Additionally, the application may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs.

          The IE11 updates are CUMULATIVE, so you only need the latest one.

          4 users thanked author for this post.
          • #1867391 Reply
            anonymous
            Guest

            Thanks, PK.  So reading this quote you thankfully included, appears that only KB 4508772 needs to be installed (aside from the IE update)?

            • #1868645 Reply
              Charlie
              AskWoody Plus

              We run into this snafu almost every month.  Is it four updates, or is it two.  If it’s two, then why are there still four listed in the Group B list (Topic 2000003)?  I’m still not absolutely positive what to do.

              My memory is still good...but access time is down.

              • #1868784 Reply
                PKCano
                Da Boss

                This is the very reason Woody continues to say:

                If you’re very concerned about Microsoft’s snooping on you and want to install just security patches, realize that the privacy path’s getting more difficult. The old “Group B” — security patches only — isn’t dead, but it’s no longer within the grasp of typical Windows customers.

                We follow Microsoft’s information. If you don’t understand what needs to be done, in what sequence, you should not be using Group B methods. Sooner or later you may have a problem, and it won’t be the fault of AskWoody or the advice you got here you didn’t understand.

                3 users thanked author for this post.
              • #1868831 Reply
                Bob99
                AskWoody Plus

                For those in Group B, as your signature says you are, there are four patches for this month, two of which are patches for patches:

                KB4503269, which is the initial security-only patch for Windows 7 for June, released back on June 11th.

                KB4503259, which is the initial IE11 cumulative security update for June, released on June 11th

                KB4508646 fixes errors within IE 11’s handling of files with SVG (scalable vector graphics markers) that was introduced by a prior patch for IE11. Install this if you have the stated problem.

                KB4508772 fixes a bug that may come up within the Windows Event Viewer if you have any custom filters established within the Event Viewer to view any particular event types within the viewer without looking at all of them. This bug was introduced by a prior patch. Per instructions elsewhere on this site about the cumulative nature of IE patches, this one supersedes the one issued on June 11th.

                So, that’s why four patches are listed for the month of June. That’s also why there are more than two patches listed for May…some of the ones listed are patches for patches.

                • This reply was modified 1 year, 3 months ago by Bob99. Reason: Added clarity regarding KB4508772
                3 users thanked author for this post.
              • #1869117 Reply
                Bob99
                AskWoody Plus

                Ok folks, stop the presses. I was mistaken above when I said that KB4508772 was a patch for IE11:

                Per instructions elsewhere on this site about the cumulative nature of IE patches, this one supersedes the one issued on June 11th.

                KB4508772 is a patch for the security-only patch (KB4503269) for Windows 7, NOT for IE11.

                My humble and sincerest apologies to anyone who was confused by the misstatement in my prior posting.

                This post is due to not being able to edit my post just above this one by the time I realized the error of my posting.

                2 users thanked author for this post.
              • #1869207 Reply
                byteme
                AskWoody Plus

                The two later msu’s are not patches of the earlier pair. They replace them.

                Anyone who installs all four is doing two unnecessary installs.

                And PKCano addressed that early in this thread, and anyone who wants any further confirmation can just check out the sizes of the msu files.

                1 user thanked author for this post.
              • #1869603 Reply
                Charlie
                AskWoody Plus

                Thank you so very much.  That’s all I needed to know.  It’s not a big deal and/or beyond my ability to understand.  Just a simple yes or no answer to this question would have sufficed.

                All four updates or just two.

                My memory is still good...but access time is down.

              • #1870432 Reply
                TonyC
                AskWoody Lounger

                The two later msu’s are not patches of the earlier pair. They replace them.

                … and yet the documentation for KB4508772 clearly states “This update doesn’t replace a previously released update.”! Furthermore, Topic 2000003 adds to the confusion by not stating that KB4508772 replaces KB4503269, whereas some other updates listed in that topic are stated as replacing earlier ones. You can’t blame people for noticing these inconsistencies and querying them.

                In my opinion, the root cause of this confusion is the poor quality of Microsoft documentation. What would it cost Microsoft to be more explicit and clear in their documentation for KB4508772 by stating something like, “You can install KB4508772 without having previously installed KB4503269. You then don’t need to install KB4503269.” (… assuming the statement is true, of course!)?

                (I posted this originally at the end of the topic by mistake. If somebody could delete post #1870417, I would be grateful. Thank you.)

                2 users thanked author for this post.
              • #1870496 Reply
                Charlie
                AskWoody Plus

                Thank you Tony!  You said what I was thinking to say but didn’t want to keep going on and on. I’ve thought for many years that Microsoft’s “explanations” of things are often very confusing.

                🙂

                My memory is still good...but access time is down.

              • #1870670 Reply
                byteme
                AskWoody Plus

                Just in case it helps reassure anyone, I will specifically note that the first-round June Win7 security-only update (4503269) is 80MB, and that’s twice as large as usual. And the second-round update (4508772) is 81MB, and it is inconceivable to me that that 81MB of lovingly-compiled MSFT code is just spent patching the problems with the first-round (80MB) file.

      • #1867114 Reply
        anonymous
        Guest

        I have written here previously (and most comprehensively in https://www.askwoody.com/forums/topic/we-continue-at-ms-defcon-1-dont-install-any-of-the-july-patches/#post-209829 ) about W8.1 file explorer problems which reappear following (security only) updates every few months.

        These reappeared again following the July 2019 update. I was unable to drag and drop a file between folders. Windows claimed it could not “find” the file even though it was displaying it in an explorer window showing the source folder.

        As usual I fixed the problem by deleting the 2 Registry sub-keys:

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6365D5A7-0F0D-45E5-87F6-0DA56B6A4F7D}]

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444B-8957-A3773F02200E}]

        and then restarting the PC. (The background to this fix is described at the link above 🙂 )

        I updated two 64 bit W8.1. PCs a few days ago and I have seen no other problems with the July updates. (I no longer have W8.1 running on my older 32 bit PC so I do not know if it would have had the same problem.) I have seen no problems with the W7 updates.

        HTH. Garbo.

         

      • #1867211 Reply
        davinci953
        AskWoody Plus

        What are your thoughts on installing KB4465065: Intel microcode updates? My processor isn’t listed in the processor list, so I have it hidden for now.

        • #1867252 Reply
          PKCano
          Da Boss

          I have not installed any of the Intel microcode patches. At present, there is no exploit in the wild to require I do so.

          1 user thanked author for this post.
          • #1867351 Reply
            Seff
            AskWoody Plus

            Agreed, plus the Knowledge Base article from Microsoft carries this advice:-

            Important Install this update for the listed processors only”

            If your processor isn’t on the list then this update does not apply to you, irrespective of the wisdom or otherwise of installing third party updates through Windows Updates.

            • This reply was modified 1 year, 3 months ago by Seff.
      • #1867366 Reply
        dgreen
        AskWoody Lounger

        Reporting In installing June Updates

        KB4503292 (roll up) installed smoothly.
        The only little hiccup was when my computer restarted,
        and the “windows” logo screen came up and stayed for longer then usual.
        finally my log in page appeared.
        All is fine!

