Patch Lady – 7 Metadata problems

Topic

New Reply

Patch Lady here – I patch over the weekend at my firm and normally the 7’s install their patches and go along their merry way.  But not this weekend.
[See the full post at: Patch Lady – 7 Metadata problems]

Susan Bradley Patch Lady

6 users thanked author for this post.

Elly, cesmart4125, SueW, PhotM, woody, Mr. Natural

Reply | Quote

Replies

The comment link to this page is broken on the home page and on the topic page (need hyphen between patch and lady in URL)

2 users thanked author for this post.

cesmart4125, Microfix

Reply | Quote

Got it! Thanks.

4 users thanked author for this post.

cesmart4125, Elly, woody, Microfix

Reply | Quote

As you probably know, KB3177467 is a new update with the same number. They even changed the Title to start with “2018-10”.

Are you on WSUS? When did you approve KB3177467?

My non-WSUS Win7 machine installed KB3177467 on Oct. 11. Interesting that that was one day after installing the 2018-10 rollup KB4462923.

Yesterday , I pulled an old Win7 machine off the shelf to go back into service. It tried and failed to install the 2017-12  rollup (KB4054518), then installed KB3177467, and now is offering  2018-10 rollup KB4462923.

So it’s unclear if KB3177467 is, or wasn’t but is now, a prerequisite for the 2018-10 rollup. It does seem to be going on automatically for me though.

3 users thanked author for this post.

cesmart4125, Mr. Natural, Microfix

Reply | Quote

Yes this is behind WSUS, and while the patch got auto approved due to my detection and rules, it’s clearly not auto installing.

Susan Bradley Patch Lady

1 user thanked author for this post.

cesmart4125

Reply | Quote

Hey Susan… are you aware that we’re still at DEFCON ONE for the October patches?! It appears you’ve discovered there’s a valid reason for that!

Reply | Quote

Susan gets to eat all of the dog food.

Is a thankless job, but somebody has to do it…

3 users thanked author for this post.

Elly, fk5353, WildBill

Reply | Quote

Susan’s not called ‘The Patch Lady’ for nothing.. 😉

Keeping IT Lean, Clean and Mean!

4 users thanked author for this post.

woody, GoneToPlaid, fk5353, Cybertooth

Reply | Quote

My WSUS system shows 2 older references to KB3177467 in which the date has been removed and now refers to the newly released (and named) October 2018 update with the same KB number. I checked a few older systems and none of them are showing as installed and needing the new update.

Normally I will eventually install an update unless there are a lot of problems reported so I am curious about that. Would Microsoft remove an update from a computer on their own if they released another version which they want installed?

 

Red Ruffnsore

Reply | Quote

The Servicing Stack KB3177467 is “exclusive.” It won’t show up in the “important” update queue until all other updates are installed or hidden. Hide all the other updates and search, it will show up. Unhide the updates you have just hidden, and it is no longer available.

3 users thanked author for this post.

cesmart4125, Mr. Natural, Microfix

Reply | Quote

I was checking installed updates on pc’s from the WSUS console and not from Windows Update. I realize you’ve mentioned this quite a few times so I apologize to you and others having to mention that again.

I could be totally confused which is normal…and it is Monday. 🙂

 

 

Red Ruffnsore

Reply | Quote

I have no available updates on Windows Server 2008R2 and KB3177467 does not show up.

Reply | Quote

So, are you saying that the “missing” October rollup update (KB4462923) is due to NOT having KB3177467 on your machine? I have KB3177467 on my Win7 Pro, but no October rollup update is showing (not that I would update now, anyway).

1 user thanked author for this post.

columbia2011

Reply | Quote

Yes, I’ve been skim-reading trying to get my head round all of this. Are we being advised to install kb3177467 in order to facilitate the installation of a rollup that has been withdrawn?

