• Speccy



    Viewing 15 replies - 31 through 45 (of 76 total)
    • With all due respect, Gunter’s article is inaccurate: the Catalog “Last Updated” date disparity (12 Nov for Win8.1/10 and 13 Nov for Win7/Server 2008/R2) has nothing to do with the issue and it certainly does NOT mean that (quoting) “Microsoft has updated the package for Windows 7 and Server 2008/r2 and replaced the faulty certificate.“: the binaries are exactly the same (digitally signed November 7, 2019).
      There was no “faulty certificate”, nor was it replaced: the root cause of the issues IS the [lack of] SHA-2 support (and probably some metadata glitches on WU) – as I explained here.

      • This reply was modified 3 years, 6 months ago by Speccy.
      • This reply was modified 3 years, 6 months ago by Speccy. Reason: Added minor clarification (digitally signed package date)
      6 users thanked author for this post.
    • in reply to: November 2019 Patch Tuesday foibles #2005276

      @Anonymous: The 2 machines with errors had the September KB4474419 update (SHA-2 support) installed?

      Last month’s MSRT (v5.76, Oct, 2019) was still SHA-256 and SHA-1 signed, but this month’s MSRT (v5.77, Nov, 2019) is NOT SHA-1 signed (only SHA-256 signed) – and that seems to be the core reason for the reported errors…

      As stated in KB4472027, Windows 7/Server 2008 updates are NOT being SHA-1 signed anymore and, therefore, a couple of mandatory updates (better take the September [2019-09] ones as the baseline, to be safe) became minimum pre-requisites:

      Meanwhile, WU might have (had?) a conflict issue (metadata?) with that, since it was offering MSRT on Tuesday but not yesterday (Nov 13, 2019)… don’t know if Microsoft fixed it already but, whatever the reason is, MSRT may be manually downloaded from the Catalog (here) and, for sure, it will execute properly if BOTH the SHA-2 support and SSU updates have been installed.

      4 users thanked author for this post.
    • in reply to: Patch Lady Podcast – End of October wrap up #1994679

      Heads-up (follow-up of this previous post): Windows Defender got a new Antimalware Client (Version 4.18.1910.4) and engine (v1.1.16500.1) yesterday. Quick and Full scans appear to be working fine with current anti-malware definitions (v1.305.909.0 as I write this – more help about this specific subject in my previous post here).

    • in reply to: Microsoft 365 health status #1984241

      Current Status…

      …We’re analyzing authentication logs to isolate the cause of the issue.

      …We’ve confirmed via telemetry and reports from some of the affected customers that service has recovered for a majority of impacted users. We’re continuing to investigate log data to better understand what caused this issue and to validate which recovery measures we took restored service functionality. Additionally, our telemetry indicates that this issue was specific to users located in the North America region.

      …We performed a manual restart of a backend service and performed a configuration change to mitigate the issue. We’re continuing to monitor the environment to validate that service has fully recovered.

      …Our telemetry indicates that service has largely recovered. We’re monitoring the environment to ensure it remains stable while we continue our investigation into the root cause of the problem.

      …Our services remain healthy, and we’ve confirmed via continuous service monitoring that all of the previously affected scenarios are working as expected. Additionally, we’re progressing through our investigation to isolate the underlying problem.

    • Woddy, I’ve updated my ancient post regarding KB4493132 metadata changes (basically, how the nagging screen look has been slightly changing), with additional information posted by abbodi86 and wsntls. Nothing new, really – just for the sake of consistency. 😉

      1 user thanked author for this post.
    • No problems yet (see here) but Microfix’s right, we’re at MS-DEFCON1 (WAIT!).

      1 user thanked author for this post.
    • Lars220,
      Please check the STABLE BETA TEST (Win7) section at my previous post: I’ve corrected it to clarify that KB4515854 (4.6.2) is actually installed by the KB4524102 update package… Sorry, my bad.
      Thank you! 🙂

      2 users thanked author for this post.
    • in reply to: October 2019 Patch Tuesday problems #1978657

      Reporting from a managed set of Virtual Machines (VMs) and physical systems (including a couple of Win7 legacy dual core workhorses) backed up and updated as described below.

