News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Reported crash with the new out-of-band IE fix on Win7, KB 4483187

    Home Forums AskWoody blog Reported crash with the new out-of-band IE fix on Win7, KB 4483187

    This topic contains 58 replies, has 22 voices, and was last updated by  anonymous 2 months ago.

    • Author
      Posts
    • #241499 Reply

      woody
      Da Boss

      Remember yesterday, when I warned you that these extreme out-of-band patches have a nasty habit of causing havoc? Reports of problems with the patches
      [See the full post at: Reported crash with the new out-of-band IE fix on Win7, KB 4483187]

    • #241501 Reply

      Hopper15
      AskWoody Lounger

      You definitely warned us.  I’m glad I held off.

    • #241503 Reply

      woody
      Da Boss

      P.S. This is exactly the kind of report I expect to issue with AskWoody Plus Alerts, once we have the mechanism in place. The Alert would contain the same content as this post, but I can update the AskWoody post as events unfold.

      3 users thanked author for this post.
    • #241508 Reply

      PKCano
      Da Boss

      My XP VM is running Avast Free. This morning I installed KB4483187 for IE8 on it. Avast crashed – service would not start.

      I uninstalled KB4483187 – did not fix the problem.
      I downloaded and installed the current Avast installer (did not uninstall first) – Avast still crashed.
      System Restore did not run (not surprised).
      There are few AV programs that still run on XP. I will replace the VM with a backup and try several other things. Will report back with the results. I suspect it may be the javascript changes. Maybe Avast will fix the problem.

      Edit: See update below.

      • This reply was modified 3 months, 4 weeks ago by
         PKCano.
      8 users thanked author for this post.
      • #241512 Reply

        geekdom
        AskWoody Plus

        I wonder if there will be problems with all non-Microsoft anti-virus programs.

        Group G{ot backup} Win7Pro · x64 · SP1 · i3-3220 · TestBeta
      • #241574 Reply

        warrenrumak
        AskWoody Plus

        Far as I’m aware, this patch was only released for Embedded Standard 2009 and POSReady 2009.  Are you trying to apply a patch meant for Windows Embedded onto a standard Windows XP system?  If so, that’s probably why you’re having a problem.

        1 user thanked author for this post.
        • #241576 Reply

          PKCano
          Da Boss

          No, I did the hack.

          1 user thanked author for this post.
      • #241597 Reply

        AJNorth
        AskWoody Plus

        Hello PKCano,

        Someone called me earlier today with essentially the same problem.  Cutting to the chase, I had them first uninstall KB4483187; then uninstall Avast using their Uninstall Utility (https://support.avast.com/en-us/article/10) and finally, as they still had their installation disc, run SFC.EXE /SCANNOW (which completed successfully).

        Instead of reinstalling Avast, Adaware Antivirus Free was installed, and everything seems to be working okay in the virtual XP.

        4 users thanked author for this post.
        • #241632 Reply

          AJNorth
          AskWoody Plus

          EDIT:

          Forgot to mention that all the XP security updates were successfully installed (including KB4471328).

      • #241600 Reply

        PKCano
        Da Boss

        UPDATE   UPDATE   UPDATE

        Originally, Avast and Windows both updated.

        Rolled VM back to installed November updates. Uninstalled Avast. Ran Windows Update for Dec. XP runs fine with both KB4470199 and the 12/19 update KB4470199. Downloaded and installed the latest version of Avast – install did not work. Showed installed in “Add/Remove Programs'” and folder created in C:\Programs,  but no icon in the tray, no menu item, no icon on the desktop.

        Rolled VM back to installed November updates again. Allowed Avast to update the definitions and the engine. It was not successful, the service did not start, even without the Dec Win updates applied.

        Rolled VM back to installed November updates again. This time Avast updated the definitions but I did not allow it to update the engine. So far, so good. Installed KB4470199 manually, rebooted, still good. Installed the rest of the XP Dec updates including KB4470199, rebooted, everything still good.

        Conclusion: The December Windows Updates for XP are good. Avast runs on XP as long as the engine is not updated to the latest version.
        The EOL of the EOL of XP is about to expire in Jan 2019. Looks like it is about time to retire the XP VM.

