![]() |
MS-DEFCON 2:
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it.
|
-
Reported crash with the new out-of-band IE fix on Win7, KB 4483187
Home › Forums › AskWoody blog › Reported crash with the new out-of-band IE fix on Win7, KB 4483187
Tagged: Internet Explorer, KB 4483187
This topic contains 58 replies, has 22 voices, and was last updated by
anonymous 10 months ago.
-
AuthorPosts
-
Remember yesterday, when I warned you that these extreme out-of-band patches have a nasty habit of causing havoc? Reports of problems with the patches
[See the full post at: Reported crash with the new out-of-band IE fix on Win7, KB 4483187]13 users thanked author for this post.
-
You definitely warned us. I’m glad I held off.
-
-
My XP VM is running Avast Free. This morning I installed KB4483187 for IE8 on it. Avast crashed – service would not start.
I uninstalled KB4483187 – did not fix the problem.
I downloaded and installed the current Avast installer (did not uninstall first) – Avast still crashed.
System Restore did not run (not surprised).
There are few AV programs that still run on XP. I will replace the VM with a backup and try several other things. Will report back with the results. I suspect it may be the javascript changes. Maybe Avast will fix the problem.Edit: See update below.
-
I wonder if there will be problems with all non-Microsoft anti-virus programs.
Group G{ot backup} TestBeta On hiatus.
Win7Pro · x64 · SP1 · i3-3220 · RAM 8GB · Firefox: uBlock Origin - NoScript · HDD · Canon Printer · Microsoft Security Essentials · Windows: Backup - System Image - Rescue Disk - Firewall -
Far as I’m aware, this patch was only released for Embedded Standard 2009 and POSReady 2009. Are you trying to apply a patch meant for Windows Embedded onto a standard Windows XP system? If so, that’s probably why you’re having a problem.
1 user thanked author for this post.
-
Hello PKCano,
Someone called me earlier today with essentially the same problem. Cutting to the chase, I had them first uninstall KB4483187; then uninstall Avast using their Uninstall Utility (https://support.avast.com/en-us/article/10) and finally, as they still had their installation disc, run SFC.EXE /SCANNOW (which completed successfully).
Instead of reinstalling Avast, Adaware Antivirus Free was installed, and everything seems to be working okay in the virtual XP.
4 users thanked author for this post.
-
EDIT:
Forgot to mention that all the XP security updates were successfully installed (including KB4471328).
-
-
UPDATE UPDATE UPDATE
Originally, Avast and Windows both updated.
Rolled VM back to installed November updates. Uninstalled Avast. Ran Windows Update for Dec. XP runs fine with both KB4470199 and the 12/19 update KB4470199. Downloaded and installed the latest version of Avast – install did not work. Showed installed in “Add/Remove Programs'” and folder created in C:\Programs, but no icon in the tray, no menu item, no icon on the desktop.
Rolled VM back to installed November updates again. Allowed Avast to update the definitions and the engine. It was not successful, the service did not start, even without the Dec Win updates applied.
Rolled VM back to installed November updates again. This time Avast updated the definitions but I did not allow it to update the engine. So far, so good. Installed KB4470199 manually, rebooted, still good. Installed the rest of the XP Dec updates including KB4470199, rebooted, everything still good.
Conclusion: The December Windows Updates for XP are good. Avast runs on XP as long as the engine is not updated to the latest version.
The EOL of the EOL of XP is about to expire in Jan 2019. Looks like it is about time to retire the XP VM.-
PKCano … I run Win XP on a computer (actual – not virtual) with the registry tweak for POSReady2009 so that it gets all of the MS patches … and I’ve found that I can’t get AVAST to run with the engine above 18.3. I kick myself every time I try to update the AVAST engine past that – both as an in-place engine update or as a full A/V install/re-install. The AVAST UI service won’t start/run and the program says it doesn’t know why. Trying System Restores and the uninstall/re-install of AVAST doesn’t seem to fix the problem. The only thing that works is to use a Macrium Reflect image to image restore the whole harddrive to its original state. I’ve decided that I can happily end my XP days with the AVAST 18.3 engine, which runs just fine and of course still gets AntiVirus signature updates.
