Ready for June updates?

Topic

New Reply

Remember this is the final month that Windows 10 22H1 will receive updates. This is the final time that version will receive a security update. So for
[See the full post at: Ready for June updates?]

Susan Bradley Patch Lady/Prudent patcher

8 users thanked author for this post.

deuce120, AlphaCharlie, jburk07, geekdom, lmacri, abbodi86, Kathy Stevens, CAS

Reply | Quote

Replies

AKB 2000003 has been updated for Group B Win7 and Win8.1 on June 13, 2023.

See #2565856 and #2565857. for information on Win7 and Win8.1 updates (Logged in Member access required).

3 users thanked author for this post.

jburk07, Microfix, abbodi86

Reply | Quote

Just to verify, Windows 11 should be at 22H1.

I must have been on vacation too much as my Windows 11 computers are set for 21H2.

Cheers!!
Willie McClure
“We are trying to build a gentler, kinder society, and if we all pitch in just a little bit, we are going to get there.” Alex Trebek

Reply | Quote

Windows 10 June 13, 2023—KB5027215 (OS Builds 19044.3086 and 19045.3086)

This update addresses security issues for your Windows operating system.

Reply | Quote

Guinea Pig Update (Moment to Moment)
Version and build after update: Win11Pro 22H2.22621.1848

WuMgr downloaded and installed:

• 2023-06 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 for x64 (KB5027119)
• Windows Malicious Software Removal Tool x64 – v5.114 (KB890830)
• 2023-06 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems (KB5027231)

Installed without error and the system rebooted without error.

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

1 user thanked author for this post.

fernlady

Reply | Quote

EspressoWillie wrote:

Just to verify, Windows 11 should be at 22H1.

I must have been on vacation too much as my Windows 11 computers are set for 21H2.

do you mean Windows 11 22H2?

GRRRRRRRR, I have to remind people that 22H1 DOES NOT EXIST, PERIOD! there’s NO SUCH THING AS 22H1!

edit – June 2023 is the final month of updates for Home & Pro editions of Windows 10 21H2

1 user thanked author for this post.

geekdom

Reply | Quote

Nope.  Was taking the Win 11 22H1 from Susan’s post!

I didn’t think it existed, but … it’s Susan.

Cheers!!
Willie McClure
“We are trying to build a gentler, kinder society, and if we all pitch in just a little bit, we are going to get there.” Alex Trebek

Reply | Quote

Thank you Susan. I was unaware that Wushowhide had been updated from 2/2021.

It was working well last month but when I ran it today it failed to disclose the June updates for Win 10 22H2. I went to the download page referenced in your post, downloaded the newer version and ran it. It disclosed the three updates for June 2023. I hid all three until I’m ready to install them.

Peace, CAS

1 user thanked author for this post.

jburk07

Reply | Quote

“download page referenced in your post”  I don’t see that in her post

Reply | Quote

You wrote “Windows 10 22H1.” Is that correct? Shouldn’t it be 21H2?

Reply | Quote

Apologies!  Yes!

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Just updated Win 11 22H2.

Up to now everything appears hunky-dory.

(But I have a reliable Macrium image anyway )

1 Desktop Win 11
1 Laptop Win 10
Both tweaked to look, behave and feel like Windows 95
(except for the marine blue desktop, rgb(0, 3, 98)

3 users thanked author for this post.

TechTango, geekdom, fernlady

Reply | Quote

W10 22H2 (x86 and x64 – 2 Devices)
June 2023
.Net CU kb5027538
CU kb5027215 injected…

Outcomes:
SFC Verifyonly – no violations
DISM Checkhealth – No component store corruption detected.
O&O Shutup – telemetry and cloud reset to default so, reset to my defaults 😛
Event Viewer – no errors displayed
W10 now perched on OS build 19045.3086

Did notice a cleanup procedure was invoked once patches were intalled upon update restart, can’t say whether I’ve seen that before..
anyway, so far so good..

Martin Brinkmann has published an in-depth article on this month’s patches over on Ghacks

No problem can be solved from the same level of consciousness that created IT- AE

5 users thanked author for this post.

lmacri, TechTango, Alex5723, geekdom, DrBonzo

Reply | Quote

I’ve seen the cleanup a few times on both W10 Pro and Home, most recently last month.

1 user thanked author for this post.

Microfix

Reply | Quote

Microfix wrote:

W10 22H2 (x86 and x64 – 2 Devices) June 2023 .Net CU kb5027538 CU kb5027215 injected… Did notice a cleanup procedure was invoked once patches were intalled upon update restart, can’t say whether I’ve seen that before.. anyway, so far so good..

