News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • MS-DEFCON 4: Time to get the July 2019 patches installed

    Home Forums AskWoody blog MS-DEFCON 4: Time to get the July 2019 patches installed

    Tagged: , ,

    This topic contains 154 replies, has 52 voices, and was last updated by  woody 1 hour, 29 minutes ago.

    • Author
      Posts
    • #1901171 Reply

      woody
      Da Boss

      There’s some important new information for those of you installing Security-only patches for Win7 and Server 2008R2, and there’s an unconfirmed report
      [See the full post at: MS-DEFCON 4: Time to get the July 2019 patches installed]

      7 users thanked author for this post.
    • #1901180 Reply

      WildBill
      AskWoody Plus

      I know the Computerworld article is coming soon, but I was checking Windows Update on my 8.1 PC & noticed a Security Intelligence Update for Windows Defender (Version  1.299.1095.0). On the Update tab for Defender, my current version is 1.299.867.0. Clicking on ‘More info’ in WU, I get this page: https://www.microsoft.com/en-us/wdsi/definitions. Should I just click on the “Update definitions” button in Defender, or do I need to download from the webpage?

      Windows 8.1, 64-bit, now in Group B!
      Wild Bill Rides Again...

      2 users thanked author for this post.
      • #1901190 Reply

        warrenrumak
        AskWoody Plus

        You can hit ‘Update Definitions’ if you like, but you don’t have to.  It’ll take care of itself.  Microsoft produces updates to their antimalware definitions 10+ times a day… substantially faster than most systems will stay up to date.

        Your “1.299.867” definitions are maybe 2 days behind.

        You can check the Windows Event Logs to see when definitions are installed, to get a sense of how often it happens.

         

        2 users thanked author for this post.
      • #1901193 Reply

        Alex5723
        AskWoody Plus

        Security Intelligence Update for Windows Defender

        Security Intelligence Update for Windows Defender is Microsoft’s new name for Windows Defender updates.

        4 users thanked author for this post.
        • #1903154 Reply

          Sparky
          AskWoody Lounger

          That must also include MSE for Windows 7.
          As of 7/30/19 the MSE definition name changed to Security Intelligence Update. Unless Windows Defender and MSE are one in the same?

          HP W7 Home Premium, SP1, 64-bit, AMD Phenom II, Group A

          • This reply was modified 1 week, 5 days ago by  Sparky.
          1 user thanked author for this post.
    • #1901195 Reply

      MrJimPhelps
      AskWoody_MVP

      Thanks for the reminder, Woody. For once, I’m not going to miss the opportunity to update during Defcon 4!

      Group "L" (Linux Mint)
      with Windows 8.1 running in a VM
    • #1901196 Reply

      Bluetrix
      AskWoody MVP

      Should I just click on the “Update definitions” button in Defender, or do I need to download from the webpage?

      As @warrenrumak suggests, Windows Defender updates itself outside the realm of WU, as it should. It’s the only update from MS that I do not have blocked.

      A recent (April 2019) article on setting WD to automatically update can be read here at thefreewindows.com web site. That auto solution will show in tasks, if you don’t want it to show (work in the background) another page on the same site shows the same process making it hidden.

      I don’t rely on Defender to protect me, but see no reason not to have it updated in the background just the same.

      HTH

      Windows10 Home 1809 | Mint19 on VM

    • #1901198 Reply

      honx
      AskWoody Lounger

      i think, i’ll only install ie and office patches for win7 and 8.1, skipping “security” updates for windows… let’s see, if august patches also have this telemetry bull***t built in… if so, then i’m definitely group w.

      ie updates still cumulative, i assume, so i only need KB4510979 (skipping KB4507434), right?

      PC: Windows 7 Ultimate, 64bit, Group B
      Notebook: Windows 8.1, 64bit, Group B

      • #1901206 Reply

        BobT
        AskWoody Lounger

        i think, i’ll only install ie and office patches for win7 and 8.1, skipping “security” updates for windows… let’s see, if august patches also have this telemetry bull***t built in… if so, then i’m definitely group w.

        ie updates still cumulative, i assume, so i only need KB4510979 (skipping KB4507434), right?

        Yup, same! Had enough.

        Nice to retain control of my own PC.

        • #1901270 Reply

          samak
          AskWoody Plus

          Yes, this seems like a reasonable option since we haven’t heard of any show-stopping security issues that this month’s patch is supposed to fix.

          W7 SP1 Home Premium 64-bit, Office 2010, Group B, non-techie

      • #1901351 Reply

        anonymous

        I’m not installing that July 2019 “security only” update and also I’m not bothering with the July IE update this late either as the IE updates are cumulative anyways! So for now  I’ll just wait for the Aug IE and the Aug Security Only update and see if that’s also infected with any MS telemetry.

        I’ll continue to avoid any and all Security Only Updates that have anything extra hidden inside that has no business being there. MS really needs to stop with the nonsense and it’s really tempting to just forget about any further patching anyways but any more of the same from MS with any “Security Only” nefariousness  and not patching 7 anymore will become the rule long before Jan 2020 arrives.

      • #1902307 Reply

        Charlie
        AskWoody Plus

        If my memory serves me well, Woody said a while back that Security Only, Group B, Windows Updates are not cumulative and must be installed every month in order.  So I don’t think you can skip the July S.O. update and then install the August S.O. update.  I think this applies to the IE S.O. updates too.

        I’m pretty sure I’m remembering this correctly but if not, someone please correct me.

        Win 7 Home Premium, x64, Intel i3-2120 3.3GHz, Groups B & L

        • #1902308 Reply

          PKCano
          Da Boss

          The SOs are not cumulative, they are individual.
          So you can skip any one your want to skip, HOWEVER, when you do, you skip the security fixes it contains.
          You won’t get the fixes next month of the next month.
          So if you need the fixes, you have to go back and install the SO you skipped.

          2 users thanked author for this post.
    • #1901215 Reply

      honx
      AskWoody Lounger

      have not touched win7 updates yet, updating win8.1 notebook right now.

      “update for microsoft filter pack 2.0” (kb3114879) is “important” and checked. can i install it? i skipped it last month, installing june patches. i’ll install all three other “important” and checked security updates for office 2010 (excel kb4464572, office kb4462224, outlook kb4475509) and of course defender and msrt.

      and there is a new “important” and checked .net rollup, is it clear to install?

       

      Fortunately, there are ways to circumvent the telemetry, or at least minimize it. Details following.

      will there be a separate article which contains step by step instructions?

      PC: Windows 7 Ultimate, 64bit, Group B
      Notebook: Windows 8.1, 64bit, Group B

      • #1901216 Reply

        PKCano
        Da Boss

        The July Windows 7 patches have been given the go-ahead if you are Patching Group A.
        The Group B people have to make a choice about whether or not to install the Security-only patch, but other than that the July updates have the go-ahead.

         

        2 users thanked author for this post.
        • #1901223 Reply

          honx
          AskWoody Lounger

          The July Windows 7 patches have been given the go-ahead if you are Patching Group A.
          The Group B people have to make a choice about whether or not to install the Security-only patch, but other than that the July updates have the go-ahead.

           

          i asked regarding deactivating telemetry if i decide to install that contaminated “security” patch for windows 7.

          Fortunately, there are ways to circumvent the telemetry, or at least minimize it. Details following.

          will there be a step by step instruction available for this case?

          and what about “update for microsoft filter pack 2.0” (kb3114879) and .net rollup? both are “important” and checked (at windows 8.1 at least, still haven’t touched win7 updates)…

          PC: Windows 7 Ultimate, 64bit, Group B
          Notebook: Windows 8.1, 64bit, Group B

          • #1901231 Reply

            PKCano
            Da Boss

            i asked regarding deactivating telemetry if i decide to install that contaminated “security” patch for windows 7

            Try AKB2000012.

            and what about “update for microsoft filter pack 2.0” (kb3114879) and .net rollup? both are “important” and checked (at windows 8.1 at least

            The June and July patches have the DEFCON 4 approval with the exception of the Win7 SO which requires the user’s choice.

            2 users thanked author for this post.
            • #1903573 Reply

              anonymous

              thank you so much for this info… the Woody on Windows Defcon 4 article just said this can be done, bit the links embedded in the article didn’t say HOW to do it.

    • #1901218 Reply

      EP
      AskWoody_MVP

      UH-OH woody!

      Remember KB4023057? It’s baaacccckk 🙁

      https://borncity.com/win/2019/08/02/windows-10-compatibility-update-kb4023057-08-01-2019/

      https://news.softpedia.com/news/microsoft-re-releases-the-notorious-windows-10-update-kb4023057-526931.shtml

      you may need to revise/update your recent article from Computerworld and include info about the newly revised KB4023057 update and how to hide/block it

      • This reply was modified 2 weeks ago by  EP.
      • This reply was modified 2 weeks ago by  EP.
      2 users thanked author for this post.
    • #1901224 Reply

      GWL894
      AskWoody Lounger

      Is there any evidence of telemetry c*** in the 8.1 security-only July patch, or is it just in Win7?

      • #1901227 Reply

        PKCano
        Da Boss

        Not in the Win8.1 Security-only patch.