Reply | Quote

Not yet. We are still on DEFCON-1.
And Microsoft is still messing with the updates.
Eventually the SSU will need to be installed before the Rollup or SO.
Hopefully MS will get things straightened out  (Not much hope, a lot of wishful thinking)

2 users thanked author for this post.

cesmart4125, The Surfing Pensioner

Reply | Quote

KB3177467 v1 installed on this machine in 2016.
Win7 Ultimate x64 test machine updated through 2018-09 Rollup – experimenting:
+ Offered 1 Office 2010, 1 Office Viewer, KB4054530 .NET 4.7.2 installer, 2018-10 SQR for .NET
+ Hid KB4054530, installed 3 updates, reboot required, WAIT 15 min for TrustedInstaller to finish.
+ Search for updates. Offered KB3177467 v2 SSU checked important dated 10/9/2018.
+ Installed KB3177467, no reboot required, WAIT 10 min for TrustedInstaller to finish.
+Search for updates, important queue is empty, optional list UNCHECKED KB4457139 2018-09 Preview, HIDE Preview.
+ Search for updates, offered UNCHECKED KB4462923 2018-10 SQMR in the important queue.
+ Hide KB4462923, search for updates, important queue is empty.
+ Unhide KB4457139 Preview and KB4462923 SQMR, search for updates.
+ Important queue is empty, KB4457139 Preview returned to optional queue UNCHECKED.

WU definitely messed up. Microsoft needs to sort this out.

6 users thanked author for this post.

woody, SueW, DrBonzo, abbodi86, Microfix, Mr. Natural

Reply | Quote

Dude that is above and beyond the call of duty!   🙂

Someone else already said it but this is definitely one of those threads that gives me a headache.

Red Ruffnsore

1 user thanked author for this post.

Microfix

Reply | Quote

Pushing Convenience Rollup KB3125574 to WU would have solved some of its mess 🙂

1 user thanked author for this post.

Microfix

Reply | Quote

The problem some had with the convenience roll-up was the, unbeknown at the time, telemetry within but, I agree, if the convenience roll-up was mandatory on WU, then the SSU would have been equal on all W7 systems and MS wouldn’t be in this fragmented update mess.

Keeping IT Lean, Clean and Mean!

Reply | Quote

I guess I’ll just kick back and wait for the November Rollup and Defcon 3.  Assuming I even get *offered* the November rollup that is…or we ever again attain Defcon 3…  Win 7 Pro 64. KB3177467 installed October 2016 through WU, haven’t seen the October rollup since it was withdrawn (and that applies even on another Win 7 64 machine where KB3177467 was offered and added a few days ago).

Reply | Quote

I seem to have an additional problem to KB3177467 and the security roll up not installing.

I am getting Windows Not Genuine pop-ups 0x8004fe21 ever since this round of windows updates began this month. I’m thinking that it must be related.

However when I do slmgr.vbs /dlv it says that it’s licensed

Will this further complicate my windows update this month, does anyone have any ideas? Thanks

ps: I do have the V1 KB3177467 from 2016

Reply | Quote

PKCano wrote:

The Servicing Stack KB3177467 is “exclusive.” It won’t show up in the “important” update queue until all other updates are installed or hidden. Hide all the other updates and search, it will show up. Unhide the updates you have just hidden, and it is no longer available.

Win 7 SP1 Group A – UK

After the roll up  update vanished I was left with the Malicious Tool Update which I installed today. After I installed it KB3177467 appeared  – I checked on my already installed updates and this update showed in September 2016.  So I thought I would take a chance and install it it was only just over 9 mbs.  Did not have to restart pc after I had installed it and when I checked  my installed updates the September 2016 one had disappeared.

LOL

 

Reply | Quote

…when I checked  my installed updates the September 2016 one had disappeared.

Exactly what’s supposed to happen! The September 2016 version of the servicing stack update, KB3177467, has been “superseded” by the current offering, KB3177467 V2.

1 user thanked author for this post.

Heavenly

Reply | Quote

It is still there, but it now is listed as a Security Update under the section of installed Security Updates.

