News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • MS-DEFCON 4: Time to get the July 2019 patches installed

    Home Forums AskWoody blog MS-DEFCON 4: Time to get the July 2019 patches installed

    • This topic has 158 replies, 53 voices, and was last updated 12 months ago.
    Viewing 47 reply threads
    • Author
      Posts
      • #1901171 Reply
        woody
        Da Boss

        There’s some important new information for those of you installing Security-only patches for Win7 and Server 2008R2, and there’s an unconfirmed report[See the full post at: MS-DEFCON 4: Time to get the July 2019 patches installed]

        7 users thanked author for this post.
      • #1901180 Reply
        WildBill
        AskWoody Plus

        I know the Computerworld article is coming soon, but I was checking Windows Update on my 8.1 PC & noticed a Security Intelligence Update for Windows Defender (Version  1.299.1095.0). On the Update tab for Defender, my current version is 1.299.867.0. Clicking on ‘More info’ in WU, I get this page: https://www.microsoft.com/en-us/wdsi/definitions. Should I just click on the “Update definitions” button in Defender, or do I need to download from the webpage?

        Windows 8.1, 64-bit, back in Group A... & leaning toward Windows 10 V2004. As long as it's a Lot Less Buggy!
        Wild Bill Rides Again...

        2 users thanked author for this post.
        • #1901190 Reply
          warrenrumak
          AskWoody Plus

          You can hit ‘Update Definitions’ if you like, but you don’t have to.  It’ll take care of itself.  Microsoft produces updates to their antimalware definitions 10+ times a day… substantially faster than most systems will stay up to date.

          Your “1.299.867” definitions are maybe 2 days behind.

          You can check the Windows Event Logs to see when definitions are installed, to get a sense of how often it happens.

           

          2 users thanked author for this post.
        • #1901193 Reply
          Alex5723
          AskWoody Plus

          Security Intelligence Update for Windows Defender

          Security Intelligence Update for Windows Defender is Microsoft’s new name for Windows Defender updates.

          4 users thanked author for this post.
          • #1903154 Reply
            Sparky
            AskWoody Plus

            That must also include MSE for Windows 7.
            As of 7/30/19 the MSE definition name changed to Security Intelligence Update. Unless Windows Defender and MSE are one in the same?

            Dell, W10 Professional, 64-bit, Intel Core i7 Quad, Group A

            HP, W7 Home Premium, 64-bit, AMD Phenom II, Group A

            • This reply was modified 1 year ago by Sparky.
            1 user thanked author for this post.
      • #1901195 Reply
        MrJimPhelps
        AskWoody_MVP

        Thanks for the reminder, Woody. For once, I’m not going to miss the opportunity to update during Defcon 4!

        Group "L" (Linux Mint)
        with Windows 8.1 running in a VM
      • #1901196 Reply
        Bluetrix
        AskWoody MVP

        Should I just click on the “Update definitions” button in Defender, or do I need to download from the webpage?

        As @warrenrumak suggests, Windows Defender updates itself outside the realm of WU, as it should. It’s the only update from MS that I do not have blocked.

        A recent (April 2019) article on setting WD to automatically update can be read here at thefreewindows.com web site. That auto solution will show in tasks, if you don’t want it to show (work in the background) another page on the same site shows the same process making it hidden.

        I don’t rely on Defender to protect me, but see no reason not to have it updated in the background just the same.

        HTH

      • #1901198 Reply
        honx
        AskWoody Lounger

        i think, i’ll only install ie and office patches for win7 and 8.1, skipping “security” updates for windows… let’s see, if august patches also have this telemetry bull***t built in… if so, then i’m definitely group w.

        ie updates still cumulative, i assume, so i only need KB4510979 (skipping KB4507434), right?

        PC: Windows 7 Ultimate, 64bit, Group B
        Notebook: Windows 8.1, 64bit, Group B

        • #1901206 Reply
          BobT
          AskWoody Lounger

          i think, i’ll only install ie and office patches for win7 and 8.1, skipping “security” updates for windows… let’s see, if august patches also have this telemetry bull***t built in… if so, then i’m definitely group w.

          ie updates still cumulative, i assume, so i only need KB4510979 (skipping KB4507434), right?

          Yup, same! Had enough.

          Nice to retain control of my own PC.

          • #1901270 Reply
            samak
            AskWoody Plus

            Yes, this seems like a reasonable option since we haven’t heard of any show-stopping security issues that this month’s patch is supposed to fix.

            W7 SP1 Home Premium 64-bit, Office 2010, Group B, non-techie

        • #1901351 Reply
          anonymous
          Guest

          I’m not installing that July 2019 “security only” update and also I’m not bothering with the July IE update this late either as the IE updates are cumulative anyways! So for now  I’ll just wait for the Aug IE and the Aug Security Only update and see if that’s also infected with any MS telemetry.

          I’ll continue to avoid any and all Security Only Updates that have anything extra hidden inside that has no business being there. MS really needs to stop with the nonsense and it’s really tempting to just forget about any further patching anyways but any more of the same from MS with any “Security Only” nefariousness  and not patching 7 anymore will become the rule long before Jan 2020 arrives.

        • #1902307 Reply
          Charlie
          AskWoody Plus

          If my memory serves me well, Woody said a while back that Security Only, Group B, Windows Updates are not cumulative and must be installed every month in order.  So I don’t think you can skip the July S.O. update and then install the August S.O. update.  I think this applies to the IE S.O. updates too.

          I’m pretty sure I’m remembering this correctly but if not, someone please correct me.

          Win 7, Sandy Bridge 3.3GHz, Linux Mint 19.1, Klaatu barada nikto

          • #1902308 Reply
            PKCano
            Da Boss

            The SOs are not cumulative, they are individual.
            So you can skip any one your want to skip, HOWEVER, when you do, you skip the security fixes it contains.
            You won’t get the fixes next month of the next month.
            So if you need the fixes, you have to go back and install the SO you skipped.

            2 users thanked author for this post.
      • #1901215 Reply
        honx
        AskWoody Lounger

        have not touched win7 updates yet, updating win8.1 notebook right now.

        “update for microsoft filter pack 2.0” (kb3114879) is “important” and checked. can i install it? i skipped it last month, installing june patches. i’ll install all three other “important” and checked security updates for office 2010 (excel kb4464572, office kb4462224, outlook kb4475509) and of course defender and msrt.

        and there is a new “important” and checked .net rollup, is it clear to install?

         

        Fortunately, there are ways to circumvent the telemetry, or at least minimize it. Details following.

        will there be a separate article which contains step by step instructions?

        PC: Windows 7 Ultimate, 64bit, Group B
        Notebook: Windows 8.1, 64bit, Group B

        • #1901216 Reply
          PKCano
          Da Boss

          The July Windows 7 patches have been given the go-ahead if you are Patching Group A.
          The Group B people have to make a choice about whether or not to install the Security-only patch, but other than that the July updates have the go-ahead.

           

          2 users thanked author for this post.
          • #1901223 Reply
            honx
            AskWoody Lounger

            The July Windows 7 patches have been given the go-ahead if you are Patching Group A.
            The Group B people have to make a choice about whether or not to install the Security-only patch, but other than that the July updates have the go-ahead.

             

            i asked regarding deactivating telemetry if i decide to install that contaminated “security” patch for windows 7.

            Fortunately, there are ways to circumvent the telemetry, or at least minimize it. Details following.

            will there be a step by step instruction available for this case?

            and what about “update for microsoft filter pack 2.0” (kb3114879) and .net rollup? both are “important” and checked (at windows 8.1 at least, still haven’t touched win7 updates)…

            PC: Windows 7 Ultimate, 64bit, Group B
            Notebook: Windows 8.1, 64bit, Group B

            • #1901231 Reply
              PKCano
              Da Boss

              i asked regarding deactivating telemetry if i decide to install that contaminated “security” patch for windows 7

              Try AKB2000012.

              and what about “update for microsoft filter pack 2.0” (kb3114879) and .net rollup? both are “important” and checked (at windows 8.1 at least

              The June and July patches have the DEFCON 4 approval with the exception of the Win7 SO which requires the user’s choice.

              2 users thanked author for this post.
              • #1903573 Reply
                anonymous
                Guest

                thank you so much for this info… the Woody on Windows Defcon 4 article just said this can be done, bit the links embedded in the article didn’t say HOW to do it.

      • #1901218 Reply
        EP
        AskWoody_MVP

        UH-OH woody!

        Remember KB4023057? It’s baaacccckk 🙁

        https://borncity.com/win/2019/08/02/windows-10-compatibility-update-kb4023057-08-01-2019/

        https://news.softpedia.com/news/microsoft-re-releases-the-notorious-windows-10-update-kb4023057-526931.shtml

        you may need to revise/update your recent article from Computerworld and include info about the newly revised KB4023057 update and how to hide/block it

        • This reply was modified 1 year ago by EP.
        • This reply was modified 1 year ago by EP.
        2 users thanked author for this post.
      • #1901224 Reply
        GWL894
        AskWoody Lounger

        Is there any evidence of telemetry c*** in the 8.1 security-only July patch, or is it just in Win7?

        • #1901227 Reply
          PKCano
          Da Boss

          Not in the Win8.1 Security-only patch.

          2 users thanked author for this post.
      • #1901228 Reply
        Moonbear
        AskWoody Lounger

        Is there any way to tell if its ok to skip the .net rollups?