        2 users thanked author for this post.
    • #1901228 Reply

      moonbear
      AskWoody Lounger

      Is there any way to tell if its ok to skip the .net rollups?

      • #1901233 Reply

        PKCano
        Da Boss

        You can skip any patch, but in doing so you skip the quality and security fixes they contain.

    • #1901237 Reply

      honx
      AskWoody Lounger

      i asked regarding deactivating telemetry if i decide to install that contaminated “security” patch for windows 7

      Try AKB2000012.

      and what about “update for microsoft filter pack 2.0” (kb3114879) and .net rollup? both are “important” and checked (at windows 8.1 at least

      The June and July patches have the DEFCON 4 approval with the exception of the Win7 SO which requires the user’s choice.

      i’d rather wait for something more current, regarding this contaminated july patch.

      on windows 8.1 i’m installing all important updates right now (except that group a patch).

      PC: Windows 7 Ultimate, 64bit, Group B
      Notebook: Windows 8.1, 64bit, Group B

      • #1901248 Reply

        PKCano
        Da Boss

        i’d rather wait for something more current, regarding this contaminated july patch.

        There is an ongoing discussion about the telemetry here

        Is 4:00am Friday, Aug 2 (today) current enough for you?

        • #1901256 Reply

          honx
          AskWoody Lounger

          i’d rather wait for something more current, regarding this contaminated july patch.

          There is an ongoing discussion about the telemetry here

          Is 4:00am Friday, Aug 2 (today) current enough for you?

          that is a bit too complicated for me to follow, it seems to need a monitoring software and tampering in registry as far i have read. like already announced for the time being i’ll only install ie and all other important checked patches and stay put regarding that malware patch.

          btw. on windows 8.1 i also installed that 2019-07 servicing stack (kb4504418)… does windows 7 also await a new servicing stack for july?

          PC: Windows 7 Ultimate, 64bit, Group B
          Notebook: Windows 8.1, 64bit, Group B

          • #1901261 Reply

            PKCano
            Da Boss

            The latest Win7 Servicing Stack KB4490628 was released with the March Patch Tues. updates. You will need that. See if you have it installed.

            You will also need the SHA-2 update KB4474419 if it’s not installed.

            1 user thanked author for this post.
    • #1901247 Reply

      Berserker79
      AskWoody Lounger

      Just a heads-up to report that today on my Windows 10 1803 Home machine I was offered a new KB 4023057 update (2019-08). I suppose this update was released after woody changed the MS-DEFCON level to 4, so anyone on 1803 trying to avoid KB 4023057 better keep your eyes open when installing the July patches.

      1 user thanked author for this post.
    • #1901263 Reply

      Alex5723
      AskWoody Plus

      I had to restart my 1809 after installing a new update for Intel 630 GPU and got the notice regarding July updates.
      installed .Net KB4507419
      installed CU KB4507469
      installed .Net KB4503864
      installed MSRT KB980830

      Didn’t get Servicing stack KB4512937

      • #1901865 Reply

        Alex5723
        AskWoody Plus

        I had to restart my 1809 after installing a new update for Intel 630 GPU and got the notice regarding July updates.
        installed .Net KB4507419
        installed CU KB4507469
        installed .Net KB4503864
        installed MSRT KB980830

        Didn’t get Servicing stack KB4512937

        Just checked the Uninstall Updates. None of the updates just installed are on the list, however I have other updates installed on Aug. 2 :

        KB4507469 (Download and install now)
        KB4506998 (Cumulative Update for .NET Framework 3.5 and 4.7.2)
        KB4509095 (Servicing stack update for Windows 10, Version 1809)

        KB4512937 from July 22 superseded KB4509095 from July 5, yet I haven’t got it.

        What a mess.

        • This reply was modified 2 weeks ago by  Alex5723.
        • This reply was modified 2 weeks ago by  PKCano.
    • #1901269 Reply

      honx
      AskWoody Lounger

      after installing updates (including 2019-07 servicing stack) on win8.1 i can’t search for updates anymore. error code 8024402c.

      PC: Windows 7 Ultimate, 64bit, Group B
      Notebook: Windows 8.1, 64bit, Group B

    • #1901502 Reply

      OscarCP
      AskWoody Plus

      The telemetry issue aside, does the July Security Only patch take care of something that is particularly important and necessary? Is it likely that not installing it now will cause serious problems when installing future SO updates?

    • #1901530 Reply

      Alex5723
      AskWoody Plus

      Did you know that Microsoft has disabled VBScript for IE11 in Windows 10 with July 9 CU updates ?
      Microsoft is going to disable VBScript for IE11 in Windows 7, 8, 8.1 with AUG. 13 CU updates.

      In early 2017, we began the process of disabling VBScript in Internet Explorer 11 to give the world the opportunity to prepare for it to be disabled by default.

      The change to disable VBScript will take effect in the upcoming cumulative updates for Windows 7, 8, and 8.1 on August 13th, 2019. VBScript will be disabled by default for Internet Explorer 11 and WebOCs for Internet and Untrusted zones on all platforms running Internet Explorer 11. This change is effective for Internet Explorer 11 on Windows 10 as of the July 9th, 2019 cumulative updates.

      https://blogs.windows.com/msedgedev/2019/08/02/update-disabling-vbscript-internet-explorer-windows-7-8/

      1 user thanked author for this post.
      • #1901538 Reply

        abbodi86
        AskWoody_MVP

        Did you know that Microsoft has disabled VBScript for IE11 in Windows 10 with July 9 CU updates ?

        No one knew
        they really like short notice

        • This reply was modified 2 weeks ago by  abbodi86.
    • #1901569 Reply

      Berserker79
      AskWoody Lounger

      Hey everyone, I was preparing to install the July patches (Windows 10 Home 1803 here) when I noticed something “unusual” upon running wushowhide to un-hide the July updates: the July CU for 1803 (i.e. KB4507435) has disappeared from the list of hidden updates (all I see in the hidden updates list are the July Office 2013 updates, the 2019-07 Windows Defender update, the 2019-08 KB4023057 update and the Feature update to 1903).

      Assuming that WU will not automatically install the July CU for 1803 with the other July updates, should I install it (and the corresponding servicing stack update) manually by downloading the relevant files from the MS Update Catalog? Or should I just skip this CU entirely?

      1 user thanked author for this post.
      KP
    • #1901917 Reply

      Chris B
      AskWoody Plus

      Just installed the July updates on Win7 64bit. All installed except the Security Intelligence Update KB915597 v 1.299.1066.0, which failed with code 80070650. Windows gives no real help on that code. I tried it several times – always failed.

      I’m just reporting the issue. I don’t really care, since I use Kaspersky as my primary defence.

      Chris
      Win7 Home Premium 64 bit Group A

      1 user thanked author for this post.
      • #1903714 Reply

        280park
        AskWoody Lounger

        FYI

        On my 64-bit Windows 7 laptop Windows Update responded with an error code when I tried to install Security Intelligence Update for Windows Defender Antivirus version 1.299.1293.0. I subsequently opened Windows Defender and checked for updates and it updated to version 1.299.1319.0 dated August 5, 2019.

        1 user thanked author for this post.
        • #1906699 Reply

          L95
          AskWoody Plus

          I have 32-bit Windows 7 and am getting the same error code 80070650 as Chris B and 280park and Anonymous (see August 5th posting below by Anonymous).  I tried the trick that worked for 280park and Anonymous,  by opening up Windows Defender and checking for updates,  but I’m not sure whether it work for me.  I tried it twice.  I don’t recall what it said on the first attempt,  but on the second attempt it said “no new definitions or updates are available”.  But there’s nothing showing up in my update history of any successful installation of Windows Defender since  July 4th.  When I look within Windows Defender  at what antispyware definition I have,  it says I have definition 1.299.1783.0.   The definition that failed to install earlier today due to Error Code 80070650 was definition  1.299.1765.0,  which appears to be an earlier definition than what I presently have.  I then did another check for Windows Updates,  and Windows Updates says “No important updates available”.   Does this mean that I have successfully installed the latest Windows Defender update even though my update history shows three failures at installing definition  1.299.1765.0,  and nothing else with respect to Windows Defender?

          • This reply was modified 5 days, 9 hours ago by  L95.
          • #1906808 Reply

            280park

            L95-

            Since opening Windows Defender to update it to version 1.299.1319.0 (which does not show up in Windows Update history), I have been successfully updating Windows Defender by using Windows Update. Shortly after your post, I ran Windows Update and again was able to update Windows Defender, this time to version 1.299.1765.0. At that time, which was several hours ago, I clicked the “More information” link that accompanied the update and the linked Microsoft page indicated that the latest version was 1.299.1791.0. Several minutes ago, I again clicked the “More information” link and the linked Microsoft page indicated that the latest version was 1.299.1798.0. However, neither Windows Update nor Windows Defender is indicating that any new versions are actually available to install.

            I am not an expert, but it seems that new Windows Defender versions are developed throughout the day but are made available for installation on a less frequent basis.

            • #1906931 Reply

              280park
              AskWoody Lounger

              For clarity, message #1906808 dated August 12, 2019 at 3:03 am was posted by me. I forgot to log in when posting it.

