News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Patch Lady – KB 4103718 no longer lists “investigation” note

    Posted on Susan Bradley Comment on the AskWoody Lounge

    Home Forums AskWoody blog Patch Lady – KB 4103718 no longer lists “investigation” note

    This topic contains 40 replies, has 16 voices, and was last updated by  EP 1 year, 7 months ago.

    • Author
      Posts
    • #194284 Reply

      Susan Bradley
      AskWoody MVP

      Remember that KB that was updated to showcase that Microsoft was investigating the networking issues? https://support.microsoft.com/en-us/help/4103718
      [See the full post at: Patch Lady – KB 4103718 no longer lists “investigation” note]

      Susan Bradley Patch Lady

      10 users thanked author for this post.
    • #194286 Reply

      Thanks, Susan, for taking the Big Step with this…very glad to hear that  it’s not messed with any Win 7 machine you have. Questions:

      1. About what date did you install KB 4103718?

      2. Are any of your machines running Win 7 Pro 64 Bit?

      Again, many thanks!  This patching thing has become a nightmare; if it wasn’t for this site, you, Woody, the forums and the people who work so hard on this ball of worms, I’d be in deep yogurt by now!

      Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", Group "Wait for the all-clear", Multiple Air-Gapped backup drives in different locations, "Don't check for updates-Full Manual Mode."
      --
      "...All the people, all the time..." (Peter Ustinov ad-lib from "Logan's Run")

    • #194287 Reply

      mbhelwig
      AskWoody Lounger

      You are right — I have been watching this update since it was released. I have been holding off  updating since January 2018 because of the problems that MS are making with their updating.

      I have 6 computers on a network — all with fixed IP addresses and running windows 7 Pro. I do not want MS messing with them.

      mbhelwig

      mbhelwig

      1 user thanked author for this post.
    • #194288 Reply

      anonymous

      In the catalogue (https://www.catalog.update.microsoft.com/Search.aspx?q=4103718) the update is still dated May 5th.  (10:14, CEST). I expected an updated version there.

      ~Annemarie

      • #194291 Reply

        DrBonzo
        AskWoody Plus

        That actually happens quite frequently: the support page lists an update date but the Update Catalog still lists the original release date (or some date that is earlier than the updated date on the support page). In any case, it’s probably a good idea to wait until Woody changes to DEFCON 3 or higher or to wait at least a few more days before installing either the Rollup or Security Only patches for May.

        Edit: Just to be clear, the Update Catalog may still show the older date even though you will, in fact, be downloading an updated version of the patch.

        1 user thanked author for this post.
      • #194316 Reply

        PKCano
        Da Boss

        Don’t confuse the update of the documentation, the update of the metadata, and the update of the patch’s code. You could have three different dates there. Just because the documentation was updated doesn’t mean the patch was changed.

        4 users thanked author for this post.
        • #194389 Reply

          OscarCP
          AskWoody Plus

          To add clarity to this discussion (or not):

          This also applies to the Security Only update, KB 4103712 which, being Group B myself, is of particular interest to me. Looking at their respective documents at MS, the change is the same for both updates.

          Although the text of the document has changed, by eliminating that troubling paragraph on  networking issues, the date of the document has not: it is still given as May 8th.

          So it is conceivable that the date of the update has not been changed because the code itself, the thing we, Group B-ers are going to end up installing, has not changed. And, according to other comments here from people who actually looked at it, the code has, in fact, not changed. So it might follow that the paragraph that is the present topic here has been simply edited out, because its existence has been proven, to MS’ satisfaction at least, to be unjustified. And that the deletion is a mere correction of the text so it reflects better what has been the actual situation since early May.

          As people, in considerable numbers by now, here, have been writing that they have installed the update and suffered no harm, then maybe, perhaps, who knows, the update was OK all along, and whoever reported having some strange problems because of this update, those problems were not caused by the update but by something else altogether: computers are complicated and misleading creatures.

          Just saying.

          Still: I’m not in a rush, can wait a bit longer.