        • #1901233 Reply
          PKCano
          Da Boss

          You can skip any patch, but in doing so you skip the quality and security fixes they contain.

      • #1901237 Reply
        honx
        AskWoody Lounger

        i asked regarding deactivating telemetry if i decide to install that contaminated “security” patch for windows 7

        Try AKB2000012.

        and what about “update for microsoft filter pack 2.0” (kb3114879) and .net rollup? both are “important” and checked (at windows 8.1 at least

        The June and July patches have the DEFCON 4 approval with the exception of the Win7 SO which requires the user’s choice.

        i’d rather wait for something more current, regarding this contaminated july patch.

        on windows 8.1 i’m installing all important updates right now (except that group a patch).

        PC: Windows 7 Ultimate, 64bit, Group B
        Notebook: Windows 8.1, 64bit, Group B

        • #1901248 Reply
          PKCano
          Da Boss

          i’d rather wait for something more current, regarding this contaminated july patch.

          There is an ongoing discussion about the telemetry here

          Is 4:00am Friday, Aug 2 (today) current enough for you?

          • #1901256 Reply
            honx
            AskWoody Lounger

            i’d rather wait for something more current, regarding this contaminated july patch.

            There is an ongoing discussion about the telemetry here

            Is 4:00am Friday, Aug 2 (today) current enough for you?

            that is a bit too complicated for me to follow, it seems to need a monitoring software and tampering in registry as far i have read. like already announced for the time being i’ll only install ie and all other important checked patches and stay put regarding that malware patch.

            btw. on windows 8.1 i also installed that 2019-07 servicing stack (kb4504418)… does windows 7 also await a new servicing stack for july?

            PC: Windows 7 Ultimate, 64bit, Group B
            Notebook: Windows 8.1, 64bit, Group B

            • #1901261 Reply
              PKCano
              Da Boss

              The latest Win7 Servicing Stack KB4490628 was released with the March Patch Tues. updates. You will need that. See if you have it installed.

              You will also need the SHA-2 update KB4474419 if it’s not installed.

              1 user thanked author for this post.
      • #1901247 Reply
        Berserker79
        AskWoody Lounger

        Just a heads-up to report that today on my Windows 10 1803 Home machine I was offered a new KB 4023057 update (2019-08). I suppose this update was released after woody changed the MS-DEFCON level to 4, so anyone on 1803 trying to avoid KB 4023057 better keep your eyes open when installing the July patches.

        1 user thanked author for this post.
      • #1901263 Reply
        Alex5723
        AskWoody Plus

        I had to restart my 1809 after installing a new update for Intel 630 GPU and got the notice regarding July updates.
        installed .Net KB4507419
        installed CU KB4507469
        installed .Net KB4503864
        installed MSRT KB980830

        Didn’t get Servicing stack KB4512937

        • #1901865 Reply
          Alex5723
          AskWoody Plus

          I had to restart my 1809 after installing a new update for Intel 630 GPU and got the notice regarding July updates.
          installed .Net KB4507419
          installed CU KB4507469
          installed .Net KB4503864
          installed MSRT KB980830

          Didn’t get Servicing stack KB4512937

          Just checked the Uninstall Updates. None of the updates just installed are on the list, however I have other updates installed on Aug. 2 :

          KB4507469 (Download and install now)
          KB4506998 (Cumulative Update for .NET Framework 3.5 and 4.7.2)
          KB4509095 (Servicing stack update for Windows 10, Version 1809)

          KB4512937 from July 22 superseded KB4509095 from July 5, yet I haven’t got it.

          What a mess.

          • This reply was modified 1 year ago by Alex5723.
          • This reply was modified 1 year ago by PKCano.
      • #1901269 Reply
        honx
        AskWoody Lounger

        after installing updates (including 2019-07 servicing stack) on win8.1 i can’t search for updates anymore. error code 8024402c.

        PC: Windows 7 Ultimate, 64bit, Group B
        Notebook: Windows 8.1, 64bit, Group B

      • #1901502 Reply
        OscarCP
        AskWoody Plus

        The telemetry issue aside, does the July Security Only patch take care of something that is particularly important and necessary? Is it likely that not installing it now will cause serious problems when installing future SO updates?

        Windows 7 Professional, SP1, x64 Group W (ex B) & macOS + Linux (Mint)

      • #1901530 Reply
        Alex5723
        AskWoody Plus

        Did you know that Microsoft has disabled VBScript for IE11 in Windows 10 with July 9 CU updates ?
        Microsoft is going to disable VBScript for IE11 in Windows 7, 8, 8.1 with AUG. 13 CU updates.

        In early 2017, we began the process of disabling VBScript in Internet Explorer 11 to give the world the opportunity to prepare for it to be disabled by default.

        The change to disable VBScript will take effect in the upcoming cumulative updates for Windows 7, 8, and 8.1 on August 13th, 2019. VBScript will be disabled by default for Internet Explorer 11 and WebOCs for Internet and Untrusted zones on all platforms running Internet Explorer 11. This change is effective for Internet Explorer 11 on Windows 10 as of the July 9th, 2019 cumulative updates.

        https://blogs.windows.com/msedgedev/2019/08/02/update-disabling-vbscript-internet-explorer-windows-7-8/

        1 user thanked author for this post.
        • #1901538 Reply
          abbodi86
          AskWoody_MVP

          Did you know that Microsoft has disabled VBScript for IE11 in Windows 10 with July 9 CU updates ?

          No one knew
          they really like short notice

          • This reply was modified 1 year ago by abbodi86.
      • #1901569 Reply
        Berserker79
        AskWoody Lounger

        Hey everyone, I was preparing to install the July patches (Windows 10 Home 1803 here) when I noticed something “unusual” upon running wushowhide to un-hide the July updates: the July CU for 1803 (i.e. KB4507435) has disappeared from the list of hidden updates (all I see in the hidden updates list are the July Office 2013 updates, the 2019-07 Windows Defender update, the 2019-08 KB4023057 update and the Feature update to 1903).

        Assuming that WU will not automatically install the July CU for 1803 with the other July updates, should I install it (and the corresponding servicing stack update) manually by downloading the relevant files from the MS Update Catalog? Or should I just skip this CU entirely?

        1 user thanked author for this post.
        KP
      • #1901917 Reply
        Chris B
        AskWoody Plus

        Just installed the July updates on Win7 64bit. All installed except the Security Intelligence Update KB915597 v 1.299.1066.0, which failed with code 80070650. Windows gives no real help on that code. I tried it several times – always failed.

        I’m just reporting the issue. I don’t really care, since I use Kaspersky as my primary defence.

        Chris
        Win 10 Pro x64 Group A

        1 user thanked author for this post.
        • #1903714 Reply
          280park
          AskWoody Plus

          FYI

          On my 64-bit Windows 7 laptop Windows Update responded with an error code when I tried to install Security Intelligence Update for Windows Defender Antivirus version 1.299.1293.0. I subsequently opened Windows Defender and checked for updates and it updated to version 1.299.1319.0 dated August 5, 2019.

          1 user thanked author for this post.
          • #1906699 Reply
            L95
            AskWoody Plus

            I have 32-bit Windows 7 and am getting the same error code 80070650 as Chris B and 280park and Anonymous (see August 5th posting below by Anonymous).  I tried the trick that worked for 280park and Anonymous,  by opening up Windows Defender and checking for updates,  but I’m not sure whether it work for me.  I tried it twice.  I don’t recall what it said on the first attempt,  but on the second attempt it said “no new definitions or updates are available”.  But there’s nothing showing up in my update history of any successful installation of Windows Defender since  July 4th.  When I look within Windows Defender  at what antispyware definition I have,  it says I have definition 1.299.1783.0.   The definition that failed to install earlier today due to Error Code 80070650 was definition  1.299.1765.0,  which appears to be an earlier definition than what I presently have.  I then did another check for Windows Updates,  and Windows Updates says “No important updates available”.   Does this mean that I have successfully installed the latest Windows Defender update even though my update history shows three failures at installing definition  1.299.1765.0,  and nothing else with respect to Windows Defender?

            • This reply was modified 1 year ago by L95.
            • #1906808 Reply
              280park
              Guest

              L95-

              Since opening Windows Defender to update it to version 1.299.1319.0 (which does not show up in Windows Update history), I have been successfully updating Windows Defender by using Windows Update. Shortly after your post, I ran Windows Update and again was able to update Windows Defender, this time to version 1.299.1765.0. At that time, which was several hours ago, I clicked the “More information” link that accompanied the update and the linked Microsoft page indicated that the latest version was 1.299.1791.0. Several minutes ago, I again clicked the “More information” link and the linked Microsoft page indicated that the latest version was 1.299.1798.0. However, neither Windows Update nor Windows Defender is indicating that any new versions are actually available to install.

              I am not an expert, but it seems that new Windows Defender versions are developed throughout the day but are made available for installation on a less frequent basis.

              • #1906931 Reply
                280park
                AskWoody Plus

                For clarity, message #1906808 dated August 12, 2019 at 3:03 am was posted by me. I forgot to log in when posting it.

      • #1902079 Reply
        Seff
        AskWoody Plus

        I’ve installed the monthly rollup KB4507449 and the .Net Framework update KB4507420 today on my main Win7 X64 Home desktop with no apparent issues. I’ll leave the other similar machine (but with 5 Office 2010 updates also on offer) for a couple of days while I see how the main machine is running.

        Thanks as always to Woody and the team for all advice received.

