Patch Tuesday update: Confusion over the number of 0days and many reports of failed installs

Topic

New Reply

So far, Patch Tuesday looks pretty stable. Of course, it’s much too early to tell if there are lesser goblins in the mix. The main point of contention
[See the full post at: Patch Tuesday update: Confusion over the number of 0days and many reports of failed installs]

1 user thanked author for this post.

abbodi86

Reply | Quote

Replies

Anyone NOT seeing Servicing Stack Update, KB4552152 being offered through Windows Updates? I’m on Windows 10 Home and Pro machines, none are seeing it. Pulled it from the MS catalog.

Cheers

Reply | Quote

With Windows 10 you never actually see a Servicing Stack KB update offered as a separate downloadable in the Windows Updater.

It just automatically gets downloaded with (or before) the Monthly Update.

It will show as an installed KB after the fact.

Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)

1 user thanked author for this post.

woody

Reply | Quote

I should  clarify that the update DOES show if you look at installed updates in Programs and Features in Control Panel. However it does NOT show as installed in Windows 10 updates. It wasn’t offered nor shown in the windows updates list of downloads this morning. That was the original issue of concern.

Cheers

1 user thanked author for this post.

Elly

Reply | Quote

darynman@gmail.com wrote:

It wasn’t offered nor shown in the windows updates list of downloads this morning

It never shows in Windows list of downloads. It is installed stealthily in the background.

1 user thanked author for this post.

woody

Reply | Quote

Potatoes Potatos 😀

2 users thanked author for this post.

woody

Reply | Quote

Advising people to not patch their system is beyond negligent, its criminal.

Reply | Quote

anonymous wrote:

Advising people to not patch their system

No one here is advising people not to patch.
We only advise people to wait long enough to understand what the caveats are, and not be surprised by something they did not expect.

You should read about the DEFCON System, so you don’t misinterpret it’s meaning.

5 users thanked author for this post.

fracky, David F, SueW, woody, Elly

Reply | Quote

[woody]

So I assume you’re vehemently against the “Pause Updates” feature in Win10 1903 and 1909?

[Editor’s note: I get comments like this all the time. I’m amazed, given the extent of trouble Win10 patches have caused over the past few years, that there are people in the biz who still recommend knee-jerk installation of Patch Tuesday patches. Most of the time, the people who cast aspersions don’t update automatically. That said, if you know what you’re doing and back up profusely, go right ahead! Let us know if you hit any problems.]

• This reply was modified 3 years, 1 month ago by woody.

5 users thanked author for this post.

fracky, abbodi86, PDX5802, SueW, Elly

Reply | Quote

Seeing issues with Windows 10 1909 with the KB4549951  Cumulative Update and printers with Type3 and Type4 printer drivers. The printers would not print or allow to change printer preferences stating the Printer Driver needed to be installed on the computer even though they were installed on the computer. We reboot the computer and ran DISM and SFC and not issue was found. Upon removing KB4549951  from the installed updates and a reboot the printers started working.

Screenshots are below

https://imgur.com/a/6Xa5c4u

 

1 user thanked author for this post.

woody

Reply | Quote

I got the update through the normal automatic check for updates. I crossed my fingers, crossed my toes, held my breath and clicked download.

It did go through the installing phase twice and take longer than it should, but that has been the case for a while now.

So far so good, no issues or quirks as yet.

I usually install the patch Tuesday updates the following day, of course after reading here of any potential problems that have cropped up. If there are any big problems I’ll hold off.

Reply | Quote

Woody, I do think they accidentally got it right when reporting that there are 4 zero days. An exploit for CVE-2020-0968 appears to be available on a github page of researcher @afang5472 (credited by microsoft along with @edwardzpeng for this bug).

Up until a few hours ago, the page said “Writeup and POC for CVE-2020-0753, CVE-2020-0754 and six unfixed Window DOS Vulnerabilities.”

Based on the history on the page, it appears that Microsoft downplayed these bugs in onedrive, and even the security researchers initially did not realize that the exploit could be upgraded from a denial of service attack to an escalation of privledge using a general technique.