    • #1902079 Reply

      Seff
      AskWoody Plus

      I’ve installed the monthly rollup KB4507449 and the .Net Framework update KB4507420 today on my main Win7 X64 Home desktop with no apparent issues. I’ll leave the other similar machine (but with 5 Office 2010 updates also on offer) for a couple of days while I see how the main machine is running.

      Thanks as always to Woody and the team for all advice received.

      2 users thanked author for this post.
      • #1903704 Reply

        Seff
        AskWoody Plus

        Update: Second machine also now updated satisfactorily, as above.

        1 user thanked author for this post.
    • #1902320 Reply

      AJNorth
      AskWoody Plus

      Nine Windows 7 Pro x64 machines have been updated (Group “B”); all had four scheduled tasks added by KB4507456, which were deleted before rebooting to complete the installation.

      Each machine rebooted successfully, and they appear to be running with no discernable issues; the Task Scheduler shows that the added tasks remain deleted.  The Belarc Advisor is happy (and so am I).

      3 users thanked author for this post.
    • #1902335 Reply

      anonymous

      Running Win8.1 64-bit – AND WPD to minimize “snooping”.

      After receiving the OK from Woody and Susan, installed the MS July 2019 ‘important’ (only) updates through Windows Update.   Before the update, WPS was set to maximum protections, including having the Microsoft Compatibility Appraiser DISabled.

      After the update, WPS showed the Compatibility Appraiser ENabled, and one or more of the third party applications from Microsoft (Skype, OneDrive, Live, etc.) was re-enabled.

      Reset WPD to full protection, and all seems to be well again.   No other update issues noted.

      1 user thanked author for this post.
    • #1902458 Reply

      anonymous

      Could you please tell us the names of the four new scheduled tasks added by KB4507456 and under what are they located? Thanks!

      1 user thanked author for this post.
      • #1902567 Reply

        AJNorth
        AskWoody Plus

        Greetings. Here are the general instructions (for both Windows 7 & 8.1):

        (Note: if this is your first time clearing telemetry tasks from the Task Manager, then you will encounter several more than four tasks.)

        Open the Task Scheduler (click Start, then type task scheduler in the search box).

        In the left-hand (white) rectangular box expand Microsoft, then Windows.

        Within the Windows section of the hierarchal “tree” left-click on and delete (or disable) the following:

        –>  All tasks under Application Experience

        –>  All tasks under Autochk

        –>  All tasks under Customer Experience Improvement Program

        –>  Under DiskDiagnostic:  DiskDiagnosticDataCollector

        –>  Under Maintenance:  WinSat

        –>  Each task within (and under) Media Center

        Close Task Scheduler.  (You’re done.)

        11 users thanked author for this post.
        • #1902685 Reply

          AJNorth
          AskWoody Plus

          A post above mentions WPD — the Windows Privacy Dashboard, which is an exceedingly useful tool (portable and free):  https://wpd.app/ (Windows 7 -10).

          Here is a discussion of the app by Martin Brinkmann:  https://www.ghacks.net/2018/10/10/wpd-privacy-app-for-windows-updated/ from last October (it is currently at version 1.3.1203.0, released on 2019.07.08).

          As WPD does not automatically create a restore point, my recommendation is to set one before making any changes (on some systems, for example, I’ve found that one or another website may not be accessible after maximizing privacy, due to changes in the Windows firewall settings (https://outlook.live.com, for example).

          2 users thanked author for this post.
        • #1903823 Reply

          anonymous

          Followed your instructions above. Win7 Pro X64. Didn’t see Compatibility Appraiser specifically. Should I be looking for that elsewhere? Please respond.

          FWIW, did the following today. Installed the IE11 update, rebooted and waited 10 minutes. Installed the Security Only .Net patch for 6.1. Then installed KB4507434. Before rebooting, went into Task Scheduler and disabled all items you mentioned which were not already disabled. Had turned off  Customer Experience Improvement… ages ago. Rebooted and rechecked in Task Scheduler and nothing had been altered. Am I missing something???

          For the benefit of others, turned on Windows Update and checked for updates. Hid the rollups. Hid the Malicious Software tool. Was offered and hid KB3150513. Tried to installed the renamed Windows Defender update which failed two times with code 80070650. Ran the Windows Update diagnostic tool and it failed the third time. Found complaints of this online with no resolution. Grrr… Rechecked for updates. Four Office 2010 updates were there plus the same Defender update. Installed the Office updates and closed Windows Update. Opened Defender which I don’t use because I have Kaspersky Internet Security. Ran the update from within Defender and it updated successfully to a much later version than WU had offered me. WHEW! Opened WU again and checked for updates. No Defender updates were offered. Closed WU “never check” until next update session. Such an ordeal… 🙁

          1 user thanked author for this post.
          • #1903841 Reply

            AJNorth
            AskWoody Plus

            Hello,

            The Compatibility Appraiser may explicitly appear in scheduled tasks under Microsoft –> Windows –> Application Experience as “Microsoft Compatibility Appraiser”; however, there are other elements that Redmond also employes.  So, if you’ve deleted everything mentioned above, even if the “MS Compatibility Appraiser” was not one of them, you’re still good-to-go.

            You might also check out the Windows Privacy Dashboard, mentioned above.  (It turns out that it now has the option to create a Restore Point, which I hadn’t noticed when I posted earlier; my bad… .)

            • #1904154 Reply

              anonymous

              Much obliged for the reply. Just had a look and that item and one other appeared. Fairly sure previously only AitAgent was there. Just disabled them. Media Center had 4 – 5 items added. All disabled now. Will recheck the next time I start up this workstation. Hope I won’t need a wooden stake. 😉

            • #1904260 Reply

              AJNorth
              AskWoody Plus

              You’re more than welcome; glad to hear that the operation was successful (and the patient lived).  You’ll almost certainly not have to repeat the operation until after the next round of updating.

              (Note: you might want to use a silver stake, as it has much better conductivity… .)

            • #1904430 Reply

              anonymous

              Unfortunately that stake was needed. 🙁 Mid-afternoon the machine slowed to a crawl and my network settings were inaccessible. Lots of reboots and shutdowns with errors which flashed by too quickly to see. Uninstalled the Security Only update which didn’t fix it. Had to bite the bullet and do a full Windows Image and Data restore from my WD Passport Drive. Takes forever and wipes the update history from the page in Windows Update. Installed Updates from Programs & Features is OK. This happened once before 2 – 3 years ago where Firefox froze and the network access icon was b*******. Whether this was related to the steps listed above, who can say. Right now, touch wood, all is back to normal. Only lost some financial data from today which I was 90% able to retrieve because my backup was done just last PM before I started the update drudgery. Ugh…

              Not sure whether I should just go Group W at this point as I need this high horsepower Zbook 17 from 2014 to run my life and essentially exist. Not sure I don’t trust Kaspersky Internet Security 2019 to protect this box vs M$. Kaspersky’s USA phone tech and remote support is 7-8/10 when I’ve needed it. Group W may just be the way to go. Hate the concept of Win10 and forced updates, particularly drivers. Have learned in the past that the latest drivers don’t play nice with older, even premium hardware.

              1 user thanked author for this post.
            • #1904458 Reply

              AJNorth
              AskWoody Plus

              Very sorry to hear that.

              Did you try System Restore and/or some of the built-in Windows repair tools (or use a bootable Win 7 installation DVD, or installation USB, to repair Windows)?

              For future reference, there is also a way to use a Win 7 installation disc or USB to perform an in-place (non-destructive) repair:

              https://www.winhelp.us/non-destructive-reinstall-of-windows-7.html and,

              https://turbofuture.com/computers/Repairing-a-Damaged-Windows-7-Installation.

            • #1904716 Reply

              anonymous

              Other than the restore point created by installing the Office updates, the previous restore point was too old. System Restore doesn’t have a great success rate after M$ updates, at least from personal experience. Touch wood, the image and data restore from backup works as well as it did 2 – 3 years ago and was created just prior to the July updating. Am drifting toward Group W and Canadian Tech approach to Windows Updates… 🙁 TBD

              Given the programs. configuration and amount of data on this workstation, am not comfortable with M$ doing the repairs. Need to speak again to the skilled I.T. tech who set this machine up. It’s been a couple of years = no news is good news. He works for a local firm which maintains hospitals, universities and Fortune 500. Curious about his take on newer workstation 17’s and Win10. His firm won’t touch consumer-grade hardware BTW.

    • #1903070 Reply

      anonymous

      Windows 7 Pro SP1….Installed fine= no problems.

      Windows 10 Pro….Installed fine= no problems. Was not offered KB 4023057 .

      1 user thanked author for this post.
    • #1903164 Reply

      dgreen
      AskWoody Lounger

      Reporting in….
      Installed the following updates…
      KB4507449 (roll up)
      KB4507420 (security quality rollup for .net)
      All went smoothly.
      Hid: KB4493132
      MSRT have not installed this for many months.

      Did note that MSE (Microsoft security essentials) has a new name now.