        That’s the only update I had except the MSRT.
        I have not installed MSRT since January.

        takes a deep breath

        Dell Inspiron 660 (new hard drive installed and Windows 7 reloaded Nov. 2017)
        Windows 7 Home Premium 64 bit SP 1 GROUP A
        Processor: Intel i3-3240 (ivy bridge 3rd generation)
        chipset Intel (R) 7 series/C216
        chipset family SATA AHCI Controller -1 E02
        NIC Realtek PCLE GBE Family Controller
        MSE antivirus
        Chrome browser
        DSL via ethanet (landline)

         

        5 users thanked author for this post.
      • #1867386 Reply
        anonymous
        Guest

        Windows 7 SP1 64bit, with Broadcom network card. Group B.

        Installed one May and all June’s updates; IE KB4505050 (from late MAY), KB4503259, KB4508646, SO KB4503269, KB4508772 and MSRT today.

        From the catalog; Installed IE KB4505050 1st, KB4503259 2nd, KB4508646 3rd, SO KB4503269 4th, KB4508772 5th, and MSRT (from WU) last.

        Installed one at a time. Rebooted in between each update letting it sit 1 or 2 minutes after update was installed.

        No network issues. No oddities – but, IE after KB4508646 seemed sluggish for a while and a slow 1st boot after SO KB4503269 update.

        Rebooted 3 times and let it sit for several minutes. (15 min.)

        I did notice MSCORSVW of .net run for a few minutes. It seems a .NET 2.0 minor file update had happened from what I saw.

        I would recommend people on the last reboot to go to the desktop and let it sit 45 to 60 minutes to Process Idle Tasks, let the trusted installer (as per PKCano) do its thing and that short run of MSCORSVW .net get done.

        If others here are interested, one can run the MSCORSVW .net image compiler (NGEN) manually. (I do).
        http://blogs.msdn.com/b/dotnet/archive/2013/08/06/wondering-why-mscorsvw-exe-has-high-cpu-usage-you-can-speed-it-up.aspx

        You can force the Idle Tasks if you want by the administrative command prompt: rundll32 advapi32.dll,ProcessIdleTasks

        You can enter that then walk away for 15 to 20 minutes. If the drive light is still on, it is still running, walk away again. Do not allow the computer to go to sleep. Reset the Power Options to 1 hour sleep if needed. Laptops make sure you are on AC power not battery!

        Thanks to all here.

        3 users thanked author for this post.
      • #1867538 Reply
        T
        AskWoody Plus

        From the article…

        May had a hair-raising threat from a worm that still hasn’t emerged, but if you’re using Windows 7, 8.1, XP, Vista, or one of the Server variants and skipped the May patches, you need to drop everything and get the May or June patches installed. BlueKeep is coming. Those of you who blocked a specific port to keep BlueKeep at bay may be in for a nasty surprise.

        I’m curious what this means since it’s not actually addressed in the article, particularly the bit i emphasised. Why are those of us who blocked the port in for a nasty surprise?

        • #1867947 Reply
          Alex5723
          AskWoody Plus

          From the article…

          May had a hair-raising threat from a worm that still hasn’t emerged, but if you’re using Windows 7, 8.1, XP, Vista, or one of the Server variants and skipped the May patches, you need to drop everything and get the May or June patches installed. BlueKeep is coming. Those of you who blocked a specific port to keep BlueKeep at bay may be in for a nasty surprise.

          I’m curious what this means since it’s not actually addressed in the article, particularly the bit i emphasised. Why are those of us who blocked the port in for a nasty surprise?

          RDP BlueKeep exploit shows why you really, really need to patch

          RDP BlueKeep exploit shows why you really, really need to patch

          • #1868422 Reply
            T
            AskWoody Plus

            Yes, I know. I’m well aware of the vulnerability and how potentially serious it is but there’s still no confirmation on whether disabling RDP and/or blocking the port in firewall will stop this exploit. My point is that the intro to woody’s article is suggesting that even if you block the port you’re still vulnerable but it’s not addressed in the main body of the article.

            • #1868521 Reply
              Alex5723
              AskWoody Plus

              Yes, I know. I’m well aware of the vulnerability and how potentially serious it is but there’s still no confirmation on whether disabling RDP and/or blocking the port in firewall will stop this exploit. My point is that the intro to woody’s article is suggesting that even if you block the port you’re still vulnerable but it’s not addressed in the main body of the article.

              Sophos says: Patch & close ports

              So please, if you haven’t already updated your Windows computers, do so right now. We feel it’s only a matter of time before someone weaponizes this, and the best defense you might have is that patch.

              In addition, please close any firewalls that expose RDP (no matter what port it is running on, though its default is 3389/tcp) to the open internet

          • #1868520 Reply
            Sessh
            AskWoody Lounger

            ..or you can just uninstall RDP (KB925876) entirely and be done with it.

            • #1868615 Reply
              b
              AskWoody Plus

              I think that’s just the client, not host; and only for WinXP, not Win7 SP1.

              • #1869692 Reply
                Sessh
                AskWoody Lounger

                Partially true. It will work on Windows 7 if there’s no SP1. I didn’t realize that, thanks.

                I will experiment with deleting/renaming remotepg.dll which would make it impossible for any remote services to run and any related exploits would be made null.

                Apparently, you can delete services from an elevated command prompt such as:

                sc delete SessionEnv

                ..would delete the Remote Desktop Configuration service.

                It used to be possible to remove Remote services entirely, so they must not be an important part of the OS. I know I never use them and never will use them nor does anything depend on their existence.

      • #1867560 Reply
        davinci953
        AskWoody Plus

        Agreed, plus the Knowledge Base article from Microsoft carries this advice:-

        Important Install this update for the listed processors only”

        If your processor isn’t on the list then this update does not apply to you, irrespective of the wisdom or otherwise of installing third party updates through Windows Updates.

        • This reply was modified 1 year, 3 months ago by Seff.

        That ‘important’ note is what initially caught my attention. It appears WU just pushes the patch out to all machines regardless of the processor. I installed it on my laptop that had the processor listed. There’s nothing unusual to report.

        • #1867562 Reply
          CADesertRat
          AskWoody Plus

          It appears WU just pushes the patch out to all machines regardless of the processor

          Yes, my AMD cpu has gotten every one of the Intel micro-code updates and so far there have been no ill effects that I can tell. They just install and are listed in Installed updates but don’t seem to do anything, LOL.

          I have also gotten them on my Intel 3770 CPU and they don’t “seem” to have done anything detrimental to that either.

          Don't take yourself so seriously, no one else does 🙂
          4 Win 10 Pro at 1909 (3 Desktops, 1 Laptop).