The page was updated several hours ago to say “Status Upgrade: All 6 vulnerabilities has received a fix in March 2020’s patch Tuesday.” But this appears to be a mistake since no OneDrive issues were fixed in March, and the timing of the update along with some tweets suggest that this issue was fixed in April.

1 user thanked author for this post.

woody

Reply | Quote

Wow. What a generalized mess!

Thx.

1 user thanked author for this post.

dbeato

Reply | Quote

[Susan Bradley]

Got this again, just a reminder that you just hit skip and it goes on.

Susan Bradley Patch Lady

• This reply was modified 3 years, 1 month ago by Susan Bradley.

2 users thanked author for this post.

woody, abbodi86

Reply | Quote

Argh. Not again.

Reply | Quote

Some reports of Windows Security threat protection service misbehaving after installing KB4549951.

https://answers.microsoft.com/en-us/protect/forum/all/virus-threat-protection-are-disabled-after-windows/a86e0f6f-ec5e-4d05-b435-cf8c4c3dc774?LastReply=true&tm=1587030694604#LastReply

+5/6 similar threads across different locales.

1 user thanked author for this post.

woody

Reply | Quote

Sumit wrote:

Some reports of Windows Security threat protection service misbehaving after installing KB4549951.

https://answers.microsoft.com/en-us/protect/forum/all/virus-threat-protection-are-disabled-after-windows/a86e0f6f-ec5e-4d05-b435-cf8c4c3dc774?LastReply=true&tm=1587030694604#LastReply

+5/6 similar threads across different locales.

It looks like not the CU, todays update is the root cause of the problem.

1 user thanked author for this post.

woody

Reply | Quote

Hmmm…..

Based on that MS Answers thread, it sure sounds like we got a bad Windows Defender (and MSE for Win7) definition update.

That’s rare, as I’m sure you know.

I see a similar post on the WindowsPhoneInfo forum.

My production machines are running Antivirus Version: 1.313.1638.0, which was released this morning at 4:53 am. (For instructions on how to find your Client Version number, see this Bleeping Computer article.) I’m not having any problems… but maybe that’s just me.

I’m going to post this on the main blog. Thanks!

Reply | Quote

Running Windows 7 SP1, updated with the March 2020 cumulative update (following abodi86’s excellent recipe), and MSE, I got the MSE problem after updating definitions from 1.313.1556 to 1.313.1638. The problem persisted when I updated the definitions to 1.313.1666.

However, this morning I updated the definitions to 1.313.1687 and, so far at least, the problem appears to have been rectified. No more red MSE interface telling me that the security service isn’t running, and should be started.

The situation was the same on both Windows 7 computers here.

1 user thanked author for this post.

SueW

Reply | Quote

Can you be more explicit about what the vulnerabilities are?

It would help people to know if they need to patch

Reply | Quote

Descriptions of the vulnerabilities can be found in the Security Update Guide.
Also look through the Brian Krebs article linked on the main blog page.

Reply | Quote

Windows 2004 updated just fine :).

ASUS PRIME Z270-K * Intel Core i7-6700 * 2 x 8 GB Corsair Vengeance LPX DDR4 2133 MHz * Aorus Radeon RX 570 4GB * Samsung 840 EVO 250GB SSD * SanDisk Ultra 3D 1TB SSD * DVD RW Lite-ON iHAS 124 * Creative X-Fi XtremeGamer PCI * Windows 10 Pro 21H2 64-bit

Reply | Quote

Failed update on Win7 x64. Error Code: 800F081F

Not happy when I’m paying for these updates and they don’t work.

Reply | Quote

Did you have the Mar SSU KB4550735 installed before you tried to install the April updates?

Reply | Quote

Installed April 2020 CU KB4549951 & SSU KB4552152 via Windows Update on 2 Windows 10 Home v1909 systems (one 32 Bit & another 64Bit):

1. For both systems need to re-try installation again to be successful after installation errors.
2. sfc /verifyonly detected “Windows Resource Protection found integrity violations” on both systems.
3. Dism /Online /Cleanup-Image /CheckHealth and Dism /Online /Cleanup-Image /ScanHealth came up “No component store corruption detected”.
4. Ran sfc /scannow to repair system files and resulted “Windows Resource Protection found corrupt files and successfully repaired them”.
5. Other than that no other problems noticed.

Reply | Quote