|
There are isolated problems with current patches, but they are well-known and documented on this site. |
Newsletter Archives
-
What should you do with the July patches?
Good question from s:
You moved to Defcon2 for August but we still don’t know what to do with the July patches. (Win 7) !!??
Short answer: Nothing. Wait for MS-DEFCON 3 or 4.
If you’re in Group B (Win7/8.1 Security only patches), you’ll have to manually install the July patches prior to installing the August patches. But for almost everybody, you don’t need to lift a finger.
-
We continue at MS-DEFCON 1: Don’t install any of the July patches
With August patches just around the corner, you’d be well advised to give up on the July patches. Yes, some folks dodged the (many!) bullets and managed to get some of the July patches installed without hosing their systems.
But for almost everybody, in almost every situation, the risk of installing the July patches is far, far greater than the risk of skipping them.
Computerworld Woody on Windows.
-
Microsoft releases 11 new .NET patches – but none (yet) for Win10 1703, 1709 or 1803
Yesterday saw a massive attempt — the fifth try this month — to fix the July .NET security patches.
Oddly, Microsoft fixed Win10 1607/Server 2016, but didn’t push out a fix for any other versions of Win10.
So far I haven’t seen any bugs. Perhaps the beta testers aren’t done yet. Or maybe they’ve wised up.
Computerworld Woody on Windows.
-
Where we stand with the July 2018 Microsoft patches
Quite possibly the worst month this year for patches.
And that’s saying something!
Computerworld Woody on Windows.
-
So many conflicting details in this month’s Windows patches
Wotta mess.
Yesterday’s round of Windows patches — for all versions of Windows — have so many internal inconsistencies it’s hard to keep score. Somebody’s playing fast and loose with the docs.
Computerworld Woody on Windows.
-
Yet another massive mess of Windows patches
Microsoft just released dozens of new patches — some dated July 23 in the Update Catalog, some dated July 24, some dated July 20.
Wotta mess.
All supported versions of Windows 10 got new patches, which are dated July 24 in the KB articles, but at this moment they’re still dated July 20 in the Update Catalog. Not clear if the patches in the Catalog are the same as the ones described in the KB articles.
The Win10 patches still have the “known issue”:
After you install any of the July 2018 .NET Framework Security Updates, a COM component fails to load because of “access denied,” “class not registered,” or “internal failure occurred for unknown reasons” errors. The most common failure signature is the following:
Exception type: System.UnauthorizedAccessException
Message: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
Microsoft is working on a resolution and will provide an update in an upcoming release.
Many of the patches are Intel microcode updates, likely for Spectre 2. The MS Support page dedicated to such fixes hasn’t been changed since July 19. All of those patches, as best I can tell, are manual-install only.
The Monthly Rollup Previews for both Win7/Server 2008 R2 and Win8.1/Server 2012 R2 were re-issued today. I don’t see any documentation about the re-issue, anywhere.
Only a fool would tread in these waters. DON’T PATCH.
-
The July .NET patches are even worse than you think
Earlier today, Microsoft posted this advisory on the official MSDN .NET blog:
The July 2018 Security and Quality Rollup updates for .NET Framework was released earlier this month. We have received multiple customer reports of applications that fail to start or don’t run correctly after installing the July 2018 update.. A COM component fails to load because of “access denied,” “class not registered,” or “internal failure occurred for unknown reasons” errors.
We have stopped distributing the .NET Framework July 2018 updates on Windows Update and are actively working on fixing and re-shipping this month’s updates…
Workaround
Temporarily uninstall the July 2018 Security and Quality Rollup updates for .NET Framework to restore functionality until a new update has been released to correct this problem.
It’s been a banner month for Microsoft patches
-
July patches are all messed up — but a good hint appears in Japanese
I’ve given up on the July patches. Which is why we’re on MS-DEFCON 1.
There’s a little bit of light, though — coming from a Japanese language explanation from a Microsoft employee.
Computerworld Woody on Windows.
-
Microsoft just released 27 new security patches
The Update Catalog lists 27 patches that were released on July 16 – that’s today.
Right now, we have 151 security patches available for this month. This morning, the number stood at 129. If I take off my shoes, I think that means five patches (net) were pulled and not replaced.
All active versions of Windows – Win10 1803, 1709, 1703, Win7, Win8.1, Server 2008 R2, Server 2012 – have new updates.
KB 4018385, the buggy Office 2016 patch, was pulled and hasn’t been replaced.