      Dell Inspiron 660 (new hard drive installed and Windows 7 reloaded Nov. 2017)
      Windows 7 Home Premium 64 bit SP 1 GROUP A
      Processor: Intel i3-3240 (ivy bridge 3rd generation)
      chipset Intel (R) 7 series/C216
      chipset family SATA AHCI Controller -1 E02
      NIC Realtek PCLE GBE Family Controller
      MSE antivirus (now has a new name)
      Chrome browser
      DSL via ethernet (phoneline)

       

      • This reply was modified 1 week, 5 days ago by  dgreen.
      2 users thanked author for this post.
    • #1903307 Reply

      willygirl
      AskWoody Plus

      Installed .Net Framework update KB4507420, Monthly Rollup KB4507449 and the 4 Office 2010 patches, all in that order but running one at a time with a restart in between. Let the PC sit idle for a bit to process everything. All is fine and dandy. Thanks to those who report in with results, otherwise I might get a little nervous.

      Win7 SP1 Home 64-bit; Office 2010; GrpA, when all is said, done and fixed, Mac OSX to help me sleep at night.

      3 users thanked author for this post.
    • #1903322 Reply

      Susan Bradley
      AskWoody MVP

      I’m going to be devil’s advocate.

      https://support.microsoft.com/en-us/help/4023057/update-to-windows-10-versions-1507-1511-1607-1703-1709-1803-and-1809-f

      If I’m on 10, and I’m offered that update and especially if I’m on an older feature release, why don’t I want that?  I’ve helped two people this week on 1803 (on even on Home sku) that are starting to get the alert that they will soon be out of support and they had no idea that they were feature release-less and were not getting them.  There systems were installing the normal monthly updates just fine.

       

      Susan Bradley Patch Lady

      • #1903561 Reply

        anonymous

        As much as I hate to agree, I do understand that there are times and users that a patch to force an update -may- be necessary. I am speaking mainly about forcing an upgrade to the newer version of Windows 10.

        Most of the people we know are the “Mom & Pop” of the computer world. If one had a flow chart it would be like this: does the computer start? yes/no. If yes can you: a. browse the web, b. receive emails? If yes, that’s it, done. With the possible exception of printing, that is all there is for them. Yes, we have heard of clients that complain they can not get the newest Windows 10. Basically, someone told them a new version was out and -of course- they must have the latest and greatest. “I can’t get it. It won’t download for me.” They never would had known if no one told them. Therefore, in cases such as those, yes, a patch from Microsoft to diagnose and force feed a new version onto a computer is required.

        While the rest of us more technical users and helpers, follow Woody and have the same suspicions as Woody, the common “Mom & Pop” do need some assistance from the mothership to force an upgrade. I and others here prefer to wait and let the bugs get resolved, then move up. But not everyone feels that way.

        Thank you Woody for having this site.

    • #1903536 Reply

      Morty
      AskWoody Plus

      OK. I did a full backup. I ran a manual Create Restore Point. Now I’m putting on my armor and going in….

      Here’s what they’re throwing at me:

      2019-07 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 and Server 2008 R2 for x64 (KB4507420)
      2019-07 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4507449)
      Windows Malicious Software Removal Tool x64 – July 2019 (KB890830)

      Hopefully, everything will still be working when I come back.

      1 user thanked author for this post.
      • #1903643 Reply

        Morty
        AskWoody Plus

        Thank Heaven! And thank you Woody and his league of superheroes.

        I got through it. And this time I didn’t have to reconnect the network.

        Telemetry shmelemetry. Microsoft and Google already know more about me than I do. You have to pick your fights.

        Thanks again!

        6 users thanked author for this post.
        • #1903685 Reply

          Alex5723
          AskWoody Plus

          You have to pick your fights.

          I think this fight is worth picking even if it means a bloodbath.

          2 users thanked author for this post.
          • #1903706 Reply

            Morty
            AskWoody Plus

            I think this fight is worth picking even if it means a bloodbath.

            Sigh…You’re younger than I am. I hung up my guns.

            I will say that I deactivated my FB account and don’t use any of their products. I also don’t use a smarthphone or any i-Devices.

            I’m a neo-luddite. But I know when to put up the white flag. I do wish you success.

            • This reply was modified 1 week, 4 days ago by  Morty.
            • #1903746 Reply

              anonymous

              ? says:

              excellent report, Morty! glad your monthly patching pitstop is over and you are on the the next adventure. i envy your mind set and raw courage

              me and Sancho P are still out here in the hinterlands tilting at windmills (until after Christmas if not done in before then)

            • #1903761 Reply

              anonymous

              Hi Morty! 6536 here. I knew you were coming on board and getting to be a techie when I commented last month, “now people will be coming to you for help!” Glad it installed OK.

              Morty, Abbodi86 and AJNorth have great ideas. If you could go down either suggestions you WILL reduce the telemetry and “they” will know less about you than you do.

              See AJNorth’s comment #1902567 above. I am sure you can do it!

              Good Luck.

            • #1903943 Reply

              Alex5723
              AskWoody Plus

              Sigh…You’re younger than I am. I hung up my guns

              Don’t be so sure 🙂

              50 years in IT and still carry my guns.

              2 users thanked author for this post.
        • #1903795 Reply

          The Surfing Pensioner
          AskWoody Plus

          I really couldn’t care less what M/S and Google know about me – it’s many years now since I worried what the neighbours thought. I just don’t want any shoddily-made patches on my P.C. unless I absolutely have to install them.

          2 users thanked author for this post.
          • #1903921 Reply

            anonymous

            @the-surfing-pensioner: It isn’t just what MS and G know about you in a properly scrubbed form of telemetry that rightfully does NOT have any personal identifiable information, but when things go awkward and then personally identifiable information DOES get out to the world.

            A few years ago Wed of Trust had a problem of not “scrubbing” the data clear of any personally identifiable information and a German magazine found data about people in the URLs that were sent back to the aggregators. By having this telemetry data turned off, it is closing another possible vulnerability you may have.

            Especially since AJNorth laid out above what to disable or delete, why not spend 5 minutes doing it? BUT … to each their own.

            And yes I do agree having a bad patch is more of a headache than turning off telemetry.

            • #1904062 Reply

              The Surfing Pensioner
              AskWoody Plus

              As I co-ordinate a small voluntary organisation single-handed, my personal identifiable information is all over the net anyway. It’s never been a problem; I don’t bank online. I was also (unfortunately) a customer with TalkTalk at the time their records were hacked and I still get overseas calls from individuals with Asian accents claiming to be TalkTalk technicians who ring me up asking for access to my P.C., or for money. I quite enjoy telling them what I think of them. In consequence, I have never been infected by the telemetry paranoia that troubles some people. I really haven’t  got anything left to hide.

            • #1904106 Reply

              jabeattyauditor
              AskWoody Lounger

              Consider this:  *You* don’t bank online – you haven’t setup online access to your bank – but all the information necessary to setup that access is available online.

              What could go wrong with this scenario?

              1 user thanked author for this post.
            • #1904243 Reply

              The Surfing Pensioner
              AskWoody Plus

              That’s not actually true, but as I have had no problems managing my (lack of) privacy for the last thirty years I am beginning to find this discussion very boring. Try somebody else?

              1 user thanked author for this post.
            • #1904259 Reply

              jabeattyauditor
              AskWoody Lounger

              🙂

              I’m prone to forget the international focus of Woody’s site.

    • #1903581 Reply

      Marcus Weldby
      AskWoody Lounger

      I looked at the Master Patch List but I couldn’t find “Update Rollup 29 for Exchange Server 2010 Service Pack 3 (KB4509410)” with a date of 7/9/2019. Are we good to go with installing this update?
      Thanks, Susan for all you do!

      • #1903647 Reply

        jabeattyauditor
        AskWoody Lounger

        I don’t know if Susan approves or not, but UR29 patches a man-in-the-middle vulnerability that is exploitable. I’d install it.

        • #1903792 Reply

          Susan Bradley
          AskWoody MVP

          Apologies, missed it.  Not tracking issues, okay to install.

          Susan Bradley Patch Lady

          1 user thanked author for this post.
    • #1903840 Reply

      Reporting in late, have been unwell. Installed the July WIN7 .NET and Rollup with no issues.

      (Oh, and made sure that CIEP’s throat stayed cut. It did. Should take out 99% of pesky telemetry.)

      But why do I ALWAYS have to re-configure Windows Media Player every time I do a Rollup??

      Thanks to all here for repeatedly putting their head in the Sabre-toothed Tiger’s Jaws.

       

      Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", Group "Wait for the all-clear", Multiple Air-Gapped backup drives in different locations, "Don't check for updates-Full Manual Mode."
      --
      "...All the people, all the time..." (Peter Ustinov ad-lib from "Logan's Run")

      1 user thanked author for this post.
      • #1903905 Reply

        Bill C.
        AskWoody Plus

        I have had to do the Media Player re-configure after every Group B monthly patch also for a number of months now. It is not just the rollup.

        It also create a log file regularly.

