MS-DEFCON 4: Patching weather is clearing

Topic

New Reply

ISSUE 20.04.1 • 2023-01-24 By Susan Bradley In general, the January updates have been well behaved. So far, I’m not seeing any trending issues with th
[See the full post at: MS-DEFCON 4: Patching weather is clearing]

Susan Bradley Patch Lady

3 users thanked author for this post.

lmacri, Pim, geekdom

Reply | Quote

Replies

2023-01 Update for Windows 11 Version 22H2 for x64-based Systems (KB4023057) has reared its ugly little head.

This update includes files and resources that address issues that affect the update processes in Windows that may prevent important Windows updates from being installed. These improvements help make sure that updates are installed seamlessly on your device, and they help improve the reliability and security of devices that are running Windows.

Source:
https://support.microsoft.com/en-us/topic/kb4023057-update-for-windows-update-service-components-fccad0ca-dc10-2e46-9ed1-7e392450fb3a

Carpe Diem {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.674 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1194 x64 i5-9400 RAM16GB HDD Firefox110.0b6 MicrosoftDefender

1 user thanked author for this post.

Coldheart9020

Reply | Quote

As I’ve said before, none of these ‘reviews’ are actually bad, what’s bad is the resetting it has done.  No patch should reset things.

Susan Bradley Patch Lady

1 user thanked author for this post.

Kirsty

Reply | Quote

My 3rd attempt (Are You Sure error geekdom posted about) to say I just Installed Kb4023057 as I always do – have never had any issues. Macrium images were made. WuMgr quick about it with no re-start indicated.

W10 Pro 22H2 / Hm-Stdnt Ofce '16 C2R / HP Envy Desk-Ethernet - SSD-HDD/ i5(8th Gen) 12GB / GP=2 + FtrU=Semi-Annual + Feature Defer = 1 + QU=0

Reply | Quote

The weather in the U.S.A. is like that too now.  Every now and then the sun comes out, the sky turns blue, and we actually get a halfway decent day.  On really rare occasions we get more than one such day in a row.

Experience is that marvelous thing that enables you recognize a mistake as soon as you make it again.

Reply | Quote

Updated- 2023-01 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems (KB5022303)

2023-01 Update for Windows 11 Version 22H2 for x64-based Systems (KB4023057)

Windows Malicious Software Removal Tool x64 – v5.109 (KB890830)

No problems.

Edition Windows 11 Pro
Version 22H2
Installed on ‎10/‎19/‎2022
OS build 22621.1105

Reply | Quote

And I will be republishing the HTML version of the spreadsheet – it messed up.

Susan Bradley Patch Lady

1 user thanked author for this post.

wavy

Reply | Quote

Symptom: Start Menu and other shell components fail when Apps including Barco’s ClickShare access Office APIs

..You may experience various issues related to the Windows Shell on devices that are running Office ClickToRun, along with some third party applications that use Office APIs:

Event 1000 is logged in the Application event log. The event log reports that an application crashes for StartMenuExperienceHost.exe, ShellExperienceHost.exe, SearchUI.exe, with an error code 0xc000027b / -1073741189.

Errors in the Microsoft-Windows-AppModel-State event log mentioning the following error with various package names:

Triggered repair of state locations because operation SettingsInitialize against package Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy hit error -2147024891.

The Windows Start Menu does not respond to mouse clicks or the Windows key.

Windows Search does not respond to mouse clicks on pressing the Search button or Windows+S key.

Cause

This may occur when a third party process such as ClickShare uses Office APIs on a computer where Office is deployed by using Office ClickToRun. Application packages’ permissions are being removed from the following Registry path:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders..

Workaround

Download the scripts to fix the issue when it happens, though the scripts cannot prevent the issue from re-occurring.

Open a Powershell prompt under the affected user identity, and run

PowerShell

Copy
.\FixUserShellFolderPermissions.ps1
If the script can’t access the registry key because the registry permissions are wiped out, then open an elevated Powershell prompt and run the following command:

PowerShell

Copy
FixUserShellFolderPermissions.ps1 -allprofiles
If an application doesn’t work, you may need to register the shell packages by running from the affected user the command

PowerShell

Copy
FixUserShellFolderPermissions.ps1 -register…

Reply | Quote

Just got..

