What happened to the Kaby Lake/Ryzen/Carrizo Windows Update lockout?

Topic

New Reply

No doubt y’all recall the headaches with the April security patches, where Kaby Lake and Ryzen processor-based systems got locked out of Windows Updat
[See the full post at: What happened to the Kaby Lake/Ryzen/Carrizo Windows Update lockout?]

Reply | Quote

Replies

1. No

2. Only installation with DISM tool works

3. No

nothing changed in WU components this, whether rollup or security-only (which luckily don’t have it this month, so Group B followers should be able to skip April’s update)

2 users thanked author for this post.

woody, jelson

Reply | Quote

Hey aboddi86 and thank you for the info! Any chance you can write up a small guide to surgically remove elements from a rollup? You did a really great work with KB3161647 so I was thinking a good option for Group B users would be to have the April security rollup without the WUA files.

 

I have managed to expand the files from the .cab and sorted files that appear to belong to the WUA, but can’t really be sure I got all of them.

Reply | Quote

If you are familiar with install_wim_tweak tool, it’s easy to remove WUA core installed by April’s security only updates

win7 x64
install_wim_tweak /o /n /c package_387_for_kb4015546~31bf3856ad364e35~amd64~~6.1.1.3 /r

win7 x86
install_wim_tweak /o /n /c package_228_for_kb4015546~31bf3856ad364e35~x86~~6.1.1.3 /r

win8.1 x64
install_wim_tweak /o /n /c package_96_for_kb4015547~31bf3856ad364e35~amd64~~6.3.1.3 /r

win8.1 x86
install_wim_tweak /o /n /c package_31_for_kb4015547~31bf3856ad364e35~x86~~6.3.1.3 /r

2 users thanked author for this post.

HiFlyer, GoneToPlaid

Reply | Quote

“For those who were blocked last month, can you download and manually install either this month’s Security-only update and/or Monthly Rollup?”

Hopefully yes if you follow this method: Installing Win updates on Win 7 or 8.1 computers with Kaby Lake or Ryzen CPUs.

1 user thanked author for this post.

woody

Reply | Quote

I told ya :). Surprisingly enough, there are no Preview Rollups for May yet?

Antec P7 Silent * Corsair RM550x * ASUS TUF GAMING B560M-PLUS * Intel Core i5-11400F * 4 x 8 GB G.Skill Aegis DDR4 3200 MHz CL16 * Sapphire Radeon 6700 10GB * XPG GAMMIX S70 BLADE 1TB * SanDisk Ultra 3D 1TB * DVD RW Lite-ON iHAS 124 * Windows 10 Pro 22H2 64-bit

1 user thanked author for this post.

woody

Reply | Quote

2nd tuesday = Security Rollup

3rd tueday = Preview Rollup

1 user thanked author for this post.

radosuaf

Reply | Quote

You’re right – I looked up wrong entry at the W8.1 Update history page.

Antec P7 Silent * Corsair RM550x * ASUS TUF GAMING B560M-PLUS * Intel Core i5-11400F * 4 x 8 GB G.Skill Aegis DDR4 3200 MHz CL16 * Sapphire Radeon 6700 10GB * XPG GAMMIX S70 BLADE 1TB * SanDisk Ultra 3D 1TB * DVD RW Lite-ON iHAS 124 * Windows 10 Pro 22H2 64-bit

Reply | Quote

Maybe one of the few things that MSFT did in 2016 is organizing updates release cadence

Reply | Quote

Y’all know the software can tell what date it is, right?

Microsoft could code an update where something stops working right away then take a lot of heat on the spot, or… They could code it to kick in after a few months have passed. It could even add a random delay so it doesn’t happen to everyone on the same date.

Imagine how much less flak they’d get if we “tin foil hat wearers” would not be able to easily correlate a change in system behavior with a particular update. And, as icing on the cake, they can pull this out of their, er, hat when it finally DOES get noticed: “Look, we told you it wouldn’t work; we just gave you plenty of time to prepare out of the goodness of our hearts.”

It’s not a new idea. Remember how long the GWX update lay dormant in systems before it started rearing its ugly head?

The one thing they have over us that will not change is that only THEY know what’s in the source code. When their prime motivation is not to delight users, but find new ways to fleece us, that is a powerful and dangerous thing indeed.

I wonder if Microsoft employees get bonuses for coding things that further their boss’ nefarious motives… What if someone came to you and said something like, “you need to write software that hides a new ‘feature’ that will make us more money but that people are going to hate. Oh and by the way, do it or you’re fired.” What would you do?

-Noel

3 users thanked author for this post.