        2 users thanked author for this post.
    • #1903887 Reply

      anonymous

      Windows 7 Home 64 bit Group B

      I decided to switch to Group A (or so I thought). A check for updates offered .Net Framework KB4507420, Security Intelligence Update for Windows Defender KB915597, MSRT KB890830 and Security Monthly Quality Rollup KB4507449. Ironically, all installed except KB4507449. I downloaded the Security Only Group B patches and they all installed – guess I’m still Group B after all. I did disable all the recommended tasks in Task Scheduler.

      2 users thanked author for this post.
    • #1903946 Reply

      mn–
      AskWoody Lounger

      Oh hey, how does that go with servicing stack updates now? Latest or by kb number?

      Because some of those look funny. 1903 got a new SSU on the 27th but numbered earlier than the previous one from the 9th… and I had a bit of a bother some months ago on one system when the exact SSU by kb numbers wouldn’t work and had to get a later one to be able to install a CU.

      Yeah, right, 1903… but anyway.

    • #1904634 Reply

      anonymous

      Quick question – If we’re Win7 group B and don’t want the bother with the telemetry in the July 2019 security update, is it still okay to install the IE11 update?

      Thanks

      • #1904639 Reply

        Microfix
        Da Boss

        I actually don’t see why not, it’s a cumulative IE11 patch.
        However, here comes the caveat, the ‘security patch’ in Group B is non-cumulative which means, if you decide to Group B ‘security patch’ next month, July’s security fixes won’t be applied leaving the device vulnerable. Then troubleshooting issues start to get messy..

        If you should want to install the July Security Only Update and wish to reduce telemetry, might I suggest AKB2000012 by abbodi86.

        IMHO I’m now convinced that Group A is the way forward to prevent this scenario from happening. Woody, what’s your take on this? Head scratching time..

        ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

        2 users thanked author for this post.
      • #1904640 Reply

        PKCano
        Da Boss

        Yes, you can install only the IE11 CU.
        But the telemetry is not the only thing in the July CU. The fix for the new Meltdown/Spectre vulnerability is also in the SO KB4507456.
        See this Blog Post.

        1 user thanked author for this post.
        • #1904672 Reply

          anonymous

          ? says:

          windows 7 security only patching was extinguished in july

          see post #1904580 for details

          i guess i could keep booting a fully patched telemerty laden version after january 2020 and send signals back to the mothership kinda like Voyager 2…

          • #1904702 Reply

            walker
            AskWoody Lounger

            @anonymous:

            After reading all of the comments relevant to this untenable situation, I can only feel that “we who are totally non-computer literate” are “up the proverbial creek without any kind of paddle”.   I don’t want to wait too long, however don’t know which way to jump at this point in time, and I think there are many others who have this lack of “experience and computer knowledge” to deal with it all.   Good luck to us all, and I’m thankful  there are so many who have the outstanding knowledge and experience to share with us.

            • #1904744 Reply

              Charlie
              AskWoody Plus

              I installed the Group B, Security Only updates for Win 7 and IE11, the .Net update, and the Office 2010 patches yesterday.  I disabled all the telemetry items as given to us by nice people on Woody’s site.  I should emphasize that you should give some time after each reboot for the updates to work in (15 to 20 minutes).  I watch the CPU usage on Task Manager to see when it stops.

              So far knock on wood, things seem to be okay and all settings are where I put them.  Nothing has been said one way or another, but I’m assuming the KB4507456 Win 7 update can be uninstalled if a problem comes up.

              Win 7 Home Premium, x64, Intel i3-2120 3.3GHz, Groups B & L

              3 users thanked author for this post.
            • #1904758 Reply

              anonymous

              Charlie, did you use Abbodi86’s steps (see #219238)  or AJ North’s steps?  Thx for letting your fellow Group B’ers.

            • #1904774 Reply

              Charlie
              AskWoody Plus

              A J North’s.

              Win 7 Home Premium, x64, Intel i3-2120 3.3GHz, Groups B & L

    • #1904737 Reply

      NoLoki
      AskWoody Lounger

      Just now received KB3150513 … “The updated definitions help enable Microsoft and its partners to ensure compatibility for all customers who want to install the latest Windows operating system”, on W7/32 – sent by Windows Update. It came in as important/recommended.

      With KB4507456 snooper update and now this, it is obvious that it is all about data gathering for upgrading purposes and not for diagnostic/trouble shooting statistics.

      We may soon see yet another ‘get W10’ offer to those with so-called compatible systems. I am not expecting a rehash of the previous unethical GWX offer, but I ma expecting a popup (or the likes) with a YES and hopefully a NO button. I am not anticipating a ‘do not ask again’ box to check.

    • #1904929 Reply

      OscarCP
      AskWoody Plus

      Today I finally had a moment and installed the Windows 7 x64 July patches: for Office 2010, the July MSRT and the .Net rollout, as well as the July IE11 Cumulative Security update. But had no luck with the July Security Only update. Something I did, I think, cut short its install. It did not go through the “Installing Update” stage with the growing green bar, but declared itself installed all the same and in no time at all. When I checked in Windows Updates the list of installed updates, it did not appear anywhere. I searched for it by KB number, and it was found. I tried to uninstall it to have another try at installing it properly, but that failed with an error message. I restarted the machine, which fiished installing the IE11 update. But then I tried, once more, to see if I could install the Security Only KB4345459 and I got — again — the message that this was already installed. So I used a restore point I had created before installing IE11 to undo the whole thing and then tried, once more, to install Security Only, but had no luck: the system informed me, yet again, that this was already installed, although, again, it showed nowhere in the lists of installed updates. I reinstalled IE11 without problems and then said to myself: “Well, I am going to let this July Security Only patch rest in peace. At least this way, this time, I won’t get any of the telemetry in its bag of nasty tricks. If others (Group W) can live long and prosper without ever, if they are to be believed, installing any patches whatsoever, then I could, probably, survive with a botched install of July’s Security Only.”

      Such is life. That, as I’ve been told by an usually reliable source, is not half as bad as its alternative. If anybody has any advice that is not too complicated to apply, I’ll be interested to read about it.

      • #1904954 Reply

        AJNorth
        AskWoody Plus

        Hi there.

        Did you perhaps download the wrong update (or get your dates mixed-up)?

        KB4345459 is the Win 7 “Security Only Quality Update” that was released on 16 July 2018; KB4507456 is the “SOQU” for July 2019.  Hope that solves your issue.

        Good luck!

        • #1905550 Reply

          OscarCP
          AskWoody Plus

          Thank you, AJNorth, Sir! Thank you so very, very much! Not the least reason for being thankful is that you have completely demonstrated that, indeed — and as I have suspected all along — I did do something wrong!

          Now, following your most illuminating suggestion, I have succeeded in installing the July SO patch without any obvious bad side effects, so far.

          Oh, this is SO weird! Unique, in fact, in my, by now, very long patching history! I imagine this happens to people who rush to do things very, very slowly that they lose track of things, as myself in this particular case.

          1 user thanked author for this post.
          • #1905553 Reply

            AJNorth
            AskWoody Plus

            My pleasure; glad everything turned out well!

    • #1905548 Reply

      LHiggins
      AskWoody Plus

      Quick question about July updates for Win 10 1903. I just now have gotten notice on my laptop that the following updates are ready for downloading, and wanted to just ask if it is safe to do so now. I am assuming yes, since these are July patches, but wanted to just make sure, since this is just the second time I’m getting updates for this laptop.

      Win Defender Update KB 2267602 (V1.299.1542.0) This KB is the same number as the June Defender Update – are they always the same, just a different version number?

      July Malicious Software Tool KB890830

      July Cumulative Update KB4507453

      July Cumulative .NET update KB4506991

      Thanks!

      • #1905551 Reply

        PKCano
        Da Boss

        Those are the correct updates for July.
        Have fun with the new laptop!

        1 user thanked author for this post.
        • #1905576 Reply

          LHiggins
          AskWoody Plus

          Thanks! We are – it is really fast and has a gorgeous display. But so much that is different from Win 7, so I am taking things slowly!

          Thanks for the confirmation of the updates. Will run wushowhide before I download them.

    • #1905737 Reply

      Blizzard
      AskWoody Lounger

      Group A with Win7 Pro 32bit on HP dc7900- sff deskside with Wolfdale Intel Core2 Duo/Southbridge

      No issues with the 7420 .net KB, or the SMQR 7449 and MSRT 830 installs.  Internet connectivity and WMP all intact, too.

      Really appreciate the sundry inputs I read through above from everyone to help keep misery to a minimum.

      Enjoy the dog days of August, all!

      2 users thanked author for this post.
    • #1905916 Reply

      SueW
      AskWoody Plus

      Here’s my feedback after updating last night:

      Note: I had results similar to Sueska’s (#1899427). I had already disabled each of the scheduled tasks under Application Experience [AitAgent, Compatibility Appraiser, Program Data Updater] and CEIP [Consolidator, KernelCeipTask, UsbCeip], and verified this prior to installing July’s SO.

      1 – imaged my disk with Macrium Reflect Free

      2 – downloaded Updates KB4507456 (July SO) and KB4507434 (IE11 July Cumulative)

      3 – installed the July SO and IE11 Updates and then rebooted; waited 15 minutes

      4 – re-checked Application Experience and CEIP: under Application Experience, AitAgent remained disabled, but Compatibility Appraiser and Program Data Updater were now ‘Ready’ so I disabled both. The 3 tasks under CEIP remained disabled.  (I double-checked this morning, and all 6 tasks are still disabled.)