1 user thanked author for this post.
-
-
anonymousIs there a version of this update for the standard Windows XP home version (not XP VM or XP Embedded)? If so, how do you find it?
I know standard XP went out of support years ago, but Microsoft has issued a few sporadic patches for bigger issues impacting standard XP since then.
-
The patches for POSReady are listed on the Microsoft Software Distribution pages, but I don’t believe they work on XP Standard.
-
-
-
-
-
anonymoushmm… anyone else seen this issue with Windows 10 as well? We have had over a dozen users in the last 24 hours say their machines keep randomly restarting for no known reason!
1 user thanked author for this post.
-
Which version(s) of W10 are you reporting?
Do they have common denominator 3rd party AV or program?********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********
-
They all run Malwarebytes’ and Windows Defener
They all seem to be on 10.0.17134.471-
Welcome to the forum 🙂
Have you tried disabling malwarebytes on one system to establish whether it could cause the reboots after applying the IE patch?********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********
1 user thanked author for this post.
-
I have not had a chance… the machines literally reboot 2 or 3 times withing 20 minutes and then run normal after than so far.
1 user thanked author for this post.
-
Finally figuring it out after a few days of being able to access the user’s machines. On Windows 10, KB4483234 is the culprit. It is failing to install and forcing a system reboot. Then again failing to install and forcing a system reboot… repeat pattern… Manually running updates has forced the install on 3 machines so far an this seems to correct the issue I was seeing.
-
Thanks for the bootloop report,
good to read you got it sorted.
A festive unwanted gift from satya claus?Looks like this is happening elsewhere also, iceman994 on reddit:
********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********
-
-
-
-
-
Group A ,W7x64, home premium , AMD. MSE and ADW cleaner. I only use IE for updates the rest of the time I use Firefox. No problems so far.
-
At this point, no further details are publicly available regarding the vulnerability itself, but one could speculate that CVE-2018-8653 might very well be a revised, more thorough (or complementing) revision of the CVE-2018-8643 patch.
If that is true, these kind of vulnerabilities seem to be exploiting (and bypassing) VBScript execution policies and the root cause of the reported crashes might, indeed, be a conflict between the updated libraries and third-party applications that are using the IE engine for rendering web content.
In David’s case, apparently, that third-party culprit would either be Chrome (is he using the latest version?) or – more likely, especially after reading PKCano’s post – the AV (Bitdefender)…
2 users thanked author for this post.
-
My Chrome install uses the correct version 71.0.3578.98 (64-bit). As for AV, I may not have been sufficiently clear in my earlier reply: I had to uninstall Bitdefender before any of this started. I just double-checked now, and I couldn’t find any lingering services or processes from them. Also, two of the five (or more?) crashes occurred before I even got a chance to start Chrome, i.e., very early in the bootup sequence.
Still not a great sample size, but it’s now been a few hours without any crashes.
Thank you, all, for your help and interest.
-
After a few days, my mean time between failures is about one day. Admittedly, daily is better than hourly, but I’m still obviously not happy. I did uninstall and hide KB4483187 that same day, although that doesn’t seem to have been enough, as this system used to be rock solid, and this Windows Update (and subsequent reversal) is literally the only thing that’s recently changed. I did see that Windows created a Restore Point just before the installation; would that be of any help? (I’ve never used those, as I really would prefer to not have to re-install everything on this machine.) I’d be happy to delete MSIE if this was possible; it seems to be at the root of many issues, despite my never using it. As mentioned before, the last time I had crashing issues, I’d narrowed it down to Google’s Backup and Sync, but again, that’s not running when these crashes occur. Thanks in advance!
1 user thanked author for this post.
-
anonymous@david-beroff said:
…I did see that Windows created a Restore Point just before the installation; would that be of any help?…
Yes, that should restore your system back to the way it was immediately before the installation of KB4483187. That’s why Windows does these things: In the event something goes awry you’ll have a “fail-safe” place to fall back to. Or, at least you should if everything went well with the establishment of the restore point and you haven’t deleted any software that was already installed at the moment the restore point was created, from what I understand of the way restore points are supposed to work.