Reply | Quote

My brain hurts…

Reply | Quote

Now my brain hurts too since PKCano has just reported that the infamous Windows 7 telemetry update, KB2952664, is now not only baked into the October 2018 Monthly Rollup, but also becomes uninstallable. I have no reason to doubt PKCano in terms of the baked in thing. I am not sure if PKCano meant that KB2952664 will not be removed if one uninstalls the October 2018 Monthly Rollup. Yet if uninstalling the October 2018 Monthly Rollup does not remove the KB2952664 style telemetry, then this is a bad thing for all Group A users who avoided installing this nefarious telemetry update which was previously offered as a separate update. Either way, it would appear that Microsoft may be launching a more concerted effort to get as much telemetry as possible installed on all Windows 7 computers.

2 users thanked author for this post.

SueW, BackStop

Reply | Quote

I have installed the unchecked (by default) 2018-10 Rollup KB4462923 on a test machine and can verify that KB2952664 is not listed as a separate update in the installed updates. Thus cannot be installed as an individual update.

Whether or not the telemetry functions are uninstalled when the Rollup is uninstalled I have not tried so cannot verify at this point. But since the telemetry functions of KB2952664 are now baked into the Rollups, and the Rollups are cumulative, it would mean that one would have to stop installing Rollups from now on to avoid the telemetry.

It may be possible for a small minority of Users to join Group B, install the Security-only Updates, and thus avoid the telemetry. However, I do not see this as an option for the vast majority of Windows Users. Nor do I see everyone refusing to update from now until Win7 EOL.

Why Microsoft has to do this, with Win7 EOL barely a year away, is beyond me. They should just patch the security holes and leave the rest alone.

3 users thanked author for this post.

SueW, GoneToPlaid, BackStop

Reply | Quote

? says:
don’t know the why…looking inside KB4462923 x86, I see:
File id=”443″ name=”x86_microsoft-windows-a..xperience-inventory_31bf3856ad364e35_6.1.7601.24233_none_8cc3aa9946484529\compattelrunner.exe” length=”122536″ time=”131785786582335067″ attr=”32″
File #443 in the September roll-up is “compatelrunner.exe” which to me is another way of saying “KB2952664.” i didn’t see “diagtrack,” in the file manifest but i can’t find my glasses…
the first google leads to:
https://answers.microsoft.com/en-us/windows/forum/windows_10-performance-winpc/what-is-compattelrunnerexe-on-win10-64-bit-and-why/3af9a0ea-bb18-4df7-99d5-4930ae59d247
maybe next month’s group “B” SO will be trick or treated in a similar fashion?

Reply | Quote

PKCano wrote:

I have installed the unchecked (by default) 2018-10 Rollup KB4462923 on a test machine and can verify that KB2952664 is not listed as a separate update in the installed updates. Thus cannot be installed as an individual update. Whether or not the telemetry functions are uninstalled when the Rollup is uninstalled I have not tried so cannot verify at this point. But since the telemetry functions of KB2952664 are now baked into the Rollups, and the Rollups are cumulative, it would mean that one would have to stop installing Rollups from now on to avoid the telemetry. It may be possible for a small minority of Users to join Group B, install the Security-only Updates, and thus avoid the telemetry. However, I do not see this as an option for the vast majority of Windows Users. Nor do I see everyone refusing to update from now until Win7 EOL. Why Microsoft has to do this, with Win7 EOL barely a year away, is beyond me. They should just patch the security holes and leave the rest alone.

Thanks to GoneToPlaid and PkCano… I think…

Looks like I am going to have to get working on getting used to Linux.  Most likely, I will never do another MS update from this date forward.  Already, one of the updates has slowed down my (old) computer by more than 50%.  Add telemetry and just all the c*** and I have had enough.

BTW, I stopped trying to keep up with group B a while back and joined group A.

Now, I think that may not have been the best thing to do, but then again… MS-Windows is NOT in my future.  Even if I eventually have to buy a Mac.

Downloaded the latest Ubuntu .iso last night and will be trying to take a look in the next few days.

1 user thanked author for this post.

Cybertooth

Reply | Quote

In regards to KB3177426 service stack.

I run Win 7 Pro  32 bit ver :  6.1.7601 Sp1.

I have my Update setting set to : Check for updates but let me choose whether to download and install them.