          And many thanks to the Patch Lady, PKCano (who, if I understand correctly, has said pretty much the same thing as I have, but in her uniquely terse style) and all those who have actually looked into this and at the actual code. Looking to see, not just guessing: that is the essence of the scientific method.

          Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W + Mac&Lx

          • #194393 Reply

            PKCano
            Da Boss

            Although the text of the document has changed, by eliminating that troubling paragraph on networking issues, the date of the document has not: it is still given as May 8th.

            This is from the bottom of the document:

            File information

            For a list of the files that are provided in this update, download the file information for update 4103718.


            1 user thanked author for this post.
          • #194447 Reply

            anonymous

            I have been in group B since it began. It has saved me countless times. However, I seem to have gotten off track and installed Kb4103712 before it was totally cleared. My old, usb wired HP1210 aio printer quit responding. Since I install one at a time, I simply uninstalled that ‘security only’ update and printer is normal again. I do not think of myself as being any kind of ‘computer literate’, but I follow directions very carefully and this website has kept me trouble-free and smoothly working with my old Compaq Win7 (Dec 2009 model) AMD AthlonIIx2 240, 64 bit, SP1…. thank you all so much!

            • #194452 Reply

              PKCano
              Da Boss

              I seem to recall something about changes to SMB1 in the updates this month. If you have an old printer, that might be what caused the problem. SMB1 was used by older printers, but was found to be vulnerable lately.

              1 user thanked author for this post.
      • #194358 Reply

        Susan Bradley
        AskWoody MVP

        The KB was updated for the removal of the note.  They made no change to the code.

        A KB date change will not necessarily translate to a refreshed patch.

        Susan Bradley Patch Lady

        3 users thanked author for this post.
    • #194321 Reply

      Elly
      AskWoody MVP

      Being a little compulsive, I checked the file information for update 4103718, which is an Excel .cvs file.

      I won’t say I was more thorough than doing a scan for file change dates… and the last changes were done April 23, 2018… with .manifest changes on May 4, 2018.

      That wouldn’t indicate an actual change in the update, just a change in documentation?

      Win 7 Home, 64 bit, Group B

      4 users thanked author for this post.
      • #194343 Reply

        TJ
        AskWoody Plus

        Compulsive?? I would say thorough.

        @sb Susan, do you also have a ‘Group B’ system running and did you install 4103712 to check for networking issues?

        2 users thanked author for this post.
    • #194328 Reply

      columbia2011
      AskWoody Plus

      Just a change in documentation if last changes in archive were done April 23, 2018 and .manifest changes on May 4, 2018.
      I consider that after Microsoft received feedback about possible problems with network drivers, they have reproduced installations and various behaviours on their Test virtual machines, issues didn’t catch and then they have just removed NIC issues info from description of KB4103718. Just my thoughts!

      1 user thanked author for this post.
    • #194332 Reply

      anonymous

      Funny beacuse the article on KB 4103712 still shows the same
      “A stop error occurs on computers that don’t support Streaming Single Instructions Multiple Data (SIMD) Extensions 2 (SSE2).”
      “Microsoft is working on a resolution and will provide an update in an upcoming release.”

      1 user thanked author for this post.
    • #194352 Reply

      mcbsys
      AskWoody Plus

      I wrote a PowerShell script awhile back to report some detailed info about an update. The script connects directly to Windows Update servers so it must be run on a machine where the patch is applicable, in this case a Windows 7 machine. At the moment, it is telling me that LastDeploymentChangeTime for 4103718 is still 5/8/2018.

      WindowsUpdateShowDetails

      The script is available here:

      Print Detailed Windows Update Information

      Attachments:
      7 users thanked author for this post.
      • #194363 Reply

        columbia2011
        AskWoody Plus

        As I understood from your screenshot you installed 4103718. Did you notice any issues?

        • #194367 Reply

          PKCano
          Da Boss

          I have installed it on 7 Win7s – three hardware installs and four VMs. Two were 32-bit and the rest 64-bit. Only one was Home, the rest a combination of Pro and Ultimate.