        2 users thanked author for this post.
        • #1903704 Reply
          Seff
          AskWoody Plus

          Update: Second machine also now updated satisfactorily, as above.

          1 user thanked author for this post.
      • #1902320 Reply
        AJNorth
        AskWoody Plus

        Nine Windows 7 Pro x64 machines have been updated (Group “B”); all had four scheduled tasks added by KB4507456, which were deleted before rebooting to complete the installation.

        Each machine rebooted successfully, and they appear to be running with no discernable issues; the Task Scheduler shows that the added tasks remain deleted.  The Belarc Advisor is happy (and so am I).

        3 users thanked author for this post.
      • #1902335 Reply
        anonymous
        Guest

        Running Win8.1 64-bit – AND WPD to minimize “snooping”.

        After receiving the OK from Woody and Susan, installed the MS July 2019 ‘important’ (only) updates through Windows Update.   Before the update, WPS was set to maximum protections, including having the Microsoft Compatibility Appraiser DISabled.

        After the update, WPS showed the Compatibility Appraiser ENabled, and one or more of the third party applications from Microsoft (Skype, OneDrive, Live, etc.) was re-enabled.

        Reset WPD to full protection, and all seems to be well again.   No other update issues noted.

        1 user thanked author for this post.
      • #1902458 Reply
        anonymous
        Guest

        Could you please tell us the names of the four new scheduled tasks added by KB4507456 and under what are they located? Thanks!

        1 user thanked author for this post.
        • #1902567 Reply
          AJNorth
          AskWoody Plus

          Greetings. Here are the general instructions (for both Windows 7 & 8.1):

          (Note: if this is your first time clearing telemetry tasks from the Task Manager, then you will encounter several more than four tasks.)

          Open the Task Scheduler (click Start, then type task scheduler in the search box).

          In the left-hand (white) rectangular box expand Microsoft, then Windows.

          Within the Windows section of the hierarchal “tree” left-click on and delete (or disable) the following:

          –>  All tasks under Application Experience

          –>  All tasks under Autochk

          –>  All tasks under Customer Experience Improvement Program

          –>  Under DiskDiagnostic:  DiskDiagnosticDataCollector

          –>  Under Maintenance:  WinSat

          –>  Each task within (and under) Media Center

          Close Task Scheduler.  (You’re done.)

          12 users thanked author for this post.
          • #1902685 Reply
            AJNorth
            AskWoody Plus

            A post above mentions WPD — the Windows Privacy Dashboard, which is an exceedingly useful tool (portable and free):  https://wpd.app/ (Windows 7 -10).

            Here is a discussion of the app by Martin Brinkmann:  https://www.ghacks.net/2018/10/10/wpd-privacy-app-for-windows-updated/ from last October (it is currently at version 1.3.1203.0, released on 2019.07.08).

            As WPD does not automatically create a restore point, my recommendation is to set one before making any changes (on some systems, for example, I’ve found that one or another website may not be accessible after maximizing privacy, due to changes in the Windows firewall settings (https://outlook.live.com, for example).

            3 users thanked author for this post.
          • #1903823 Reply
            anonymous
            Guest

            Followed your instructions above. Win7 Pro X64. Didn’t see Compatibility Appraiser specifically. Should I be looking for that elsewhere? Please respond.

            FWIW, did the following today. Installed the IE11 update, rebooted and waited 10 minutes. Installed the Security Only .Net patch for 6.1. Then installed KB4507434. Before rebooting, went into Task Scheduler and disabled all items you mentioned which were not already disabled. Had turned off  Customer Experience Improvement… ages ago. Rebooted and rechecked in Task Scheduler and nothing had been altered. Am I missing something???

            For the benefit of others, turned on Windows Update and checked for updates. Hid the rollups. Hid the Malicious Software tool. Was offered and hid KB3150513. Tried to installed the renamed Windows Defender update which failed two times with code 80070650. Ran the Windows Update diagnostic tool and it failed the third time. Found complaints of this online with no resolution. Grrr… Rechecked for updates. Four Office 2010 updates were there plus the same Defender update. Installed the Office updates and closed Windows Update. Opened Defender which I don’t use because I have Kaspersky Internet Security. Ran the update from within Defender and it updated successfully to a much later version than WU had offered me. WHEW! Opened WU again and checked for updates. No Defender updates were offered. Closed WU “never check” until next update session. Such an ordeal… 🙁

            1 user thanked author for this post.
            • #1903841 Reply
              AJNorth
              AskWoody Plus

              Hello,

              The Compatibility Appraiser may explicitly appear in scheduled tasks under Microsoft –> Windows –> Application Experience as “Microsoft Compatibility Appraiser”; however, there are other elements that Redmond also employes.  So, if you’ve deleted everything mentioned above, even if the “MS Compatibility Appraiser” was not one of them, you’re still good-to-go.

              You might also check out the Windows Privacy Dashboard, mentioned above.  (It turns out that it now has the option to create a Restore Point, which I hadn’t noticed when I posted earlier; my bad… .)

              • #1904154 Reply
                anonymous
                Guest

                Much obliged for the reply. Just had a look and that item and one other appeared. Fairly sure previously only AitAgent was there. Just disabled them. Media Center had 4 – 5 items added. All disabled now. Will recheck the next time I start up this workstation. Hope I won’t need a wooden stake. 😉

              • #1904260 Reply
                AJNorth
                AskWoody Plus

                You’re more than welcome; glad to hear that the operation was successful (and the patient lived).  You’ll almost certainly not have to repeat the operation until after the next round of updating.

                (Note: you might want to use a silver stake, as it has much better conductivity… .)

              • #1904430 Reply
                anonymous
                Guest

                Unfortunately that stake was needed. 🙁 Mid-afternoon the machine slowed to a crawl and my network settings were inaccessible. Lots of reboots and shutdowns with errors which flashed by too quickly to see. Uninstalled the Security Only update which didn’t fix it. Had to bite the bullet and do a full Windows Image and Data restore from my WD Passport Drive. Takes forever and wipes the update history from the page in Windows Update. Installed Updates from Programs & Features is OK. This happened once before 2 – 3 years ago where Firefox froze and the network access icon was b*******. Whether this was related to the steps listed above, who can say. Right now, touch wood, all is back to normal. Only lost some financial data from today which I was 90% able to retrieve because my backup was done just last PM before I started the update drudgery. Ugh…

                Not sure whether I should just go Group W at this point as I need this high horsepower Zbook 17 from 2014 to run my life and essentially exist. Not sure I don’t trust Kaspersky Internet Security 2019 to protect this box vs M$. Kaspersky’s USA phone tech and remote support is 7-8/10 when I’ve needed it. Group W may just be the way to go. Hate the concept of Win10 and forced updates, particularly drivers. Have learned in the past that the latest drivers don’t play nice with older, even premium hardware.

                1 user thanked author for this post.
              • #1904458 Reply
                AJNorth
                AskWoody Plus

                Very sorry to hear that.

                Did you try System Restore and/or some of the built-in Windows repair tools (or use a bootable Win 7 installation DVD, or installation USB, to repair Windows)?

                For future reference, there is also a way to use a Win 7 installation disc or USB to perform an in-place (non-destructive) repair:

                https://www.winhelp.us/non-destructive-reinstall-of-windows-7.html and,

                https://turbofuture.com/computers/Repairing-a-Damaged-Windows-7-Installation.

                1 user thanked author for this post.
              • #1904716 Reply
                anonymous
                Guest

                Other than the restore point created by installing the Office updates, the previous restore point was too old. System Restore doesn’t have a great success rate after M$ updates, at least from personal experience. Touch wood, the image and data restore from backup works as well as it did 2 – 3 years ago and was created just prior to the July updating. Am drifting toward Group W and Canadian Tech approach to Windows Updates… 🙁 TBD

                Given the programs. configuration and amount of data on this workstation, am not comfortable with M$ doing the repairs. Need to speak again to the skilled I.T. tech who set this machine up. It’s been a couple of years = no news is good news. He works for a local firm which maintains hospitals, universities and Fortune 500. Curious about his take on newer workstation 17’s and Win10. His firm won’t touch consumer-grade hardware BTW.

      • #1903070 Reply
        anonymous
        Guest

        Windows 7 Pro SP1….Installed fine= no problems.

        Windows 10 Pro….Installed fine= no problems. Was not offered KB 4023057 .

        1 user thanked author for this post.
      • #1903164 Reply
        dgreen
        AskWoody Lounger

        Reporting in….
        Installed the following updates…
        KB4507449 (roll up)
        KB4507420 (security quality rollup for .net)
        All went smoothly.
        Hid: KB4493132
        MSRT have not installed this for many months.

        Did note that MSE (Microsoft security essentials) has a new name now.

        Dell Inspiron 660 (new hard drive installed and Windows 7 reloaded Nov. 2017)
        Windows 7 Home Premium 64 bit SP 1 GROUP A
        Processor: Intel i3-3240 (ivy bridge 3rd generation)
        chipset Intel (R) 7 series/C216
        chipset family SATA AHCI Controller -1 E02
        NIC Realtek PCLE GBE Family Controller
        MSE antivirus (now has a new name)
        Chrome browser
        DSL via ethernet (phoneline)

         

        • This reply was modified 1 year ago by dgreen.
        2 users thanked author for this post.
      • #1903307 Reply
        Myst
        AskWoody Plus

        Installed .Net Framework update KB4507420, Monthly Rollup KB4507449 and the 4 Office 2010 patches, all in that order but running one at a time with a restart in between. Let the PC sit idle for a bit to process everything. All is fine and dandy. Thanks to those who report in with results, otherwise I might get a little nervous.

