Replies

Curious that Windows Server 2016 was not affected.

Hi PerthMike,

The reason for this, and this is something I just realized YESTERDAY, is that as of Exchange 2013 you no longer receive cumulative updates from WSUS or Microsoft Update. You have to download them from Microsoft manually through this site:

https://docs.microsoft.com/en-us/Exchange/new-features/updates?view=exchserver-2019

Woody and/or Patch Lady, if you can spell that out in a fresh post I bet a LOT of admins will be surprised to hear that they haven’t received any CU updates since their initial Exchange 2013-2019 install!

Dang! How are the rest of the February patches looking from a DEFCON standpoint? If I’m rolling out to our business critical servers it’d be convenient to approve the whole set if the green light is coming.

PKCano wrote:

If you are running Win XP/7 you should go ahead and install the May updates.

Thanks PKCano! What if we’re running a mixed environment with 7/10/2008R2/2016? Will rolling it out mess with any of those OS’s?

As it stands now, do these patches have known side effects like CPU degradation? I was just about to roll out the April patches but I’m holding off until these are safe and stable.

According to my WSUS server Win7/8/2008R2 machines got a new Cumulative IE patch (leaving the OS rollups intact) but all newer OS’s had to get a whole new Cumulative OS rollup since IE updates are now bundled with them.

Do you think the December patches are stable enough to begin testing? I was planning on rolling out the November group as the new baseline as we can only patch critical systems every few months, but this lineup looks pretty solid so far.

How would you categorize the November updates for versions 1803 and below? My company has a mix where half the systems have the September patches and the other half the ones from May. I’d like to patch everything to the same version before year-end if this batch is clean for non-1809 installs.

Every version of Windows 10/2016, rather. I’m not seeing anything for Windows 7 or Server 2008 R2 systems.

3 users thanked author for this post.

Pepsiboy, geekdom, woody

DECLINE, baby, DECLINE on anything now showing as superseded! We do the cumulative patches.

I understand that the general recommendation is to hold off on patching, but does this also apply to Windows 10 Adobe Flash Security Updates and monthly Windows Malicious Software Removal Tools? I don’t see either mentioned on the Master Patch List.