          Didn’t have any problems (doesn’t mean there aren’t any).

          5 users thanked author for this post.
    • #194401 Reply

      OscarCP
      AskWoody Plus

      Patch Lady, the same is true of the Security Only KB 4103712 document and, presumably, of the update itself.

      Except that now there is this entry at the end of that page: Last Updated: May 24, 2018 , same as in the page for 718, as PKCano posted a few minutes ago.

      Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W + Mac&Lx

    • #194407 Reply

      columbia2011
      AskWoody Plus

      Known issues with May Rollup KB4103718 were published: There is an issue with Windows and a third-party software that is related to a missing file (oem<number>.inf). Because of this issue, after you apply this update, the network interface controller will stop working.
      Workaround is presenting.
      https://support.microsoft.com/en-us/help/4103718/windows-7-update-kb4103718

      1 user thanked author for this post.
      • #194423 Reply

        anonymous

        Thank you  =  @columbia2011, that kb4103718 information link was Last Updated: May 25, 2018.  Workaround info is provided concerning updating NIC drivers.  Good to read. thanx.

    • #194474 Reply

      mbhelwig
      AskWoody Lounger

      Overnight here in Brisbane Australia (26/05/2018) the following appeared in the description of KB 4103718 May update —

      “There is an issue with Windows and a third-party software that is related to a missing file (oem<number>.inf). Because of this issue, after you apply this update, the network interface controller will stop working.

      1   To locate the network device, launch devmgmt.msc; it may appear under Other Devices.
      2  To automatically rediscover the NIC and install drivers, select Scan for Hardware Changes from the Action menu.

      a. Alternatively, install the drivers for the network device by right-clicking the device and choosing Update. Then choose Search automatically for updated driver software or Browse my computer for driver software.”

      So the Network drivers are still being messed up by MS update. A “third-party software” is referred to — but not by name. How nice of MS not to name what they think is the cause of the problem but not tell us. MS should look in their own back yard — or are they afraid of being sued?????

      I have not applied updates since December 2017, and I will not be applying this one either until it is sorted.

      mbhelwig

      mbhelwig

      3 users thanked author for this post.
    • #194477 Reply

      …”and the torture never stops…”

      OK, I’m definitely missing something here.

      1. Am I to understand that if the “missing file” is on my PC, I shouldn’t (!?) have any issues?

      2. What IS the full value of the missing file? There are 54 oem<number>.inf files on my system, all sequence numbered oem0.inf thru oem54.inf, but oem14.inf and oem13.inf are missing. All have dates starting in 2008, go to 2010, skip 2011,2012, and 2013, resume in 2014, skip 2015, and resume in 2016 and 2017.  There are TWO copies of oem42.inf, one in the \windows directory, and one in \windows\system32 directory. Both have the same date and size.

      3. If I had those two missing files, would I be in shape to patch without the turgid rigmarole of the workaround?

      4. What, specifically, ARE the files missing that cause the problems? Just throwing out a “(oem<number>.inf)” designation seems to me to be an admission they don’t KNOW which file causes the issue.

      Sheesh.  If any sysadmin/engineer had been caught dispensing with this sort of flim-flam-flummery instead of identifying the missing files by name, and supplying them (this was 20 years ago), well, he’d be sorting floppies in Antarctica.

      But then, I’m old.  :)>>>>>

      BTW, what kind of English is “…and a third party software…”? Should not the “a” be dropped, and names named? Something funny going on here.

      Man, I have a three-Excedrin headache over all this!

      Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", Group "Wait for the all-clear", Multiple Air-Gapped backup drives in different locations, "Don't check for updates-Full Manual Mode."
      --
      "...All the people, all the time..." (Peter Ustinov ad-lib from "Logan's Run")

      1 user thanked author for this post.
      • #194507 Reply

        OscarCP
        AskWoody Plus

        A number of people, such as PKCano, have updated KB 4013718 days ago and they, and their PCs, are still alive and even doing fine, and the code they have installed is the same it has been all along since May 5th.