          • #1868085 Reply
            abbodi86
            AskWoody_MVP

            AMD have a separate MC file mcupdate_AuthenticAMD.dll, updating the intel one mcupdate_GenuineIntel.dll will have no effect

            1 user thanked author for this post.
            • #1868430 Reply
              CADesertRat
              AskWoody Plus

              AMD have a separate MC file mcupdate_AuthenticAMD.dll, updating the intel one mcupdate_GenuineIntel.dll will have no effect

              By the “KB” # it just shows that it’s an Intel Micro-code on my AMD if I look up the KB # online. It doesn’t mention anything about AMD.

              Don't take yourself so seriously, no one else does 🙂
              4 Win 10 Pro at 1909 (3 Desktops, 1 Laptop).

              • #1869470 Reply
                abbodi86
                AskWoody_MVP

                That’s what i said 🙂
                if you install th update on your AMD machine, it has no effect

                likewise, if i install the update on Intel machine which don’t have new microcode in the update, also no effect

                2 users thanked author for this post.
      • #1867814 Reply
        byteme
        AskWoody Plus

        Win7 Home Premium 64-bit. Group B: the few, the proud, the paranoid.

        I installed the 2nd June Win7 64-bit Security Update (4508772) — which supersedes 4503269, so there’s no need to install that, as has previously been noted — and rebooted.

        After a while I installed the 2nd June IE 64-bit Security Update (4508646) — which supersedes 4503259, so there’s no need to install that, as has previously been noted — and rebooted.

        After another while I installed the Security Update for Word 2010 (32-bit), and shortly thereafter I installed the MSRT.

        No fireworks so far, so I’m assuming all is well.

        5 users thanked author for this post.
        • #1867918 Reply
          anonymous
          Guest

          Byteme, I do basically agree with you, but the titles of the patches were slightly differing, one saying it had security in the title and the other not, KB4508646 “includes the quality improvements from KB4503259”. What about the security aspect? I can assume it is there but…

          Also in this Woody site it does not say one supersedes the other, only that it was released and what it fixed. https://www.askwoody.com/forums/topic/2000003-ongoing-list-of-group-b-monthly-updates-for-win7-and-8-1/

          I would rather overpatch with a cumulative patch overlaying the previous and not worry about missing something. But YES, a cumulative patch -should- have everything the previous one did.

          Ohh and Happy 4th of July!

          Thank you.

          2 users thanked author for this post.
      • #1867905 Reply
        Myst
        AskWoody Plus

        Monthly Rollup KB4503292 installed fine.
        MS Word 2010 Security Update KB4461619 was next after a restart, let the machine sit for about 20 minutes to process everything, something I do with each monthly update. Moving forward.

        Win7 Home x64 MacOS Chromebook

        1 user thanked author for this post.
        • #1867926 Reply
          anonymous
          Guest

          Hello Willygirl, Good post. I would however consider a little longer idle time if you are going for Idle Tasks because it takes about 20 minutes for the computer to realize you are not using it before it starts processing idle tasks. But, if you have good luck and all works well for you, “go with what you know”. Happy 4th!

          1 user thanked author for this post.
      • #1867927 Reply

        KB 4503292 installed here, with a weird glitch:

        Upon reboot, for 5 seconds, got a black screen with a little white box in the upper left of my screen that said something like (went by fast) “configuring your desktop…” and POOF! it vanished.

        MSFT, you are so weird.

        Win7 Pro SP1 64-bit ESU, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", Group "Patch List", Multiple Air-Gapped backup drives in different locations, "Don't auto-check for updates-Full Manual Mode." Linux Mint Greenhorn
        --
        "A committee is the only known form of life that has at least four legs and no brain."

        -Robert Heinlein

        1 user thanked author for this post.
      • #1868190 Reply
        E Pericoloso Sporgersi
        AskWoody Plus

        YES! Finally!

        The past months Windows Update always refused to give me 1903.
        I did receive all 1809 updates but nothing further, and only vague explanation and even less promise.

        But yesterday, 3 July, I finally reached digital nirvana: Windows 10 Home 1903 build 18362.207 did install. It took a while (hours) but it did finish.

        And up to now NO ISSUES that I noticed.

        s(n)idenote: No MS Office, free LibreOffice instead.

      • #1868522 Reply
        anonymous
        Guest

        Read the above instructions for Win7 Group B security only patch(s) for June, and I’m also confused.  Should we only install KB4508772 and NOT first install KB4503269?  Thanks everyone for the assistance.  Appreciated.

        • #1868595 Reply
          PKCano
          Da Boss

          The answer to your question is in #1867084.

          • #1868723 Reply
            anonymous
            Guest

            I had read that post. It’s not clear if we should just install only KB 4508772 or first KB4503269 before KB4508772? Would appreciate you confirming if it’s simply just (e.g. only) installing KB4508772, which is how I interpreted your advice? Thanks.

            • #1868764 Reply
              PKCano
              Da Boss

              I can give you a link to my sources. Please read Microsoft’s information for KB4503269 and KB4508772. Perhaps there is something there I missed.

              Also see #1868784.

            • #1868903 Reply
              OscarCP
              AskWoody Plus

              This is my two-cents contribution to the cause of Group B updating:

              As PKCano  #1867084  has already noted, and according to https://support.microsoft.com/en-us/help/4508772/windows-7-update-kb4508772 :

              This update for Windows 7 SP1 and Windows Server 2008 R2 SP1 includes the quality improvements from KB4503269 (released June 11, 2019), in addition to these key changes

              So, according to this MS article, it is enough to install kb4508772 . But if one is not doing something that is likely to have the problems listed in that site, so “these key changes” are not needed, then the previous Security Only update should be enough. It is up to the users to decide. If one is not sure about what to do, then it is better to install kb4508772, as it will not cause problems doing so (as far as it is known at this time, at least). As to the update to IE 11, I think that Byteme’s  #1867814 recommendation to install the last June one to come out is correct, as these updates are cumulative. But, as far as I know, if one is not using IE 11 for browsing (unlike the Windows operating system, that is always using it for its own reasons) then waiting until the July update is declared to be OK might do as well, because the July update will include the relevant June ones and only those, again, as these updates are cumulative and also because one would hope things this month will be simpler than they were in June.

              Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

              3 users thanked author for this post.
        • #1868598 Reply
          anonymous
          Guest

          Hello Anonymous, I installed win 7 group B 5 updates and it went fine. Byteme installed about half saying that they were cumulative (for IE) and did well. The page PKC manages has a site on suggested installs here at woody’s, https://www.askwoody.com/forums/topic/2000003-ongoing-list-of-group-b-monthly-updates-for-win7-and-8-1/

          I would go down PKC’s list unless they chime in and say differently since win 7 Group B is not cumulative but group A is.

          Happy 4th!

      • #1868599 Reply
        Alex5723
        AskWoody Plus

        I don’t remember any update regarding the USB 1903 upgrade bug.
        Was it fixed with June updates ?

      • #1868611 Reply
        Blizzard
        AskWoody Plus

        Group A, Win7 Pro 32bit @ SP1, HP dc7900 SFF PC using Wolfdale Intel Core2 Duo E8400 3GHz

        Monthly Rollup KB4503292 installed after I fully imaged my HD.  No oddities observed.