From the 15-Jun-2023 Neowin article Windows 10 KB5027215 Update is Causing Installation Issues For Some Users:

“According to user reports on Reddit…KB5027215 is taking more than half an hour to install for some users, with clean-up process post-update taking most of the time. The issue has been reported by multiple users and is happening when trying to install the cumulative update along with Microsoft .NET updates… You should let the update install completely, even if it takes much longer than usual.”

I also noticed this cleanup running on my Win 10 v22H2 laptop after I restarted my system to finish installation of KB5027215 (OS Build 19045.3086) and the KB5027538 .NET Framework 3.5, 4.8 and 4.8.1 updates, but the cleanup phase only lasted a minute or two and didn’t cause any problems.
————-
Dell Inspiron 5584 * 64-bit Win 10 Pro v22H2 build 19045.3086 * Firefox v114.0.1 * Microsoft Defender v4.18.23050.5-1.1.23050.3 * Malwarebytes Premium v4.5.31.270-1.0.2047 * Macrium Reflect Free v8.0.7279

1 user thanked author for this post.

Microfix

Reply | Quote

That invoked cleanup was to me strange, as I hadn’t had that happen before. The only thing I can think of is, it’s due to me forgetting to clear the winsxs folder of redundancy after last months patches, as I’ve had a lot on recently.
I usually clear the winsxs folder a couple of weeks after CU patch installation followed by a thorough privatize clean providing a fluid OS.

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

Hardened Windows user:

KB890830 Windows Malicious Software Removal Tool x64 – v5.114
KB5027231 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems
KB5027119 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 for x64
KB2267602 (Version 1.391.1333.0) Security Intelligence Update for Microsoft Defender Antivirus
KB4052623 (Version 4.18.23050.5) Update for Microsoft Defender Antivirus antimalware platform

No hiccups on my daily driver desktop nor my unsupported-hardware NAS.

Now running Windows 11 Pro Version 22H2 (OS Build 22621.1848)

Always create a fresh drive image before making system changes/Windows updates; you may need to start over!

We were all once "Average Users". We all have our own reasons for doing the things that we do with our systems, we don't need anyone's approval, and we don't all have to do the same things.

Computer Specs

1 user thanked author for this post.

geekdom

Reply | Quote

After update I noticed, when I run program from Start menu as administrator, after UAC prompt, start menu remains opened. Anyone noticed this too?

Windows 10 22h2 64bit with all June 2023 patches.

1 user thanked author for this post.

geekdom

Reply | Quote

Did anyone find the registry key for the Windows 11 22H2 update fix?  I couldn’t. It doesn’t seem to be that important for most people.

Otherwise updates went well for me, although I thought that they would be delayed by InControl.  I guess I should have run it as administrator but I forgot.

Mark

 

1 user thanked author for this post.

geekdom

Reply | Quote

I bet it has to be added.  I’m still asking for clarification on this one.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

KB5028407/CVE-2023-32019: is the average non-computer-savvy Windows user expected to make registry changes?

2 users thanked author for this post.

WSBirdLady, geekdom

Reply | Quote

The expectation is unreasonable, but it seems the average computer user is expected to make registry changes. (This expectation is an early lesson in how to brick a computer.)

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

Reply | Quote

I think that’s right.  A fix for PrintNightmare patch problems in 2021 required adding a similar “override.”  The entire key needed to be added.

Reply | Quote

Incontrol controls feature releases, not monthly updates.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Microfix wrote:

Did notice a cleanup procedure was invoked once patches were intalled upon update restart, can’t say whether I’ve seen that before..

I have seen cleanup in the past.

Reply | Quote

Apologies if I have asked this question before but why are latest W10 updates still showing in “Updates & Security” after I have hidden them using latest version of wushowhide ?
I can see them in wushowhide under hidden updates yet still in “Updates & Security”.

Have I missed a step ?

Many thanks in advance for your replies.

cheers

Windows 10 Pro version 22H2 build 19045.2965

 

Reply | Quote

Windows Update and wushowhide both use the Windows Update Service to search for updates.
Windows Update only searches periodically. The list of updates is finds is stored in a cache between searchings, and it is the cache you see in the WU queue. So it is STATIC between times and NOT CURRENT.
wushowhide is DYNAMIC, its update list is CURRENT when you run it. So it MAY NOT match what you see in the WU cache.
After you run wushowhide, you need to clear the WU cache and WU has to re-scan to make its list current. See AKB2000013 for how to clear the cache. It is easiest to use @Matador ‘s method (scroll down to till you see his comments).