        Win7 SP1 Home x64, MacOS / Chromebook

        3 users thanked author for this post.
      • #1903322 Reply
        Susan Bradley
        AskWoody MVP

        I’m going to be devil’s advocate.

        https://support.microsoft.com/en-us/help/4023057/update-to-windows-10-versions-1507-1511-1607-1703-1709-1803-and-1809-f

        If I’m on 10, and I’m offered that update and especially if I’m on an older feature release, why don’t I want that?  I’ve helped two people this week on 1803 (on even on Home sku) that are starting to get the alert that they will soon be out of support and they had no idea that they were feature release-less and were not getting them.  There systems were installing the normal monthly updates just fine.

         

        Susan Bradley Patch Lady

        • #1903561 Reply
          anonymous
          Guest

          As much as I hate to agree, I do understand that there are times and users that a patch to force an update -may- be necessary. I am speaking mainly about forcing an upgrade to the newer version of Windows 10.

          Most of the people we know are the “Mom & Pop” of the computer world. If one had a flow chart it would be like this: does the computer start? yes/no. If yes can you: a. browse the web, b. receive emails? If yes, that’s it, done. With the possible exception of printing, that is all there is for them. Yes, we have heard of clients that complain they can not get the newest Windows 10. Basically, someone told them a new version was out and -of course- they must have the latest and greatest. “I can’t get it. It won’t download for me.” They never would had known if no one told them. Therefore, in cases such as those, yes, a patch from Microsoft to diagnose and force feed a new version onto a computer is required.

          While the rest of us more technical users and helpers, follow Woody and have the same suspicions as Woody, the common “Mom & Pop” do need some assistance from the mothership to force an upgrade. I and others here prefer to wait and let the bugs get resolved, then move up. But not everyone feels that way.

          Thank you Woody for having this site.

      • #1903536 Reply
        Morty
        AskWoody Plus

        OK. I did a full backup. I ran a manual Create Restore Point. Now I’m putting on my armor and going in….

        Here’s what they’re throwing at me:

        2019-07 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 and Server 2008 R2 for x64 (KB4507420)
        2019-07 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4507449)
        Windows Malicious Software Removal Tool x64 – July 2019 (KB890830)

        Hopefully, everything will still be working when I come back.

        1 user thanked author for this post.
        • #1903643 Reply
          Morty
          AskWoody Plus

          Thank Heaven! And thank you Woody and his league of superheroes.

          I got through it. And this time I didn’t have to reconnect the network.

          Telemetry shmelemetry. Microsoft and Google already know more about me than I do. You have to pick your fights.

          Thanks again!

          6 users thanked author for this post.
          • #1903685 Reply
            Alex5723
            AskWoody Plus

            You have to pick your fights.

            I think this fight is worth picking even if it means a bloodbath.

            2 users thanked author for this post.
            • #1903706 Reply
              Morty
              AskWoody Plus

              I think this fight is worth picking even if it means a bloodbath.

              Sigh…You’re younger than I am. I hung up my guns.

              I will say that I deactivated my FB account and don’t use any of their products. I also don’t use a smarthphone or any i-Devices.

              I’m a neo-luddite. But I know when to put up the white flag. I do wish you success.

              • This reply was modified 1 year ago by Morty.
              • #1903746 Reply
                anonymous
                Guest

                ? says:

                excellent report, Morty! glad your monthly patching pitstop is over and you are on the the next adventure. i envy your mind set and raw courage

                me and Sancho P are still out here in the hinterlands tilting at windmills (until after Christmas if not done in before then)

              • #1903761 Reply
                anonymous
                Guest

                Hi Morty! 6536 here. I knew you were coming on board and getting to be a techie when I commented last month, “now people will be coming to you for help!” Glad it installed OK.

                Morty, Abbodi86 and AJNorth have great ideas. If you could go down either suggestions you WILL reduce the telemetry and “they” will know less about you than you do.

                See AJNorth’s comment #1902567 above. I am sure you can do it!

                Good Luck.

              • #1903943 Reply
                Alex5723
                AskWoody Plus

                Sigh…You’re younger than I am. I hung up my guns

                Don’t be so sure 🙂

                50 years in IT and still carry my guns.

                2 users thanked author for this post.
          • #1903795 Reply
            The Surfing Pensioner
            AskWoody Plus

            I really couldn’t care less what M/S and Google know about me – it’s many years now since I worried what the neighbours thought. I just don’t want any shoddily-made patches on my P.C. unless I absolutely have to install them.

            2 users thanked author for this post.
            • #1903921 Reply
              anonymous
              Guest

              @the-Surfing-Pensioner: It isn’t just what MS and G know about you in a properly scrubbed form of telemetry that rightfully does NOT have any personal identifiable information, but when things go awkward and then personally identifiable information DOES get out to the world.

              A few years ago Wed of Trust had a problem of not “scrubbing” the data clear of any personally identifiable information and a German magazine found data about people in the URLs that were sent back to the aggregators. By having this telemetry data turned off, it is closing another possible vulnerability you may have.

              Especially since AJNorth laid out above what to disable or delete, why not spend 5 minutes doing it? BUT … to each their own.

              And yes I do agree having a bad patch is more of a headache than turning off telemetry.

              • #1904062 Reply
                The Surfing Pensioner
                AskWoody Plus

                As I co-ordinate a small voluntary organisation single-handed, my personal identifiable information is all over the net anyway. It’s never been a problem; I don’t bank online. I was also (unfortunately) a customer with TalkTalk at the time their records were hacked and I still get overseas calls from individuals with Asian accents claiming to be TalkTalk technicians who ring me up asking for access to my P.C., or for money. I quite enjoy telling them what I think of them. In consequence, I have never been infected by the telemetry paranoia that troubles some people. I really haven’t  got anything left to hide.

              • #1904106 Reply
                jabeattyauditor
                AskWoody Lounger

                Consider this:  *You* don’t bank online – you haven’t setup online access to your bank – but all the information necessary to setup that access is available online.

                What could go wrong with this scenario?

                1 user thanked author for this post.
              • #1904243 Reply
                The Surfing Pensioner
                AskWoody Plus

                That’s not actually true, but as I have had no problems managing my (lack of) privacy for the last thirty years I am beginning to find this discussion very boring. Try somebody else?

                1 user thanked author for this post.
              • #1904259 Reply
                jabeattyauditor
                AskWoody Lounger

                🙂

                I’m prone to forget the international focus of Woody’s site.

      • #1903581 Reply
        Marcus Weldby
        AskWoody Plus

        I looked at the Master Patch List but I couldn’t find “Update Rollup 29 for Exchange Server 2010 Service Pack 3 (KB4509410)” with a date of 7/9/2019. Are we good to go with installing this update?
        Thanks, Susan for all you do!

        • #1903647 Reply
          jabeattyauditor
          AskWoody Lounger

          I don’t know if Susan approves or not, but UR29 patches a man-in-the-middle vulnerability that is exploitable. I’d install it.

          • #1903792 Reply
            Susan Bradley
            AskWoody MVP

            Apologies, missed it.  Not tracking issues, okay to install.

            Susan Bradley Patch Lady

            1 user thanked author for this post.
      • #1903840 Reply

        Reporting in late, have been unwell. Installed the July WIN7 .NET and Rollup with no issues.

        (Oh, and made sure that CIEP’s throat stayed cut. It did. Should take out 99% of pesky telemetry.)

        But why do I ALWAYS have to re-configure Windows Media Player every time I do a Rollup??

        Thanks to all here for repeatedly putting their head in the Sabre-toothed Tiger’s Jaws.

         

        Win7 Pro SP1 64-bit ESU, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", Group "Patch List", Multiple Air-Gapped backup drives in different locations, "Don't auto-check for updates-Full Manual Mode." Linux Mint Greenhorn
        --
        "A committee is the only known form of life that has at least four legs and no brain."

        -Robert Heinlein

        1 user thanked author for this post.
        • #1903905 Reply
          Bill C.
          AskWoody Plus

          I have had to do the Media Player re-configure after every Group B monthly patch also for a number of months now. It is not just the rollup.

          It also create a log file regularly.

          2 users thanked author for this post.
      • #1903887 Reply
        anonymous
        Guest

        Windows 7 Home 64 bit Group B

        I decided to switch to Group A (or so I thought). A check for updates offered .Net Framework KB4507420, Security Intelligence Update for Windows Defender KB915597, MSRT KB890830 and Security Monthly Quality Rollup KB4507449. Ironically, all installed except KB4507449. I downloaded the Security Only Group B patches and they all installed – guess I’m still Group B after all. I did disable all the recommended tasks in Task Scheduler.

        2 users thanked author for this post.
      • #1903946 Reply
        mn–
        AskWoody Lounger

        Oh hey, how does that go with servicing stack updates now? Latest or by kb number?

        Because some of those look funny. 1903 got a new SSU on the 27th but numbered earlier than the previous one from the 9th… and I had a bit of a bother some months ago on one system when the exact SSU by kb numbers wouldn’t work and had to get a later one to be able to install a CU.

        Yeah, right, 1903… but anyway.

      • #1904634 Reply
        anonymous
        Guest

        Quick question – If we’re Win7 group B and don’t want the bother with the telemetry in the July 2019 security update, is it still okay to install the IE11 update?