I too found that today all that was listed Important was KB3177467 servicing Stack which i too had installed at some point ages ago.

I also found that the 57 Updates listed as recommended had disappeared all together from my recommended listings.

Very strange behaviour indeed.

I decided against all odds and installed KB3177467 Servicing Stack even though i still had the previous one from i believe 2016.

After install i rechecked / scanned for Updates and low and behold i now have my Recommended 57 Updates once again showing up.

I wonder if this is a Ver 2 of KB3177467 service Stack ???

 

Reply | Quote

anonymous wrote:

In regards to KB3177426 service stack…I wonder if this is a Ver 2 of KB3177467 service Stack ???

Yes. This is discussed in:

https://www.askwoody.com/forums/topic/the-most-recent-servicing-stack-updates

 

Reply | Quote

I’m on 7 and am set on “ask me to download and install.” The only Important update I see offered for October is the Software Removal Tool. The preview from Sept. 20 (KB4457139) is still offered as an Optional update.

Reply | Quote

My system is Windows 7 SP1 Professional 64bit.

There were four updates in September that I needed: the KB890830 Malicious Software Removal Tool x64 – September 2018; KB4457144 (Security Monthly Quality Rollup); KB3177467 and KB2952664 (both described as x64 update for Windows 7). All four were described as important. KB4457144 failed and failed again when I retried.
I ran the Update troubleshooter (https://support.microsoft.com/en-us/help/4027322/windows-update-troubleshooter). I then visited https://answers.microsoft.com/en-us/windows/forum/windows_10-update/how-toreset-windows-update-components-in-windows/14b86efd-1420-4916-9832-829125b1e8a3 and downloaded the batch file ‘WuReset for Windows 7’ and ran it as an administrator.  This cleared a lot of muddle left by Windows Update on my system but meant my list of hidden files had also been cleared so I set about reinstating that having previously made a note of those updates listed.  Having by this time been advised it was necessary to install KB3177467 before the other September updates, I followed the advice and installed the month’s collection.  This appeared to resolve the issue and everything ran smoothly until the October updates.

On Patch Tuesday for October, initially there were two ‘important’ updates and one ‘recommended’ update that I required: KB4462923 (Security Monthly Quality Rollup x64), KB890830 (the October 2018 Malicious Software removal Tool x64) and the recommended KB4459922 Security and Quality Rollup for .NET Framework 3.5.1 to 4.7.2 for Windows 7 etc x64. With much relief these installed successfully. I rebooted the system to complete the installation and confirmed the updates were successfully installed. I then opened the Action Center and found there was another update ready to install.  This was KB3177467 which was already  on my system so I hid this one.  A helpful member of another forum explained the significance of KB3177467 and that the October version was intended to supersede the September version, so I unhid it and installed it.  Everything ran smoothly and that is my current position.  It seems that Microsoft held KB3177467 back deliberately in October to avoid the chaos that occurred in September when KB3177467 was listed together with the other updates.

I’m beginning to get a bit paranoid when Patch Tuesdays approach – there was such a time, way back, with Windows XP when no Patch Tuesday seemed to run perfectly with .NET Framework updates proving particularly troublesome.  Windows 7 updates, until now, have proved to be more reliable.  I cannot believe this a deliberate ploy  on the part of Microsoft but understand the suspicions expressed by some Windows 7 users.  Certainly I won’t be persuaded to move to Windows 10 which actually seems to have a worse record with updates as far as reports in various on-line forums suggest.  I’m trialling Ubuntu 18.04 on another desktop and will likely use it for all my on-line activity once Microsoft cease Windows 7 security updates in about 14 months.  I’ll disconnect Windows 7 from the internet and then just keep it for off-line tasks and running peripherals that are incompatible with Ubuntu.

Edit to remove HTML. Please use the “Text” tab in the entry box when you copy/paste.

Reply | Quote

I’ll eventually install 3177467 but I’m confused. (I installed the Sept. 2016 item in May 2017).

The catalog shows two in October one dated the 8th and the other the 10th. One is Security Updates and the other is Critical Updates. I have no way of knowing if it is exactly the same just labeled differently. The size hasn’t changed.

https://www.catalog.update.microsoft.com/Search.aspx?q=kb3177467

Do I install both or only the one dated the 10th?