2 users thanked author for this post.

Pim, bagman

Reply | Quote

Susan Bradley wrote:

Incontrol controls feature releases, not monthly updates.

Thanks Susan for your reply.

Don’t cumulative updates (which I now receive) have feature releases?

It’s confusing.  What would you recommend to block monthly updates – WUShowHide?  I can already delay them on Windows Pro 11, but somehow my delay of one week did not work.

Mark

 

Reply | Quote

See AKB2000016 for information about how to use Group Policy and wushowhide.diagcab to control Windows Updates. There are screenshots at the bottom to show where the settings are located.

1 user thanked author for this post.

bagman

Reply | Quote

Windows 11 Pro 22H2 build 22621.1848 after updates

2023-06 .NET 6.0.18 Security Update for x64 Client (KB5027797)

2023-06 .NET 7.0.7 Security Update for x64 Client (KB5027798)

2023-06 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 for x64 (KB5027119)

2023-06 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems (KB5027231)

Windows Malicious Software Removal Tool x64 – v5.114 (KB890830)

All were installed without issues.

 

--Joe

1 user thanked author for this post.

geekdom

Reply | Quote

There is a vulnerability that in order to fully enable the fix you have to enable a registry key that is different on each OS – see here. Say what?

That’s absolutely crazy! WTH are Redmond playing at?
How are regular homeusers supposed to do this if they don’t mess with the registry or don’t have the technical abilities to do so…dispicable!

No problem can be solved from the same level of consciousness that created IT- AE

3 users thanked author for this post.

geekdom, DrBonzo, PKCano

Reply | Quote

It may be because the vulnerability is only information disclosure as well as the attack vector is only local and requires some complexity to try to exploit. So there is little risk/need for regular home users to worry about implementing the registry changes to enable the fix.

More details below about the vulnerability via Microsoft:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32019

Attack Vector – Local
The vulnerable component is not bound to the network stack and the attacker’s path is via read/write/execute capabilities. Either: the attacker exploits the vulnerability by accessing the target system locally (e.g., keyboard, console), or remotely (e.g., SSH); or the attacker relies on User Interaction by another person to perform actions required to exploit the vulnerability (e.g., tricking a legitimate user into opening a malicious document)

Attack Complexity – High
A successful attack depends on conditions beyond the attacker’s control. That is, a successful attack cannot be accomplished at will, but requires the attacker to invest in some measurable amount of effort in preparation or execution against the vulnerable component before a successful attack can be expected. For example, a successful attack may require an attacker to: gather knowledge about the environment in which the vulnerable target/component exists; prepare the target environment to improve exploit reliability; or inject themselves into the logical network path between the target and the resource requested by the victim in order to read and/or modify network communications (e.g., a man in the middle attack).

Reply | Quote

Information disclosure can still be passwords leaked in memory.

Are consumers at risk, no I don’t think so.  But even in a business setting, getting approval for a registry change takes time.  If there is no performance side effect, let us know.  If there is some sort of side effect to look for, let us know as well.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

There is a vulnerability that in order to fully enable the fix you have to enable a registry key that is different on each OS – see here. Say what?

Microfix wrote:

That’s absolutely crazy! WTH are Redmond playing at?
How are regular homeusers supposed to do this if they don’t mess with the registry or don’t have the technical abilities to do so…dispicable!

Who are you quoting?

This vulnerability is not a critical flaw, or publicly disclosed, or already exploited.

Windows 11 Pro version 22H2 build 22621.2361 + Microsoft 365 + Edge

Reply | Quote

The quote is from Susan, near the bottom of the page here: https://www.askwoody.com/2023/ready-for-june-updates/

2 users thanked author for this post.

Microfix, b

Reply | Quote

Should have guessed 🙄

Windows 11 Pro version 22H2 build 22621.2361 + Microsoft 365 + Edge

Reply | Quote

Should have guessed what?

The KB is silent as to any side effects caused by enabling these registry keys, if any.

The registry keys are different per version.

The vulnerability is not fully mitigated unless the registry keys are set.  This is a nation state style of attack risk so not consumer based, but for those firms that ARE at risk, why isn’t this enabled by default or a discussion regarding the reasons why it’s not enabled by default?