        My concern, being Group B, is KB 4103712. At this time, although it might be early hours… the security only is still without this additional warning, while the one about networking issues is gone, same as for KB 4103718.

        Whatever happens with these and any new alarming warnings that might yet crop up, I am going to wait some days longer and, if still I see no actual reports of people updating and having some awful problems, I’m going to create a restore point, update, and the heck with this. “Life is too short to make it miserable“, as WC (Winston Churchill) is said to have declared some time or another. Maybe you could consider it as a new lemma? Although that one about plumbing is pretty good too.

        Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W + Mac&Lx

        • #194512 Reply

          @OscarCP-

          I just expect a higher standard from MSFT, which is probably a mistake held over from years past. Also, I’m down to one mission-critical machine, and I have to be conservative.

          And I never liked the “shotgun” approach; when an RF tech, I always troubleshot to the component level if I could.  And I see no reason to accept that the experts up there can’t, except in certain rare, highly unique and circumscribed conditions.  This may be one of them, and it may be not.

          Hey, others have been more steamed up than me…by comparison I’m the soul of human serenity…you can hear it sloshing around inside me by the gallon. 🙂 (Apologies to Robert Benchley)

           

          Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", Group "Wait for the all-clear", Multiple Air-Gapped backup drives in different locations, "Don't check for updates-Full Manual Mode."
          --
          "...All the people, all the time..." (Peter Ustinov ad-lib from "Logan's Run")

      • #194557 Reply

        anonymous

        Hi Nibbled, if I may call you that!

        @bob99 here posting anonymously from a borrowed computer.

        I just checked on the computer I’m currently using, and both the .inf files you’re missing go to two different Intel network driver files on this computer. One file is not in use, but the other is indeed the driver for the network card in use on this computer.

        Basically, these oem##.inf files point Windows to the correct actual driver file for it to use to get the networking card up and running. In the case of this machine, oem14.inf points to the networking card’s actual driver, e1c62x64.INF, and it also points Windows to the .cat, or catalog, file where the rest of the networking card’s configuration info can be found. The other file you say you are missing, oem13.inf, belongs to an Intel 10/100 networking card which is not installed on this machine, so oem13.inf isn’t needed supposedly. Lotsa good info for Windows is contained in these .inf files.

        You can look at their contents simply by RIGHT clicking on the file and then choosing “Open” at the top of the resulting pop-up menu. Yes, the word “open” should be listed in bold letters just like in this post, so the bolding isn’t mine for emphasis. However, please be very careful in exploring the contents of the file with Notepad, which is what should display the file’s contents by default since the file is just a simple text file for the system to use. Any changes inadvertently made to these files can potentially ruin its use by windows, rendering a device useless. Yes, for those wondering, you could even potentially “brick” your computer, causing a dreaded Blue Screen of Death (BSOD) if you were to ruin a keyboard driver, for example.

        Now, on to more of an explanation of other things brought up in your post relating to why MS simply can’t just come out with the exact name of the missing file: There are a great many number of networking card manufacturers out there, and each one probably has their own separate .inf file for their card(s). MS in Redmond, where these bulletins are presumably written, simply has no way of knowing which one is the correct one for your machine. That number can change for each computer. So, to save words (one of their FAVORITE pastimes) they simply released a very terse explanation of the symptom and what the user can do to remedy the situation.

        Yes, the above paragraph was a defense of Microsoft’s methods, but NOT an approval of their methods in any way, shape or form! I myself would rather they explain things better instead of relying on the consumer to “read between the lines”, as they currently do.

        One final bit of advice for you, Nibbled: Please print out a copy of the the quote contained in post #194474 above, just in case you do lose networking after installing May’s rollup, KB4103718. BUT, as always, don’t do so until we get the go-ahead from Woody, or one of the MVP’s here says it’s OK to install the patch. Neither one has happened just yet.