        Thanks

        • #1904639 Reply
          Microfix
          AskWoody MVP

          I actually don’t see why not, it’s a cumulative IE11 patch.
          However, here comes the caveat, the ‘security patch’ in Group B is non-cumulative which means, if you decide to Group B ‘security patch’ next month, July’s security fixes won’t be applied leaving the device vulnerable. Then troubleshooting issues start to get messy..

          If you should want to install the July Security Only Update and wish to reduce telemetry, might I suggest AKB2000012 by abbodi86.

          IMHO I’m now convinced that Group A is the way forward to prevent this scenario from happening. Woody, what’s your take on this? Head scratching time..

          No problem can be solved from the same level of consciousness that created IT -AE
          2 users thanked author for this post.
        • #1904640 Reply
          PKCano
          Da Boss

          Yes, you can install only the IE11 CU.
          But the telemetry is not the only thing in the July CU. The fix for the new Meltdown/Spectre vulnerability is also in the SO KB4507456.
          See this Blog Post.

          2 users thanked author for this post.
          • #1904672 Reply
            anonymous
            Guest

            ? says:

            windows 7 security only patching was extinguished in july

            see post #1904580 for details

            i guess i could keep booting a fully patched telemerty laden version after january 2020 and send signals back to the mothership kinda like Voyager 2…

            • #1904702 Reply
              walker
              AskWoody Lounger

              @anonymous:

              After reading all of the comments relevant to this untenable situation, I can only feel that “we who are totally non-computer literate” are “up the proverbial creek without any kind of paddle”.   I don’t want to wait too long, however don’t know which way to jump at this point in time, and I think there are many others who have this lack of “experience and computer knowledge” to deal with it all.   Good luck to us all, and I’m thankful  there are so many who have the outstanding knowledge and experience to share with us.

              • #1904744 Reply
                Charlie
                AskWoody Plus

                I installed the Group B, Security Only updates for Win 7 and IE11, the .Net update, and the Office 2010 patches yesterday.  I disabled all the telemetry items as given to us by nice people on Woody’s site.  I should emphasize that you should give some time after each reboot for the updates to work in (15 to 20 minutes).  I watch the CPU usage on Task Manager to see when it stops.

                So far knock on wood, things seem to be okay and all settings are where I put them.  Nothing has been said one way or another, but I’m assuming the KB4507456 Win 7 update can be uninstalled if a problem comes up.

                Win 7, Sandy Bridge 3.3GHz, Linux Mint 19.1, Klaatu barada nikto

                3 users thanked author for this post.
              • #1904758 Reply
                anonymous
                Guest

                Charlie, did you use Abbodi86’s steps (see #219238)  or AJ North’s steps?  Thx for letting your fellow Group B’ers.

              • #1904774 Reply
                Charlie
                AskWoody Plus

                A J North’s.

                Win 7, Sandy Bridge 3.3GHz, Linux Mint 19.1, Klaatu barada nikto

      • #1904737 Reply
        NoLoki
        AskWoody Lounger

        Just now received KB3150513 … “The updated definitions help enable Microsoft and its partners to ensure compatibility for all customers who want to install the latest Windows operating system”, on W7/32 – sent by Windows Update. It came in as important/recommended.

        With KB4507456 snooper update and now this, it is obvious that it is all about data gathering for upgrading purposes and not for diagnostic/trouble shooting statistics.

        We may soon see yet another ‘get W10’ offer to those with so-called compatible systems. I am not expecting a rehash of the previous unethical GWX offer, but I ma expecting a popup (or the likes) with a YES and hopefully a NO button. I am not anticipating a ‘do not ask again’ box to check.

      • #1904929 Reply
        OscarCP
        AskWoody Plus

        Today I finally had a moment and installed the Windows 7 x64 July patches: for Office 2010, the July MSRT and the .Net rollout, as well as the July IE11 Cumulative Security update. But had no luck with the July Security Only update. Something I did, I think, cut short its install. It did not go through the “Installing Update” stage with the growing green bar, but declared itself installed all the same and in no time at all. When I checked in Windows Updates the list of installed updates, it did not appear anywhere. I searched for it by KB number, and it was found. I tried to uninstall it to have another try at installing it properly, but that failed with an error message. I restarted the machine, which fiished installing the IE11 update. But then I tried, once more, to see if I could install the Security Only KB4345459 and I got — again — the message that this was already installed. So I used a restore point I had created before installing IE11 to undo the whole thing and then tried, once more, to install Security Only, but had no luck: the system informed me, yet again, that this was already installed, although, again, it showed nowhere in the lists of installed updates. I reinstalled IE11 without problems and then said to myself: “Well, I am going to let this July Security Only patch rest in peace. At least this way, this time, I won’t get any of the telemetry in its bag of nasty tricks. If others (Group W) can live long and prosper without ever, if they are to be believed, installing any patches whatsoever, then I could, probably, survive with a botched install of July’s Security Only.”

        Such is life. That, as I’ve been told by an usually reliable source, is not half as bad as its alternative. If anybody has any advice that is not too complicated to apply, I’ll be interested to read about it.

        Windows 7 Professional, SP1, x64 Group W (ex B) & macOS + Linux (Mint)

        • #1904954 Reply
          AJNorth
          AskWoody Plus

          Hi there.

          Did you perhaps download the wrong update (or get your dates mixed-up)?

          KB4345459 is the Win 7 “Security Only Quality Update” that was released on 16 July 2018; KB4507456 is the “SOQU” for July 2019.  Hope that solves your issue.

          Good luck!

          • #1905550 Reply
            OscarCP
            AskWoody Plus

            Thank you, AJNorth, Sir! Thank you so very, very much! Not the least reason for being thankful is that you have completely demonstrated that, indeed — and as I have suspected all along — I did do something wrong!

            Now, following your most illuminating suggestion, I have succeeded in installing the July SO patch without any obvious bad side effects, so far.

            Oh, this is SO weird! Unique, in fact, in my, by now, very long patching history! I imagine this happens to people who rush to do things very, very slowly that they lose track of things, as myself in this particular case.

            Windows 7 Professional, SP1, x64 Group W (ex B) & macOS + Linux (Mint)

            1 user thanked author for this post.
            • #1905553 Reply
              AJNorth
              AskWoody Plus

              My pleasure; glad everything turned out well!

      • #1905548 Reply
        LHiggins
        AskWoody Plus

        Quick question about July updates for Win 10 1903. I just now have gotten notice on my laptop that the following updates are ready for downloading, and wanted to just ask if it is safe to do so now. I am assuming yes, since these are July patches, but wanted to just make sure, since this is just the second time I’m getting updates for this laptop.

        Win Defender Update KB 2267602 (V1.299.1542.0) This KB is the same number as the June Defender Update – are they always the same, just a different version number?

        July Malicious Software Tool KB890830

        July Cumulative Update KB4507453

        July Cumulative .NET update KB4506991

        Thanks!

        • #1905551 Reply
          PKCano
          Da Boss

          Those are the correct updates for July.
          Have fun with the new laptop!

          1 user thanked author for this post.
          • #1905576 Reply
            LHiggins
            AskWoody Plus

            Thanks! We are – it is really fast and has a gorgeous display. But so much that is different from Win 7, so I am taking things slowly!

            Thanks for the confirmation of the updates. Will run wushowhide before I download them.

      • #1905737 Reply
        Blizzard
        AskWoody Plus

        Group A with Win7 Pro 32bit on HP dc7900- sff deskside with Wolfdale Intel Core2 Duo/Southbridge

        No issues with the 7420 .net KB, or the SMQR 7449 and MSRT 830 installs.  Internet connectivity and WMP all intact, too.

        Really appreciate the sundry inputs I read through above from everyone to help keep misery to a minimum.

        Enjoy the dog days of August, all!

        2 users thanked author for this post.
      • #1905916 Reply
        SueW
        AskWoody Plus

        Here’s my feedback after updating last night:

        Note: I had results similar to Sueska’s (#1899427). I had already disabled each of the scheduled tasks under Application Experience [AitAgent, Compatibility Appraiser, Program Data Updater] and CEIP [Consolidator, KernelCeipTask, UsbCeip], and verified this prior to installing July’s SO.

        1 – imaged my disk with Macrium Reflect Free

        2 – downloaded Updates KB4507456 (July SO) and KB4507434 (IE11 July Cumulative)

        3 – installed the July SO and IE11 Updates and then rebooted; waited 15 minutes

        4 – re-checked Application Experience and CEIP: under Application Experience, AitAgent remained disabled, but Compatibility Appraiser and Program Data Updater were now ‘Ready’ so I disabled both. The 3 tasks under CEIP remained disabled.  (I double-checked this morning, and all 6 tasks are still disabled.)

        5 – updated MS Security Essentials’ Virus & Spyware Definitions manually to eliminate Windows Update’s “Optional” ‘Definition Update for Microsoft Security Essentials – KB2310138’

        6 – checked “Windows Update” => 6 Important (all checked): 3 Office 2010 and 3 Win 7; 3 Optional: all unchecked

        7 – unchecked and hid “Important” Update KB4507449 (July Rollup)

        8 – hid the unchecked Optional update KB4507437 (July Preview Rollup)

        9 – hid the unchecked Optional update KB4493132 (the “Get Windows 10” nag patch)

        10 – hid the unchecked Optional update KBKB3150513 (as noted in Bill C’s results #1904809)

        11 – checked “Windows Update” again => 5 Important: 3 Office 2010 and 2 Win 7: all checked; 0 Optional

        12 – unhid 0 hidden updates to install

        13 – installed 5 Updates: 3 Office 2010 (KB4464572, KB4462224, KB4475509), 2019-07 Security and Quality Rollup for .NET Framework (KB4507420) and MSRT (KB890830)

        14 – rebooted and waited around 45 minutes

        Note: Windows Media Player needed to be reconfigured once again.

