Various out of band updates out to fix January patch issues

Topic

New Reply

When Microsoft has issues with updates, it normally takes until Fridayish before they identify a root cause and then it’s Mondayish of the following w
[See the full post at: Various out of band updates out to fix January patch issues]

Susan Bradley Patch Lady/Prudent patcher

9 users thanked author for this post.

abbodi86, deuxbits, lmacri, Geo, joep517, Fred, kdpawson, Alex5723, geekdom

Reply | Quote

Replies

https://www.ghacks.net/2022/01/18/kb5010795-out-of-band-update-for-windows-11-10-and-windows-server-released/

https://www.neowin.net/news/oob-updates-for-several-windows-versions-released-fixes-vpn-connection-issues-and-more/

“Windows 11, version 21H1 (original release): KB5010795

Windows Server 2022: KB5010796

Windows 10, version 21H2: KB5010793

Windows 10, version 21H1: KB5010793

Windows 10, version 20H2, Windows Server, version 20H2: KB5010793

Windows 10, version 20H1, Windows Server, version 20H1: KB5010793

Windows 10, version 1909, Windows Server, version 1909: KB5010792

Windows 10, version 1607, Windows Server 2016: KB5010790

Windows 10, version 1507: KB5010789

Windows 7 SP1: KB5010798

Windows Server 2008 SP2: KB5010799”

I just got KB5009194 update to .NET 5.0.13

1 user thanked author for this post.

Fred

Reply | Quote

See this thread for Win7 ESU/ ESUb OoB January 2022 Patch and info.

 

Win8.1/R2 Hybrid lives on..

Reply | Quote

Do I need to get the update for Windows 8.1 if I don’t have a VM?

 

Reply | Quote

No. If Windows is behaving do not do anything until Susan says it’s safe to patch.

cheers, Paul

Reply | Quote

KB5010793 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems

was waiting to be downloaded and installed when I signed in on the Windows 10 side of my dual boot daily driver.

No hiccups.

Always create a fresh drive image before making system changes/Windows updates; you may need to start over!

We were all once "Average Users". We all have our own reasons for doing the things that we do with our systems, we don't need anyone's approval, and we don't all have to do the same things.

Computer Specs

1 user thanked author for this post.

Alex5723

Reply | Quote

January 17, 2022—KB5010795 (OS Build 22000.438) Out-of-band (microsoft.com) installed without issue.

--Joe

Reply | Quote

Will they replace the bad updates with new ones for WSUS users?

Reply | Quote

No you’ll have to manually import them.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

wavy

Reply | Quote

This patch is worthless. If you’re experiencing the boot loop issue, you’ve already uninstalled the cumulative update – this patch is useless. If you haven’t installed the cumulative update to prevent a dead server – this patch is useless. So, I guess we need to wait for the February cumulative update and skip January? Nice.

Reply | Quote

Thats what I was thinking.  I thought they would issue a replacement patch, maybe they still will?

Reply | Quote

On the 2012 R2 platform I don’t see that they will.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

The Windows 10 & 11 patches are cumulative updates. See the file information section at the end of the KB article.

--Joe

Reply | Quote

The out of band update for Server 2012 R2  must be downloaded manually and is not cumulative and in fact is substantially smaller than the cumulative update it’s fixing.   I think (but I’m not sure) that the out of band updates for Server 2019 and 2022 are cumulative (they’re available via Windows Update), the sizes are about the same and Microsoft states “If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.”

Reply | Quote

Which patch?

Windows 10/11 patches (and related Server OS) are cumulative updates.  Server 2012 R2 however is not.  If you do the monthly rollup, later on this one (don’t reboot inbetween). When I raise the MS-DEFCON on 1/25 I’ll explain how to install updates on 2012 R2.  If you HAVE to patch, you’ll need to do both the main patch for January -AND- this out of band on the 2012 R2 platform.

If you are patching any of the Windows 10ish era stuff (and later) they are cumulative so you only need to install the later patch.

Susan Bradley Patch Lady/Prudent patcher

4 users thanked author for this post.

abbodi86, deuxbits, arbrich, ChrisAVWood

Reply | Quote

Thank You Susan.  I don’t plan to update Server 2012 R2 until you provide an all clear with instructions.  Thank you for your reply. 🙂

1 user thanked author for this post.

arbrich

Reply | Quote

Regarding Server2012R2 and the new Out of Band patch.

Once this KB5010794 fix (out of band patch) was released for Windows Server 2012R2 I waited a day or so to see if any reports of problems surfaced. Then I did the cumulative update KB5009624 for January, stopped the VMs, restarted the host but did not restart the VMs, then I did the OOB patch, restarted, and then restarted the VMs. ~12hours later it’s all working as it should. Phew!

Thanks to everyone, particularly Susan, for supplying relevant and timely information. I hope your experience is as good as mine was. (Note that I did not have the boot loop problem… Host was not a DC )

Basic research is what I am doing when I don't know what I am doing - Werner Von Braun

1 user thanked author for this post.

mcbsys

Reply | Quote

Did Microsoft fix 0-day “RemotePotato0” with Jan. OOB?