-
Yeah, except that the Restore Point from the 20th doesn’t seem to actually be there. 🙁 Yes, permissions are set to allow them to happen, and yes, there is plenty of disk space configured and available. An unrelated install created one on the 30th, but of course, that doesn’t help me. Great; the one time I actually want/need such a facility, and it’s not available. {sigh}
On the plus side, random crashing has gone from daily to “only” once or twice a week.
Is there any way to look at the logs and actually see what’s happening at the time it crashes?
-
-
-
-
-
anonymousWell, Microsoft announced a well deserved holiday, so don’t expect any solutions soon
-
Not only has the KB article been surreptitiously updated (incorrectly, it turns out), but there’s speculation now that the security hole was introduced by the November or December updates.
More coming tomorrow in Computerworld.
10 users thanked author for this post.
-
Unless Beta Testing leave it alone?
Group G{ot backup} TestBeta On hiatus.
Win7Pro · x64 · SP1 · i3-3220 · RAM 8GB · Firefox: uBlock Origin - NoScript · HDD · Canon Printer · Microsoft Security Essentials · Windows: Backup - System Image - Rescue Disk - Firewall -
-
-
I installed KB 4483187 on Win 7 64 bit this morning and no problems yet. Don’t have Avast, but ran a few other programs and no crashes.
-
Win7Pro-64_SP1 here, Group B, with all November patches applied w/o issues.
Boy am I glad I always check here first when I get that feeling to patch a “serious” problem. I was going to install the IE updates. Saved again. BobbyB got it right in post #241610, “Patch in haste repent at leisure.”Probably unrelated, but on my machine on December 15th, Malwarebytes Premium threw the first of 3 errors regarding crashes at shutdown that involved ntdll.dll and mbamservice.exe. This is transparent unless you look at the logs or Action Center. Last night MB itself reported that the Webprotection Module was turned off. The issue is documented on their forum. Interestingly a colleague who is unpatched since May, also reported the MB issue.
I know Group B patching is NOT cumulative, but are out of band fixes included in the next Security Only (Group B) IE patch (cumulative) or the monthly Group B patch the following month.
-
The IE11 patches are cumulative. The out-of-band patch this month superseded the Patch Tuesday IE11 Update. And the Jan IE11 CU will contain KB4483187.
5 users thanked author for this post.
-
anonymousI did install KB 4480970 (monthly rollup; w7 32bit, https://support.microsoft.com/en-us/help/4480970) this weekend bit in release notes cannot find if kb4483187 is included?
-
The chain of supersedence is through the IE11 CUs. 2019-01 IE11 CU KB4480965 replaces 2018-12 IE11 CU KB4483187. Since the 2019-01 SMQR contains the Jan IE11 CU, then CU KB4483187 is replaced by the Jan CU KB4480970.
Er, you got that, right?
-
anonymousThank you!
-
-
-
-
-
anonymousI’m not sure this fits here but seems related. I don’t use IE but some programs default to it and start it if you click help or info/about. When that happens I just close IE. It hasn’t happened in a while.
I’m in group A and never install updates until given the go ahead. I have left my settings at check for updates but let me decide.
This morning I was in an online game and had to leave the room for a bit. Windows rebooted when I was away and I couldn’t find a cause. I was checking things when it rebooted again. I ran malwarebytes and my virus scanner in safe mode and after I rebooted to normal mode. Everything was okay. I even scanned with stinger but found nothing.
Tonight the computer seems okay but i have noticed several windowsupdatefailure3 events in event viewer. Could WU have caused the problems?
-
anonymousMy Windows 2008 R2 Server would not start after applying update above KB4483187. Please hold onto installing it. Having still a headache to bring the server back to life 🙁
3 users thanked author for this post.