      Previous notes:
      1. I skipped August updates (moved from July to September).
      2. For those systems where .NET Framework is required (not all do) I stick with v4.6.2 on Win7 (had issues in the past with v4.7.x) and I’m currently using (when needed) v4.7.1 on Win8.1 (v4.7.2 might be OK but I haven’t had time and opportunity yet to assess that properly) as I find these versions to be the most stable ones for my particular needs (third-party software being used and how/what these systems are used for). Other users might have different needs (or no need for .NET Framework at all): Microsoft has helpful information here and here.
      3. All systems appear to be “stable” (as in “no noticeable/obvious bugs or negative impacts so far”) – meaning that, overall, everything seems to be working just fine and normally, as expected. That assumption is further confirmed by executing the SFC /VERIFYONLY and DISM /Online /Cleanup-Image /CheckHealth commands (both successful, no errors returned).
      4. The three sum-ups below refer to
      4.1) my previous stable “BASELINE” (Jul 13);
      4.2) a “baseline candidate” (stable update) I was preparing a few days back (Oct 3) while we got caught up between the MS-DEFCON 1 and MS-DEFCON 3 change (this might be yet another helpful feedback report for worried, confused users out there) and
      4.3) a currently, apparently “stable” BETA TESTING (Oct 10) – which, incidentally, is NOT yet endorsed by Woody or by any of the other MVPs here: it’s just *my* particular feedback (one, adding to many others). Things worked well for me, but be warned: proceed at your own risk (we’re at MS-DEFCON 1, which means: ***WAIT!***).

      Windows 7 x64 SP1 (Group A)
      Windows 7 SP1 (Oct 10, 2019)

      DATE     INSTALLED UPDATES                         DESCRIPTION/NOTES
      -------- ----------------------------------------- -----------------
      20190713 KB4490628 (2019-03 SSU)                   Stable BASELINE
               KB4474419 (2019-03 SHA-2)                 (Jul 13, 2019)
               KB4507449 (2019-07 Monthly Rollup)
                ->Includes KB4507434 (IE11 Rollup)
               KB4507420 (2019-07 .NET Framework Rollup)
                ->KB4507004 (3.5.1) + KB4506997 (4.6.2)
      -------- ----------------------------------------- -----------------
      20191003 KB4516655 (2019-09 SSU)                   Stable UPDATE
               KB4474419 (2019-09 SHA-2 v3)              (Oct 3, 2019)
               KB4516065 (2019-09 Monthly Rollup)
                ->Includes KB4516046 (IE11 Rollup)
               KB4514602 (2019-09 .NET Framework Rollup)
                ->KB4507004 (3.5.1) + KB4511516 (4.6.2)
      -------- ----------------------------------------- -----------------
      20191010 KB4524102 (2019-10 .NET Framework Rollup) Stable BETA TEST*
                ->KB4507004 (3.5.1) + KB4515854 (4.6.2)  (Oct 10, 2019)
               KB4519976 (2019-10 Monthly Rollup)
                ->Includes KB4519974 (IE11 Rollup)
      -------- ----------------------------------------- -----------------

      *No observable bugs so far.

      Windows 8.1 x64 (Group A)
      Windows 8.1 (Oct 10, 2019)

      DATE     INSTALLED UPDATES                         DESCRIPTION/NOTES
      -------- ----------------------------------------- -----------------
      20190713 KB4504418 (2019-07 SSU)                   Stable BASELINE
               KB4507448 (2019-07 Monthly Rollup)        (Jul 13, 2019)
                ->Includes KB4507434 (IE11 Rollup)
               KB4507422 (2019-07 .NET Framework Rollup)
      -------- ----------------------------------------- -----------------
      20191003 KB4512938 (2019-09 SSU)                   Stable UPDATE
               KB4516067 (2019-09 Monthly Rollup)        (Oct 3, 2019)
                ->Includes KB4516046 (IE11 Rollup)
               KB4514604 (2019-09 .NET Framework Rollup)
      -------- ----------------------------------------- -----------------
      20191010 KB4521864 (2019-10 SSU)                   Stable BETA TEST*
               KB4524104 (2019-10 .NET Framework Rollup) (Oct 10, 2019)
               KB4520005 (2019-10 Monthly Rollup)
                ->Includes KB4519974 (IE11 Rollup)
      -------- ----------------------------------------- -----------------

      *After reboot, KB4521864 (2019-10 SSU) came up again (a second time) on WU as an Important update: just clicked ‘Check for Updates’ to make it go away (no need to re-install it).

      Windows 10 x64 (Version 1803)
      Windows 10 Version 1803 (Oct 10, 2019)

      DATE     INSTALLED UPDATES                         DESCRIPTION/NOTES
      -------- ----------------------------------------- -----------------
      20190713 KB4509094 (2019-07 SSU)                   Stable BASELINE
               KB4507435 (2019-07 Monthly Rollup) b885   (Jul 13, 2019)
      -------- ----------------------------------------- -----------------
      20191003 KB4512576 (2019-09 SSU)                   Stable UPDATE
               KB4516058 (2019-09 Monthly Rollup) b1006  (Oct 3, 2019)
      -------- ----------------------------------------- -----------------
      20191010 KB4521861 (2019-10 SSU)                   Stable BETA TEST*
               KB4520008 (2019-10 Monthly Rollup) b1069  (Oct 10, 2019)
      -------- ----------------------------------------- -----------------

      *No observable bugs so far.