        5 users thanked author for this post.
        • #241670 Reply

          BusinessSellCanada
          AskWoody Lounger

          PKCano … I run Win XP on a computer (actual – not virtual) with the registry tweak for POSReady2009 so that it gets all of the MS patches … and I’ve found that I can’t get AVAST to run with the engine above 18.3.  I kick myself every time I try to update the AVAST engine past that – both as an in-place engine update or as a full A/V install/re-install.  The AVAST UI service won’t start/run and the program says it doesn’t know why.  Trying System Restores and the uninstall/re-install of AVAST doesn’t seem to fix the problem.  The only thing that works is to use a Macrium Reflect image to image restore the whole harddrive to its original state.  I’ve decided that I can happily end my XP days with the AVAST 18.3 engine, which runs just fine and of course still gets AntiVirus signature updates.

          1 user thanked author for this post.
          • #241673 Reply

            PKCano
            Da Boss

            @ajnorth says Adaware Antivirus Free will run without a problem. See his post above in this thread.

            1 user thanked author for this post.
            • #241717 Reply

              anonymous

              Is there a version of this update for the standard Windows XP home version (not XP VM or XP Embedded)?  If so, how do you find it?

              I know standard XP went out of support years ago, but Microsoft has issued a few sporadic patches for bigger issues impacting standard XP since then.

            • #241721 Reply

              PKCano
              Da Boss

              The patches for POSReady are listed on the Microsoft Software Distribution pages, but I don’t believe they work on XP Standard.

    • #241514 Reply

      anonymous

      hmm… anyone else seen this issue with Windows 10 as well? We have had over a dozen users in the last 24 hours say their machines keep randomly restarting for no known reason!

      1 user thanked author for this post.
      • #241517 Reply

        Microfix
        Da Boss

        Which version(s) of W10 are you reporting?
        Do they have common denominator 3rd party AV or program?

        | W8.1 Pro x64 | Linux x64 Hybrids | W7 Pro x86 | XP Pro O/L
        • #241520 Reply

          geekhelptx
          AskWoody Lounger

          They all run Malwarebytes’ and Windows Defener
          They all seem to be on 10.0.17134.471

          • #241526 Reply

            Microfix
            Da Boss

            Welcome to the forum 🙂
            Have you tried disabling malwarebytes on one system to establish whether it could cause the reboots after applying the IE patch?

            | W8.1 Pro x64 | Linux x64 Hybrids | W7 Pro x86 | XP Pro O/L
            1 user thanked author for this post.
            • #241530 Reply

              geekhelptx
              AskWoody Lounger

              I have not had a chance… the machines literally reboot 2 or 3 times withing 20 minutes and then run normal after than so far.

              1 user thanked author for this post.
            • #241854 Reply

              geekhelptx
              AskWoody Lounger

              Finally figuring it out after a few days of being able to access the user’s machines.  On Windows 10, KB4483234 is the culprit.  It is failing to install and forcing a system reboot.  Then again failing to install and forcing a system reboot… repeat pattern…  Manually running updates has forced the install on 3 machines so far an this seems to correct the issue I was seeing.

              2 users thanked author for this post.
            • #241855 Reply

              Microfix
              Da Boss

              Thanks for the bootloop report,
              good to read you got it sorted.
              A festive unwanted gift from satya claus?

              Looks like this is happening elsewhere also, iceman994 on reddit:
              https://www.reddit.com/r/Windows10/comments/a8d1it/new_issue_with_2018_december_21st_update/

              | W8.1 Pro x64 | Linux x64 Hybrids | W7 Pro x86 | XP Pro O/L
              • This reply was modified 3 months, 3 weeks ago by
                 Microfix.
    • #241542 Reply

      Geo
      AskWoody Plus

      Group A ,W7x64, home premium ,  AMD.    MSE and ADW cleaner.  I only use IE for updates the rest of the time I use Firefox.  No problems so far.

      • This reply was modified 3 months, 4 weeks ago by
         Geo.
      • This reply was modified 3 months, 4 weeks ago by
         Geo.
      • This reply was modified 3 months, 4 weeks ago by
         Geo.
    • #241549 Reply

      Speccy
      AskWoody Lounger

      At this point, no further details are publicly available regarding the vulnerability itself, but one could speculate that CVE-2018-8653 might very well be a revised, more thorough (or complementing) revision of the CVE-2018-8643 patch.

      If that is true, these kind of vulnerabilities seem to be exploiting (and bypassing) VBScript execution policies and the root cause of the reported crashes might, indeed, be a conflict between the updated libraries and third-party applications that are using the IE engine for rendering web content.