-
anonymousInstalled this fix on Win 7 32-bit SP1 and no problems. Use Microsoft antivirus s/w so may explain things. So far so good.
-
Chrome is my default browser and I haven’t used IE in years. But I wonder how is IE “woven into windows” even if you never use it? How does it impact the OS? I run Win 7, x64, Group A.
-
anonymousSome of the behind-the-scenes files and methods that IE uses to display items on a web page are also used by Windows Explorer to display items on your computer.
Also, if you look into file associations, you might notice that IE is listed as the go-to program for displaying certain file types, despite your use/choice of Chrome as your default browser for the internet.
BTW I’m running Win7 SP1 x64. I doubt that there’s any difference between home, pro or any other version (enterprise, starter, etc.) when it comes to file associations.
The above concept makes for a very good reason to keep IE updated with the current security patch(es) when we get the go-ahead by the raising of the MS-DEFCON level to 3 or higher.
We’re currently at level 2 so, if you haven’t downloaded and installed it already, please don’t download and install the patch just yet. By the time we get the go-ahead, MS may have a newer version of the patch available that won’t crash anyone’s system. Stay tuned here to AskWoody for the latest info on the status of the IE out-of-band patch, and whether it’s safe to install or not.
4 users thanked author for this post.
-
Thank you for this helpful response and advice, Anonymous. Succinct and comprehensible and I see why it’s important to keep IE updated. It’s really more than just a browser. Will definitely wait til Woody gives the go ahead before installing any patches though.
-
-
-
anonymousWin 7 64 crashed on me a day after installing this. I don’t use IE. Could not boot up normally after that, crashed during boot. Booted into safe mode and did a restore to before the update and things have been working fine since.
-
What is your anti-virus software?
Group G{ot backup} TestBeta On hiatus.
Win7Pro · x64 · SP1 · i3-3220 · RAM 8GB · Firefox: uBlock Origin - NoScript · HDD · Canon Printer · Microsoft Security Essentials · Windows: Backup - System Image - Rescue Disk - Firewall
-
-
It is already the 3rd of January as I write this: Are there any further news about this problem? Would it be a good idea not to install the December IE patch now, but wait until late in January, in case of a possible out-of-band “re-patch” becoming available before or as late as then? Thanks.
Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W + Mac&Lx
-
As a follow-on to the above question: I have KB 4483187 (some 50+ Mb) offered through Windows Update. I usually update as Group B. Should I ignore the offered update and download it instead from the Catalogue, or is it the other way around? I remember that something about this was advised some time ago, but now am not sure exactly what that advice was. Thanks.
Group B, Windows 7 Pro, SP1 x64; I-7 “sandy bridge.”
Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W + Mac&Lx
-
Can you take the risk in not addressing a remote code execution vulnerability?
I suggest you read these two articles..https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8653
********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********
-
Hi, I installed kb4483187, downloaded from the Catalogue via AKB2000003, on 1st January 2019 before I did my monthly search on WU. It has installed without any problem on my Win 7 32-bit desktop and also on my Win 7 64-bit laptop – no adverse reactions at all. The only weirdness I encountered this month was in relation to MSRT, but that was just a hiccup!
-
-
PKCano, Microfix and TSP: Thanks, you three, for your comments. I have just installed all the December updates (a total of 14 patches!, twelve of those offered by Windows Update and that have been declared OK in the Master Patch List, plus the Security Only and IE11 patches from the Catalogue) And all seems well.
Although here is a thought for others who might also read this: Your mileage might vary, depending on what you have installed in your machine and what you do with it. I have noticed, for example, that people who do unusual things also seem to have unusual problems after patching. What is “unusual”, you might ask? That question is next in non-answerability to “what is truth?” You know who you are.
Group B, Windows 7 Pro, SP1, x64, I-7 “sandy bridge.”
Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W + Mac&Lx
-
anonymousI have two Windows 7 computers – both would lock up shortly after booting after the Dec. 11 (+/-) update. I was able to get them both stable again with a System Restore back to an early restore point. Then the IE update came out. One computer I had turned off. The other got the update. That computer would only go to the BIOS screen. I created a System Repair disk, the allowed me to get to a Command Prompt. My C: drive could not be accessed (“Access Denied”). My D: and E: drives were accessible. The only way I have been able to get access to the C: drive contents was using a RAM based DVD ISO installation of Linux. From there I was able to get the files I wanted. However, it requires a complete new Windows ISO install. Will probably upgrade to Windows 10. Was using Windows 7 due to the elimination of WMC in Windows 10. No help from the Microsoft techs via chat other than getting me an ISO copy of Windows 7. Pretty pathetic.
-
It looks like installing the KB4483187 IE update does finally prevent Windows Update from offering old IE11 security updates like KB3185319, KB3175443. etc. (after I uninstalled KB3185319 from my Win7 & 8.1 computers) 🙂
However KB4483187 will STILL be offered from Windows Update, even though KB4480965 IE update, KB4480960 for Win7 or KB4480964 for Win8.1 is installed. I don’t know why…
1 user thanked author for this post.
-
Because of KB4483187 is cumulative Security Update for Internet Explorer 11 for Windows 7 for x64-based systems and consists of all previous IE updates.
1 user thanked author for this post.
-
anonymousHere it is Feb 9 and WU is still offering me KB4483187 on W7/32 even though I have KB4480960 installed.
In the MS catalog it states that KB4483187 is included in KB4480960 (and as it is cumulative, it should), but WU is not picking that up. Rebooting and then manually checking for updates after KB4480960 is installed does not make KB4483187 go away, it gets re-offered via WU.
User intervention (e.g. hide it) seems appropriate. However, one has to wonder if the KB4483187 shown as incorporated in KB4480960 is the same (code wise or it has a different release date) as the one that WU has on offer. I understand that the release date associated with a specific KB number is a criteria for WU when determining what a user should receive.
-
-
anonymousYou are correct. My apologies. I meant the rollup. I used the wrong KB number.
Microsoft states that Users can confirm they are protected by verifying that the version of
jscript.dll is 5.8.9600.19230, in C:\Windows\System32\jscript.dll
-
-
-
-
AuthorPosts
-
-
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.

Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments. Click here for details and to sign up.
Search The Lounge
Recent Replies
Charlie on Firefox 71.0 – Is it safe or not?
4 minutes agodeanwmn on MS-DEFCON 2: Make sure automatic update is blocked
6 minutes agoAlex5723 on 2000014: Ongoing List of Apple Operating System Updates
6 minutes agoPKCano on December 2019 Patch Tuesday running commentary
9 minutes agob on December 2019 Patch Tuesday running commentary
19 minutes agob on December 2019 Patch Tuesday running commentary
22 minutes agob on December 2019 Patch Tuesday running commentary
25 minutes agoTex265 on December 2019 Patch Tuesday running commentary
25 minutes agoPepsiboy on December 2019 Patch Tuesday running commentary
28 minutes agowarrenrumak on December 2019 Patch Tuesday running commentary
37 minutes agosheldon on December 2019 Patch Tuesday running commentary
40 minutes agoabbodi86 on MS-DEFCON 2: Make sure automatic update is blocked
45 minutes agowavy on Yes, there’s a crack to enable extended security updates on all Win7 machines. No, you shouldn’t count on it.
47 minutes agohubert_sk_t on MS-DEFCON 2: Make sure automatic update is blocked
50 minutes agobbearren on MS-DEFCON 2: Make sure automatic update is blocked
55 minutes agobbearren on MS-DEFCON 2: Make sure automatic update is blocked
1 hour, 6 minutes agoanonymous on December 2019 Patch Tuesday running commentary
1 hour, 9 minutes agob on December 2019 Patch Tuesday running commentary
1 hour, 10 minutes agoabbodi86 on MS-DEFCON 2: Make sure automatic update is blocked
1 hour, 17 minutes agoPKCano on December 2019 Patch Tuesday running commentary
1 hour, 30 minutes agoanonymous on December 2019 Patch Tuesday running commentary
1 hour, 32 minutes agojabeattyauditor on Patch lady – Alexa should be on her own network
1 hour, 40 minutes agoSlowpoke47 on HP all-in-one printer in Mint
1 hour, 53 minutes agoVincenzo on Patch lady – Alexa should be on her own network
1 hour, 58 minutes agoVincenzo on Patch lady – Alexa should be on her own network
2 hours, 11 minutes agoMatthew on Can one start Excel 2019 from the command line (cmd.exe)?
