Newsletter Archives

• The Big Bug rollup: Many problems, few solutions, with bugs in the July Patch Tuesday crop

  Posted on July 12, 2018 at 07:46 CDT by woody • Comment in the Forums

  I can’t believe how many bugs we’re seeing in this month’s patches.

  Oh. Wait a sec. Yeah, I can believe it.

  If you’re applying Windows/Office updates as soon as they come out, you clearly don’t understand the situation.

  Computerworld Woody on Windows.

  Windows Patches/Security 0x80092004, delta update, July 2018 Black Tuesday, KB 2952664, KB 2976978, KB 4023057, KB 4132216, KB 4338419, KB 4338814, KB 4339420, KB 4340558, KB 4343669, Win10 1803

• KB 4023057 is back again. Again.

  Posted on February 9, 2018 at 04:05 CST by woody • Comment in the Forums

  While sifting through the latest KB article change list, I noticed that our old friend KB 4023057 is back.

  Now titled Update to Windows 10 Versions 1507, 1511, 1607, and 1703 for update reliability: February 8, 2018, the KB number should ring some bells.

  Our own @abbodi86 said this about the last onslaught, in October:

  It’s a tool called “Remediation Shell” which remedies “fixes” update-related components to facilitate the upgrade from one version of Win10 to another.

  Registry settings, services status, USO and Windows Update SIH (Silent Install Helper), scheduled tasks, disk space, launch Windows10UpgraderApp.exe if installed (included with 1607 cumulative update since June)

  I haven’t heard anything new about this latest and greatest version, so I assume that @abbodi86’s description still pertains.

  In short, it’s innocuous. Don’t go out of your way to install it, but don’t fear the reaper, either.

  UPDATE: Günter Born notes that KB 2952664 for Win7 and KB 2976978 for Win8.1 (both unchecked and optional) were also released yesterday. Born’s take on the Win7 and 8.1 versions is different from mine:

  These updates have been good for problems in the past and also had to be withdrawn by Microsoft in some cases. There were machines that hung themselves, where the fan was running at full speed, or where websites or the machine was freezing for short periods of time (see here). Here, here and here are older threads mentions install errors with these updates. Here someone mentions boot issues in November 2017. Weighting all this risks against the benefits of a ‘diagnosis update’, I recommend to hide these updates.

  I’m convinced.

  Windows Patches/Security KB 2952664, KB 2976978, KB 4023057

• Office non-security patches appear with the reprise of KB 2952664 and 2976978

  Posted on November 8, 2017 at 07:45 CST by woody • Comment in the Forums

  The usual bunch of Office non-security patches appeared yesterday, with a couple of surprises. Publisher 2007, which is long past end-of-life, got a patch. In addition we saw the re-launch of two widely despised Win7 and 8.1 “compatibility appraiser” updates

  Computerworld Woody on Windows.

  Office Patches/Security, Windows Patches/Security KB 2952664, KB 2976978

• MS re-re-..release (again) of KB 2952664 and KB 2976978

  Posted on June 6, 2017 at 16:09 CDT by PKCano • Comment in the Forums

  We’re seeing a recurrence of the two snooping patches KB2952664 for Win7 and KB2976978 for Win8.1. The last time they showed up, was on March 7th, but now they’re back……

  MS re-re-..release of KB2952664 and KB2976978

  Microsoft describes them as a “Compatibility update for keeping Windows up-to-date.”

  This update performs diagnostics on the Windows systems that participate in the Windows Customer Experience Improvement Program. The diagnostics evaluate the compatibility status of the Windows ecosystem, and help Microsoft to ensure application and device compatibility for all updates to Windows. There is no GWX or upgrade functionality contained in this update.

  They are appearing as unchecked Optional now, which means they won’t be installed unless you check the corresponding box in Windows Update.
  Their status may change next week to Recommended and, for some, they may show up as checked Important on Patch Tuesday.

  Windows Patches/Security KB 2952664, KB 2976978, snooping, telemetry, Windows patches

• Microsoft pulls KB 2952664 and KB 2976978, likely in anticipation of today’s Patch Tuesday

  Posted on March 14, 2017 at 06:10 CDT by woody • Comment in the Forums

  Günter Born has details on Borncity.

  Long and short of it, the two notorious Win7/8.1 snooping patches, KB 2952664 and KB 2976978, which were re-re-… released last week, have been pulled.

  I fully expect to see them back later today as part of the St Patrick’s Patch Tuesday festivities. When the re-appear, they may well be marked as “Recommended” – which means you may get them installed if you aren’t careful.

  There’s a big crop of patches waiting in the wings. Now’s a good time to make sure you’re at MS-DEFCON 2, automatic updates are turned off, and your system’s braced for winter weather.

  Windows Patches/Security KB 2952664, KB 2976978

• MS-DEFCON 2: Make sure auto updates is turned off, as MS re-re-…-releases KB 2952664 and KB 2976978

  Posted on March 7, 2017 at 13:22 CST by woody • Comment in the Forums

  We’re seeing a replay of February’s Patch Tuesday run –

  Microsoft re-releases snooping patches KB 2952664, KB 2976978

  … except this time it isn’t Patch Tuesday. No idea what’s been changed in those two proto-snooping patches. No idea why they’re being re-re-…-released on the first Tuesday of the month. But they are coming out as Optional, which means they won’t get installed unless you check the corresponding box in Windows Update.

  Anyway, best to get locked down. We’re at MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.

  Oh and, yes, it looks like Windows Update is working again, after taking a month off.