      In David’s case, apparently, that third-party culprit would either be Chrome (is he using the latest version?) or – more likely, especially after reading PKCano’s post – the AV (Bitdefender)…

      2 users thanked author for this post.
      • #241581 Reply

        David Beroff
        AskWoody Lounger

        My Chrome install uses the correct version 71.0.3578.98 (64-bit).  As for AV, I may not have been sufficiently clear in my earlier reply: I had to uninstall Bitdefender before any of this started.  I just double-checked now, and I couldn’t find any lingering services or processes from them.  Also, two of the five (or more?) crashes occurred before I even got a chance to start Chrome, i.e., very early in the bootup sequence.

        Still not a great sample size, but it’s now been a few hours without any crashes.

        Thank you, all, for your help and interest.

        3 users thanked author for this post.
        • #242161 Reply

          David Beroff
          AskWoody Lounger

          After a few days, my mean time between failures is about one day.  Admittedly, daily is better than hourly, but I’m still obviously not happy.  I did uninstall and hide KB4483187 that same day, although that doesn’t seem to have been enough, as this system used to be rock solid, and this Windows Update (and subsequent reversal) is literally the only thing that’s recently changed.  I did see that Windows created a Restore Point just before the installation; would that be of any help?  (I’ve never used those, as I really would prefer to not have to re-install everything on this machine.)  I’d be happy to delete MSIE if this was possible; it seems to be at the root of many issues, despite my never using it.  As mentioned before, the last time I had crashing issues, I’d narrowed it down to Google’s Backup and Sync, but again, that’s not running when these crashes occur.  Thanks in advance!

          1 user thanked author for this post.
          • #242197 Reply

            anonymous

            @david-beroff said:

            …I did see that Windows created a Restore Point just before the installation; would that be of any help?…

            Yes, that should restore your system back to the way it was immediately before the installation of KB4483187. That’s why Windows does these things: In the event something goes awry you’ll have a “fail-safe” place to fall back to. Or, at least you should if everything went well with the establishment of the restore point and you haven’t deleted any software that was already installed at the moment the restore point was created, from what I understand of the way restore points are supposed to work.

            • #244027 Reply

              David Beroff
              AskWoody Lounger

              Yeah, except that the Restore Point from the 20th doesn’t seem to actually be there. 🙁  Yes, permissions are set to allow them to happen, and yes, there is plenty of disk space configured and available.  An unrelated install created one on the 30th, but of course, that doesn’t help me.  Great; the one time I actually want/need such a facility, and it’s not available.  {sigh}

              On the plus side, random crashing has gone from daily to “only” once or twice a week.

              Is there any way to look at the logs and actually see what’s happening at the time it crashes?

    • #241553 Reply

      anonymous

      Well, Microsoft announced a well deserved holiday, so don’t expect any solutions soon

    • #241601 Reply

      woody
      Da Boss

      Not only has the KB article been surreptitiously updated (incorrectly, it turns out), but there’s speculation now that the security hole was introduced by the November or December updates.

      More coming tomorrow in Computerworld.

      10 users thanked author for this post.
      • #241604 Reply

        geekdom
        AskWoody Plus

        Unless Beta Testing leave it alone?

        Group G{ot backup} Win7Pro · x64 · SP1 · i3-3220 · TestBeta
      • #241605 Reply

        Mr. Natural
        AskWoody Plus

        Facepalm

        Red Ruffnsore reporting from the front lines.

        1 user thanked author for this post.
    • #241610 Reply

      BobbyB
      AskWoody Lounger

      Patch in haste repent at leisure having the usual sabaticle from patching until next year, hopefully New year new improved patching regime, he says in hope but not in expectation 😉

      1 user thanked author for this post.
    • #241611 Reply

      rontpxz81
      AskWoody Lounger

      I installed KB 4483187 on Win 7 64 bit this morning and no problems yet.  Don’t have Avast, but ran a few other programs and no crashes.

    • #241648 Reply

      Bill C.
      AskWoody Plus

      Win7Pro-64_SP1 here, Group B, with all November patches applied w/o issues.
      Boy am I glad I always check here first when I get that feeling to patch a “serious” problem. I was going to install the IE updates. Saved again. BobbyB got it right in post #241610, “Patch in haste repent at leisure.”

      Probably unrelated, but on my machine on December 15th, Malwarebytes Premium threw the first of 3 errors regarding crashes at shutdown that involved ntdll.dll and mbamservice.exe. This is transparent unless you look at the logs or Action Center. Last night MB itself reported that the Webprotection Module was turned off. The issue is documented on their forum. Interestingly a colleague who is unpatched since May, also reported the MB issue.