        Waited until task manager showed TrustedInstaller had concluded its activity, then rebooted and proceeded to install the current MSRT.  Again, no oddities observed.  Rebooted several times after TrustedInstaller no longer showed active.  All seems well here.

        No issues observed with my network connections or WMP, BTW…

        Thank yous out to the many fine contributors who help build my confidence to proceed with such updates once the MS-DEFCON level is appropriate.

        • This reply was modified 1 year, 3 months ago by Blizzard.
        • This reply was modified 1 year, 3 months ago by Blizzard.
        3 users thanked author for this post.
      • #1868715 Reply
        Tex265
        AskWoody Plus

        The MS pages for KB4508772 say:

        This update for Windows 7 SP1 and Windows Server 2008 R2 SP1 includes the quality improvements from KB4503269 (released June 11, 2019), in addition to these key changes:

        Addresses an issue that may display the error, “MMC has detected an error in a snap-in and will unload it.” when you try to expand, view, or create Custom Views in Event Viewer. Additionally, the application may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs.

        So is there no similar, stand alone KB catalog fix for this issue for those of us on Windows 7 – Group A  – KB4503292 CU?  Or does it not have this issue?

        Windows 10 Pro x64 v1909 and Windows 7 Pro SP1 x64 (RIP)
        • #1868722 Reply
          PKCano
          Da Boss

          For Group A the Event Veiwer Customs View issue was fixed in the 2019-06 Preview Rollup KB4503277  which is an UNCHECKED OPTIONAL patch, or you can wait for the July Monthly Rollup.

          2 users thanked author for this post.
      • #1868718 Reply
        anonymous
        Guest

        Recent Replies

        PKCano on MS-DEFCON 4: It’s time to get the June Windows and Office patches installed
        6 minutes ago

        It is 12:48 CST and this was posted an hour ago.

        There seems to be an hour or so delay in the updating of the Recent Replies section on the right.

        TY

        • #1868725 Reply
          PKCano
          Da Boss

          Yes, it would seem there is a delay in updating of  in the Recent Updates list in the right hand panel.

      • #1869003 Reply
        anonymous
        Guest

        I am in Group B with Windows 8.1. I only installed Jun 2019 KB 4503290 and Jun 2019 (IE11) KB 4503259 and the flash update. Now Skype keeps signing me out automatically every 5-10 min. Is in the June 2019 Updates that are causing it? Or what might be causing it?

        1 user thanked author for this post.
      • #1869200 Reply
        Sueska
        AskWoody Lounger

        I am also in Group B with Windows 8.1.

        Installed the following updates on 6/24/19; Word 2013 Security Update for June KB4464590, IE11 KB4508646 cumulative update, and the June Security Only updates KB4503290 and KB4508773.

        Issue #1 – Not certain if related, but a few days after installing the updates, I got numerous odd errors when visiting microsoft secure sites “This page can’t be displayed in IE 11 – Turn on TLS 1.0, TLS 1.1, and TLS 1.2 …” These protocols were already enabled in IE 11. A reset of IE 11 fully corrected the issue.

        Issue #2 . All 4 of the updates I installed on 6/24/19 are visible in “View Update History”. However, when I select “Installed Updates” I find 77 additional Office Updates installed on 6/24/19. There is no way these very old office updates from 2015-2018 were installed on this date. If any one has any ideas, would be appreciated. Otherwise guess I should just be glad everything seems to work fine now.

        1 user thanked author for this post.
      • #1869344 Reply
        GoneToPlaid
        AskWoody Plus

        Staying on Group B is a bit difficult.

        I both number and rename the downloaded updates, such that the file names include important information. In this fashion, I can easily reinstall and update Windows 7 while avoiding occasional issues and pitfalls which were fixed in superseded updates.

        The attached screen captures of the folder containing my downloaded and renamed Windows 7 Security Only updates should give you a good idea about my methods for staying on Group B while avoiding issues.

        For example, do you really want Windows Update to get taken down because you have either a newer AMD CPU or an older CPU which triggered Windows Update to shut down? System Restore does NOT fix this issue, as I discovered when Windows Update got taken down simply because three of my computers have Core I5 Sandy Bridge CPUs. Uninstalling the April 2017 security only update, which caused the issue, didn’t work either. This is why the update numbered 09 needs to be installed before installing the updates numbered 10 and 11.

        On the other hand, abbodi86’s instructions for killing Windows 7 telemetry after installing monthly rollups are really slick. See here:

        2000012: Neutralize Telemetry & Sustain Win 7, 8.1 Monthly Rollup Model

         

        • This reply was modified 1 year, 3 months ago by GoneToPlaid. Reason: grammar
        • This reply was modified 1 year, 3 months ago by GoneToPlaid. Reason: Added information
        Attachments:
      • #1869369 Reply
        Alex5723
        AskWoody Plus

        Just took a peek at my 1809 pro update history after June update KB4503327 (17763.557) and I didn’t find May 21, 2019—KB4497934 (OS Build OS 17763.529)

        Starting with update KB4497934, we are introducing functionality that allows you to decide when to install a feature update. You control when you get a feature update while simultaneously keeping your devices up to date.

        Maybe Microsoft’s AI decided the Pro users with Advanced Options deferrals /GPEdit don’t need KB4497934 ?

        • #1869447 Reply
          PKCano
          Da Boss

          May 21, 2019—KB4497934 (OS Build OS 17763.529) is a non-Security Preview, not a Feature Update. If you have Pro set at SAC (not Targeted) you should not see. in Windows Update, (without being a “seeker”) the Preview updates released between Patch Tuesdays. And you should not see any of the May (or earlier) patches show up in the Windows Update pending queue after you install the June CU anyway.

          • #1869464 Reply
            Alex5723
            AskWoody Plus

            non-Security Preview

            Shouldn’t a non-Security Preview be bundled with next month’s updates ? Is the new ‘download and Install’ feature baked into recent 1809 pro updates regardless of deferrals ?

            • #1869468 Reply
              PKCano
              Da Boss

              The Preview updates/fixes released between Patch Tuesday are included in the following Patch Tues. Security CU.

              The new ‘download and install now’ feature, I think, was initially in the late May Preview patches, but was acquired through Windows Update beginning with the June Patch Tues. CUs. We still haven’t determined (to my knowledge) exactly how this new “feature” is going to work. Microsoft’s pages say it will show “Feature Updates” = upgrades. But some reports say it is also showing Preview Updates (non-Security CUs between Patch Tues.s).

              1 user thanked author for this post.
      • #1869738 Reply
        davinci953
        AskWoody Plus

        Version 1903 is knocking on the door. I had the following notification on the WU page when I installed the June updates. I think the only thing keeping it at bay is that I have the feature update deferral setting set to 180 days.

        wu

        Attachments:
        • #1869827 Reply
          Alex5723
          AskWoody Plus

          Version 1903 is knocking on the door

          Are you on 1803 or 1809 ?