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

https://www.bleepingcomputer.com/news/security/microsoft-windows-kernel-cve-2023-32019-fix-is-disabled-by-default/

“However, it’s unclear if enabling the feature may cause issues in the operating system, so it may be safest to test it on a few machines before performing a wide deployment.

Microsoft also warned that there is no way to revert the changes once CVE-2023-24932 mitigations are fully deployed and enabled on a system.”

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Susan Bradley wrote:

https://www.bleepingcomputer.com/news/security/microsoft-windows-kernel-cve-2023-32019-fix-is-disabled-by-default/

…

Microsoft also warned that there is no way to revert the changes once CVE-2023-24932 mitigations are fully deployed and enabled on a system.”

That comment is about the CVE mentioned there, not the current one in that URL.

Windows 11 Pro version 22H2 build 22621.2361 + Microsoft 365 + Edge

Reply | Quote

It’s a quote from the post.  Either Microsoft or Bleeping has made it a bit more unclear by implying that the fact that the secure boot manual action can’t be undone is in some way related to the manual action in this one.

Bottom line Microsoft needs better communication.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Susan Bradley wrote:

It’s a quote from the post.  Either Microsoft or Bleeping has made it a bit more unclear by implying that the fact that the secure boot manual action can’t be undone is in some way related to the manual action in this one.

Bottom line Microsoft needs better communication.

It comes after, “This is not the first time the company has issued an optional fix for a Windows security vulnerability.

Just last month, Microsoft said …”

Microsoft doesn’t have a monopoly on bleeping lousy communication.

Windows 11 Pro version 22H2 build 22621.2361 + Microsoft 365 + Edge

Reply | Quote

Patches should be simple and fix what they are supposed to with little or no end user action nor IT admin action – especially when it comes to workstations.  I give more leeway for Servers and active Directory networks, but not workstations.  They should be self contained and be uninstallable.

Communication in the security bulletins should be clear and not need to get clarification from other sites to be clear.

Period.  I don’t think either stance is unreasonable.  Do you?

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

DrBonzo

Reply | Quote

To answer your question: A resounding NO!

Then the question is “Why won’t Microsoft provide clear communications in their security bulletins and patches that work with no end user action?”

And with that I’m probably off-topic, so I’ll stop.

Reply | Quote

You aren’t offtopic at all.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

DrBonzo

Reply | Quote

Susan Bradley wrote:

Side effects being seen: If you use the Windows hello for authentication – you’ll get a Windows hello “pop” after the installation of the patch. Ignore it – appears to be a bug.

Could you explain what “pop” means please?

(As I do, but I don’t think I did.)

Windows 11 Pro version 22H2 build 22621.2361 + Microsoft 365 + Edge

Reply | Quote

‘snap, crackle and pop’ Kellogs Rice Crispies, UK cereal thriller! 🙂

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

https://imgur.com/WfC66lY Looks like that.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

b

Reply | Quote

I definitely didn’t see that, so it’s not a general side effect of this month’s updates which everyone using Windows Hello will see.

Windows 11 Pro version 22H2 build 22621.2361 + Microsoft 365 + Edge

Reply | Quote

I’m seeing several folks report this.  It appears to be in business networks only proving once again that advice for consumers can and often is different than business patchers.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Updated both Win 10 & 11 successfully.

Win 10:

Win 11:

May the Forces of good computing be with you!

RG

PowerShell & VBA Rule!
Computer Specs

1 user thanked author for this post.

geekdom

Reply | Quote

geekdom wrote:

The expectation is unreasonable, but it seems the average computer user is expected to make registry changes. (This expectation is an early lesson in how to brick a computer.)

Looking into this I found some interesting things in Group Policy:

First there are way more settings in Win 11 than Win 10:

Win 10:

Win 11:

And under one of the settings I found this description:

So maybe enabling these protections can be done in Group Policy, but of course that still requires PRO!

May the Forces of good computing be with you!

RG

PowerShell & VBA Rule!
Computer Specs

Reply | Quote

RetiredGeek wrote:

And under one of the settings I found this description:

Enable features introduced via servicing that are off by default

This is a fix, not a feature.

That refers to Temporary enterprise feature control in Windows 11

Windows 11 Pro version 22H2 build 22621.2361 + Microsoft 365 + Edge

Reply | Quote

KB5028407/CVE-2023-32019

Could this vulnerability explanation please be unscrambled?

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

Reply | Quote

Love to, once we get better information especially from Microsoft.