Reply | Quote

No for several reasons.  Reason one the patches are not deemed new security releases and thus it’s just bug fixes.  Reason two is that the underlying bug has been deemed “won’t fix” by Microsoft (see https://www.sentinelone.com/labs/relaying-potatoes-another-unexpected-privilege-escalation-vulnerability-in-windows-rpc-protocol/)

I’ll include my take in the next MS-DEFCON alert that goes out.

 

Susan Bradley Patch Lady/Prudent patcher

2 users thanked author for this post.

deuxbits, Alex5723

Reply | Quote

[Microfix]

OoB WIN8.1 UPDATE:
kb5010794 is also available via WU (MSFT have now added it)

Checked WU on our Win8.1 Pro x64 earlier to find kb5010794
sitting in the ‘Optional’ section of WU.
As this device is already fully (everything) up-to-date, I downloaded and installed, instant restart required.
SFC scan all good, Event viewer no errors and system working good here.

NOTE: This is not my test device, it’s our Haswell system, imaged prior to January patchmess.

Update: no affects on this Haswell system 22/01/22

Win8.1/R2 Hybrid lives on..

• This reply was modified 1 year, 10 months ago by Microfix. Reason: Update added

4 users thanked author for this post.

mcbsys, 7ProSP1, Speccy, DrBonzo

Reply | Quote

[Speccy]

While managing a fully patched and fully functioning (as of Dec 31, 2021) Win8.1 Pro x64 system, after the January 2022 updates (KB5009624 monthly roll-up, KB5009721 .NET Framework roll-up) suddenly “something” got broken: pieces of software and core parts of the O.S. itself (e.g. Computer Management) began throwing an error complaining about the (now) missing ‘vcruntime140_1.dll’ library.

Rolling back to a previous backup image (as of Dec 31, 2021) restored the system stability (got the missing library back and everything else working normally, again). Can’t tell for sure if the culprit is either KB5009624, KB5009721 or an unexpected interaction between the two (haven’t had time to try uninstalling only one of them in turns, to be sure) but uninstalling both updates also worked (same as restoring back the system to the Dec 31, 2021 backup image).

I am guessing here that Redmond messed up (again) while packaging the updates and used the wrong versions of the Visual C++ Runtime libraries, because another option that also worked out well was to keep both updates (KB5009624 and KB5009721) installed and simply update the Visual C++ 2015 runtime libraries (as of Dec 31, 2021 that Win8.1 system had v14.0.24212 installed) to v14.30.30704, which were the latest available redistributable packages (signed October 5, 2021) here (“Visual Studio 2015, 2017, 2019, and 2022” section):

https://docs.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist?view=msvc-170

For now I am not installing the optional KB5010794 update yet (I’ll just wait for the February updates) but I am assuming that this optional update will do exactly that (update the Visual C++ 2015 runtime libraries) because as I am writing this (Jan 20, 2022) the above webpage is now offering v14.30.30708 (signed January 6, 2022) of the Visual C++ 2015 runtime libraries… 😉

Just my 2 cents,

• This reply was modified 1 year, 10 months ago by Speccy. Reason: The site doesn't like UNDERLINED text anymore? And editing and submitting back the post will also DELETE IT? What the heck?

4 users thanked author for this post.

deuxbits, DrBonzo, Microfix, 7ProSP1

Reply | Quote

Nice detective work, @Speccy and thanks for sharing.

Too bad Microsoft isn’t as thoughtful and thorough in their testing as you.

1 user thanked author for this post.

Speccy

Reply | Quote

We have ten Win8.1 workstations and haven’t experienced this issue.

3 users thanked author for this post.

Microfix, Speccy, DrBonzo

Reply | Quote

Thanks for sharing, @Intrepid. Just out of curiosity, may I ask if any of your ten workstations also had that exact same version (v14.0.24212) of the Visual C++ 2015 runtime libraries installed?

Reply | Quote

No, we have 14.0.24215 and 14.0.23026

1 user thanked author for this post.

Speccy

Reply | Quote

Visual C++ Redistributable Runtimes are never included in any Windows updates

Win 7/8/8.1 Monthly Rollup only include the Universal C Runtime (ucrtbase.dll along with CRT Api set), and it’s not had been updated since 2019

4 users thanked author for this post.

Speccy, geekdom, Microfix, DrBonzo

Reply | Quote

@abbodi86, you’re absolutely right. Thank you!
Last week was a busy one and I didn’t pay enough attention… my bad. I went back to that system over this weekend to figure out what happened and the culprit seem to have been (might have been?) a hardware driver update (indeed, uninstalling KB5009624 and KB5009721 was not the same as restoring back the Dec 31, 2021 image: they were both installed on Jan 6, 2022 but that driver had been automatically installed on patch Tuesday [Jan 4, 2022] but went unnoticed and that’s probably what caused the unexpected interaction that lead to the missing runtime library situation).
Updating the C++ runtime libraries “fixed” the situation, yes, but the situation itself wasn’t caused neither by the KB5009624 or the KB5009721 roll-up updates. My bad, sorry.