GoneToPlaid, Elly, Sessh

Reply | Quote

Exactly. Trial software acts in a similar way only it tells you how long the trial is for and when it ends every time you open the software based on the install date and the current date.

I actually have downloaded all of the updates for IE11 and the security only, but I haven’t installed any of them and this is why. How can anyone trust Microsoft not to sneak a time bomb into a seemingly benign update for “functionality” or “security” especially after they have already proven they are perfectly capable and willing to do so?

I don’t understand the blind trust in MS that some people still have, I really don’t. Considering they, you know, made this OS that I’m using, they will know exactly how to change and manipulate it so that they can make it inoperable if they so desired and like all malware infections, the end user is the weakest link. Users have to be willing to “infect” their own computers with these updates first. GWX never ended, it just changed it’s clothes.

Heck, they already do this as per the topic of this thread! They never fixed the “mis-identifications” because they were never mis-identifications to begin with! It was by design and completely intentional that these other processors and video cards have been ensnared into this new “feature” which will probably continue to expand it’s net. I don’t trust people who conduct business this way.

1 user thanked author for this post.

Elly

Reply | Quote

All telemetry updates are explicitly announced by MSFT

likewise i don’t understand the exaggeration towards updates
if you don’t trust MSFT, simply stop updating, the system will function just fine without them

1 user thanked author for this post.

ch100

Reply | Quote

abbodi86 wrote:

likewise i don’t understand the exaggeration towards updates
if you don’t trust MSFT, simply stop updating, the system will function just fine without them

Trust… So hard to gain, so easy to lose…

They’ve built in so many serious security flaws into the system that we are beholden to them to continue to roll out fixes so that our data and working environments can remain viable.

And of course the best thing to do (NOT!) is for them to alter the new OS software at a more feverish pace, all the while still claiming it’s the most secure system ever. Yep, we all see those ransomware attacks rolling across the planet and just can’t seem to ignore them.

No one can “unplug” from the net – that’s just not an option nowadays – and for as much good as Microsoft engineers can do, their marketing and management sure do seem pretty evil…

So yeah, I’m not having a problem understanding the love/hate relationship.

-Noel

2 users thanked author for this post.

Elly, HiFlyer

Reply | Quote

This really makes me glad i’m “stuck” with an Ivy Bridge processor.   It doesn’t make me want to upgrade anytime soon.   Thanks Microsoft for killing Capitalism.

Reply | Quote

anonymous wrote:

Thanks Microsoft for killing Capitalism.

How, exactly, is Microsoft “killing Capitalism”?

Group "L" (Linux Mint)
with Windows 8.1 running in a VM

Reply | Quote

@MrJimPhelps

Western capitalism thrives on an open and free market economy where a level-playing field in market-competition is set for companies(eg anti-trust laws) and consumers have non-restricted or free choice in buying products and services(eg anti-discrimination laws)
. . By using Windows Update to artificially restrict or block the latest processors in Win 7/8.1 computers from receiving security updates, M$ are “killing” capitalism when some Win 7/8.1 consumers are inhibited by M$ from buying new computers that come with the latest processors before their EOL in 2020/2023, eg for hardware upgrades, replacement of faulty computers, business expansion, etc. This does no good to the US and Western economy.

NB: Please keep political discussions in the Rants section, observing Lounge Rules

2 users thanked author for this post.

FakeNinja, Elly

Reply | Quote

Did some tests on my Kaby Lake VMware virtual machine.

(1) I installed KB4015549 (April Monthly Rollup) on the virtual machine.

(1A) As expected, Windows Update returns a “Unsupported Hardware” message when it was instructed to check for updates and eventually Windows Update returned the error 80240037. So it is not possible to install the May updates via Windows Update.

(1B) Attempts to directly install the May updates (KB4019263, May Security only update / KB4018271, May IE11 security update etc.) downloaded from the Catalog all returned an error “Installer encountered an error 0x80240037”. So it is not possible to install the May updates from the Catalog either (except using DISM).

(1C) I then removed KB4015549, rebooted the system, and attempted to install KB4019264 (May Monthly Rollup). The installation was successful. So as MrBrian said you can uninstall the old monthly rollup and then install the new one, even if you are using a Kaby Lake (and Ryzen) system.

(1D) After installing KB4019264, Windows Update once again returned the “Unsupported Hardware” message when instructed to check for updates, and eventually returned the error 80240037.

Hope for the best. Prepare for the worst.

4 users thanked author for this post.

FakeNinja, GoneToPlaid, Elly, MrBrian

Reply | Quote

Exactly as I expected and hoped. Thank you for testing :).

Reply | Quote

MrBrian wrote:

Exactly as I expected and hoped. Thank you for testing :).