Again as I said above, this is not something to worry about on a standalone machine.  But if you are in a network where you may be targeted by a persistent attacker, it’s unclear if there are side effects or other impacts if this registry key is done.

 

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

Specialist17

Reply | Quote

Windows 11 Malwarebytes: June 2023 Update (KB5027231) prevents Google Chrome from displaying

Updating to June 2023 Update (KB5027231) prevents Google Chrome from displaying after loading. Chrome will be listed in the task manager but you cannot get it to display.

The only thing you can do is quite Malwarebytes….

Reply | Quote

I can’t repro that btw.  I am not using malwarebytes.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

Alex5723

Reply | Quote

Susan Bradley wrote:

I can’t repro that btw.  I am not using malwarebytes.

Nor do I

Reply | Quote

Susan Bradley wrote:

I can’t repro that btw. I am not using malwarebytes.

I can’t repro that, either.  I’m not using Chrome.

Always create a fresh drive image before making system changes/Windows updates; you may need to start over!

We were all once "Average Users". We all have our own reasons for doing the things that we do with our systems, we don't need anyone's approval, and we don't all have to do the same things.

Computer Specs

Reply | Quote

Alex5723 wrote:

Windows 11 Malwarebytes: June 2023 Update (KB5027231) prevents Google Chrome from displaying

This Malwarebytes issue is due to an exploit protection conflict and there is a simple workaround that does not require disabling of Malwarebytes Premium real-time protection or the entire Exploit Protection module. Win 11 users can go to Settings | Security | Exploit Protection | Managed Protected Applications and temporarily turn OFF protection for Google Chrome (and plug-ins) as instructed <here> until a bug fix is released.

Status updates from Malwarebytes staff are being posted in the pinned post at Malwarebytes Exploit Protection Conflict with Google Chrome and a BETA build (v4.5.31.270 with Component Package v1.0.2047 or higher) is already available for testing.
————-
Dell Inspiron 5584 * 64-bit Win 10 Pro v22H2 build 19045.2965 * Firefox v114.0.1 * Microsoft Defender v4.18.23050.3-1.1.23050.3 * Malwarebytes Premium v4.5.30.269-1.0.2037 * Macrium Reflect Free v8.0.7279

3 users thanked author for this post.

Microfix, Alex5723, b

Reply | Quote

UPDATE: From employee msherwood’s pinned thread  Malwarebytes Exploit Protection Conflict with Google Chrome about the temporary fix released today (15-Jun-2023):

“We have released a temporary fix to automatically resolve conflicts with Chrome in Malwarebytes 4 Premium and Teams. The temporary fix will automatically disable anti-exploit protection for Chrome as suggested in the knowledge base article we published yesterday. This is only meant to be a temporary fix so that users are able to launch Chrome again. This patch will automatically roll out to Windows 11 users only via Update package version 1.0.70914 when the product checks for updates – by default this check is performed on an hourly basis …”

In Malwarebytes lingo, the Update package is essentially the latest set of “malware definitions” that is released at least once a day.
————-
Dell Inspiron 5584 * 64-bit Win 10 Pro v22H2 build 19045.2965 * Firefox v114.0.1 * Microsoft Defender v4.18.23050.3-1.1.23050.3 * Malwarebytes Premium v4.5.30.269-1.0.2037 * Macrium Reflect Free v8.0.7279

Reply | Quote

Release notes have been posted <here> for the latest Malwarebytes v4.5.31.270-1.0.2047 product update released today (16-Jun-2023), which should fix the following issues:

• Windows June 2023 Update (KB5027231) prevents Chrome from launching
• Minor bug fixes

I do not have a Win 11 OS and was not affected by this bug so I can’t provide feedback on its effectiveness.
————-
Dell Inspiron 5584 * 64-bit Win 10 Pro v22H2 build 19045.3086 * Firefox v114.0.1 * Microsoft Defender v4.18.23050.5-1.1.23050.3 * Malwarebytes Premium v4.5.30.269-1.0.2037 * Macrium Reflect Free v8.0.7279

1 user thanked author for this post.

Microfix

Reply | Quote

I have just posted the following feedback on the Microsoft instruction webpage, detailing the error in the Registry path on my desktop PC:

I have Windows 11 Pro 22H2 Build 22621.1848
The Registry path given above for W11 22H2 opens as far as
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies
This path contains one subfolder ‘Hardware’. There is no subfolder ‘Microsoft’.

There was no room to add how disgraceful it is to be asking non-techies like me to edit the Registry.