      5 – updated MS Security Essentials’ Virus & Spyware Definitions manually to eliminate Windows Update’s “Optional” ‘Definition Update for Microsoft Security Essentials – KB2310138’

      6 – checked “Windows Update” => 6 Important (all checked): 3 Office 2010 and 3 Win 7; 3 Optional: all unchecked

      7 – unchecked and hid “Important” Update KB4507449 (July Rollup)

      8 – hid the unchecked Optional update KB4507437 (July Preview Rollup)

      9 – hid the unchecked Optional update KB4493132 (the “Get Windows 10” nag patch)

      10 – hid the unchecked Optional update KBKB3150513 (as noted in Bill C’s results #1904809)

      11 – checked “Windows Update” again => 5 Important: 3 Office 2010 and 2 Win 7: all checked; 0 Optional

      12 – unhid 0 hidden updates to install

      13 – installed 5 Updates: 3 Office 2010 (KB4464572, KB4462224, KB4475509), 2019-07 Security and Quality Rollup for .NET Framework (KB4507420) and MSRT (KB890830)

      14 – rebooted and waited around 45 minutes

      Note: Windows Media Player needed to be reconfigured once again.

      Many thanks to Woody, PKCano, abbodi86, Sueska, Bill C, and everyone else who continue to contribute their time and expertise, or who post their own results!

      Win 7 SP1 Home Premium 64-bit; Office 2010; Group B; Former 'Tech Weenie'

      4 users thanked author for this post.
      • #1905941 Reply

        walker
        AskWoody Lounger

        @suew:   Isn’t the KB4507449 (Monthly Quality Rollup for Win 7 for x64, the one that has the “telemetry” cooked into it?  I’m sure there are many who are having nightmares about what will transpire, “if and if it’s NOT” downloaded and installed.

        It would be interesting to get an idea of how many are taking the risk of installing this one versus not installing.   Thank you for posting the information..

        1 user thanked author for this post.
        • #1905953 Reply

          PKCano
          Da Boss

          @walker
          The one people are discussing about having telemetry is the Security-only update for Group B.

          You are in Group A. You should go ahead and install KB4507449 Rollup. You have been installing Group A Patches all the time.

          2 users thanked author for this post.
          • #1906231 Reply

            walker
            AskWoody Lounger

            @pkcano:  I sent two replies to you thanking you for REALLY making my day.   It was absolutely wonderful.    I checked several times and was unable to locate my reply so I am sending another one.   Your assistance has been a real “life saver” for me.

            I cannot begin to ever say “thank you” enough for all of the amazing and outstanding assistance you have provided for all of  the members.  Thank you, thank you, and thank you again.    You are absolutely amazing, and “PURE GOLD“.

            2 users thanked author for this post.
      • #1906565 Reply

        anonymous

        I really don’t understand all the theatre involved with Windows 7 updating. We’re five months away from an obsolete operating system. Why not just install all updates?

        As a side question, why are we still seeing KB4507437 [2019-07 preview of monthly quality rollup for win7 x64] after already installing KB4507449 [2019-07 monthly rollup]?

        • #1906568 Reply

          PKCano
          Da Boss

          As a side question, why are we still seeing KB4507437 [2019-07 preview of monthly quality rollup for win7 x64] after already installing KB4507449 [2019-07 monthly rollup]?

          KB4507437 ( 2019-07 Preview of monthly quality rollup) is an UNCHECKED Optional update that was released AFTER the 2019-07 SQMR. It contains non-security fixes that are not in the July CU. The Preview updates are intended for testing only, and the new fixes they contain will be rolled into the next month’s Security CU on Patch Tuesday.

          • #1906569 Reply

            anonymous

            I see. Thank you.

    • #1906094 Reply

      WScejonesjr
      AskWoody Lounger

      I just rolled back Windows 10 updates that updated my computer sometime today. My Windows 10 version is 1903 build 18362.10005.

      When I clicked my Search bar in the taskbar, all I could see was a big black box. My search window came back when I uninstalled today’s update. Sorry, I didn’t notice the build number of today’s update.

      Thought you would want to know in case this happens to anyone else.

      • #1906194 Reply

        PKCano
        Da Boss

        The latest released version of 1903 is Build 18362.267.
        Are you running an Insider Preview or Slow Ring version?

      • #1906289 Reply

        Alex5723
        AskWoody Plus

        I just rolled back Windows 10 updates that updated my computer sometime today. My Windows 10 version is 1903 build 18362.10005.

        When I clicked my Search bar in the taskbar, all I could see was a big black box. My search window came back when I uninstalled today’s update. Sorry, I didn’t notice the build number of today’s update.

        Thought you would want to know in case this happens to anyone else.

        Your new slow ring build was 18362.10012.

        Announcing Windows 10 Insider Preview Build 18362.10012 & 18362.10013 (19H2)

        • This reply was modified 6 days, 20 hours ago by  Alex5723.
    • #1906479 Reply

      anonymous

      This is to help all. I want to thank Sueska, GoneToPlaid, SueW and my friend “CH”.

      Windows 7 SP1 64bit, with Broadcom network card. Group B.

      Installed all July’s updates; IE KB4507434, then IE KB4510979, SO KB4507456, .NET 3.5.1 SO KB4506976 and MSRT today.

      From the catalog; Installed IE KB4507434 1st, KB4510979 2nd, SO KB4507456 3rd, SO .NET KB4506976 4th, and MSRT (from WU) last.

      Installed one at a time, *with Network disconnected*.

      Rebooted in between each update letting it sit 1 or 2 minutes after update was installed (when hard drive light settled down).

      As per SUEW I did the same. “I had already disabled each of the scheduled tasks under Application Experience [AitAgent, Compatibility Appraiser, Program Data Updater] and CEIP [Consolidator, KernelCeipTask, UsbCeip], and verified this prior to installing July’s SO.”
      (For me, Compatibility Appraiser was missing. It was installed after KB4507456. I then disabled it).

      After the Windows 7 SO KB4507456 install, I went through Scheduled Tasks, found and compared before/after, the below:

      AitAgent was set to run at 2:30am -presumed altered- but it did honor the set disabled state. If it wasn’t disabled by me, it too would be running.

      ProgramDataUpdater – was “ready”, set to disabled again.

      PerfTrack – disabled (stayed the same)

      Autochk Proxy- Disabled (deals with CEIP) was left alone.

      CEIP was -presumed- updated and set run times, but it did honor the set disabled state. If it wasn’t disabled by me, it too would be running.

      DiskDiagonostic Data Collector & Resolver – Disabled (disk & system info for CEIP). It did honor the set disabled state. If it wasn’t disabled by me, it too would be running.

      Media Center has: AccountWindows Search, ConfigureInternet Time Service, DispatchRecoveryTasks, ehDRMInit, InstallPlayReady, mcupdate, MediaCenterRecoveryTask, ObjectStorRecoveryTask, OCURActivate, OCURDiscovery, PBDADiscovery, PBDADiscoveryW1, PBDADiscoveryW2, PeriodicScanRetry(disabled, an old trigger of 2006), PvrRceoveryTask, PvrScheduleTask, RecordingRestart (disabled), RegisterSearch, ReindexSearchRoot, SqlRecoveryTask, UpdateRecordPath. ALL had “last time run never”. After install all appeared the same “ready” except for 2 of them mentioned as “disabled”. No new run times, no new triggers (I do not use Windows Media Player).

      Is the Scheduled Task “WindowsErrorReporting” needed (WindowsError Queued files)? I already have Windows Error Reporting Service disabled, so I will probably go and disable the Scheduled Task.

      Control Panel > Administrative Tools > Services, find Diagnostics Tracking Service. I did NOT have that service. I never installed KB2952664 nor any get win10 patches (Group B).

      It was mentioned to add a registry key of: HKLM\SOFTWARE\Microsoft\SQMClient\Windows\CEIPEnable\0. I did not have that key and I did not create the key. If Abbodi86 or other askwoody MVPs say, “yes, you should”, then I will. (Is this registry key definitely needed?)

      No network issues. No oddities.

      Rebooted 3 times and let it sit for several minutes. (15 min. – so MSCORSVW of .net could run)

      I would recommend people on the last reboot to go to the desktop and let it sit 45 to 60 minutes to Process Idle Tasks, let the trusted

      installer (as per PKCano) do its thing and the MSCORSVW of .net can get done.

      If others here are interested, one can run the MSCORSVW .net image compiler (NGEN) manually. (I do).
      https://blogs.msdn.com/b/dotnet/archive/2013/08/06/wondering-why-mscorsvw-exe-has-high-cpu-usage-you-can-speed-it-up.aspx

      You can also force Processing of Idle Tasks if you want by the administrative command prompt: rundll32 advapi32.dll,ProcessIdleTasks

      You can enter that then walk away for 15 to 20 minutes. If the drive light is still on, it is still running, walk away again. Do not allow

      the computer to go to sleep. Reset the Power Options to 1 hour sleep if needed. Laptops make sure you are on AC power not battery!