          • #1869904 Reply
            davinci953
            AskWoody Plus

            Currently on 1809.

            • #1870185 Reply
              Alex5723
              AskWoody Plus

              Currently on 1809

              That is strange. 1803 should get this message as 1809 EOL is 2020-05-12 / 2021-05-11

              I am on 1809 Pro and haven’t seen this message.

              • #1870501 Reply
                davinci953
                AskWoody Plus

                It seems to be random. I have 1809 Pro on my laptop also, and the 1903 message doesn’t show. It shows only on my desktop that is a newer system.

      • #1869828 Reply
        anonymous
        Guest

        Anyone else experience this?

        I’ve seen the error below  on both a Windows 10 and a Windows 2016 box with 2019-06 cumulative updates from earlier in the month, but installing the cumulative update from 6/26 or 6/27 resolves the error: https://www.catalog.update.microsoft.com/Search.aspx?q=%222019-06+cumulative+update+for+windows%22

        Update Status – There were some problems installing updates, but we’ll try again later. If you keep seeing this and want to search the web or contact support for information, this may help: (0x8024401f)

        Microsoft has some suggestions on fixing Windows Update errors, https://support.microsoft.com/en-us/help/10164/fix-windows-update-errors. One of the suggestions for fixing errors when the windows troubleshooter fails and the servicing stack updates are current is to use the most current cumulative update for the OS. In both cases that I’ve seen, this resolves the error above when a rebuild of c:\windows\SoftwareDistribution does not.

        • #1869885 Reply
          anonymous
          Guest

          Just to clarify, this error comes from checking online for updates after earlier June cumulative updates are installed using ConfigMgr/WSUS

      • #1869898 Reply
        Tex265
        AskWoody Plus

        I’m getting ready to install the June CU – KB4503286 on my Win10 Pro ver 1803.

        Per rc below, I should also go to the MS Catalog, download, and manually install KB4503288 to fix the Event Viewer Bug.

        Is most everyone in agreement with this?  If yes to do, do I need to install both or just get KB4503288 from the Catalog and ignore installing KB4503286 via WUpdater?

        The Event Viewer Bug also may affect Automatic Maintenance. So, head over to the MS Updates Catalog and get the non-MS Updates patch which corrects the issue. Once this patch is manually applied, at least for Version 1809, things get back to normal. Checking for driver events in the Device Manager is also wrecked if Custom Views are munged.

        Also, I assume this/these updates will change my WU to the “new” version?  Will my Feature delay 365 days, Quality delay up to 30 days, Group Policy 2 – ask before downloading, and wushowhide app still remain/work?

        Windows 10 Pro x64 v1909 and Windows 7 Pro SP1 x64 (RIP)
        • #1869908 Reply
          PKCano
          Da Boss

          KB4503288 says it is a Cumulative Update, so you should not need KB4503286.
          The new WU settings should be included.
          I do not think the deferrals disappear in 1803 and 1809, and the GP setting of 2 should keep it or Feature Updates from downloading without permission.

          BUT. Can you trust Microsoft, because the pages also say:

          When Windows 10 devices are at, or within several months of reaching, end of service, Windows Update will begin to automatically initiate a feature update. This keeps those devices supported and receiving the monthly updates that are critical to device security and ecosystem health.

          The Windows 10 April 2018 Update will reach end of service on November 12, 2019 for Home and Pro editions. We will begin updating devices running the April 2018 Update and earlier versions of Windows 10 in late June 2019 to help ensure that we keep these devices in a serviced, secure state

          • #1869938 Reply
            Tex265
            AskWoody Plus

            PK, thanks

            Do you agree that the Event Viewer issue is significant enough to go the Catalog/Manual install route? Or wait for the July CU?

            I normally dont install any of the mid-month non-security releases but rc seems to think it is important this time and Woody thanked him on his post, so what say you?

            Finally, if I manually install KB4503288 does KB4503286 disappear from the queue?

            Thanks

            Windows 10 Pro x64 v1909 and Windows 7 Pro SP1 x64 (RIP)
            • #1869951 Reply
              PKCano
              Da Boss

              Personally, I installed the Patch Tues CU and I do not install the Previews (my choice).
              If you install the Preview, you do not need the earlier CU. It probably will no longer be offered.
              But the July update is only four days away. What’s your rush?

              1 user thanked author for this post.
              • #1869963 Reply
                Tex265
                AskWoody Plus

                But the July update is only four days away. What’s your rush?

                My concern (perhaps unfounded) is unless I get something installed before the July updates come out I’ll be stuck for another month since we won’t get a Defcon go-ahead until the end of July at best.

                And without the “new” WU settings, I’ll be out of touch with the forums ongoing dialogue – but then maybe not updating would help hold off MS?

                Windows 10 Pro x64 v1909 and Windows 7 Pro SP1 x64 (RIP)
              • #1869964 Reply
                PKCano
                Da Boss

                The “new” settings are in all the June CUs – Patch Tuesday CU or Preview. Take your pick.

              • #1870925 Reply
                Tex265
                AskWoody Plus

                About 1 hour ago I installed the June CU KB4503286 update onto my Windows 10 Pro x64 ver 1803 computer.

                I let the KB come down via the Windows Updater. Windows Update Group setting at 2 required I select the Download button. Upon clicking the button, the Download started and under the download Status details a new paragraph showed that said

                “You’re currently running a version of windows that’s nearing the end of support. We recommend you update to the most recent version of Windows 10 now to get the latest features and security improvements.”

                Other than that, the download and installation proceeded as normal and requested a restart (all the while retaining the above paragraph on the screen).

                Upon restart my system came back up – no problems. Going back into Settings>Update & Security>Windows Update, the screen looks exactly as it did before the June update with only the Check for Updates button. Nothing new or added (the new paragraph above was also gone from the screen).

                Advanced options remain the same as they were with ability to still set Branch Readiness level, Feature deferral, and Quality update deferal.

                I did another restart and no change from above.

                Botton line, so far nothing has changed from what I had before that I can see.  Anyone else seen something different?

                I did not hit the Check for updates button so will see if anything changes when system performs an automatic update tomorrow.

                PS: I may manually download and install KB4503288 tomorrow to correct the Event Viewer issue. We probably all have this issue since I noted that my Windows 7 and 10 came standard with Administrative Events as a Custom View.

                Windows 10 Pro x64 v1909 and Windows 7 Pro SP1 x64 (RIP)
                1 user thanked author for this post.
              • #1870957 Reply
                Tex265
                AskWoody Plus

                To add to my post above since too late to Edit:

                Implied but to specifically say: There is no appearance of the new “Download and install now” link or separate Feature Upgrade area that has been heavily discussed here at AskWoody.

                Windows 10 Pro x64 v1909 and Windows 7 Pro SP1 x64 (RIP)
              • #1872521 Reply
                Tex265
                AskWoody Plus

                Update: I have now received 2 separate automatic Windows Updates over 2 days for Windows Defender definitions. Due to my Group Policy setting to require “ask before downloading” I need to select the Download button to approve any download to install.