 

Got coffee?

Reply | Quote

I’d stick with what you have until MS sorts this WU mess out. We are at MS-Defcon 1 so hang fire, the patches will still be there when it’s safe to patch.

Keeping IT Lean, Clean and Mean!

Reply | Quote

The one dated 10/10 is 10/10/2016 not 2018. The one from 2016 is v1, the one from 2018 is v2 (the latest one).

1 user thanked author for this post.

plodr

Reply | Quote

Thanks PKCano, the different years went right over my head.

Got coffee?

Reply | Quote

hi Susan.

here’s what the KB3177467 V2 update looks like when it is installed:

differences between the original (V1) and the revised (v2) one is the “classification” of the KB3177467 update; V1 was a non-security update and V2 is a security update

1 user thanked author for this post.

columbia2011

Reply | Quote

Just made a fresh Windows Update search

no change to KB4462923 paused status, it will not get offered normally with other updates, even with KB3177467-v2 installed
one have to clear all updates queue (install or hide them) to get KB4462923 unchecked

https://i.imgur.com/uKbP6In.png

6 users thanked author for this post.

cesmart4125, woody, Microfix, GoneToPlaid, PKCano, geekdom

Reply | Quote

Yep, unchecked. The riot of fun is that this October Rollup was supposed to fix issues with the September Rollup.

1 user thanked author for this post.

Cybertooth

Reply | Quote

I do not install Rollups, but I regularly install Office, .NET, MSRT, Security Only and E11.

Do I need to install (whenever it becomes prudent to patch) also kb3177467?

Thanks.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

Yes. You need the Servicing Stack Update KB3177467. It is available through Windows Update if the “important” update queue is emptied by either installing or hiding all the other updates in the “important” queue.

2 users thanked author for this post.

cesmart4125, OscarCP

Reply | Quote

Group A, Win 7 64.  Just as a data point,  I have only the “old” version of KB3177467 that I installed two years ago, but I was able to install the latest MSRT plus one Office 2010 update today.  (I haven’t installed anything else offered in October.)

Reply | Quote

PKCano wrote:

…Yes. You need the Servicing Stack Update KB3177467. It is available through Windows Update if the “important” update queue is emptied by either installing or hiding all the other updates in the “important” queue.

PKC, Woody, SB: To whether we need 2018 Ver IF 2016 already Inst’d …. are we at — “Yes”– “2016 Only is OK if inst’d”– We’re not sure IF Both are needed –?

Thanks as always!

W10 Pro 22H2 / Hm-Stdnt Ofce '16 C2R / HP Envy Desk-Ethernet - SSD-HDD/ i5(8th Gen) 12GB / GP=2 + FtrU=Semi-Annual + Feature Defer = 1 + QU=0

Reply | Quote

The two versions are not completely the same. The files are the same, yes. But the 2016 version is optional, where the 2018 version is classified as “Security.” The latter may become a requirement in the future if Windows Update looks for the “Security Update for Win7″ before installing updates.

In other words, I would go ahead and install v2 – WHEN THE DEFCON NUMBER IS 3 or above. And I would read Woody’s instructions first, because things may have changed by that time.

2 users thanked author for this post.

cesmart4125, CraigS26

Reply | Quote

“The two versions are not completely the same. The files are the same, yes. But the 2016 version is optional, where the 2018 version is classified as ‘Security.'”

@PKCano I’m confused.  If the files are the same, what makes the two versions different?  Logically, it would seem the two versions are the same, with the only difference being the classification or labeling.

As I was born BC (before computers), I appreciate your explaining this.

Reply | Quote

The metadata is different.
You have two sets of updates in Windows Update -“important “and “optional.” The security and critical updates are usually CHECKED in the “important updates” list. The “recommended” and “optional” updates are UNCHECKED in the “optional updates” list.

The older version was classified as “optional,” while v2 is a security update (“important”).

1 user thanked author for this post.

cesmart4125

Reply | Quote