This month’s patches have been an unmitigated mess. DON’T PATCH.
Computerworld Woody on Windows.
And I just moved us to MS-DEFCON 1.
-
The Big Bug rollup: Many problems, few solutions, with bugs in the July Patch Tuesday crop
I can’t believe how many bugs we’re seeing in this month’s patches.
Oh. Wait a sec. Yeah, I can believe it.
If you’re applying Windows/Office updates as soon as they come out, you clearly don’t understand the situation.
Computerworld Woody on Windows.
-
July 2018 Security patches are out
Martin Brinkmann has a full list on ghacks.
There are “critical” fixes for Edge (12 critical) and Internet Explorer (4 critical), but no “critical” fixes for any Windows version.
SANS Internet Storm Center says there are no known exploits for any of the patches.
Here’s the full list of downloads in the Microsoft Catalog. Odd that so many are dated July 9….
Microsoft still hasn’t fixed the Win7 bug introduced in a security patch earlier this year:
There is an issue with Windows and third-party software related to a missing file (oem<number>.inf). Because of this issue, after you apply this update, the network interface controller will stop working.
We have re-re-re…-issues of KB 2952664 for Win7 and KB 2976978 for Win8.1. Those are the infamous snooping/telemetry “enhancing” patches that have been around for years.
Security Updates for Office 2016, Office 2013, Office 2010, various Viewers and SharePoint Servers are available on the Office Update page.
-
MS-DEFCON 2: In anticipation of the July 2018 patches, make sure you have Automatic Update turned off
Watch out for reports that Win7 users are getting coerced into upgrading to Win10 (again). And also be aware that your Alienware machine is now considered fair game in the pushed 1803 upgrade arena.
I’m moving to MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.
Full article in Computerworld. Woody on Windows
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
AOL changes its web based email
by 2 hours, 59 minutes ago
-
Windows 11 Insider Preview build 23471 released to DEV
by 5 hours, 33 minutes ago
-
Windows 11 Insider Preview Build 22621.1830 and 22624.1830 released to BETA
by 5 hours, 34 minutes ago
-
Spyboy Defense Evasion Tool Advertised Online
by 12 hours, 55 minutes ago
-
Gigabyte motherboards backdoor
by 3 hours, 30 minutes ago
-
numbering in a table
by 17 hours, 58 minutes ago
-
LMDE 5 32-bit dual boot on seperatd drives
by 16 hours, 7 minutes ago
-
Microsoft ends 2017 Surface Book 2 support
by 1 day, 5 hours ago
-
My monitors won’t turn on
by 22 hours, 37 minutes ago
-
AMD Software Failed to Launch Because Windows Update Has Replaced the AMD…
by 1 day, 15 hours ago
-
Microsoft : New macOS vulnerability, Migraine, could bypass System Integrity…
by 1 day, 17 hours ago
-
Remove One Drive
by 1 day, 22 hours ago
-
Firefox users on Windows 7, 8 and 8.1 moving to Extended Support Release
by 10 hours, 50 minutes ago
-
How to change “User Account Control:Run as administrator”
by 2 days, 3 hours ago
-
Two monitors, want different “fixed” wallpaper on each one
by 2 days, 9 hours ago
-
Microsoft forcing move to Microsoft account?
by 2 days, 7 hours ago
-
Event 2545 Device Management – Enterprise – Diagnostics – Provider
by 2 days, 10 hours ago
-
QBot malware exploits Windows WordPad EXE to take over
by 3 days, 6 hours ago
-
Laptop powers off during KB5026361 update
by 3 days, 5 hours ago
-
How to enable Sleep in Shut down menu?
by 3 days, 7 hours ago
-
Beware of Google’s .ZIP domain and password-embedded URLs
by 9 hours, 4 minutes ago
-
Longstanding feature requests, and their status
by 3 days, 15 hours ago
-
Three typing tutors — no more “hunt and peck”
by 3 days, 14 hours ago
-
Is online banking secure?
by 2 hours, 59 minutes ago
-
Bluetooth audio not working on older Lenovo T420 with Win 10
by 2 days, 21 hours ago
-
Using wildcards in search and replace
by 4 days ago
-
How is Windows XP a security risk?
by 15 hours, 56 minutes ago
-
Is using VPN a good idea?
by 3 days, 21 hours ago
-
How to prevent/disable Bitlocker Automatic Device Encryption?
by 4 days, 8 hours ago
-
Unexplained aspects of installing the latest update of Office 2021
by 4 days, 8 hours ago