        For others reading this thread and who are in Group B, it would also be a good idea to print out those instructions from MS since, as has been noted previously on another thread, the security only patch KB4103712, has also had mention of networking issues identical to the rollup patch. This begs the question of why didn’t MS put the remedy for the networking issue on BOTH the rollup and the security only bulletins instead of just the rollup bulletin?

        4 users thanked author for this post.
        • #194619 Reply

          @bob99:

          Thanks! You’ve given me a lot to think about! BTW, I did print out the workaround in case of a NIC disaster. From what can understand now, according to MSFT, some mysterious piece of third-party software causes 4103718 to nuke a perfectly good and properly running .inf file. An earlier misreading (while I was tired*) of it left me thinking that it was the absence of this .inf file before the Rollup was installed that was causing the problem.

          (*”Never work on a computer if you are tired, hungry, rattled, or after 11 PM if you can help it”. –Nibbled’s First Law of Computing)

          One thing I still don’t understand fully, since I am obviously in over my head here…

          If I understand MSFT’s “Known Issues” statement correctly,  I still fail to see why a properly configured and researched update, patch, Rollup, etc, should nuke a properly working .inf file in the first place… Yes, there are a great multiplicity of makers/drivers/NIC’s, etc, but I sure wish MS had a sign in each cubicle modified from the Epidemics, Book I, of the Hippocratic school: “Practice two things in your dealings with the User or Admin: either help or do not harm the patient.” 🙂

          Hey, thanks for the education! And I am going to wait for Woody’s DEFCON 3 or lower. There are 54-odd of those .inf files, and I simply don’t have the time or the ocular power at my age to pore over each and every one and trace it back. :p

          Again, many thanks.

          Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", Group "Wait for the all-clear", Multiple Air-Gapped backup drives in different locations, "Don't check for updates-Full Manual Mode."
          --
          "...All the people, all the time..." (Peter Ustinov ad-lib from "Logan's Run")

          1 user thanked author for this post.
          • #194687 Reply

            Bob99
            AskWoody Plus

            You’re Very Welcome! 🙂

            BTW, on my own machine, which I’m currently using, those files you thought you were missing, numbers 13 and 14, go to another completely different driver, not a network card. Just goes to show how different two different machines can be.

            The borrowed computer I was using earlier today with post #194557 and mine (being used for this post) both have Intel NIC’s, but they’re both integrated into the motherboard. However, I have noticed that the drivers for the borrowed computer’s NIC and my NIC are identical, right down to the last digits of the drivers’ version numbers!

            My computer is almost two years older than the one I borrowed earlier today for the anonymous post.

            The apparent only real difference between them is the different file numbers for the OEM##.inf files. I haven’t gone digging through my computer’s inf files to see which ones are for the NIC just yet, as it’s getting late in my time zone, very close to 11 pm. 😉

            (*”Never work on a computer if you are tired, hungry, rattled, or after 11 PM if you can help it”. –Nibbled’s First Law of Computing)

             

    • #194495 Reply

      anonymous

      Hmmm… The NIC warning is on the rollup but not on the security only update unless I’m missing something.

      • #194505 Reply

        DrBonzo
        AskWoody Plus

        I agree. Also, the support page is listed as having been last updated on 5/24/2018, whereas on the support page for the rollup (KB4103718) the last update is 5/25/2018.

    • #194510 Reply

      …and they dropped this bomb on a Friday before a 3-day US weekend.

      Sweet. Reminds me of some press release strategy timing.

      I’m going to hold off until someone finds the missing  .inf file names causing the issue or Woody says go ahead, methinks. This “take a shot and here’s what to do if it doesn’t work” bit is just so not working for me.

      Thanks to all who are doing the “Terrier Work” on this one, it’s really a mess, especially with the Win 10 issues and mud being tossed about now, too.  I salute you all.

      Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", Group "Wait for the all-clear", Multiple Air-Gapped backup drives in different locations, "Don't check for updates-Full Manual Mode."
      --
      "...All the people, all the time..." (Peter Ustinov ad-lib from "Logan's Run")

      2 users thanked author for this post.
    • #194539 Reply

      NoLoki
      AskWoody Lounger

      I installed KB4103712 Security-Only patch on a test system, then on the remaining systems that I look after. Those systems are W732 and W7/64, some older, some newer, and I have a mix of different networking hardware/software for testing. The patch installed without incident on all of them.

      Third party software? I assume they did not name the the company/product because they are not working together on resolving the issue, or they are in disagreement over the results, or the tests are inconclusive. Sometimes it is an older version of the software that causes a problem, not the latest stable release. Third parties will send MS a copy of their latest stable release and of course when called out over an issue, will only test with their latest release.

      Many home users and businesses run with older releases of third party software. Enterprises too.

      From a security point of view it is not advisable, but stability is the higher priority for most.

      1 user thanked author for this post.
      • #194587 Reply

        OscarCP
        AskWoody Plus

        NoLoki: Thanks for posting here your own experience with the 4103712 security only update. Have you installed already also the May IE11 cumulative security only patch for Windows 7 x64? Any comments on that?

         

        Group B, Windows 7 SP1 x64, Intel I-7 “sandy bridge”

         

        Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W + Mac&Lx

        • #194601 Reply

          NoLoki
          AskWoody Lounger

          Yes, I installed the May IE cumulative update on all the same systems. I install it first. I had no problems with it.

          1 user thanked author for this post.
    • #194967 Reply

      Bill C.
      AskWoody Plus

      I have installed the May Group B IE cumulative rollup with no adverse issues. I am holding off on KB4103712 until the DefCon goes to 3.

    • #196427 Reply

      DiPersiaTech
      AskWoody Plus

      There is a way to identify what INF your NIC uses/needs.  This is the way to determine if you have the INF file on your machine or not.

      Go in to device manager and double-click on your NIC.  If you have more than one that you DEPEND on, check them all.

      Go to the DETAILS tab within the properties of your NIC and select INF NAME from the drop-down property field.  The VALUE field will then display the INF file for your NIC.  Go see if this is present in c:\windows\inf.

      If it’s missing, probably easiest to upgrade your NIC driver to get the missing INF file back.  If you’re running the latest/greatest version of your NIC driver, see if it has the option to force the update, or see if you can extract the INF file manually from the driver package.

    • #196430 Reply

      DiPersiaTech
      AskWoody Plus

      Oh – and take this one a step further for an automated way to figure out what, if any, INFs are missing from your system.  Using Powershell and WMI, you can get a list of all INFs for present devices.

      Unfortunately, I’m not the best at Powershell.  I’m sure someone can take this and pipe it properly to test-path (Adding in c:\windows\inf) and get just the INFs and device names that are missing.

      Get-WmiObject Win32_PnPSignedDriver| select DeviceName, Manufacturer, INFName | where {$_.INFName -ne $null}

    • #196435 Reply

      DiPersiaTech
      AskWoody Plus

      Alright, last post for now.  Some might find this sloppy, but it’s what I cobbled together and works.  Feel free to critique, happy to learn!

      Get-WmiObject Win32_PnPSignedDriver| where {$_.INFName -ne $null} | foreach-object {if (test-path -path “c:\windows\inf\$($_.INFName)”) {} else {“Missing INF!  ” + $_.DeviceName + ”  ” + $_.INFName}}

    • #196808 Reply

      EP
      AskWoody_MVP

      It looks like installing the KB4103718 rollup update on nearly all of my Win7 SP1 machines causes Windows Update to offer some “older” updates like KB3185319 for IE11 and thus “break” the WU supersedence chain.

      WUScan-Win7afterKB4103718

      after installing KB4103718, reboot and then do a Windows Update search, older IE11 updates like KB3183519 get offered as I’ve checked myself on a bunch of Win7 computers with KB4103718 installed. Hiding KB3183519 and doing another WU search afterwards will offer an older IE11 update like KB3175443.

      Attachments:

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Patch Lady – KB 4103718 no longer lists “investigation” note

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.