        Many thanks to Woody, PKCano, abbodi86, Sueska, Bill C, and everyone else who continue to contribute their time and expertise, or who post their own results!

        Win 7 SP1 Home Premium 64-bit; Office 2010; Group B; Former 'Tech Weenie'

        4 users thanked author for this post.
        • #1905941 Reply
          walker
          AskWoody Lounger

          @SueW:   Isn’t the KB4507449 (Monthly Quality Rollup for Win 7 for x64, the one that has the “telemetry” cooked into it?  I’m sure there are many who are having nightmares about what will transpire, “if and if it’s NOT” downloaded and installed.

          It would be interesting to get an idea of how many are taking the risk of installing this one versus not installing.   Thank you for posting the information..

          1 user thanked author for this post.
          • #1905953 Reply
            PKCano
            Da Boss

            @walker
            The one people are discussing about having telemetry is the Security-only update for Group B.

            You are in Group A. You should go ahead and install KB4507449 Rollup. You have been installing Group A Patches all the time.

            2 users thanked author for this post.
            • #1906231 Reply
              walker
              AskWoody Lounger

              @PKCano:  I sent two replies to you thanking you for REALLY making my day.   It was absolutely wonderful.    I checked several times and was unable to locate my reply so I am sending another one.   Your assistance has been a real “life saver” for me.

              I cannot begin to ever say “thank you” enough for all of the amazing and outstanding assistance you have provided for all of  the members.  Thank you, thank you, and thank you again.    You are absolutely amazing, and “PURE GOLD“.

              2 users thanked author for this post.
        • #1906565 Reply
          anonymous
          Guest

          I really don’t understand all the theatre involved with Windows 7 updating. We’re five months away from an obsolete operating system. Why not just install all updates?

          As a side question, why are we still seeing KB4507437 [2019-07 preview of monthly quality rollup for win7 x64] after already installing KB4507449 [2019-07 monthly rollup]?

          • #1906568 Reply
            PKCano
            Da Boss

            As a side question, why are we still seeing KB4507437 [2019-07 preview of monthly quality rollup for win7 x64] after already installing KB4507449 [2019-07 monthly rollup]?

            KB4507437 ( 2019-07 Preview of monthly quality rollup) is an UNCHECKED Optional update that was released AFTER the 2019-07 SQMR. It contains non-security fixes that are not in the July CU. The Preview updates are intended for testing only, and the new fixes they contain will be rolled into the next month’s Security CU on Patch Tuesday.

            1 user thanked author for this post.
            • #1906569 Reply
              anonymous
              Guest

              I see. Thank you.

      • #1906094 Reply
        WScejonesjr
        AskWoody Plus

        I just rolled back Windows 10 updates that updated my computer sometime today. My Windows 10 version is 1903 build 18362.10005.

        When I clicked my Search bar in the taskbar, all I could see was a big black box. My search window came back when I uninstalled today’s update. Sorry, I didn’t notice the build number of today’s update.

        Thought you would want to know in case this happens to anyone else.

        • #1906194 Reply
          PKCano
          Da Boss

          The latest released version of 1903 is Build 18362.267.
          Are you running an Insider Preview or Slow Ring version?

        • #1906289 Reply
          Alex5723
          AskWoody Plus

          I just rolled back Windows 10 updates that updated my computer sometime today. My Windows 10 version is 1903 build 18362.10005.

          When I clicked my Search bar in the taskbar, all I could see was a big black box. My search window came back when I uninstalled today’s update. Sorry, I didn’t notice the build number of today’s update.

          Thought you would want to know in case this happens to anyone else.

          Your new slow ring build was 18362.10012.

          Announcing Windows 10 Insider Preview Build 18362.10012 & 18362.10013 (19H2)

          • This reply was modified 1 year ago by Alex5723.
      • #1906479 Reply
        anonymous
        Guest

        This is to help all. I want to thank Sueska, GoneToPlaid, SueW and my friend “CH”.

        Windows 7 SP1 64bit, with Broadcom network card. Group B.

        Installed all July’s updates; IE KB4507434, then IE KB4510979, SO KB4507456, .NET 3.5.1 SO KB4506976 and MSRT today.

        From the catalog; Installed IE KB4507434 1st, KB4510979 2nd, SO KB4507456 3rd, SO .NET KB4506976 4th, and MSRT (from WU) last.

        Installed one at a time, *with Network disconnected*.

        Rebooted in between each update letting it sit 1 or 2 minutes after update was installed (when hard drive light settled down).

        As per SUEW I did the same. “I had already disabled each of the scheduled tasks under Application Experience [AitAgent, Compatibility Appraiser, Program Data Updater] and CEIP [Consolidator, KernelCeipTask, UsbCeip], and verified this prior to installing July’s SO.”
        (For me, Compatibility Appraiser was missing. It was installed after KB4507456. I then disabled it).

        After the Windows 7 SO KB4507456 install, I went through Scheduled Tasks, found and compared before/after, the below:

        AitAgent was set to run at 2:30am -presumed altered- but it did honor the set disabled state. If it wasn’t disabled by me, it too would be running.

        ProgramDataUpdater – was “ready”, set to disabled again.

        PerfTrack – disabled (stayed the same)

        Autochk Proxy- Disabled (deals with CEIP) was left alone.

        CEIP was -presumed- updated and set run times, but it did honor the set disabled state. If it wasn’t disabled by me, it too would be running.

        DiskDiagonostic Data Collector & Resolver – Disabled (disk & system info for CEIP). It did honor the set disabled state. If it wasn’t disabled by me, it too would be running.

        Media Center has: AccountWindows Search, ConfigureInternet Time Service, DispatchRecoveryTasks, ehDRMInit, InstallPlayReady, mcupdate, MediaCenterRecoveryTask, ObjectStorRecoveryTask, OCURActivate, OCURDiscovery, PBDADiscovery, PBDADiscoveryW1, PBDADiscoveryW2, PeriodicScanRetry(disabled, an old trigger of 2006), PvrRceoveryTask, PvrScheduleTask, RecordingRestart (disabled), RegisterSearch, ReindexSearchRoot, SqlRecoveryTask, UpdateRecordPath. ALL had “last time run never”. After install all appeared the same “ready” except for 2 of them mentioned as “disabled”. No new run times, no new triggers (I do not use Windows Media Player).

        Is the Scheduled Task “WindowsErrorReporting” needed (WindowsError Queued files)? I already have Windows Error Reporting Service disabled, so I will probably go and disable the Scheduled Task.

        Control Panel > Administrative Tools > Services, find Diagnostics Tracking Service. I did NOT have that service. I never installed KB2952664 nor any get win10 patches (Group B).

        It was mentioned to add a registry key of: HKLM\SOFTWARE\Microsoft\SQMClient\Windows\CEIPEnable\0. I did not have that key and I did not create the key. If Abbodi86 or other askwoody MVPs say, “yes, you should”, then I will. (Is this registry key definitely needed?)

        No network issues. No oddities.

        Rebooted 3 times and let it sit for several minutes. (15 min. – so MSCORSVW of .net could run)

        I would recommend people on the last reboot to go to the desktop and let it sit 45 to 60 minutes to Process Idle Tasks, let the trusted

        installer (as per PKCano) do its thing and the MSCORSVW of .net can get done.

        If others here are interested, one can run the MSCORSVW .net image compiler (NGEN) manually. (I do).
        https://blogs.msdn.com/b/dotnet/archive/2013/08/06/wondering-why-mscorsvw-exe-has-high-cpu-usage-you-can-speed-it-up.aspx

        You can also force Processing of Idle Tasks if you want by the administrative command prompt: rundll32 advapi32.dll,ProcessIdleTasks

        You can enter that then walk away for 15 to 20 minutes. If the drive light is still on, it is still running, walk away again. Do not allow

        the computer to go to sleep. Reset the Power Options to 1 hour sleep if needed. Laptops make sure you are on AC power not battery!

        And like ELLY said, you could keep task manager open and look at the MSCORSVW process and see if it is still running.

        Thanks to all here.

        Windows 7 Group B

        1 user thanked author for this post.
        • #1906492 Reply
          anonymous
          Guest

          ? says,

          thank you for the detailed patch report and tip ‘o the fedora to SueW as well! your posts take the guesswork right out of the process. i lost the ngen speed ’em up years ago so it is nice to have it although mscorsvw.exe usually runs for 11-14 minutes and at this late stage of the win7 patching game i really don’t mind the wait. i see trusted installer run for 10-13 minutes and then move on. i’m skipping the SO for July and beyond if they also contain the telem just don’t want their plumbing .dlls, .exe’s., mui’s and associated winSxS in the mix. the win7 started life around 4GB and now is a plump 20GB after all the patching…

          1 user thanked author for this post.
      • #1906542 Reply
        anonymous
        Guest

        Win 7 SP1 Home Premium 64-bit; Group B
        Following the directions of AJNorth & Sueska regarding telemetry and SueW’s excellent and precise record of her updating & installation of this July’s patches (minus Office) the updates went with only very minor glitches plus fixing Media Player and same as others above, post Task Scheduler telemetry check fix. The only problem is that when checking for updates, I was never offered the Net Framework KB4507420 patch, even with repeated checks. So I’ve gone to the Microsoft Update Catalog and have 3 security updates to choose from: which one should I download and install? I think it’s the 162.4 MB choice, but I’m not sure. Your help would be greatly appreciated. Thanks!