3 hours, 2 minutes agostewagreen on MS-DEFCON 4: Time to get the November patches installed
3 hours, 10 minutes agoMicrofix on 2 versions of firefox
3 hours, 16 minutes agowarrenrumak on Yes, there’s a crack to enable extended security updates on all Win7 machines. No, you shouldn’t count on it.
3 hours, 20 minutes agowoody on MS-DEFCON 4: Time to get the November patches installed
3 hours, 24 minutes ago
Recent Topics
-
December 2019 Patch Tuesday running commentary
9 minutes ago
-
Running a SharePoint server? Better make sure it’s patched.
4 hours, 11 minutes ago
-
Looks like the Office 365 server, onmicrosoft.com, is down
4 hours, 20 minutes ago
-
service registration is missing or corrupt
5 hours, 25 minutes ago
-
User account icon on Desktop
16 hours, 8 minutes ago
-
Patch Lady – if you use a IT consultant
15 hours, 58 minutes ago
-
Best way to backup Windows drivers
6 hours, 4 minutes ago
-
2 versions of firefox
3 hours, 17 minutes ago
-
Firefox 71.0 – Is it safe or not?
5 minutes ago
-
Is there still a forum or board for Micrsoft Access?
1 day, 2 hours ago
-
Frustration when entering postal adresses
11 hours, 50 minutes ago
-
EaseUS Todo backup over network causes "Critical Process Died"
1 day, 1 hour ago
-
MS-DEFCON 2: Make sure automatic update is blocked
7 minutes ago
-
0xc0000001 on startup
1 day, 3 hours ago
-
KB4524570 causes search to fail
1 day, 2 hours ago
-
The Chrome OS FAQ, Part II: Which Chromebook should you buy?
21 hours, 46 minutes ago
-
Removing bloatware and OEM mods from new machines
4 hours, 30 minutes ago
-
Freeware Spotlight — PrivaZer
1 day, 5 hours ago
-
Versatile gadget gifts for stuffing stockings large and small
18 hours, 34 minutes ago
-
KB4525243 Error 80071A30 – Doing the Same Thing Over & Over isn't always Insane
1 day, 18 hours ago
-
What's the correct upgrade path to Win10 Pro please?
1 day, 7 hours ago
-
Domain computer upgrade to Win 10
1 day, 16 hours ago
-
Chasing the elusive upgrade for Win10 Pro v1803
1 day, 7 hours ago
-
Revert back to Win7 then install Win10
4 hours, 37 minutes ago
-
WiFi adapter is hung up after hibernating
1 day, 9 hours ago
-
How to Backup iPhone or iPad without iTunes in macOS Catalina
1 day, 11 hours ago
-
cldfit.sys Blue Screen of Death
1 day, 10 hours ago
-
Optimum TCP settings for Cloud Backup
9 hours, 57 minutes ago
-
Yes, there’s a crack to enable extended security updates on all Win7 machines. No, you shouldn’t count on it.
48 minutes ago
-
Can’t Seem To Get Update To Work
2 days, 5 hours ago
Search for Topics
Recent blog posts
- December 2019 Patch Tuesday running commentary
- Running a SharePoint server? Better make sure it’s patched.
- Patch Lady – if you use a IT consultant
- MS-DEFCON 2: Make sure automatic update is blocked
- The Chrome OS FAQ, Part II: Which Chromebook should you buy?
- Removing bloatware and OEM mods from new machines
- Freeware Spotlight — PrivaZer
- Versatile gadget gifts for stuffing stockings large and small
Copyright © 2019 AskWoody LLC. All rights reserved.