      • This reply was modified 3 years, 8 months ago by Speccy.
      • This reply was modified 3 years, 8 months ago by Speccy. Reason: Corrected (clarified) Win7 Stable BETA TEST section information (.NET Framework)
      4 users thanked author for this post.
    • Karen,

      Keep calm. You’ve been there already, remember? 🙂
      If you’re still stuck with the same message after a couple of hours or so, re-read and follow GTP’s advice on that thread to get you back in control. 😉

      Now, if you’re still having issues afterwards, a list of the latest (2019) Windows / .NET Framework updates that have been installed on your system could help us here to figure out if you need to (un)install anything: open Control Panel > Programs and Features, follow the ‘View Installed Updates‘ link, click on the ‘Installed On‘ column to sort down the items (most recent ones at the top) and take a screenshot -or-, alternatively, open a command line window (Windows key+R, type ‘cmd’ and press Enter) and type

      wmic qfe list brief|findstr 2019>%USERPROFILE%\Desktop\wu.txt

      Press Enter and wait a few seconds while a ‘wu.txt‘ text file is being created on your desktop. Once you see the blinking cursor again, type

      reg query HKLM\SOFTWARE\Wow6432Node\Microsoft\Updates /s /f InstalledDate|findstr /c:KB /c:2019>>%USERPROFILE%\Desktop\wu.txt

      and press Enter again. Once the blinking cursor is back, type


      and press Enter one last time to close the command line window. Reply back with the attached ‘wu.txt‘ file or copy&paste its contents back here.

      2 users thanked author for this post.
    • My 2 cents: if you were caught between DEFCON 3 and DEFCON 1 while updating and everything looks good, keep calm. Don’t blame yourself. Have a nice cup of tea, don’t touch anything and keep fingers crossed: you might be just fine (reporting: I’ve been beta testing some of these latest “out-of-band” updates on a few VM/live Win7/8.1/10(1803) systems and they don’t look terrible… hope is not lost… had no observable, relevant issues so far. However, I noticed that the Windows 10 (1803) out-of-band KB4524149 rollup hanged on the first installation attempt: had to cancel the installation, reboot the machine and then at the second attempt it installed fine, flawlessly. Printing is okay).

      But if you haven’t installed any of these recent IE/Windows “out-of-date” cumulative/rollup updates yet: we’re at DEFCON 1, best advice right now is to <u>wait</u>.

      It might be worth pointing out that both these “out-of-band” updates include updated libraries (jscript.dll, ieframe.dll…) that have been historically related with frequent issues (often arising from unexpected conflicts with third-party applications that, essentially, rely on the IE engine for rendering web content).

      Woody and the pros are overwhelmed with people posting and reporting bugs and issues, gathering information from multiple sources and trying to figure all this out and sort things up. Patch Tuesday is just around the corner and… the “awkward” CVE-2019-1367 security hole seems to be just the latest entry of a lengthy list of scripting-related vulnerabilities in the IE libraries that have been repeatedly updated, patched and fixed (and causing problems):

      CVE-2019-1221, CVE-2019-1194, CVE-2019-1133, CVE-2019-1059, CVE-2019-1056, CVE-2019-1004, CVE-2019-1001, CVE-2019-1080, CVE-2019-1055, CVE-2019-1005, CVE-2019-0988, CVE-2019-0920, CVE-2019-0918, CVE-2019-0911, CVE-2019-0884, CVE-2019-0862, CVE-2019-0835, CVE-2019-0753, CVE-2019-0752, CVE-2019-0783, CVE-2019-0746, CVE-2019-0680, CVE-2019-0609, CVE-2018-8653, CVE-2018-8643 (…)

      and also on VBScript (worth reading):

      CVE-2019-1208, CVE-2019-0768, CVE-2019-0667, CVE-2019-0666, CVE-2019-0665 (…)

      Thus: we’re at DEFCON 1, wait.

      3 users thanked author for this post.
    • Edited for content (removed irrelevant, off-topic info)

    • Edited for content (removed irrelevant, off-topic info)

    • Heads-up (in case you haven’t noticed yet): Windows Defender also got a new Antimalware Client (Version 4.18.1909.6) yesterday. Same engine (1.1.16400.2), Quick and Full scans seem to be working fine with current anti malware definitions (1.303.728.0 as I write this – more help about this specific subject in my previous post).

    • Woody, you probably need to truncate your posted a reprieve link. 😉

      1 user thanked author for this post.
    • in reply to: Where we stand with the September 2019 patches #1970152

      Downloaded it and did a binary file compare with the one released earlier this month (Sep 10 or so):

      fc /b windows6.1-kb4516655-x64_[20190910].msu windows6.1-kb4516655-x64_[20190930].msu
      Comparing files windows6.1-kb4516655-x64_[20190910].msu and windows6.1-kb4516655-x64_[20190930].msu
      FC: no differences encountered

      It’s the same file (digitally signed August 19, 2019). MS just probably re-released it but (adding to the ongoing mess) also “updated” the date/time stamp in the catalog…

      3 users thanked author for this post.
    Viewing 15 replies - 31 through 45 (of 76 total)