Is this a new all-time low for Microsoft, or am I just a non-techie who can’t read instructions?  I’m beginning to think that their Windows platform is no longer safe for me to use.

3 users thanked author for this post.

Specialist17, Mark, geekdom

Reply | Quote

If you are a home user, this isn’t a risk for you.  Let’s Put this in perspective.

Also the registry keys aren’t there. You have to add several hives.

But yes, the communication is awful.

 

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

Specialist17

Reply | Quote

Susan Bradley wrote:

If you are a home user, this isn’t a risk for you.

Is that a ‘home edition user’ or a ‘home-user’ in general irrespective of edition? (Home or Pro)

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

In my Taskbar …. Open Apps Firefox and Word use to show obvious icon symbols as seen in jpg – Now they’re Blank Squares with Blue Underlines. Anyone else? Fix?
Clk on to view all….

W10 Pro 22H2 / Hm-Stdnt Ofce '16 C2R / HP Envy Desk-Ethernet - SSD-HDD/ i5(8th Gen) 12GB / GP=2 + FtrU=Semi-Annual + Feature Defer = 1 + QU=0

Reply | Quote

Seems to work fine for me.

Also, you notice that I have Malwarebytes and Chrome and Chrome displays as it should. No changes made.

Edition: Microsoft Windows 11 Pro 64-bit
Version: 2009 22H2
Build: 22621.1848
Installed: 6/7/2023 16:36

May the Forces of good computing be with you!

RG

PowerShell & VBA Rule!
Computer Specs

1 user thanked author for this post.

CraigS26

Reply | Quote

But do you have  exploit protection enabled?  https://support.malwarebytes.com/hc/en-us/articles/17571529651475

1. Under Exploit Protection, click Manage protected applications.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

CraigS26

Reply | Quote

May the Forces of good computing be with you!

RG

PowerShell & VBA Rule!
Computer Specs

1 user thanked author for this post.

CraigS26

Reply | Quote

Try rebooting a second time and see if that clears it up?

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

CraigS26

Reply | Quote

CraigS26 wrote:

In my Taskbar …. Open Apps Firefox and Word use to show obvious icon symbols as seen in jpg – Now they’re Blank Squares with Blue Underlines…

Hi CraigS26:

I’ve updated my Win 10 Pro v22H2 to the latest OS Build 1904.3086 and my icons for Firefox v114.0.1 and MS Word 2019 still display normally when these programs are opened.

If a system restart doesn’t fix your blank icons then see the 31-Jan-2023 AskVG! article [Fix] Firefox Showing Blank Unknown File Icon in Windows Taskbar which suggests that unpinning and then re-pinning the icons on your taskbar might fix the problem.  Alternate instructions are provided in that article if the blank icon is not pinned to your taskbar and only appears when the program is running.
————-
Dell Inspiron 5584 * 64-bit Win 10 Pro v22H2 build 19045.3086 * Firefox v114.0.1 * Microsoft Defender v4.18.23050.5-1.1.23050.3 * Malwarebytes Premium v4.5.30.269-1.0.2037 * Macrium Reflect Free v8.0.7279 * MS Office Home and Business 2019 C2R Version 2305 / Build 16501.20196

 

1 user thanked author for this post.

CraigS26

Reply | Quote

um Firefox version 114.0.2 just came out, lmacri
https://www.mozilla.org/en-US/firefox/114.0.2/releasenotes/
-fixes some crashing bugs from FF 114.0 & 114.0.1

Reply | Quote

Microsoft released compatibility updates for Windows 10,11

..KB5027573

KB5027572

KB5027389

KB5027385

The release notes are given below:

KB5027573: Compatibility update for installing and recovering Windows 11, version 22H2: June 13, 2023

Summary

This update makes improvements to the Windows recovery features for Windows 11, version 22H2.

KB5027572: Compatibility update for installing and recovering Windows 11, version 21H2: June 13, 2023

Summary

This update makes improvements to the Windows recovery features for Windows 11, version 21H2.

KB5027389: Compatibility update for installing and recovering Windows 10, version 20H2, 21H2, and 22H2: June 13, 2023

Summary

This update makes improvements to the Windows recovery features for Windows 10, version 20H2, 21H2, and 22H2.

KB5027385: Compatibility update for installing and recovering Windows 10, version 1507: June 13, 2023

Summary

This update makes improvements to the Windows recovery features for Windows 10, version 1507.

The update will be downloaded and installed automatically but users can also choose to manually download the updates from Microsoft catalog..