      I know Group B patching is NOT cumulative, but are out of band fixes included in the next Security Only (Group B) IE patch (cumulative) or the monthly Group B patch the following month.

      • #241649 Reply

        PKCano
        Da Boss

        The IE11 patches are cumulative. The out-of-band patch this month superseded the Patch Tuesday IE11 Update. And the Jan IE11 CU will contain KB4483187.

        5 users thanked author for this post.
        • #309937 Reply

          anonymous

          I did install KB 4480970 (monthly rollup; w7 32bit, https://support.microsoft.com/en-us/help/4480970) this weekend bit in release notes cannot find if kb4483187 is included?

          • #309971 Reply

            PKCano
            Da Boss

            The chain of supersedence is through the IE11 CUs. 2019-01 IE11 CU KB4480965 replaces 2018-12 IE11 CU KB4483187. Since the 2019-01 SMQR contains the Jan IE11 CU, then CU KB4483187 is replaced by the Jan CU KB4480970.

            Er, you got that, right?

            • #310007 Reply

              anonymous

              Thank you!

      • #241658 Reply

        AJNorth
        AskWoody Plus

        FWIW, am also running MWB Premium on Win 7 Pro x64, but have not experienced any of the issues that you have related (at least so far…). The machine was fully patched about twenty-eight hours ago (“Group B”).

        1 user thanked author for this post.
    • #241677 Reply

      anonymous

      I’m not sure this fits here but seems related. I don’t use IE but some programs default to it and start it if you click help or info/about. When that happens I just close IE. It hasn’t happened in a while.

      I’m in group A and never install updates until given the go ahead. I have left my settings at check for updates but let me decide.

      This morning I was in an online game and had to leave the room for a bit. Windows rebooted when I was away and I couldn’t find a cause. I was checking things when it rebooted again. I ran malwarebytes and my virus scanner in safe mode and after I rebooted to normal mode. Everything was okay. I even scanned with stinger but found nothing.

      Tonight the computer seems okay but i have noticed several windowsupdatefailure3 events in event viewer. Could WU have caused the problems?

    • #241686 Reply

      anonymous

      My Windows 2008 R2 Server would not start after applying update above KB4483187. Please hold onto installing it. Having still a headache to bring the server back to life 🙁

      3 users thanked author for this post.
    • #241852 Reply

      anonymous

      Installed this fix on Win 7 32-bit SP1 and no problems.  Use Microsoft antivirus s/w so may explain things.  So far so good.

    • #242069 Reply

      OldBiddy
      AskWoody Lounger

      Chrome is my default browser and I haven’t used IE in years. But I wonder how is IE “woven into windows” even if you never use it? How does it impact the OS? I run Win 7, x64, Group A.

      • #242086 Reply

        anonymous

        Some of the behind-the-scenes files and methods that IE uses to display items on a web page are also used by Windows Explorer to display items on your computer.

        Also, if you look into file associations, you might notice that IE is listed as the go-to program for displaying certain file types, despite your use/choice of Chrome as your default browser for the internet.

        BTW I’m running Win7 SP1 x64. I doubt that there’s any difference between home, pro or any other version (enterprise, starter, etc.) when it comes to file associations.

        The above concept makes for a very good reason to keep IE updated with the current security patch(es) when we get the go-ahead by the raising of the MS-DEFCON level to 3 or higher.

        We’re currently at level 2 so, if you haven’t downloaded and installed it already, please don’t download and install the patch just yet. By the time we get the go-ahead, MS may have a newer version of the patch available that won’t crash anyone’s system. Stay tuned here to AskWoody for the latest info on the status of the IE out-of-band patch, and whether it’s safe to install or not.

        4 users thanked author for this post.
        • #242341 Reply

          OldBiddy
          AskWoody Lounger

          Thank you for this helpful response and advice, Anonymous. Succinct and comprehensible and I see why it’s important to keep IE updated. It’s really more than just a browser. Will definitely wait til Woody gives the go ahead before installing any patches though.

    • #242367 Reply

      anonymous

      Win 7 64 crashed on me a day after installing this. I don’t use IE. Could not boot up normally after that, crashed during boot. Booted into safe mode and did a restore to before the update and things have been working fine since.

      • #242376 Reply

        geekdom
        AskWoody Plus

        What is your anti-virus software?