        1 user thanked author for this post.
        • #1906544 Reply
          PKCano
          Da Boss

          KB4507420 is a Rollup, a bundle of updates for different versions of .NET. If you are patching .NET manually you need to know which versions of .NET are installed on your computer. The patch for different versions have individual KB numbers different from the Rollup. (See the linked pages.) What you see installed is the Individual KBs, not the Rollup KB number.

          That is why it is best to update .NET through Windows Update. WU will determine what is on your computer and install the patches for the version(s) you have installed. If there is no patch for your version, you may not be offered any through WU.

          3 users thanked author for this post.
          • #1906546 Reply
            anonymous
            Guest

            Thank you for your quick response and for the information.

          • #1906554 Reply
            anonymous
            Guest

            PKCano, thanks again for your input. Actually, as an apparent Group B “for REALLY dumb dummies” member, I usually wait monthly til the last minute to install whatever patches are available. When checking for further WU at the end, I will hide any unchecked + checked patches that show up that do not belong in my personal patching roster for that month. Those patches that I hide, apparently can be patches that I will be needing for the next month, which is what happened with 2019-07 Security and Quality Rollup for .NET Framework KB4507420. After a light bulb suddenly flickered on above my head, I checked my hidden patches and found my KB4507420. I just downloaded and installed it without incident. Sorry to have bothered you in the middle of the night.

      • #1906593 Reply
        Noel Carboni
        AskWoody_MVP

        Probably few folks check back here, but I wanted to mention some of my recent experience…

        Friday I took it upon myself to bring 6 machines at work up to date.

        Two were mine (my desktop workstation and a VM within), three were high end server farm machines that were recently installed (e.g., less than two months ago, bought new and Win 10 v1903 installed afresh by a coworker), and one was a coworker’s office machine.

        Of those six systems EVERY SINGLE ONE exhibited errors upon running SFC /VERIFYONLY. All had to be repaired by running DISM /Online /Cleanup-Image /RestoreHealth then SFC /SCANNOW. Fortunately that succeeded in every case.

        These systems are closely and carefully managed and kept up to date every month when Woody here takes us to MS-DEFCON 4 or higher.

        2 of the 6 machines I personally verified as of last month’s patches to pass an SFC check cleanly. I presume the other 4 must have been clean at some point, though I can’t be certain.

        How is it Windows 10 has become so fragile, so apt to soil itself, that it requires geek chops to recover virtually every machine just used normally? How many folks, even in Engineering lines of business, even know to use DISM? What do regular folks do?

        -Noel

        6 users thanked author for this post.
        • #1906595 Reply
          geekdom
          AskWoody Plus

          I periodically run system checks — different operating system, same lack of trust.

          G{ot backup} TestBeta
          offline▸ Win10Pro 1909.18363.959 x64 i3-3220 RAM8GB HDD Firefox79.0 Windows{Image/Defender/Firewall}
          online▸ Win10Pro 1909.18363.1016 x64 i5-9400 RAM16GB HDD Firefox80.0b7 Windows{Image/Defender/Firewall}
        • #1906596 Reply
          anonymous
          Guest

          What made you run system file checker after installing the latest round of patches? Is it just  your company’s SOP (Standard Operating Procedure, for the uninitiated), or were there issues during or immediately after installation that brought about the need for using SFC?

          R/

          Bob99

          • #1906622 Reply
            Noel Carboni
            AskWoody_MVP

            It is a matter of personal habit going way back.

            I just always check, before and after updating. If it finds a problem before, I fix it before attempting updates. If it finds a problem after I fix is so that maybe – just maybe – next time I won’t find one before.

            -Noel

            1 user thanked author for this post.
        • #1906612 Reply
          Lars220
          AskWoody Lounger

          What do regular folks do?

          Move to Linux Mint 19.2 ?  …  🙂

          Thanks Noel for the reminder about the Command Prompt DISM and SFC commands, remember to ‘Run as Administrator’.  I have done that with Win10 v1803 and recently with version 1809. I am not using 1903 yet. Were all 6 of your computers on v1903? What type of problems were you having? I am learning about LM19.2 in my Win7 VirtualBox.

          • #1906624 Reply
            Noel Carboni
            AskWoody_MVP

            If only it were so easy to just hop to another OS.

            The two office systems were v1809, the VM and the three test machines in the server farm were v1903.

            I kept my own office system on Windows 10 for Workstations v1809 simply because it has not yet been offered v1903 and I’m in no hurry to beta test the new version. I have it set to the most conservative setting, formerly known as “Current Branch for Business” I guess, as I need the machine to be stable (which it is). It was clean before the update but gathered some kind of SFC problem during the update, which I then fixed.

            The other office system running Windows 10 Enterprise had an SFC problem before the update, which I fixed, then it was offered v1903 this time around, so I went ahead and put the new version in. That went quite smoothly, and wasn’t corrupted (SFC-wise) upon login after the upgrade.

            The three server systems have the most “stock, out of box” configurations of Windows 10 Enterprise. All three of those showed SFC problems before the update, which I fixed, and after the update no additional corruption was detected.

            -Noel

            1 user thanked author for this post.
        • #1911995 Reply
          rc primak
          AskWoody_MVP

          That’s the Windows Defender sfc/scannow DISM bug. It’s well-known, and comes from a change inside of Windows Defender. The only permanent fix will come in the form of a future Windows 10 Feature Update which will incorporate the correct internals for handling the changed WD updates behaviors.

          See:

          https://www.bleepingcomputer.com/news/microsoft/windows-10-sfc-scannow-cant-fix-corrupted-files-after-update/

          and

          https://support.microsoft.com/en-us/help/4513240/sfc-incorrectly-flags-windows-defender-ps-files-as-corrupted

           

          -- rc primak

      • #1906627 Reply
        walker
        AskWoody Lounger

        @Woody:

        I have not received ANY notices of updates to the subjects I am subscribed to since August 9th.     What is wrong with the system?   I have no problem with logging in, and trying to find a subject to read the replies to, however I have NOTHING being sent to my email for notifications since August 9th.    Is anyone else having problems with this?    I am lost without my notices of new messages.    I have no idea what the problem could be….  Thank you for any help you be able to provide.  Your website is the “pot of gold” at the end of the rainbow.  THANK YOU ONCE AGAIN.    🙂

        • #1906634 Reply
          PKCano
          Da Boss

          Be sure your Notifications are not going into the Spam or Trash folder in your email.
          If you want notifications from a whole topic, click the “Subscribe” button at the top of the topic.
          Screen-Shot-2019-08-11-at-3.56.41-PM

          If you want a notification from a reply you make, be sure to check the box at the bottom of your reply.

          Screen-Shot-2019-08-11-at-3.59.53-PM

          Attachments:
          • #1906946 Reply
            walker
            AskWoody Lounger

            @PKCano:    I have never had any problems receiving the “alerting” emails since I’ve been a member of this forum.   I always check all spam and trash before clearing, so I don’t know what is occurring.   I have not changed anything at all, when my “alerts” suddenly stopped and have not started again.   Thank you for the tips, which I have always strictly adhered to.   Again, and again, I “thank you”.

            • #1906949 Reply
              PKCano
              Da Boss

              @walker
              What browser are you using?
              In Firefox, there is a setting to allow notifications.
              Tools/Options/Privacy & Security/Permissions/Notifications
              If you click on the “Settings” button, you can allow notifications from:
              Https: // www. askwoody. com  (Don’t put any spaces in it like I did.)

              • #1906953 Reply
                walker
                AskWoody Lounger

                PKCano:    MIRACLE OF MIRACLES!!!   Your notification on this “alert” is the FIRST I’ve received since my “alerts” suddenly stopped!!   I have done nothing difference, so I don’t know the reason why, however I am SO thankful that I have received the “alert”.    THANK YOU for all of the recommendations (however I’ve never had to use anything other than what I’ve always used).    This is VERY strange, however I’m not questioning it!   I AM SO HAPPY!!!

                I only hope it continues without anymore problems.    As always “THANK YOU” for all of the time and effort you expend helping all of us, PK!!      🙂  🙂

              • #1907296 Reply
                b
                AskWoody Plus

                @walker
                What browser are you using?
                In Firefox, there is a setting to allow notifications.
                Tools/Options/Privacy & Security/Permissions/Notifications
                If you click on the “Settings” button, you can allow notifications from:
                Https: // www. askwoody. com  (Don’t put any spaces in it like I did.)

                Does that have anything to do with email notifications from subscribed threads?

      • #1906881 Reply
        MrToad28
        AskWoody Lounger

        Updated 8 Windows 7 PC’s on 8/4..Using JULY Roll-ups. No problems seen. Skipped the June update.

        • This reply was modified 1 year ago by MrToad28.
        1 user thanked author for this post.
      • #1906938 Reply
        WSstarvinmarvin
        AskWoody Lounger

        When reading Woody on Windows (August 2 column – It’s Time to Install Most of July’s Office and Windows Patches) at Computerworld.com I noticed this statement:

        There are plenty of full-image backup products, including at least two good free ones: Macrium Reflect Free andEaseUS Todo Backup.