Reply | Quote

Alex5723 wrote:

Microsoft released compatibility updates for Windows 10,11 …

Alex5723 wrote:

Didn’t get KB5027389…All is well …

Hi Alex5723:

Windows Update did not install the KB5027389 (Compatibility Update for Installing and Recovering Windows 10, Version 20H2, 21H2, and 22H2: June 13, 2023) update on my Win 10 Pro v22H2 laptop during my June 2023 Patch Tuesday updates, which seems to match what your WuMgr image in post # 2566424 shows.

The release notes for KB5027389 indicate that this update replaces KB5012419, but when I enter wmic qfe | find “KB5012419” in an elevated command prompt it shows that KB5012419 is not installed on my system. The release notes for KB5012419 include a bit more detail and state this update “makes improvements to the ‘safe operating system’ (SafeOS) that is used to update the Windows recovery environment (WinRE) for Windows 10, version 20H2, 21H1, and 21H2“.

Does anyone know under what circumstances, if any, that users with a home consumer PC would need to install one of these June 2023 compatibility updates for the Windows Safe OS Dynamic Update system that is described in the support article Update Windows Installation Media with Dynamic Update ?
————-
Dell Inspiron 5584 * 64-bit Win 10 Pro v22H2 build 19045.3086 * Firefox v114.0.1 * Microsoft Defender v4.18.23050.5-1.1.23050.3 * Malwarebytes Premium v4.5.30.269-1.0.2037 * Macrium Reflect Free v8.0.7279

1 user thanked author for this post.

Alex5723

Reply | Quote

Windows 10 22H2. Now 19045.3086

Didn’t get KB5027389: Compatibility update for installing and recovering Windows 10, version 20H2, 21H2, and 22H2: June 13, 2023

All is well

* There are complains that ‘clean up’ step takes more than half an hour. Mine took 2 min.

2 users thanked author for this post.

lmacri, geekdom

Reply | Quote

Hi Susan:

Windows Update successfully installed the following June 2023 Patch Tuesday updates on my Win 10 Pro v22H2 laptop and I haven’t noticed any negative effects so far:

• KB5027215: 2023-06 Cumulative Update for Win 10 Version 22H2 for x64 (OS Build 19045.3086)
• KB5027538: 2023-06 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Win 10 Version 22H2 for x64
• KB5027797: 2023-06 .NET 6.0.18 Update for x64 Client
• KB890830 : Windows Malicious Software Removal Tool x64 – v5.114

I only noticed one minor glitch during the update process. As soon as the KB5027538 update for my MS .NET Framework finished installing Windows Update prompted me to “Restart Now“, even though the KB5027215 cumulative update for my Win 10 OS had not finished installing (see attached image). However, I see this every time a MS .NET Framework update is delivered on a Patch Tuesday (see my 24-Feb-2023 post # 2536955 for one example) so I just waited until Windows Update finished installing the cumulative update before I restarted my system.
————-
Dell Inspiron 5584 * 64-bit Win 10 Pro v22H2 build 19045.3086 * Firefox v114.0.1 * Microsoft Defender v4.18.23050.5-1.1.23050.3 * Malwarebytes Premium v4.5.30.269-1.0.2037 * Macrium Reflect Free v8.0.7279

4 users thanked author for this post.

Coldheart9020, Microfix, DrBonzo, geekdom

Reply | Quote

EricW wrote:

KB5028407/CVE-2023-32019: is the average non-computer-savvy Windows user expected to make registry changes?

No. Wait for Microsoft to enable the fix.

KB5028407: How to manage the vulnerability associated with CVE-2023-32019

An authenticated user (attacker) could cause an information disclosure vulnerability in Windows Kernel. This vulnerability does not require administrator or other elevated privileges…

Successful exploitation of this vulnerability requires an attacker to coordinate the attack with another privileged process that is run by another user in the system…

IMPORTANT The resolution described in this article introduces a potential breaking change. Therefore, we are releasing the change disabled by default with the option to enable it. In a future release, this resolution will be enabled by default. We recommend that you validate this resolution in your environment. Then, as soon as it is validated, enable the resolution as soon as possible…

Reply | Quote

Microsoft: enabling KB5028407’s security patch could break something, but we won’t tell you what

Reply | Quote

lmacri wrote:

Windows Update prompted me to “Restart Now“

Its a known bug. Use WUngr for updates.

Reply | Quote

CraigS26 wrote:

In my Taskbar …. Open Apps Firefox and Word use to show obvious icon symbols as seen in jpg – Now they’re Blank Squares with Blue Underlines. Anyone else? Fix?
Clk on to view all….