                Each time when I select the Download button, I get the paragraph below, and the download and install proceeds.

                “You’re currently running a version of windows that’s nearing the end of support. We recommend you update to the most recent version of Windows 10 now to get the latest features and security improvements.”

                After install completes and I close the Settings screen and reopen, the paragraph is gone and everything is back to the way it always was in 1803.

                Perhaps my deferral settings are keeping the new “Download and install now” link and 1903 away?

                Windows 10 Pro x64 v1909 and Windows 7 Pro SP1 x64 (RIP)
        • #1872518 Reply
          rc primak
          AskWoody_MVP

          Replying to Tex265:

          Per rc below, I should also go to the MS Catalog, download, and manually install KB4503288 to fix the Event Viewer Bug.

          Do you agree that the Event Viewer issue is significant enough to go the Catalog/Manual install route? Or wait for the July CU?

          I normally don’t install any of the mid-month non-security releases but rc seems to think it is important this time and Woody thanked him on his post…

          I think I’ve reconsidered how important restoring the Event Viewer Custom Views really is for most folks.

          I had a specific reason for restoring the functioning of the Event Viewer. Windows said it had reinstalled one of my drivers. I went into the Device Manager to look at any driver related Events. This brings up a Custom View, which exposed the Event Viewer bug. I only applied the Catalog-only patch to restore the Event Viewer so that I could see the driver related Events.

          It turned out that the driver was reinstalled, but remained the OEM driver I wanted to keep. I could not have determined this information if I had not fixed the Event Viewer bug.

          Most folks will not run into something like this, so waiting for a fix in next month’s (July) Cumulative Update for Version 1809 would seem to be the best (and easiest) way to go.

          This means that manually installing the update from the MS Update Catalog is not necessary for most folks, unless you believe strongly in letting Windows Automatic Maintenance run on some set schedule. This is also not an issue for most Windows 10 users. Automatic Maintenance can wait a month or two for most folks.

          -- rc primak

          • This reply was modified 1 year, 3 months ago by rc primak.
          • This reply was modified 1 year, 3 months ago by rc primak.
          1 user thanked author for this post.
      • #1870099 Reply
        singbluesilver
        AskWoody Lounger

        Hello anonymous (the one quoted below – we have several by that “name”  🙂 ) and all:

        I’m in a fairly similar situation as the Anonymous who posted the question as far as cumulative updates.  My situation just goes farther back.

        Firstly: I have two desktop/tower computers, both running Windows 7; one running Home and one running Pro, both 64-bit.

        I’ve been in Group B since “Patchocalypse” started.  Then in or about June of last year, 2018, I went to Group X due to prevailing non-computer related circumstances.  In other words, I haven’t done any updates for about a year.

        Now that circumstances are calmer, I want to remain in Group B.  I feel that I’m living dangerously in Group X.  My question in a nutshell is, how far back should I go with installing security-only patches?  I remember that there was a great debate about what was cumulative and what was not around June 2018 (and what wouldn’t install at all with installing Patch XYZ first), and I still have that bookmarked.  Should I go back that far and install each month’s security-only patches from Woody’s link as I’d always done?  Or are there cumulative patches in more recent months that will save me that labor?  Hopefully at least no farther back than January 2019?

        I’m not so good at searching the forum, but I’m fairly adept at understanding and enacting updates.  And I’d of course image both hard drives before doing anything, and make a system restore point before starting any updates and after each month’s update after I saw that all was well.

        Thanks a million.

        SBS

        Hello Anonymous, I installed win 7 group B 5 updates and it went fine. Byteme installed about half saying that they were cumulative (for IE) and did well. The page PKC manages has a site on suggested installs here at woody’s, https://www.askwoody.com/forums/topic/2000003-ongoing-list-of-group-b-monthly-updates-for-win7-and-8-1/

        I would go down PKC’s list unless they chime in and say differently since win 7 Group B is not cumulative but group A is.

        Happy 4th!

        Windows 7 HP SP1 64-bit, Group B

        • This reply was modified 1 year, 3 months ago by singbluesilver. Reason: Clarification about restore point
        • This reply was modified 1 year, 3 months ago by Bluetrix.
        • This reply was modified 1 year, 3 months ago by Bluetrix.
        • #1870133 Reply
          singbluesilver
          AskWoody Lounger

          I can’t edit for some reason.

          Let me try to pare down my question to, are security-only updates (Group B) for Windows 7 still never ever cumulative?  It seems the case from this post:

          BUT I just wanted to double check when the “non-cumulative” factor started.  I haven’t updated for a year as mentioned and before I start downloading and installing from July 2018 onward, I wanted to make extra sure.

          Thank you again.

          Moderator note: Rapid editing a post can get your post caught by our SPAM filter.
          In this instance it did.

          Windows 7 HP SP1 64-bit, Group B

          • This reply was modified 1 year, 3 months ago by singbluesilver. Reason: Corrected a link
          • This reply was modified 1 year, 3 months ago by singbluesilver. Reason: Undid quoted post
          • This reply was modified 1 year, 3 months ago by Bluetrix.
          1 user thanked author for this post.
          • #1870178 Reply
            Elly
            AskWoody MVP

            You will need to be aware of the Servicing Stack updates… which require all updates in Windows Update to be installed or hidden. If you haven’t done this for a year, each time you hide the Monthly Quality and Security update and check for updates again, the previous Monthly Quality and Security update will show up… repeat hide and check until no new Monthly Quality and Security updates show up… when there are no other updates showing up in WU, the servicing stack update should show up for installation. Better to do that first.

            The Group B Security only updates are not cumulative, and you will need to install all of them.

            As Group B installs the IE 11 cumulative update, you can install the latest IE 11 update to bring it up to date.

            Go through the Group B list and follow the steps… you don’t have to install them one at a time before rebooting (other than the Servicing Stack update).

            Non-techy Win 10 Pro and Linux Mint experimenter

            1 user thanked author for this post.
            • #1870625 Reply
              singbluesilver
              AskWoody Lounger

              Thanks so much, Elly.  I’d never heard of Servicing Stack updates.  I’ll be on special lookout for them!  I felt like I was asking a stupid question that already had an answer in the post that I quoted, but now I’m VERY glad that I asked.

              Thank you again.

              SBS

              Windows 7 HP SP1 64-bit, Group B

              1 user thanked author for this post.
        • #1870240 Reply
          anonymous
          Guest

          Hello singbluesilver, I am anon #1868598.

          “Now that circumstances are calmer, I want to remain in Group B. ”
          I think that is a good idea. I am doing group B myself as are my friends. However I will ask you to look at what Canadian tech has done, by not updating. He has gone over 2 years without updating and has had no issues (as far as I know a few months back).
          CT said, “The really interesting aspect is that since we stopped ALL Microsoft updates of any kind in May 2017, these machines have become extremely stable and reliable. My workload in support has fallen of to well below 50% of what it was. Clearly, the age-old rage for updating is just plain wrong– at least at this point for private owners.”

