alert banner

ISSUE 20.09.1 • 2023-02-28
MS-DEFCON 4: Wrapping up a short month


By Susan Bradley

February’s patches affected you either severely, or not at all.

The good news: If you are a consumer, home user, or business that does not use Windows Server 2022 or any version of on-premises Exchange server, you will be just fine installing the updates at this time. Therefore, I am very comfortable with lowering the MS-DEFCON level to 4.

However, if you are a business patcher with Windows Server 2022 hosted in VMware, you may have been significantly impacted. In addition, patch administrators are still dealing with the side effects of the Exchange updates.

Consumer and home users

Both Apple and Windows patches have been relatively well behaved this month. I always say “relatively” because with any updating experience, someone somewhere may have a hiccup.

For those of you maintaining a Windows PC that is capable of receiving an update to Windows 11 but don’t want it, remember that you can use registry keys, group policy editing, Intune, or the InControl app to edit the settings so that Windows 10 remains without nagging. Also remember that you can specifically set the feature releases to stop at a specific release number. If you aren’t as fussy about that, but still want control on the basics of the operating system version, that is easily done.

If you have a Windows 10 Professional, enter “edit group policy” into the search box and launch the resulting editor. Click Computer configuration | Administrative Templates | Windows Components. Scroll all the way to the bottom and select Windows Update | Windows update for Business, then click Select the target feature update version. (see Figure 1.)

Local group policy editor
Figure 1. You can use the local Group Policy Editor to control which Windows version and feature release you wish to remain with.

Click the Enabled radio button (if not already selected), then look for the text box labeled “Which Windows product version would you like to receive feature updates for? e.g., Windows 10.” Enter Windows 10. Leave the second box, “Target Version for Feature Updates,” blank. Click the Apply button, then exit the policy editor.

This will keep your system at Windows 10 indefinitely. If you would prefer a Registry link, use this download.

Finally, beware of disabling applications. Folks on Reddit are often gamers or those who love to tinker with their operating systems. One such poster disabled the Microsoft Defender/Antimalware Service Executable and now, after installing KB5022360, he found that other applications would not run or would start slowly. Always keep in mind that if you install another antivirus software program, it will promptly disable Microsoft Defender. One AV program at a time, please!

It is wise not to disable services unless you understand the ramifications fully and have a good backup. If you have any issues after an update, come and ask in our forums — don’t start following advice in a random post you found at the top of a Google search.

Business users

For businesses with an on-premises Exchange server, the way forward is murkier. For those on Exchange 2013, remember that its window of support is coming to a close and there will be no extended support updates. You may also see a crash in the Exchange Web services. Microsoft has released a specific KB article with registry fixes.

If you had Windows Server 2022 in VMware — specifically, versions older than ESXi 8.0 — you found your servers unable to boot after the February updates. ESXi 6.7 will not be patched. However, a patch has been released to VMWare ESXi 7.0 U3k, released on February 21.

For those who still patch Windows Server 2012 R2 Essentials (not the plain server, but a specific SKU for small businesses), you won’t be able to install February’s updates until Microsoft fixes detection. Seems the company forgot to include the Essential SKU in its updating build, so it fails to detect that server version. I’ll let you know when the detection is fixed.

Our next Patch Tuesday is March 14, giving you plenty of time to update your VMware and your servers.



Talk Bubbles Join the conversation! Your questions, comments, and feedback
about this topic are always welcome in our forums!

Susan Bradley is the publisher of the AskWoody newsletters.

The AskWoody Newsletters are published by AskWoody Tech LLC, Fresno, CA USA.

Your subscription:

Microsoft and Windows are registered trademarks of Microsoft Corporation. AskWoody,, Windows Secrets Newsletter,, WinFind, Windows Gizmos, Security Baseline, Perimeter Scan, Wacky Web Week, the Windows Secrets Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of AskWoody Tech LLC. All other marks are the trademarks or service marks of their respective owners.

Copyright ©2023 AskWoody Tech LLC. All rights reserved.