        Both of those backup programs are good. In fact, I often use Macrium Reflect Free. I’m curious, however, as to why Woody didn’t mention Windows own System Image backup. It’s known as Backup and Restore (Windows 7) these days, and it still does a good job. So, why no mention?

        Backup-and-Restore-in-Win-10-Control-Panel

        Attachments:
        • #1907279 Reply
          woody
          Da Boss

          Microsoft has buried the old Win7 backup program. Persistent talk says that it fails in some cases.

          2 users thanked author for this post.
      • #1907085 Reply
        OldBiddy
        AskWoody Plus

        I’m running Windows 7, Home 64 bit. I installed all the important July updates that were checked without incident. But I noticed since the update, my disk space has gone down spontaneously by 3 gig! Can this be due to the addition of the telemetry in the July roll Up? Otherwise the system seems normal, just seeing this disconcerting drop in disk space. Any help would be greatly appreciated!

        • #1907140 Reply
          Paul T
          AskWoody MVP

          Restore points may account for the extra space rather than telemetry. Try running the disk clean up utility to see how much space you might recover?

          cheers, Paul

          2 users thanked author for this post.
          • #1907261 Reply
            OldBiddy
            AskWoody Plus

            Thank you, Paul, for this suggestion. I will try it and see if it recovers any space.

        • #1907275 Reply
          anonymous
          Guest

          Hello OldBiddy,
          PaulT may have a point in that System Restore points are made by the MS updates. However I would had thought eventually the maximum amount of the drive would had been met, thereby having the oldest restore points drop off. However, it is a good thought and should be looked into.

          I would also suggest you run Microsoft’s “Disk Cleanup”, press the “Clean up System Files” button, and see about further cleaning by removing the “old MS updates and Previous Windows version OS” and Delivery Optimization files. Reboot afterwards. Do not panic if it takes some time to reach the desktop again. We have seen as long as 45 minutes of a “black screen” and then up pops the login or the desktop. It does have to delete the files and redo pointers and that takes time.

          After every MS update, a day or two later, I run Ccleaner. I use the older 5.29 or 5.30 version before Avast bought them. It usually find 500 megs to remove, 400 megs of that being logs and error logs. Unless you want to have your Windows 7 upgraded to windows 10, I see no reason to make send or keep any error logs that windows 7 may acquire. If you are not intending to upgrade to Windows 10 on that computer, you might consider turning off (disable) the “Windows Error Reporting service”.

          Hope this helps.

          2 users thanked author for this post.
          • #1907576 Reply
            OldBiddy
            Guest

            Oldbiddy here. Can’t seem to sign on to the forums – pwd not working though I haven’t changed anything. I did successfully sign on earlier.
            But just wanted to let Paul and anonymous know that running disk clean freed up considerable space – about 10 gig!!! All those old windows updates and SP1 backup files took up a lot space. I figured I shouldn’t need the Service Pack backups since my nearly 10 year old laptop will be obsolete in the next few months. I do have my data files backed up and can move them to whatever new machine I get next.
            Many thanks to anonymous and Paul for your help. So glad it worked 😊. Although it’s still a puzzle to me why I lost so much disk space within the span of a week.

            • #1907581 Reply
              OldBiddy
              Guest

              This is really strange. I’m not signed in but my post shows my name. I get an error when I try to sign on saying either my userid or password is wrong, but I was still able to post as myself. Not being officially signed in though, so I can’t see the option to thank anyone. And I never use the keep me signed in option. Maybe my account is corrupted in some way.

              • #1907585 Reply
                PKCano
                Da Boss

                Your name is on it because I put it there, not because you could post as yourself when not logged in. I have magic like that. 🙂 LOL

                1 user thanked author for this post.
              • #1907587 Reply
                OldBiddy
                Guest

                Thanks for doing that PKCano! I know I’m not the sharpest tech tool in the shed, but this really confused me! But what do you suppose is wrong with my account, not being able to log in? Should I just reset my password?

              • #1907590 Reply
                PKCano
                Da Boss

                That will work, but write it down.
                Yes, I know, but it’s the only way for us old people. 🙂

                1 user thanked author for this post.
              • #1907592 Reply
                OldBiddy
                Guest

                You know, this is absolutely true 😋. I do write things down – that’s the only password manager I can handle! And I’m sure you’re not old at all, PKCano – you’re just trying to make me feel better, bless your heart 😊.

                 

                Moderator note: PK has left the room 😀

                1 user thanked author for this post.
      • #1907151 Reply
        anonymous
        Guest

        Windows 7 SP1 Ultimate, x64, Group B.

        Yesterday I decided to install the so-called Security-Only update KB4507456. After restarting, apart from the scheduled tasks added in the Task Scheduler, I have noticed in the the Event Viewer this warning message:

        A provider, InvProv, has been registered in the Windows Management Instrumentation namespace Root\cimv2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

        Doing some searching in the web, I have not found something really definite about this, but I suspect that it relates with the notorious  KB2952664 …

        1 user thanked author for this post.
        • #1907155 Reply
          Alex5723
          AskWoody Plus

          I suspect that it relates with the notorious  KB2952664 …

          Yes, it is, and dates back to year 2015

          https://www.sevenforums.com/system-security/365182-provider-invprov-has-been-registered-windows-management-ins.html

          1 user thanked author for this post.
        • #1907372 Reply
          SueW
          AskWoody Plus

          I never would have thought to look at Event Viewer unless I read your post, but I also have 2 of the same warning messages. Each warning has the same date and time (right after I installed KB4507456), the same source [WMI] and the same Event ID [63].

          I’m tempted to delete these; have you?

          Win 7 SP1 Home Premium 64-bit; Office 2010; Group B; Former 'Tech Weenie'

          • #1907651 Reply
            anonymous
            Guest

            I have deleted the known telemetry tasks, but I have not touched the WMI providers. In fact, I do not know how you can remove such a provider and whether this will cause other side effects on my PC.

            2 users thanked author for this post.
            • #1907803 Reply
              SueW
              AskWoody Plus

              Hi @anon, thank you for your response. I had disabled the telemetry tasks again (although I was tempted to delete them as you did!).

              As to removing the InvProv provider, one could delete each of its ‘Warning’ events in Event Viewer > Custom Views > Summary page events, where the Actions for each event, including Delete, are in the right-hand margin. If deleted, I’m not sure what any side effects would be either, though my system didn’t have this provider prior to installing KB4507456.

              Win 7 SP1 Home Premium 64-bit; Office 2010; Group B; Former 'Tech Weenie'

      • #1907245 Reply
        wavy
        AskWoody Plus

        woody
        I am getting Noscript blocking netdna-ssl.com & windows.com on this page!!

        🍻

        Just because you don't know where you are going doesn't mean any road will get you there.
        1 user thanked author for this post.
        • #1907281 Reply
          woody
          Da Boss

          I had a report of a similar (but not identical) scripting/ad blocking package having a fit with Susan Bradley’s post here.

          Ends up it was a simple mistake — the second link was pasted as http, when it should’ve been https. Changed it to https, and the warning went away.

          I wonder if you’re seeing something similar?

           

          • #1907465 Reply
            wavy
            AskWoody Plus

            Still present!
            and

            Capture1

            ??

            🍻

            Just because you don't know where you are going doesn't mean any road will get you there.
            Attachments:
      • #1907729 Reply
        Anton Karlan
        AskWoody Lounger

        We have a big problem with Internet Explorer on Windows 7 x64 and June+July Monthly Rollup Updates and Cumulative security update for Internet Explorer.

        I made a video about that problem – https://youtu.be/DWISubnC5sI

        In two words – IE starts sooo long and works soooo slow after problem updates. When you uninstall update – IE fast as it can be again.

        If we install some of next updates, we have IE problem:

        KB4503292 (June Monthly Rollup)

        KB4507449 (July Monthly Rollup)

        KB4503259 (Cumulative security update for Internet Explorer: June 11, 2019)

        KB4507434 (Cumulative security update for Internet Explorer: July 9, 2019)

        We don’t have any problems with KB4507456 (Security-only update)

        Today we try to install KB4512506 (August Monthly Rollup) – no problem, all fine. But August updates are just released and on DEFCON2.

        Does somebody have same issue?

        Or it is some kind of our specific issue?

        1 user thanked author for this post.
        • #1908940 Reply
          anonymous
          Guest

          We are seeing this same behavior here as well. Oddly enough though, not everyone has the 4507449 update installed. It does appear to be specific to Windows 7 users though.

        • #1908968 Reply
          woody
          Da Boss

          See this…

          https://twitter.com/tompurvis/status/1162427238559694849

           

          1 user thanked author for this post.
          • #1911600 Reply
            Anton Karlan
            Guest

            See this…

            Yes, adding 127.0.0.1 ie11welcome.microsoft.com to host file make IE start much faster!

            I think this is the reason!

      • #1910067 Reply
        woody
        Da Boss
        • #1911555 Reply
          Anton Karlan
          Guest

          Does that fix the problem?

          Yes, as I wrote in post, August updates fix the problem. But we see, that it starts from June, it continued in July and fixed in August.

          Nobody else experiences that issue? If it is something specific to us, I wish to know the cause of that problem.

    Viewing 47 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: MS-DEFCON 4: Time to get the July 2019 patches installed

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Cancel