2 users thanked author for this post.

abbodi86, Microfix

Reply | Quote

somehow, someway – somebody forgot to mention this out-of-band update:

Windows 10, version 1809, Windows Server, version 1809, Windows Server 2019: KB5010791

https://support.microsoft.com/help/5010791

this one can be installed onto Windows Server 2019 or Windows 10 Enterprise LTSC 2019 (v1809)

Reply | Quote

That’s what I’m doing.  I have 2019 and still looping and the “fix” doesn’t want to apply to 2019.  Uninstalling, Disapproving update and waiting till February.  Microsoft failed on this one.

Reply | Quote

When you attempt to install it, what does the error message say?

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

How does this effect Win 10 21H1 home users?

Reply | Quote

I’m not seeing major issues for home users.  Stay tuned for the alert/MS Defcon to change early next week.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

rontpxz81

Reply | Quote

I received KB5010794 as an optional update on WU for Windows 8.1.

I tried to install it, but it won’t install so I will leave it.

Reply | Quote

What error message did you receive?

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Hi Susan;

“What error message did you receive?”

None.  It just sits there.  There is no download activity.

My disk light flashes a lot.

Cheers.

 

Reply | Quote

Did you select it to install or was it just offered up to you?  It won’t be pushed, you have to select it.  Mind you I would only recommend it IF you are impacted by the business vpn issue.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Hi Susan:

It was an optional update that I selected to install.

The problem doesn’t impact me at the moment but perhaps I will get a VM someday.

I did finally get it to install.  My Windows 8.1 computer was running sluggishly, so I restarted and then ran a virus check.

No viruses were found, but the check was slow.

Things improved after that, and I was able to install the update very quickly.  No problems.

Gremlins….

Cheers.

Reply | Quote

Should we patch Servers (2012 R2, 2016, 2019) that are Stand Alone and NOT Domain Controllers or should we wait for the ALL Clear ??

For Domain Controllers I get more confused the more I read and have NOT patched either of the Domain Controllers (2012R2) that I handle and I am looking for Guidance on exactly how to do this without having to worry about getting caught in a loop and having to run to customers far away and try to figure out how to back things out.

I do all my updates remotely. I simply have whatever Microsoft has downloaded sitting in Que waiting to be installed and I am looking for step by step guidance on how to update for January.

Thanks for any responses.

Reply | Quote

Susan Bradley said:  “When I raise the MS-DEFCON on 1/25 I’ll explain how to install updates on 2012 R2. If you HAVE to patch, you’ll need to do both the main patch for January -AND- this out of band on the 2012 R2 platform.”  I would wait to hear from Susan.  But I read both must be done without rebooting between them.
See: https://www.askwoody.com/forums/topic/various-out-of-band-updates-out-to-fix-january-patch-issues/#post-2419141

Personally, I may skip January and do the updates for February instead.

 

Reply | Quote

Because the February updates will be perfect…. 😉

😀

Basic research is what I am doing when I don't know what I am doing - Werner Von Braun

Reply | Quote

I decided to try patching my 2012R2 test server this morning. It’s a Hyper-V guest, not host; domain-joined but not a DC.

This article says that OOB KB5010794 is only available on Windows Catalog:

https://support.microsoft.com/en-us/topic/kb5010794-out-of-band-update-for-windows-8-1-and-windows-server-2012-r2-january-17-2022-a92500fb-f227-400e-b70e-f7dd50386fd3

My server, though, offered to install 0794 as an optional update at the same time it installed other January updates:

After checking the optional 0794 update, I clicked install now. It said it was downloading 4 updates of 81MB (it had already downloaded the other 3). Then it confirmed it was installing 3 updates (not 4):

After the reboot, it tells me KB5009624 was installed and that 0794 is still available:

Installing it fails immediately:

Rather than try to diagnose corrupt update stores etc., I just downloaded 0794 from the Windows Catalog and installed it without incident. After the reboot:

So, got the updates, survived a reboot without the OOB patch, but still nervous about doing this on a remote customer’s DC server.

Reply | Quote

I don’t recommend rebooting the server until you install the Out of Band Update. If you do reboot, there is a chance you will be caught in the boot loop!  Susan Bradley said: “When I raise the MS-DEFCON on 1/25 I’ll explain how to install updates on 2012 R2″.  I may skip the January updates completely and wait until the February updates.

Reply | Quote

@Intrepid, that was exactly my concern, so it was nice to have both updates offered by WU at the same time. I was careful to check the optional update so they would install together. However, as you can see from the last screen shot, installing 0794 FAILED when installed together with 9624, then failed again when installed from WU after the reboot. Luckily, 0794 from Windows Catalog succeeded. But what if you install 9624 but can’t get 0794 installed?

Reply | Quote

“But what if you install 9624 but can’t get 0794 installed?”

You would need uninstall it in safe mode without networking or boot normally and stop the net logon service immediately after login and then uninstall.  Some say the boot loop only happens if you have two domain controllers.
Note: I have not tested any of these procedures.
This is why I will probably just skip the January nonsense and wait for February updates.

1 user thanked author for this post.

mcbsys

Reply | Quote