        Group G{ot backup} Win7Pro · x64 · SP1 · i3-3220 · TestBeta
    • #244040 Reply

      OscarCP
      AskWoody Plus

      It is already the 3rd of January as I write this: Are there any further news about this problem? Would it be a good idea not to install the December IE patch now, but wait until late in January, in case of a possible out-of-band “re-patch” becoming available before or as late as then? Thanks.

      • #244050 Reply

        OscarCP
        AskWoody Plus

        As a follow-on to the above question: I have KB 4483187 (some 50+ Mb) offered through Windows Update. I usually update as Group B. Should I ignore the offered update and download it instead from the Catalogue, or is it the other way around? I remember that something about this was advised some time ago, but now am not sure exactly what that advice was. Thanks.

        Group B, Windows 7 Pro, SP1 x64; I-7 “sandy bridge.”

    • #244127 Reply

      OscarCP
      AskWoody Plus

      PKCano, Microfix and TSP: Thanks, you three, for your comments. I have just installed all the December updates (a total of 14 patches!, twelve of those offered by Windows Update and that have been declared OK in the Master Patch List, plus the Security Only and IE11 patches from the Catalogue) And all seems well.

      Although here is a thought for others who might also read this: Your mileage might vary, depending on what you have installed in your machine and what you do with it. I have noticed, for example, that people who do unusual things also seem to have unusual problems after patching. What is “unusual”, you might ask? That question is next in non-answerability to “what is truth?” You know who you are.

      Group B, Windows 7 Pro, SP1, x64, I-7 “sandy bridge.”

    • #244176 Reply

      anonymous

      I have two Windows 7 computers – both would lock up shortly after booting after the Dec. 11 (+/-) update.  I was able to get them both stable again with a System Restore back to an early restore point.  Then the IE update came out.  One computer I had turned off.  The other got the update.  That computer would only go to the BIOS screen.  I created a System Repair disk, the allowed me to get to a Command Prompt.  My C: drive could not be accessed (“Access Denied”).  My D: and E: drives were accessible.  The only way I have been able to get access to the C: drive contents was using a RAM based DVD ISO installation of Linux.  From there I was able to get the files I wanted.  However, it requires a complete new Windows ISO install.  Will probably upgrade to Windows 10.  Was using Windows 7 due to the elimination of WMC in Windows 10.  No help from the Microsoft techs via chat other than getting me an ISO copy of Windows 7.  Pretty pathetic.

    • #310504 Reply

      EP
      AskWoody_MVP

      It looks like installing the KB4483187 IE update does finally prevent Windows Update from offering old IE11 security updates like KB3185319, KB3175443. etc. (after I uninstalled KB3185319 from my Win7 & 8.1 computers) 🙂

      However KB4483187 will STILL be offered from Windows Update, even though KB4480965 IE update, KB4480960 for Win7 or KB4480964 for Win8.1 is installed. I don’t know why…

      • This reply was modified 3 months ago by
         EP.
      1 user thanked author for this post.
      • #310538 Reply

        columbia2011
        AskWoody Plus

        Because of KB4483187 is cumulative Security Update for Internet Explorer 11 for Windows 7 for x64-based systems and consists of all previous IE updates.

        1 user thanked author for this post.
      • #323216 Reply

        anonymous

        Here it is Feb 9 and WU is still offering me KB4483187 on W7/32 even though I have KB4480960 installed.

        In the MS catalog it states that KB4483187 is included in KB4480960 (and as it is cumulative, it should), but WU is not picking that up. Rebooting and then manually checking for updates after KB4480960 is installed does not make KB4483187 go away, it gets re-offered via WU.

        User intervention (e.g. hide it) seems appropriate. However, one has to wonder if the KB4483187 shown as incorporated in KB4480960 is the same (code wise or it has a different release date) as the one that WU has on offer. I understand that the release date associated with a specific KB number is a criteria for WU when determining what a user should receive.

        • #323225 Reply

          PKCano
          Da Boss

          KB4480960 is the January Security-only Update for Win7. It is NOT cumulative. It does NOT contain KB4483187, which is a Dec CU for IE11.

          • #326044 Reply

            anonymous

            You are correct. My apologies. I meant the rollup. I used the wrong KB number.

            Microsoft states that Users can confirm they are protected by verifying that the version of
            jscript.dll is 5.8.9600.19230, in C:\Windows\System32\jscript.dll

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Reported crash with the new out-of-band IE fix on Win7, KB 4483187

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information:


    Comments are closed.