You are welcome. This hopefully confirms that your method of removing the old rollup and installing the new rollup should work on a Kaby Lake or Ryzen system running Windows 7 to keep the system patched, at least for the time being.

If this way of patching keeps working, I might reconsider getting a Ryzen system to run Windows 7 on it.

Hope for the best. Prepare for the worst.

Reply | Quote

In the future Microsoft could potentially force everybody to use a version of the Windows Update client that has the CPU blocking code.

Reply | Quote

MrBrian wrote:

In the future Microsoft could potentially force everybody to use a version of the Windows Update client that has the CPU blocking code.

Yeah, I know. That’s why I said “for the time being”.

And Microsoft still has to fix the Carrizo identification bug that Microsoft itself disclosed back in April. It still has not done so. It will have to release a new version of the Update Agent eventually to fix the problem.

Hope for the best. Prepare for the worst.

Reply | Quote

(2) I launched a fresh copy of Windows 7 in the virtual machine, then installed KB4019263 (May Security only update), without installing any of the April updates.

(2A) When instructed to check for updates, Windows Update did not send “Unsupported Hardware” message (mostly likely because KB4019263 does not contain the Windows Update Agent update present in KB4015546, the April Security only update, as others already mentioned) and eventually returned a list of updates.

(2B) I then attempted to install KB4018271, the May IE11 security update downloaded from the Catalog as a .msu file. The installation was successful.

So Windows 7 users on Kaby Lake and Ryzen systems who want to stick with Group B apparently can go on patching, at least for May updates, if they skip the April security only update KB4015546.

Hope for the best. Prepare for the worst.

1 user thanked author for this post.

Elly

Reply | Quote

abbodi86 wrote:

All telemetry updates are explicitly announced by MSFT likewise i don’t understand the exaggeration towards updates if you don’t trust MSFT, simply stop updating, the system will function just fine without them

Just like they explicitly announced the full list of hardware they were going to be blocking on Win7 machines in their continuation of GWX? This entire Win10 campaign they are on is a continued attempt to force people into a desired course of action.

You’re really that sure they are going to announce everything so people can avoid what they don’t want people to avoid? They’ve proven they are willing to be deceptive and, in the case of this hardware lockout, willing to lie about the extent of what they are doing. So, what reason is there to believe they are being honest about what they are putting in their updates now or in the future? None, really.

Reply | Quote

abbodi86 wrote:

All telemetry updates are explicitly announced by MSFT likewise i don’t understand the exaggeration towards updates if you don’t trust MSFT, simply stop updating, the system will function just fine without them

Microsoft does not announce all updates which contain telemetry. How about these two Windows 7 updates which do not mention that they install deep system wide telemetry:

KB2999226 — Update for Universal C Runtime in Windows
KB3118401 — Update for Universal C Runtime in Windows

Reply | Quote

I highly doubt they are telemetry related

they could have telemetry points, but those needs the actual telemetry infrastructure to have any affect

Reply | Quote

abbodi86 wrote:

If you are familiar with install_wim_tweak tool, it’s easy to remove WUA core installed by April’s security only updates win7 x64 install_wim_tweak /o /n /c package_387_for_kb4015546~31bf3856ad364e35~amd64~~6.1.1.3 /r win7 x86 install_wim_tweak /o /n /c package_228_for_kb4015546~31bf3856ad364e35~x86~~6.1.1.3 /r win8.1 x64 install_wim_tweak /o /n /c package_96_for_kb4015547~31bf3856ad364e35~amd64~~6.3.1.3 /r win8.1 x86 install_wim_tweak /o /n /c package_31_for_kb4015547~31bf3856ad364e35~x86~~6.3.1.3 /r

I tested the April Security Only update on one of my Win7 computers a few days ago. After I installed it, I discovered that although Windows Update could check for updates, Windows Update couldn’t download any updates at all. Seeing that the April update changed the WUA core, now I understand why I encountered this issue even though my test computer doesn’t have any components which should have triggered future update blocking. Note that I wasn’t blocked from checking for updates via Windows Update, but instead that I was blocked from being able to download any updates via Windows Update and from WSUS. My test computer is a home-built computer with a MSI motherboard with Intel Z87 chipset, DDR3 RAM, a Haswell Core i5 CPU, and an nVidia GTX 650 graphics card.