Attachments:

You must be logged in to access attached files.

Reply | Quote

I hid it with wushowhide and it’s not re-appeared in the WU queue.

Reply | Quote

Maybe I shouldn’t ask in this thread but…

So, all this month updates went ok but I realized one thing. I’m on win10 and I think I’m not getting offered the option to move from 21H2 to 22H2 since the moment I got the “you are eligible for windows 11 22H2, click here do start downloading, or click here if you want to stay on win10 for now”.

I avoided clicking either of those 2 for a few months, but is my not clicking “stay on win10 for now” wants preventing the win10 22H2 upgrade from showing up?

Reply | Quote

Download InControl from GRC. Put it on your desktop. Set it for Win10 and whatever version you want (21H2, 22H2).
That will fix your problem.

2 users thanked author for this post.

Coldheart9020, mazzinia

Reply | Quote

Susan Bradley wrote:

In general, the January updates have been well behaved.

My only complaint is that Edge Chromium keeps getting re-installed.  This morning during off hours I got KB4023057 Update for Windows 11 Version 22H2 for x64-based Systems, which installed Edge once more.

As usual, I used Revo Uninstaller to get rid of it, and I’ve inserted a registry key in an effort to stop this from happening.  The key is:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EdgeUpdate]
“DoNotUpdateToEdgeWithChromium”=dword:00000001

I’ll see how that works out.  I found the Blocker Toolkit at MajorGeeks.com.

Create a fresh drive image before making system changes/Windows updates, in case you need to start over!

We all have our own reasons for doing the things that we do. We don't all have to do the same things.

Computer Specs

Reply | Quote

FYI, that regkey doesn’t work any more, guaranteed on W10!
Been there, done that, and disposed of it a while back.
I get the feeling that after next month, chromium based edge will be anchored deeper into W10 with the upcoming IE11 browser neuter next month.

WaaS = Windows as a Syphon...suckers!

Reply | Quote

@bbearren

To prevent Edge Chromium from automatically getting re-installed you need to set the following registry key.

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\EdgeUpdate]
"UpdateDefault"=dword:00000002

That key has four possible values and 2 = Manual updates only.

For full details, see Microsoft’s Update policy override default page.

3 users thanked author for this post.

oldfry, bbearren, geekdom

Reply | Quote

Coldheart9020 wrote:

I hid it with wushowhide and it’s not re-appeared in the WU queue.

I did not. It didn’t harm my PC with the last 10 times..057 installed.

Reply | Quote

bbearren wrote:

My only complaint is that Edge Chromium keeps getting re-installed. This morning during off hours I got KB4023057 Update for Windows 11 Version 22H2 for x64-based Systems, which installed Edge once more.

Microsoft Edge download for installation:
https://www.microsoft.com/en-us/edge/download?form=MA13FJ

Microsoft Store installation method:
https://apps.microsoft.com/store/detail/microsoft-edge-browser/XPFFTQ037JWMHS

1. How many other ways does Microsoft Edge install?

It shows in User apps and Provisioned Apps (as variation of MicrosoftEdge.stable).
This appearance in User Apps and Provisioned Apps may only occur if Microsoft Edge is installed through the Microsoft Store.

2. How many ways does Microsoft Edge update?

3. How many Microsoft Edge subprograms are associated with Microsoft Edge?

Microsoft Edge has tentacles.

Carpe Diem {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.674 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1194 x64 i5-9400 RAM16GB HDD Firefox110.0b6 MicrosoftDefender

Reply | Quote

geekdom wrote:

Microsoft Edge download for installation: https://www.microsoft.com/en-us/edge/download?form=MA13FJ Microsoft Store installation method: https://apps.microsoft.com/store/detail/microsoft-edge-browser/XPFFTQ037JWMHS 1. How many other ways does Microsoft Edge install?

My point is that I don’t want Edge, so I’m not looking for ways to install it, just ways to permanently get rid of it.  I’m making progress.  In my registry I have

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EdgeUpdate]
“DoNotUpdateToEdgeWithChromium”=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\EdgeUpdate]
“UpdateDefault”=dword:00000002

I also have manually deleted everything Edge in Program Files (x86).