          Usage share blips — Win7 goes up, Win10 goes down


          For your reference here is an article he has on restoring a new copy of Win 7. http://www.canadiantech.info/for-techies/re-build-windows-7/rebuild-windows-7-july-2018/

          “in or about June of last year, 2018, I went to Group X ”
          “Should I go back that far and install each month’s security-only patches from Woody’s link as I’d always done? Or are there cumulative patches in more recent months that will save me that labor? ”
          Yes, go back to June 2018. Group B patches are NOT cumulative. IE11 is and you should be OK with the latest cumulative IE11 patch.

          I would go down PKCano’s list for Group B, https://www.askwoody.com/forums/topic/2000003-ongoing-list-of-group-b-monthly-updates-for-win7-and-8-1/
          But in my opinion, you should also either 1) get the normal .NET patches as they arise from time to time or 2) get the Security ONLY .NET patches as I do since I consider those Group B also. The easy route is the normal .NET patch from Windows Update since it will give you what you need. BUT again, try not to install every new .NET offered to you from Microsoft. Why install .NET 4.7 if you do not have a program or need for that version? I only have version 3.5.1 .NET since that came with Windows 7. I only install the SO from the catalog for 3.5.1. I have read that if you go over .NET 4.6.1, you get the telemetry of newer .NETs. Others here may disagree and that is fine, my computer is running great and I am staying with what works.

          1 user thanked author for this post.
          • #1870631 Reply
            singbluesilver
            AskWoody Lounger

            Thanks so much anon #1868598, now anon #1870240   🙂

            That is a wealth of information!  I’m very glad to hear about Canadian Tech, that he has had no problems, per @Noel Carboni‘s common sense surfing and downloading and etc.  I haven’t had a malware or other problem either in this year without updates.

            I’m with you on .NET!  I’m not a user of “heavy” software or games etc, and I don’t feel that I need the latest (and usually not greatest) .NET either.  But it does seem to be a security hole and I’m very glad that you reminded me of it.

            Thanks again, very very much.

            SBS

            Windows 7 HP SP1 64-bit, Group B

        • #1870569 Reply
          Noel Carboni
          AskWoody_MVP

          Contrary to popular lore, if you understand what you’re doing and can weigh the risks and rewards yourself, avoiding patching an OS that works for what you need it for isn’t a recipe for disaster. Not knowing what you’re doing, actively doing irresponsible things, and/or hoping for someone else to take care of your security can be, however.

          Microsoft and others would like you to believe that even though they could not design the software to be secure, a hastily prepared patch will be perfect and never unacceptably degrade performance. Stop for a moment and think about how ridiculous that is.

          -Noel

          4 users thanked author for this post.
      • #1870554 Reply
        Noel Carboni
        AskWoody_MVP

        but if you’re using Windows 7, 8.1, XP, Vista, or one of the Server variants and skipped the May patches, you need to drop everything and get the May or June patches installed. BlueKeep is coming.

        Win 8.1, really?

        -Noel

      • #1870571 Reply
        Mele20
        AskWoody Lounger

        The “new” settings are in all the June CUs – Patch Tuesday CU or Preview. Take your pick.

        I’m on 1803 and I waited for the Defcon level to be raised and I then installed KB4503286 yesterday. Today, I tried to open Event Viewer and saw that I have the error that causes it to unload and be closed.

        That error is corrected in KB4503288. So, my choices are to (1) install the preview cumulative update or (2) simply wait another month until July’s cumulative update is given the go ahead here. Correct?

        I do hope to avoid an update to 1809 (I just installed 1803 on April 7) until October. I have the same question as Tex265. Plus, what are these new WU settings? Those come with KB4503288? Will fixing the event View error by installing KB4503288 obliterate my group policy settings regarding upgrade to 1809?

        Edit: I just tried Event Viewer again and it opened normally this time. I know the problem involves custom views but I didn’t think I was using any! I must have been though because it opened to custom view and then unloaded. Just now, it opened to normal view so I guess I can just avoid custom views for a month and that way I won’t need to install KB4503288.

        • This reply was modified 1 year, 3 months ago by Mele20.
        • #1870579 Reply
          PKCano
          Da Boss

          if you really need the Custom Views, you can install KB4503288. But the fix will be in the July updates if you can wait. Installing KB4503288 should respect your Group Policy settings.

          The new settings will give Home users a chance to pause updates up to 35 days for the first time. They are supposed to also present Feature Updates on a voluntary “download and install now” basis, instead of “surprise, we got you.” We still haven’t had time to confirm how they work.

          1 user thanked author for this post.
          • #1870930 Reply
            Tex265
            AskWoody Plus

            See my update reporting here:

            https://www.askwoody.com/forums/topic/ms-defcon-4-its-time-to-get-the-june-windows-and-office-patches-installed/#post-1870925

            Windows 10 Pro x64 v1909 and Windows 7 Pro SP1 x64 (RIP)
          • #1871029 Reply
            RTWinzz
            AskWoody Plus

            I have win 7 and just installed KB4503292 and immediately on starting Event Viewer got the error message and it crashed.  I did have an old custom view defined and decided to see if eliminating that view would stop the crashes.  I went to Programdata\Microsoft\Event Viewer\Views folder and relocated the custom view (mine was named View1.xml).  Once I relocated the file, I could open Event Viewer normally without any crashes.  This worked on 3 different PCS running Win 7 Pro.  Since I really don’t need the custom view anymore, I decided this was an easier and less dangerous fix than installing another buggy patch from MS that was produced quickly and tested to their usual rigorous standards.  YMMV.

            1 user thanked author for this post.
      • #1870923 Reply
        Seff
        AskWoody Plus

        I’ve installed the monthly rollup KB4503292 today on my main Win7 desktop, seemingly without any issues as yet. I hope to get to install it along with the Office 2010 update KB4461619 on my other desktop before the July patches hit, but that machine is currently at the local repair shop although it should hopefully be back in time.

      • #1871016 Reply
        glnz
        AskWoody Plus

        Here’s a possible nuance for Win 7 Pro 64-bit Group A:

        I’m fully updated through the June patches, but now I cannot get Task Manager’s position and size to stick.  I’m one of those nerds that has set Task Manager to start on every reboot.  I like to set it to open on the right side of the screen, with max vertical size from top of screen down to top of “tray”.

        But that won’t stick any more!

        On every reboot, Task Mnager now reopens at top left and skinnier and shorter than I want it.  I can’t figure out why the size and position settings don’t stick.

        One of the April, May or June patches ???

        • This reply was modified 1 year, 3 months ago by glnz.
        • #1871089 Reply
          anonymous
          Guest

          ginz, try this idea. with IE and other screens one can force a permanency by setting the size and shape you want and hold the control key down and click the “X” to close the screen. You may have to do it more than once or even try the Shift key when closing. But Usually the Ctrl key and closing the screen forces a writing to the registry of that position. Let us know if it worked or not.