Reply | Quote

James Bond 007 wrote:

Did some tests on my Kaby Lake VMware virtual machine. (1) I installed KB4015549 (April Monthly Rollup) on the virtual machine. (1A) As expected, Windows Update returns a “Unsupported Hardware” message when it was instructed to check for updates and eventually Windows Update returned the error 80240037. So it is not possible to install the May updates via Windows Update. (1B) Attempts to directly install the May updates (KB4019263, May Security only update / KB4018271, May IE11 security update etc.) downloaded from the Catalog all returned an error “Installer encountered an error 0x80240037”. So it is not possible to install the May updates from the Catalog either (except using DISM). (1C) I then removed KB4015549, rebooted the system, and attempted to install KB4019264 (May Monthly Rollup). The installation was successful. So as MrBrian said you can uninstall the old monthly rollup and then install the new one, even if you are using a Kaby Lake (and Ryzen) system. (1D) After installing KB4019264, Windows Update once again returned the “Unsupported Hardware” message when instructed to check for updates, and eventually returned the error 80240037.

Hello 007,

It appears that uninstalling the April update does restore the WUA files in System32 back to their previous versions. Since you have a Kaby Lake VM, I wonder if you would test the following scenario:

Install the April Monthly Rollup.

Then try to manually reinstall WUA from the appropriate link shown on this MS web page:

https://support.microsoft.com/en-us/help/949104/how-to-update-the-windows-update-agent-to-the-latest-version

My hope is that your test will show that manually reinstalling WUA will overwrite the April Monthly Rollup’s later version of WUA.

Best regards,

–GTP

 

Reply | Quote

No it won’t overwrite it, the OS and servicing stack is smart enough not to have lower version the active one

Reply | Quote

GoneToPlaid wrote:

Hello 007.

It appears that uninstalling the April update does restore the WUA files in System32 back to their previous versions. Since you have a Kaby Lake VM, I wonder if you would test the following scenario:

Install the April Monthly Rollup. Then try to manually reinstall WUA from the appropriate link shown on this MS web page: https://support.microsoft.com/en-us/help/949104/how-to-update-the-windows-update-agent-to-the-latest-version

My hope is that your test will show that manually reinstalling WUA will overwrite the April Monthly Rollup’s later version of WUA.

Best regards, –GTP

I did the test according to your steps. And just as abbodi86 said, although the Update Agent apparently installed successfully, it did NOT overwrite the version of WUA installed by the April Rollup. Windows Update still generated the “Unsupported Hardware” message when instructed to check for updates and eventually returned the error 80240037.

Hope for the best. Prepare for the worst.

Reply | Quote

James Bond 007 wrote:

GoneToPlaid wrote:

Hello 007. It appears that uninstalling the April update does restore the WUA files in System32 back to their previous versions. Since you have a Kaby Lake VM, I wonder if you would test the following scenario: Install the April Monthly Rollup. Then try to manually reinstall WUA from the appropriate link shown on this MS web page: https://support.microsoft.com/en-us/help/949104/how-to-update-the-windows-update-agent-to-the-latest-version My hope is that your test will show that manually reinstalling WUA will overwrite the April Monthly Rollup’s later version of WUA. Best regards, –GTP

I did the test according to your steps. And just as abbodi86 said, although the Update Agent apparently installed successfully, it did NOT overwrite the version of WUA installed by the April Rollup. Windows Update still generated the “Unsupported Hardware” message when instructed to check for updates and eventually returned the error 80240037.

Your test confirms exactly what I was afraid of — that trying to reinstall an older and specific version of the WUA, while appearing to be successful, will not in fact replace a more recent version of the WUA. Thus the April Security Only update remains off of my list of updates to install since after installing it, I could check for updates via Windows Update, yet Windows Update couldn’t download any updates, repeatedly failing with error code 8024402C. On the bright side, uninstalling the April Security Only update does revert WUA back to its previous version.

 

Reply | Quote

abbodi86 wrote:

I highly doubt they are telemetry related they could have telemetry points, but those needs the actual telemetry infrastructure to have any affect

Microsoft’s article about KB299226 mentions absolutely noting about installing telemetry. Perhaps you should read the EULA for KB299226. You won’t see this EULA if you install KB299226 via Windows Update. If you installed KB299226 via Windows Update, then you silently consented to deep telemetry and overrode your CEIP opt-out settings. You will only see this EULA if you manually downloaded and installed KB299226. Moreover, KB299226’s deep telemetry is in many ways far worse than the telemetry in KB2952664.

Ah, but what do I know. Obviously nothing since you all so quickly shot me down regarding my documentation about Windows updates which install telemetry and/or which also cause other very serious issues, my script which simply checks for installed updates which also installed telemetry, my script for optionally removing all updates which installed telemetry, and my script for optionally removing other bad Windows 7 updates which additionally cause known and very serious issues — issues which were documented by Woody himself and others.

 

Reply | Quote