      And like ELLY said, you could keep task manager open and look at the MSCORSVW process and see if it is still running.

      Thanks to all here.

      Windows 7 Group B

      1 user thanked author for this post.
      • #1906492 Reply

        anonymous

        ? says,

        thank you for the detailed patch report and tip ‘o the fedora to SueW as well! your posts take the guesswork right out of the process. i lost the ngen speed ’em up years ago so it is nice to have it although mscorsvw.exe usually runs for 11-14 minutes and at this late stage of the win7 patching game i really don’t mind the wait. i see trusted installer run for 10-13 minutes and then move on. i’m skipping the SO for July and beyond if they also contain the telem just don’t want their plumbing .dlls, .exe’s., mui’s and associated winSxS in the mix. the win7 started life around 4GB and now is a plump 20GB after all the patching…

        1 user thanked author for this post.
    • #1906542 Reply

      anonymous

      Win 7 SP1 Home Premium 64-bit; Group B
      Following the directions of AJNorth & Sueska regarding telemetry and SueW’s excellent and precise record of her updating & installation of this July’s patches (minus Office) the updates went with only very minor glitches plus fixing Media Player and same as others above, post Task Scheduler telemetry check fix. The only problem is that when checking for updates, I was never offered the Net Framework KB4507420 patch, even with repeated checks. So I’ve gone to the Microsoft Update Catalog and have 3 security updates to choose from: which one should I download and install? I think it’s the 162.4 MB choice, but I’m not sure. Your help would be greatly appreciated. Thanks!

      1 user thanked author for this post.
      • #1906544 Reply

        PKCano
        Da Boss

        KB4507420 is a Rollup, a bundle of updates for different versions of .NET. If you are patching .NET manually you need to know which versions of .NET are installed on your computer. The patch for different versions have individual KB numbers different from the Rollup. (See the linked pages.) What you see installed is the Individual KBs, not the Rollup KB number.

        That is why it is best to update .NET through Windows Update. WU will determine what is on your computer and install the patches for the version(s) you have installed. If there is no patch for your version, you may not be offered any through WU.

        2 users thanked author for this post.
        • #1906546 Reply

          anonymous

          Thank you for your quick response and for the information.

        • #1906554 Reply

          anonymous

          PKCano, thanks again for your input. Actually, as an apparent Group B “for REALLY dumb dummies” member, I usually wait monthly til the last minute to install whatever patches are available. When checking for further WU at the end, I will hide any unchecked + checked patches that show up that do not belong in my personal patching roster for that month. Those patches that I hide, apparently can be patches that I will be needing for the next month, which is what happened with 2019-07 Security and Quality Rollup for .NET Framework KB4507420. After a light bulb suddenly flickered on above my head, I checked my hidden patches and found my KB4507420. I just downloaded and installed it without incident. Sorry to have bothered you in the middle of the night.

    • #1906593 Reply

      Noel Carboni
      AskWoody_MVP

      Probably few folks check back here, but I wanted to mention some of my recent experience…

      Friday I took it upon myself to bring 6 machines at work up to date.

      Two were mine (my desktop workstation and a VM within), three were high end server farm machines that were recently installed (e.g., less than two months ago, bought new and Win 10 v1903 installed afresh by a coworker), and one was a coworker’s office machine.

      Of those six systems EVERY SINGLE ONE exhibited errors upon running SFC /VERIFYONLY. All had to be repaired by running DISM /Online /Cleanup-Image /RestoreHealth then SFC /SCANNOW. Fortunately that succeeded in every case.

      These systems are closely and carefully managed and kept up to date every month when Woody here takes us to MS-DEFCON 4 or higher.

      2 of the 6 machines I personally verified as of last month’s patches to pass an SFC check cleanly. I presume the other 4 must have been clean at some point, though I can’t be certain.

      How is it Windows 10 has become so fragile, so apt to soil itself, that it requires geek chops to recover virtually every machine just used normally? How many folks, even in Engineering lines of business, even know to use DISM? What do regular folks do?

      -Noel

      6 users thanked author for this post.
      • #1906595 Reply

        geekdom
        AskWoody Plus

        I periodically run system checks — different operating system, same lack of trust.

        Group G{ot backup} Win7Pro · x64 · SP1 · i3-3220 · TestBeta
      • #1906596 Reply

        anonymous

        What made you run system file checker after installing the latest round of patches? Is it just  your company’s SOP (Standard Operating Procedure, for the uninitiated), or were there issues during or immediately after installation that brought about the need for using SFC?

        R/

        Bob99

        • #1906622 Reply

          Noel Carboni
          AskWoody_MVP

          It is a matter of personal habit going way back.

          I just always check, before and after updating. If it finds a problem before, I fix it before attempting updates. If it finds a problem after I fix is so that maybe – just maybe – next time I won’t find one before.

          -Noel

          1 user thanked author for this post.
      • #1906612 Reply

        Lars220
        AskWoody Lounger

        What do regular folks do?

        Move to Linux Mint 19.2 ?  …  🙂

        Thanks Noel for the reminder about the Command Prompt DISM and SFC commands, remember to ‘Run as Administrator’.  I have done that with Win10 v1803 and recently with version 1809. I am not using 1903 yet. Were all 6 of your computers on v1903? What type of problems were you having? I am learning about LM19.2 in my Win7 VirtualBox.

        • #1906624 Reply

          Noel Carboni
          AskWoody_MVP

          If only it were so easy to just hop to another OS.

          The two office systems were v1809, the VM and the three test machines in the server farm were v1903.

          I kept my own office system on Windows 10 for Workstations v1809 simply because it has not yet been offered v1903 and I’m in no hurry to beta test the new version. I have it set to the most conservative setting, formerly known as “Current Branch for Business” I guess, as I need the machine to be stable (which it is). It was clean before the update but gathered some kind of SFC problem during the update, which I then fixed.

          The other office system running Windows 10 Enterprise had an SFC problem before the update, which I fixed, then it was offered v1903 this time around, so I went ahead and put the new version in. That went quite smoothly, and wasn’t corrupted (SFC-wise) upon login after the upgrade.

          The three server systems have the most “stock, out of box” configurations of Windows 10 Enterprise. All three of those showed SFC problems before the update, which I fixed, and after the update no additional corruption was detected.

          -Noel

          1 user thanked author for this post.
    • #1906627 Reply

      walker
      AskWoody Lounger

      @woody:

      I have not received ANY notices of updates to the subjects I am subscribed to since August 9th.     What is wrong with the system?   I have no problem with logging in, and trying to find a subject to read the replies to, however I have NOTHING being sent to my email for notifications since August 9th.    Is anyone else having problems with this?    I am lost without my notices of new messages.    I have no idea what the problem could be….  Thank you for any help you be able to provide.  Your website is the “pot of gold” at the end of the rainbow.  THANK YOU ONCE AGAIN.    🙂

      • #1906634 Reply

        PKCano
        Da Boss

        Be sure your Notifications are not going into the Spam or Trash folder in your email.
        If you want notifications from a whole topic, click the “Subscribe” button at the top of the topic.
        Screen-Shot-2019-08-11-at-3.56.41-PM

        If you want a notification from a reply you make, be sure to check the box at the bottom of your reply.

        Screen-Shot-2019-08-11-at-3.59.53-PM

        Attachments:
        • #1906946 Reply

          walker
          AskWoody Lounger

          @pkcano:    I have never had any problems receiving the “alerting” emails since I’ve been a member of this forum.   I always check all spam and trash before clearing, so I don’t know what is occurring.   I have not changed anything at all, when my “alerts” suddenly stopped and have not started again.   Thank you for the tips, which I have always strictly adhered to.   Again, and again, I “thank you”.

          • #1906949 Reply

            PKCano
            Da Boss

            @walker
            What browser are you using?
            In Firefox, there is a setting to allow notifications.
            Tools/Options/Privacy & Security/Permissions/Notifications
            If you click on the “Settings” button, you can allow notifications from:
            Https: // www. askwoody. com  (Don’t put any spaces in it like I did.)

            • #1906953 Reply

              walker
              AskWoody Lounger

              PKCano:    MIRACLE OF MIRACLES!!!   Your notification on this “alert” is the FIRST I’ve received since my “alerts” suddenly stopped!!   I have done nothing difference, so I don’t know the reason why, however I am SO thankful that I have received the “alert”.    THANK YOU for all of the recommendations (however I’ve never had to use anything other than what I’ve always used).    This is VERY strange, however I’m not questioning it!   I AM SO HAPPY!!!

              I only hope it continues without anymore problems.    As always “THANK YOU” for all of the time and effort you expend helping all of us, PK!!      🙂  🙂

            • #1907296 Reply

              b
              AskWoody Plus

              @walker
              What browser are you using?
              In Firefox, there is a setting to allow notifications.
              Tools/Options/Privacy & Security/Permissions/Notifications
              If you click on the “Settings” button, you can allow notifications from:
              Https: // www. askwoody. com  (Don’t put any spaces in it like I did.)

              Does that have anything to do with email notifications from subscribed threads?