Create a fresh drive image before making system changes/Windows updates, in case you need to start over!

We all have our own reasons for doing the things that we do. We don't all have to do the same things.

Computer Specs

2 users thanked author for this post.

Rick Corbett, geekdom

Reply | Quote

Microsoft Edge has various ways of installing. Uninstalling it and getting rid of the remnants may be a tedious process depending on how it has been installed: via Microsoft Store, direct download, or bundled Microsoft update (which likely creates User App and Provisional App files). If Microsoft Edge has been installed through Microsoft Store and perhaps bundled update, Microsoft Edge must be removed from User Apps and Provisioned Apps.

After uninstalling Microsoft Edge, files are left behind which must be removed from EdgeCore and EdgeUpdate:

There are other files and folders left in User profiles such as Edge Wallet. I don’t know if these types of files need removal.

How Microsoft Edge is installed affects how to remove it and all remnants and perhaps prevent it from installing again.

Carpe Diem {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.674 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1194 x64 i5-9400 RAM16GB HDD Firefox110.0b6 MicrosoftDefender

Attachments:

You must be logged in to access attached files.

Reply | Quote

geekdom wrote:

Microsoft Edge has various ways of installing itself. Uninstalling it and getting rid of the remnants may be a tedious process depending on how it has been installed: via Microsoft Store, direct download, or bundled Microsoft update. If Microsoft Edge has been installed through Microsoft Store and perhaps bundled update, Microsoft Edge must be removed from User Apps and Provisioned Apps.

I’ve never wanted Edge, so direct download or Microsoft Store are completely out of my realm of possibilities.  The only way I’ve had it installed was via Update.  Also, Edge has never appeared in the Apps menu.

geekdom wrote:

Uninstalling it and getting rid of the remnants may be a tedious process

I dual boot.  Boot to the other side and it’s just right-click Delete.  Not at all tedious.  This is how I did it on both sides of my dual boot.  I booted into the B side (where there is no Edge) with internet access disconnected to prevent any Windows Update from downloading in the background, and added two entries to the registry:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EdgeUpdate]
“DoNotUpdateToEdgeWithChromium”=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\EdgeUpdate]
“UpdateDefault”=dword:00000002

I then connected to the internet, checked for updates and got these:

KB5022303 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems
KB4023057 Update for Windows 11 Version 22H2 for x64-based Systems

Edge did not get reinstalled via KB4023057 as I mentioned earlier in this thread.

Create a fresh drive image before making system changes/Windows updates, in case you need to start over!

We all have our own reasons for doing the things that we do. We don't all have to do the same things.

Computer Specs

Reply | Quote

From your cited post:

bbearren wrote:

My only complaint is that Edge Chromium keeps getting re-installed. This morning during off hours I got KB4023057 Update for Windows 11 Version 22H2 for x64-based Systems, which installed Edge once more.

Carpe Diem {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.674 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1194 x64 i5-9400 RAM16GB HDD Firefox110.0b6 MicrosoftDefender

Reply | Quote

geekdom wrote:

From your cited post:

bbearren wrote:

As usual, I used Revo Uninstaller to get rid of it, and I’ve inserted a registry key in an effort to stop this from happening.

That was the A side of my dual boot.  In following posts I have summarized the additional steps I have taken to prevent Edge from getting re-installed in future Windows Updates.  I don’t want Edge.

I then turned my attention to the B side of my dual boot, after deleting all the pertinent files in Program Files (x86) on the B side.

bbearren wrote:

This is how I did it on both sides of my dual boot. I booted into the B side (where there is no Edge) with internet access disconnected to prevent any Windows Update from downloading in the background, and added two entries to the registry:

I will be monitoring for any future invasive installations of Edge, and take additional measures if necessary.

Create a fresh drive image before making system changes/Windows updates, in case you need to start over!

We all have our own reasons for doing the things that we do. We don't all have to do the same things.

Computer Specs

Reply | Quote

FWIW, I am still receiving Security Intelligence updates for Windows 8.1 as of Jan. 26.

Mark

 

1 user thanked author for this post.