Sorry I’m late with this but Thanks to all for the suggestions.
As is often the case, something fixed it while I was away and all is well. Mbam Exploit Chrome WAS Chk’d …. Maybe re-starts?

W10 Pro 22H2 / Hm-Stdnt Ofce '16 C2R / HP Envy Desk-Ethernet - SSD-HDD/ i5(8th Gen) 12GB / GP=2 + FtrU=Semi-Annual + Feature Defer = 1 + QU=0

Reply | Quote

Hey,

Anyone seeing issues with older .NET web applications?

We have 2 in-house built webapps that were giving ‘HTTP Error 503. The service is unavailable.’ after their Win2019 hosts had been patched.
After removing the 2023-06 .NET Framework patch (KB5027124), it’s OK again.

And the same issue on an older webapp still running on Win2012R2. After removing KB5027141 for .NET Framework 3.5, it’s working again.

I know there’s a known issue for importing X.509 certificates, but this doesn’t sound related.
I’m about to open a support case for this with Microsoft.

Edit: looks like the process serving the application pool is suffering a fatal communication error with the Windows Process Activation Service. After a few retries it’s disabled.
I collected crashdumps with DebugDiag and shared them with MS.

1 user thanked author for this post.

nelsonhd87

Reply | Quote

Replying to my own message as MS gave me the feedback I needed:

It’s due to a bug in CLR (component of .NET) and the presence of a Dynatrace agent (or other profiler).
For now the solution is to remove the .NET patch, or to remove the profiler. But a fix is being worked on.

2 users thanked author for this post.

nelsonhd87, geekdom

Reply | Quote

.NET (Framework and Core) got myriad of OOB updates to fix X509Certificate thing

KB5028608 Change in how .NET Framework runtime imports X.509 Certificates

2 users thanked author for this post.

Microfix, PKCano

Reply | Quote

See #2568265 for information on Win7 and Win8.1 .NET Framework OOB updates.
(Logged in Member access required).

1 user thanked author for this post.

SueW

Reply | Quote

Is this something a humble home user needs to be concerned with? I have no idea what an X509Certificate is.

Reply | Quote

It applies to versions from Win7 to Win11. See @abbodi86 ‘s link.
If you are using an application that requires .NET Framework versions 4.6 – 4.7.2 and/or 4.8, it might affect you.

1 user thanked author for this post.

DrBonzo

Reply | Quote

I’ve only see it hit in business/self built applications.

Not seeing any issues at home or at the office.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

DrBonzo

Reply | Quote

The June updates for Office 2013 seem to be missing from the latest (June 27th) updates list, which still lists the May updates.

I’ve received the updates below to install. I’ve checked for any possible alerts about them elsewhere on the net, but find nothing, so should I assume these are OK?

• KB5002414 — Security Update for Microsoft Excel 2013
• KB5002382 — Security Update for Microsoft Outlook 2013

Many thanks for any help on these.

 

Reply | Quote

My apologies I could have sworn I updated that section.  When there are .NET updates they suck the lifeblood out of me.

I have not seen side effects from these updates:

Excel 2013	Description of the security update for Excel 2013: June 13, 2023 (KB5002414)
Outlook 2013	Description of the security update for Outlook 2013: June 13, 2023 (KB5002382)
Visio 2013	June 6, 2023, update for Visio 2013 (KB5002343)

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

ceruleandaze

Reply | Quote

Thanks very much, Susan.

All set to install the June updates!

Reply | Quote

June update on the first of my three Win10 computers bodes ill for the next two.  Too exhausted to do those this week!

It was helpful to include instructions for the Repair install.  That turned out to be critical but it was not the end of the story.

After going through that process (lengthy but not difficult).  A new problem arose that required restoring from the latest image.  After all was complete (an overnight effort) the “Check For Updates” reported that the June updates had NOT been done by the Repair Install (THAT was new).

After the updates were finally done (surprisingly, they actually worked this time; I’d guess the Repair Install did some good) everything was going smoothly until the next day a blue screen of death appeared during the busy time trying to catch up on all the time lost with the update.  Amazingly, the system recovered from that without intervention and might be OK now although only time will tell.

This stuff is resembling witchcraft more and more every year.

Windows 11, you ask? Not in this lifetime, sister.

1 user thanked author for this post.

geekdom

Reply | Quote

Is it safe to install KB5027119?

Reply | Quote