              Knuckle dragger Cannon fodder Chump Daft glutton Idiot Crazy/Ignorant Toxic drinker Blockhead Unwashed mass Seeker/Sucker "Ancient/Obsolete" (Group ASAP) Win10 v.1903

    • #1906881 Reply

      MrToad28
      AskWoody Lounger

      Updated 8 Windows 7 PC’s on 8/4..Using JULY Roll-ups. No problems seen. Skipped the June update.

      • This reply was modified 5 days ago by  MrToad28.
      1 user thanked author for this post.
    • #1906938 Reply

      WSstarvinmarvin
      AskWoody Lounger

      When reading Woody on Windows (August 2 column – It’s Time to Install Most of July’s Office and Windows Patches) at Computerworld.com I noticed this statement:

      There are plenty of full-image backup products, including at least two good free ones: Macrium Reflect Free andEaseUS Todo Backup.

      Both of those backup programs are good. In fact, I often use Macrium Reflect Free. I’m curious, however, as to why Woody didn’t mention Windows own System Image backup. It’s known as Backup and Restore (Windows 7) these days, and it still does a good job. So, why no mention?

      Backup-and-Restore-in-Win-10-Control-Panel

      Attachments:
      • #1907279 Reply

        woody
        Da Boss

        Microsoft has buried the old Win7 backup program. Persistent talk says that it fails in some cases.

    • #1907085 Reply

      OldBiddy
      AskWoody Lounger

      I’m running Windows 7, Home 64 bit. I installed all the important July updates that were checked without incident. But I noticed since the update, my disk space has gone down spontaneously by 3 gig! Can this be due to the addition of the telemetry in the July roll Up? Otherwise the system seems normal, just seeing this disconcerting drop in disk space. Any help would be greatly appreciated!

      • #1907140 Reply

        Paul T
        AskWoody MVP

        Restore points may account for the extra space rather than telemetry. Try running the disk clean up utility to see how much space you might recover?

        cheers, Paul

        1 user thanked author for this post.
        • #1907261 Reply

          OldBiddy
          AskWoody Lounger

          Thank you, Paul, for this suggestion. I will try it and see if it recovers any space.

      • #1907275 Reply

        anonymous

        Hello OldBiddy,
        PaulT may have a point in that System Restore points are made by the MS updates. However I would had thought eventually the maximum amount of the drive would had been met, thereby having the oldest restore points drop off. However, it is a good thought and should be looked into.

        I would also suggest you run Microsoft’s “Disk Cleanup”, press the “Clean up System Files” button, and see about further cleaning by removing the “old MS updates and Previous Windows version OS” and Delivery Optimization files. Reboot afterwards. Do not panic if it takes some time to reach the desktop again. We have seen as long as 45 minutes of a “black screen” and then up pops the login or the desktop. It does have to delete the files and redo pointers and that takes time.

        After every MS update, a day or two later, I run Ccleaner. I use the older 5.29 or 5.30 version before Avast bought them. It usually find 500 megs to remove, 400 megs of that being logs and error logs. Unless you want to have your Windows 7 upgraded to windows 10, I see no reason to make send or keep any error logs that windows 7 may acquire. If you are not intending to upgrade to Windows 10 on that computer, you might consider turning off (disable) the “Windows Error Reporting service”.

        Hope this helps.

        1 user thanked author for this post.
        • #1907576 Reply

          OldBiddy

          Oldbiddy here. Can’t seem to sign on to the forums – pwd not working though I haven’t changed anything. I did successfully sign on earlier.
          But just wanted to let Paul and anonymous know that running disk clean freed up considerable space – about 10 gig!!! All those old windows updates and SP1 backup files took up a lot space. I figured I shouldn’t need the Service Pack backups since my nearly 10 year old laptop will be obsolete in the next few months. I do have my data files backed up and can move them to whatever new machine I get next.
          Many thanks to anonymous and Paul for your help. So glad it worked 😊. Although it’s still a puzzle to me why I lost so much disk space within the span of a week.

          • #1907581 Reply

            OldBiddy

            This is really strange. I’m not signed in but my post shows my name. I get an error when I try to sign on saying either my userid or password is wrong, but I was still able to post as myself. Not being officially signed in though, so I can’t see the option to thank anyone. And I never use the keep me signed in option. Maybe my account is corrupted in some way.

            • #1907585 Reply

              PKCano
              Da Boss

              Your name is on it because I put it there, not because you could post as yourself when not logged in. I have magic like that. 🙂 LOL

              1 user thanked author for this post.
            • #1907587 Reply

              OldBiddy

              Thanks for doing that PKCano! I know I’m not the sharpest tech tool in the shed, but this really confused me! But what do you suppose is wrong with my account, not being able to log in? Should I just reset my password?

            • #1907590 Reply

              PKCano
              Da Boss

              That will work, but write it down.
              Yes, I know, but it’s the only way for us old people. 🙂

              1 user thanked author for this post.
            • #1907592 Reply

              OldBiddy

              You know, this is absolutely true 😋. I do write things down – that’s the only password manager I can handle! And I’m sure you’re not old at all, PKCano – you’re just trying to make me feel better, bless your heart 😊.

               

              Moderator note: PK has left the room 😀

              1 user thanked author for this post.
    • #1907151 Reply

      anonymous

      Windows 7 SP1 Ultimate, x64, Group B.

      Yesterday I decided to install the so-called Security-Only update KB4507456. After restarting, apart from the scheduled tasks added in the Task Scheduler, I have noticed in the the Event Viewer this warning message:

      A provider, InvProv, has been registered in the Windows Management Instrumentation namespace Root\cimv2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

      Doing some searching in the web, I have not found something really definite about this, but I suspect that it relates with the notorious  KB2952664 …

      1 user thanked author for this post.
      • #1907155 Reply

        Alex5723
        AskWoody Plus

        I suspect that it relates with the notorious  KB2952664 …

        Yes, it is, and dates back to year 2015

        https://www.sevenforums.com/system-security/365182-provider-invprov-has-been-registered-windows-management-ins.html

        1 user thanked author for this post.
      • #1907372 Reply

        SueW
        AskWoody Plus

        I never would have thought to look at Event Viewer unless I read your post, but I also have 2 of the same warning messages. Each warning has the same date and time (right after I installed KB4507456), the same source [WMI] and the same Event ID [63].

        I’m tempted to delete these; have you?

        Win 7 SP1 Home Premium 64-bit; Office 2010; Group B; Former 'Tech Weenie'

        • #1907651 Reply

          anonymous

          I have deleted the known telemetry tasks, but I have not touched the WMI providers. In fact, I do not know how you can remove such a provider and whether this will cause other side effects on my PC.

          1 user thanked author for this post.
          • #1907803 Reply

            SueW
            AskWoody Plus

            Hi @anon, thank you for your response. I had disabled the telemetry tasks again (although I was tempted to delete them as you did!).

            As to removing the InvProv provider, one could delete each of its ‘Warning’ events in Event Viewer > Custom Views > Summary page events, where the Actions for each event, including Delete, are in the right-hand margin. If deleted, I’m not sure what any side effects would be either, though my system didn’t have this provider prior to installing KB4507456.

            Win 7 SP1 Home Premium 64-bit; Office 2010; Group B; Former 'Tech Weenie'

    • #1907245 Reply

      wavy
      AskWoody Plus

      woody
      I am getting Noscript blocking netdna-ssl.com & windows.com on this page!!

      🍻

      Just because you don't know where you are going doesn't mean any road will get you there.
      1 user thanked author for this post.
      • #1907281 Reply

        woody
        Da Boss

        I had a report of a similar (but not identical) scripting/ad blocking package having a fit with Susan Bradley’s post here.

        Ends up it was a simple mistake — the second link was pasted as http, when it should’ve been https. Changed it to https, and the warning went away.

        I wonder if you’re seeing something similar?

         

        • #1907465 Reply

          wavy
          AskWoody Plus

          Still present!
          and

          Capture1

          ??

          🍻

          Just because you don't know where you are going doesn't mean any road will get you there.
          Attachments:
    • #1907729 Reply

      Anton Karlan
      AskWoody Lounger

      We have a big problem with Internet Explorer on Windows 7 x64 and June+July Monthly Rollup Updates and Cumulative security update for Internet Explorer.

      I made a video about that problem – https://youtu.be/DWISubnC5sI

      In two words – IE starts sooo long and works soooo slow after problem updates. When you uninstall update – IE fast as it can be again.

      If we install some of next updates, we have IE problem:

      KB4503292 (June Monthly Rollup)

      KB4507449 (July Monthly Rollup)

      KB4503259 (Cumulative security update for Internet Explorer: June 11, 2019)

      KB4507434 (Cumulative security update for Internet Explorer: July 9, 2019)

      We don’t have any problems with KB4507456 (Security-only update)

      Today we try to install KB4512506 (August Monthly Rollup) – no problem, all fine. But August updates are just released and on DEFCON2.

      Does somebody have same issue?

      Or it is some kind of our specific issue?

      1 user thanked author for this post.
    • #1910067 Reply

      woody
      Da Boss

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: MS-DEFCON 4: Time to get the July 2019 patches installed

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Cancel