Cybertooth

Reply | Quote

Checked for updates this morning and got KB5022360 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems.

No hiccups.  No Edge with this one.

Create a fresh drive image before making system changes/Windows updates, in case you need to start over!

We all have our own reasons for doing the things that we do. We don't all have to do the same things.

Computer Specs

Reply | Quote

Microsoft Edge is a tenacious and pernicious virus for those of us who don’t want it… ever.

IMO it most definitely meets the criterion of malware.

1 user thanked author for this post.

Cybertooth

Reply | Quote

bbearren wrote:

My only complaint is that Edge Chromium keeps getting re-installed. This morning during off hours I got KB4023057 Update for Windows 11 Version 22H2 for x64-based Systems, which installed Edge once more.

I thought KB4023057 was Microsoft Update Health Tools? Did I get that wrong?

What’s the link with Microsoft Edge?

Or is that only on Windows 11, not Windows 10?

I’m confused. It doesn’t take a lot these days. 🙂

 

Reply | Quote

Rick Corbett wrote:

I thought KB4023057 was Microsoft Update Health Tools? Did I get that wrong?

From the KB article:

“This update includes reliability improvements to Windows Update Service components in all editions of Windows 10, version 1507, 1511, 1607, 1703, 1709, 1803, 1809, 1903, 1909, 2004, 20H2, 21H1, 21H2, and Windows 11, version 21H2, 22H2. It may take steps to free up disk space on your device if you do not have enough disk space to install Windows updates.

This update includes files and resources that address issues that affect the update processes in Windows that may prevent important Windows updates from being installed. These improvements help make sure that updates are installed seamlessly on your device, and they help improve the reliability and security of devices that are running Windows.”

That was the only update I received, and Edge had reappeared when I signed on that morning.  Edge had been uninstalled a couple of weeks prior.

 

Create a fresh drive image before making system changes/Windows updates, in case you need to start over!

We all have our own reasons for doing the things that we do. We don't all have to do the same things.

Computer Specs

Reply | Quote

bbearren wrote:

Rick Corbett wrote:

I thought KB4023057 was Microsoft Update Health Tools? Did I get that wrong?

From the KB article:

“This update includes reliability improvements to Windows Update Service components in all editions of Windows 10, version 1507, 1511, 1607, 1703, 1709, 1803, 1809, 1903, 1909, 2004, 20H2, 21H1, 21H2, and Windows 11, version 21H2, 22H2. It may take steps to free up disk space on your device if you do not have enough disk space to install Windows updates.

This update includes files and resources that address issues that affect the update processes in Windows that may prevent important Windows updates from being installed. These improvements help make sure that updates are installed seamlessly on your device, and they help improve the reliability and security of devices that are running Windows.”

That was the only update I received, and Edge had reappeared when I signed on that morning.  Edge had been uninstalled a couple of weeks prior.

 

OK, I see the relevance to Windows 10 but… there’s no mention of Microsoft Edge at all.

Sounds like Microsoft playing fast and loose yet again. Shocker.

Another pillar of Microsoft’s ‘Trustworthy Computing’?

The initiative was intended to put customer security, and ultimately customer trust, at the forefront for all Microsoft employees.

Do I trust Microsoft to put me as a customer at the forefront if it dissembles what its updates are doing? Have a guess. 🙂

Reply | Quote

Rick Corbett wrote:

No mention of Microsoft Edge at all then.

Correct.  What I know for sure is that it was not there the day before, and after that update there was an Edge shortcut on my desktop, and Revo Uninstaller Pro showed it to be a fresh installation.

Microsoft may very well be installing Edge on its own without it being part of any update.  Who can say?  Or it may have checked my installation, noticed Edge missing, and included it as “files and resources that address issues that affect the update processes in Windows that may prevent important Windows updates from being installed.”

I’m of the opinion that there are numerous versions of every update in order to facilitate the very complex Windows installed base environment.  In other words, you and I may both get KB4023057 but what we get may have variations to suit our hardware/software particulars.

Create a fresh drive image before making system changes/Windows updates, in case you need to start over!

We all have our own reasons for doing the things that we do. We don't all have to do the same things.