  Full story in InfoWorld Woody on Windows

  Windows Patches/Security KB 2952664, KB 2976978, MS-DEFCON 2

• Looks like KB 2952664 (for Win7) and KB 2976978 (Win 8.1) are back

  Posted on February 21, 2017 at 12:16 CST by woody • Comment in the Forums

  These are the two patches implicated with various snooping proclivities, and tied into upgrading from Windows 7 to Win10, or Win8.1 to Win10 — which should be a non-starter tat this point.

  I can see them in the Microsoft Update Catalog:

  KB 2952664

  KB 2976978

  They’re both listed as “Last Updated 2/17/2017.”

  They aren’t listed on the Windows Update official page, but PKCano reports that she’s seeing the Win 8.1 patch, released today, optional and unchecked.

  Of course you should avoid them.

  Windows Patches/Security KB 2952664, KB 2976978

• What happened to the February patches?

  Posted on February 15, 2017 at 10:17 CST by woody • Comment in the Forums

  There’s a lot of conjecture. I haven’t seen any Feb “Patch Tuesday” style patches. Have you?

  Hard to believe all of the patches – Vista, Win7, 8.1, various 10s, the Offices including Click-to-Run, IE, .NET, and all the weird supporting patches have all gone missing.

  Even the two odd snooping patches, KB 2952664 (for Win7) and KB 2976978 (Win 8.1), are no longer available in the Windows Update Catalog.

  The only conclusion I can draw – and it’s 100% speculation – is that Windows Update is broken. Or maybe compromised.

  Do you have any better info – or a contrary opinion?

  UPDATE: Gregg Keizer at Computerworld just posted an interview with a security expert who, amazingly, seems to say exactly what I’m saying.

  Office Patches/Security, Windows Patches/Security KB 2952664, KB 2976978

• Martin Brinkmann’s deep dive into removing telemetry in Win7 and 8.1

  Posted on February 11, 2017 at 08:05 CST by woody • Comment in the Forums

  On the heels of Günter Born’s discoveries about the just-reissued “snooping” Win7 and 8.1 patches KB 2952664 and KB 2976978, Martin Brinkmann at Ghacks has just posted:

  • A thorough list of telemetry-inspired Win7 and 8.1 patches
  • A list of dozens of Microsoft servers that only exist to snoop
  • Details about disabling the Customer Experience Improvement Program, the Diagnostic Tracking Service, and scheduled tasks that phone the mothership.

  If you’re concerned about Win7 snooping – and you should at least be aware of the, ahem, feature and its manifestations – this is an amazing central repository of information.

  Windows Patches/Security KB 2952664, KB 2976978, Windows 7 snooping

• A way to mediate the telemetry gathering in Win7 and 8.1

  Posted on February 10, 2017 at 22:02 CST by woody • Comment in the Forums

  Windows guru Günter Born has just posted an English-language article on his web site about KB 2952664 and KB 2976978, the re-issued snooping patches for Win7 and 8.1 (see entry below).  His article includes a detailed description of how one might cut off the telemetry in those patches.

  The question is “why Microsoft re-releases those updates, although they has been installed on many machines, and why as a extraordinary update on a Thursday?” Microsoft kb articles doesn’t give a clue what’s in.

  He goes through a series of steps to take down a program called compattelrunner.exe, a telemetry data gathering routine that “has been known as a trouble maker driving many systems CPU and RAM load to 100%.” Born admonishes:

  But note, I haven’t tested it – so you are at your own risk – and we don’t know how long this trick will work. But it’s maybe helpful.

  He also includes a list of telemetry related patches that many of you will find interesting.

  Check it out.

  Windows Patches/Security KB 2952664, KB 2976978

• Microsoft re-releases snooping patches KB 2952664 (for Win7), KB 2976978 (Win 8.1)

  Posted on February 9, 2017 at 15:14 CST by woody • Comment in the Forums

  What’s going on?

  InfoWorld Woody on Windows

  UPDATE: The replies here are getting thick and uninformative. Opinions are great, but they belong in the Rants forum, not here.

  I sealed off the replies, and point you to this comment by Mr. Brian:

  I think we have a decent idea of what KB2952664 does (at least the older version that I tested). KB2952664 adds task Microsoft Compatibility Appraiser. Task Microsoft Compatibility Appraiser is a gatherer of information that is sent to Microsoft by service Diagnostics Tracking Service.

  Detailed KB2952664 (older version) test results: https://www.askwoody.com/forums/topic/care-to-join-a-win7-snooping-test/#post-21407.

  Method of listing the telemetry data that Diagnostics Tracking Service sends to Microsoft: https://www.askwoody.com/forums/topic/care-to-join-a-win7-snooping-test/#post-21414.

  I will test the newer version of KB2952664 when time permits.

  MrBrian

  I’ll update this as definitive information arrives.

  Windows Patches/Security KB 2952664, KB 2976978

• Windows 8.1 snooping patch KB 2976978 re-re-re-released

  Posted on November 2, 2016 at 10:29 CDT by woody • Comment in the Forums

  It’s an optional patch, so you won’t get it unless you ask for it.

  The KB article is now up to revision 32.

  Microsoft is careful to note (this time):

  This update performs diagnostics on the Windows systems that participate in the Windows Customer Experience Improvement Program. The diagnostics evaluate compatibility on the Windows ecosystem and help Microsoft to ensure application and device compatibility for all updates to Windows. There is no GWX or upgrade functionality contained in this update.

  It’s the Win8.1 analog to the much-discussed Win7 KB 2952664.

  While Microsoft implies that the patch only does its snooping if you enable the Customer Experience Improvement Program, I haven’t found any official confirmation.

  Windows Patches/Security KB 2952664, KB 2976978
• « Older Entries