          1 user thanked author for this post.
          • #1871125 Reply
            glnz
            AskWoody Plus

            Hey, anonymous – my previous try of CTRL + X button did not work, but your post inspired me to try it in SAFE MODE.  So, in SAFE MODE, I closed Task Manager with every combination of CTRL, ALT and SHIFT the X button, and on reboot into normal 7 it’s working!

            Thanks.

            • This reply was modified 1 year, 3 months ago by glnz.
            • #1875652 Reply
              glnz
              AskWoody Plus

              Update – my size and location settings for Task Manager are still not sticking.  It goes back to the upper left corner with a small size on almost every reboot.  Win 7 Pro 64-bit.

              Started happening only the last two months or so.  So I’m guessing the updates.

              I have Task Manager set to start on each reboot.  Do you?  If yes, do you see the same thing?

              • #1875731 Reply
                anonymous
                Guest

                Ginz! We are on the same page. I was trying to make IE stick where I wanted and had to try a few times. I was opening from a shortcut and it didn’t want to stick. I then opened from the “blue E” and did the Ctrl or Shift key trick and it worked. I suspect it did not want to work on IE opened from a web shortcut?? Don’t know.

                Yes I do use task manager but I manually open it each time by using Ctrl-Shift-Esc. It does stay where I put it and it does keep the tab I had open.

                I am up to date with JUNE Security Only updates Group B.

                Sorry to hear your is acting up but I too have run into “resistance” to making the position stick.

                If you have CCleaner, have it clean the “Windows Size/Location Cache” and see if that helps. turn it off so it won’t clear out your current placements.

                Hope that helps.

      • #1871032 Reply
        rick41
        AskWoody Plus

        Group A.  3 Win 7 machines, two with 64-bit Pro and 1 with 64-bit Home Premium.  Installed the Monthly Rollup and MSRT on all three, plus Microsoft Filter Pack 2.0 update (KB 3114879) on the applicable Pro machine.

        Everything seems fine, although — unlike Blizzard — I did have to reconfigure Windows Media Player on all three machines.  This seems to be required more often than not these days.

        1 user thanked author for this post.
      • #1871609 Reply
        Marcus Weldby
        AskWoody Plus

        Maybe I missed it, but I don’t see .NET patches listed in the new Master Patch List Excel spreadsheet. I’m specifically looking for the recommendation on 4489486 which came out on 5/23/2019. It is showing up in my WSUS server.

        • #1871624 Reply
          Marcus Weldby
          AskWoody Plus

          I don’t see Office updates either. Maybe I’m just not looking in the right place?

          • #1871832 Reply
            Susan Bradley
            AskWoody MVP

            https://www.askwoody.com/patch-list-master/  Are you looking at the top here?

             

            That .NET is an optional update/preview and is not needed at this time.

            Susan Bradley Patch Lady

            • #1871844 Reply
              Marcus Weldby
              AskWoody Plus

              Whoops, there it is staring me right in the face, I’ll chalk it up to being Monday.

              In my WSUS console it shows the June 18 .NET update as being a Preview, but I was wondering about the May 23 one as it is just called an “Update”, not a Preview.

              Thanks!

      • #1871631 Reply
        SueW
        AskWoody Plus

        Here’s my feedback after updating last night:

        1 – imaged my disk with Macrium Reflect Free

        2 – downloaded Updates KB4508772 (June SO) and KB4508646 (IE11 June Cumulative)

        3 – installed the June SO and IE11 Updates and then rebooted; waited 15 minutes

        4 – updated MS Security Essentials’ Virus & Spyware Definitions manually to eliminate Windows Update’s “Optional” ‘Definition Update for Microsoft Security Essentials – KB2310138’

        5 – checked “Windows Update” => 4 Important (3 checked): 2 Office 2010 and 2 Win 7; 2 Optional: both unchecked

        6 – hid the unchecked Important Update KB3114879 (Microsoft Filter Pack 2.0 32-Bit Edition)

        7 – unchecked and hid “Important” Update KB4503292 (June Rollup)

        8 – hid the unchecked Optional update KB4503277 (June Preview Rollup)

        9 – hid the unchecked Optional update KB4503865 (Preview of Quality Rollup for .NET Framework for Windows 7 for x64)

        10 – checked “Windows Update” again => 2 Important: 1 Office 2010 and 1 Win 7: both checked; 2 Optional: both unchecked

        Note: the 2 unchecked Optional were from May: KB4499178 (May Preview Rollup) and KB4505050 (IE May Cumulative) . . .

        11 – hid both unchecked Optional updates

        12- checked “Windows Update” again => 2 Important: 1 Office 2010 and 1 Win 7: both checked

        13 – unhid 0 hidden updates to install

        14 – installed 2 Updates: 1 Word 2010 (KB4461619) and MSRT (KB890830)

        15 – rebooted and waited around 45 minutes

        Note: Windows Media Player needed to be reconfigured again.

        Many thanks once again to Woody, PKCano, and everyone else who continue to contribute their time and expertise, or who post their own results!

        Win 7 SP1 Home Premium 64-bit; Office 2010; Group B (SaS); Former 'Tech Weenie'
        4 users thanked author for this post.
      • #1871788 Reply
        Sparky
        AskWoody Plus

        Am I missing something?
        On the Master Patch List page, under:

        (“JUNE UPDATES
        June 30, 2019 — Update Status
        It’s now time to wrap up June’s Windows and Office updates. They’re not perfect, but there are no showstoppers.
        Below are the update Master Patch List charts in both Excel and PDF formats.”)

        Some PDF & Excel links don’t work.
        And the Pre-Windows 10 versions PDF chart does not show any patches.
        In previous months the patches were laid out in columns showing Safe to install?

        Thanks,
        Sparky

        Dell, W10 Professional, 64-bit, Intel Core i7 Quad, Group A

        HP, W7 Home Premium, 64-bit, AMD Phenom II, Group A

        1 user thanked author for this post.
        • #1871804 Reply
          Microfix
          AskWoody MVP

          Thanks for the keen eye feedback!
          Win10 PDF – Pre Win10 versions Excel (both missing)
          Susan will fix these when she has the time, stay tuned..

          Win8.1 Pro | Linux Hybrids | Win7 Pro O/L | WinXP O/L
          1 user thanked author for this post.
          • #1871814 Reply
            Marcus Weldby
            AskWoody Plus

            Microfix,

            Did you see my questions above regarding .NET and Office updates?

            Thanks!

          • #1872194 Reply
            Sparky
            AskWoody Plus

            Microfix,

            The are working now.
            As for the PDF Charts showing no patches.
            I have egg on my face, I didn’t realize that there is more than one page in the in PDF. Takes me awhile to break the crust off in the morning.

            Thanks,

            Sparky

             

            Dell, W10 Professional, 64-bit, Intel Core i7 Quad, Group A

            HP, W7 Home Premium, 64-bit, AMD Phenom II, Group A

            1 user thanked author for this post.
    Viewing 36 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: MS-DEFCON 4: It’s time to get the June Windows and Office patches installed

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.