Computer Specs

Reply | Quote

[tj42-19]

Hi Susan,

When you say it’s okay to install the January updates, do you mean all of them on your Master Patch list for 01-24-23 or just the items on the 01-24-23 Master Patch list that says “Install”? I have only been updating the updates that say “Install” on the specific update lists, and always hide the ones you say to avoid or defer and don’t update/install until your Master Patch list says “Install”. Am I doing this correctly.

Thank you

• This reply was modified 4 days, 16 hours ago by tj42-19.

Reply | Quote

I only install the updates that are listed as “install”.    IMHO that’s what she intends.

Reply | Quote

Windows 10 Home 21H2 here, hid as per my usual practice KB4023057 and installed 2023-01 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5022282) without any issue through WuMgr.

Oddly enough, I had trouble with the Windows Malicious Software Removal Tool x64 – v5.109 (KB890830) update, did this happen to anyone else?

On the first attempt (through WuMgr) KB890830 was downloaded, but the installation remained stuck (20+ minutes) doing nothing and in Task Manager I spotted the executable corresponding to the update running, but “idling” doing nothing at 1% CPU usage. I killed the process, rebooted and ran WuMgr again: it reported KB890830 as already downloaded and I hit the install button, but the installation was apparently stuck again. This time in Task Manager I spotted MRT.exe (i.e. the Windows Malicious Software Removal Tool executable) “idling”. Killed the process, rebooted, ran WuMgr and it reported a successful install of KB890830.

Also, I planned to switch to 22H2 during this DEFCON4 period, but I’m not being offered this feature update (no, please don’t say it’s because I avoid KB4023057, since I have been offered every previous feature update). I checked that 22H2 is the target version in the relevant registry key and running InControl confirms that 22H2 is targeted, but the update does not show up. Might have to go through the ISO update process.

Reply | Quote

After I installed Cumulative KB5022287, tested ok & created restore pt, My Win 11 Pro started to download and install KB5019274. Described as optional preview ..I quickly paused updates until 3/5. Saw nothing on KB5019274 when I searched forums
Will await advice. https://support.microsoft.com/en-us/topic/january-19-2023-kb5019274-os-build-22000-1516-preview-ace2511d-586e-41b0-b213-3a89d97565a4

KB4023057 was also installed which appears controversial on forums. Since the PC seems to work ok, I’ll leave alone. Have created restore point and image back up prior to update so I can reverse anything that doesn’t turn it into a smoking pile of parts.

 

 

Reply | Quote

Run WUmgr, click the Search button (circular arrows) and then hide any previews. Now you can relax until the next update cycle.

cheers, Paul

1 user thanked author for this post.

MrToad28

Reply | Quote

hello, im using win10 right now and still on win10 pro 21h2
im skipping windows december windows update

for this months this is what is listed in my windows update
2023-01 Update for Windows 10 Version 21H2 for x64-based Systems (KB4023057)
Windows Malicious Software Removal Tool x64 – v5.109 (KB890830)
2023-01 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5022282)
2022-12 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2 for x64 (KB5021088)

so my question are : 1. is it safe to run the update because i check my laptop and it have 2 hidparse.sys files while my pc only have 1? and do i miss something that i need to download manually maybe from december or november msdefcon?? i usually only running update on windows update
2. is it safe now to update to win10 22H2?

Reply | Quote

Susan is actually recommending that Users upgrade to 22H2. It seems to be stable at this point.

You may want to hide KB4023057. This is what the MS documentation says it does:

• For feature update information for Windows 10, version 1809, 1903, 1909, 2004, and 20H2, see KB 5001716.
• This update may request your device to stay awake longer to enable installation of updates.

  Note The installation will respect any user-configured sleep configurations and also your “active hours” when you use your device the most.

• This update may try to reset network settings if problems are detected, and it will clean up registry keys that may be preventing updates from being installed successfully.
• This update may repair disabled or corrupted Windows operating system components that determine the applicability of updates to your version of Windows.
• This update may compress files in your user profile directory to help free up enough disk space to install important updates.
• This update may reset the Windows Update database to repair the problems that could prevent updates from installing successfully. Therefore, you may see that your Windows Update history was cleared.

Reply | Quote