• Patch Lady – KB4088875 more questions

    Posted on March 27, 2018 at 15:23 CDT by Comment in the Forums

    The following update has had a revision: KB4088875  But in doing so I’m scratching my head a bit more.

    Remember our original side effects relate to networking issues and loss of a static IP upon reboot:

    A new Ethernet virtual Network Interface Card (vNIC) that has default settings may replace the previously existing vNIC, causing network issues after you apply this update. Any custom settings on the previous vNIC persist in the registry but are unused. Microsoft is working on a resolution and will provide an update in an upcoming release.
    Static IP address settings are lost after you apply this update. Microsoft is working on a resolution and will provide an update in an upcoming release.

     

    On the page on KB4088875  a script is now linked and the following wording has been added:

    Prerequisites

    Follow these steps before you apply this update to a physical computer or a virtual machine:

    1. Back up the following registry key and subkey:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\PCI

    1. Copy the following VBScript (VBS) code, paste it into Notepad, save the file with a “.vbs” extension, and then run the .vbs file.Note The script also includes binary version checks around PCI.SYS file.

    (note the KB has the script in detail)

    Okay so here are my questions:

    1.  Is this needed for all deployments or only where a static IP has been used?  As I’ve seen the loss of networking side effect more where a static IP was assigned to the network adapter.
    2. Can an admin run this script before the install of the update?  (based on admins testing this it appears the answer is yes)
    3. In a consumer setting, where we only go to Windows update, do we need this? (I don’t think so but it would be nice to know for sure)
    4. If we’ve already installed the update, should we run this script? (again, I don’t think so but it would be nice to know for sure)

    Right now I only have questions, not answers but here’s my mode of attack:

    1. If it’s a workstation where I have physical access and can easily fix any networking stack issue I’ve installed the update as is and honestly have had no issues.  I am mostly deploying this in settings where my router is handing out the DHCP and I’ve seen no issues.
    2. If it’s a server, I’m deploying this based on how comfortable I am with alternative ways to reach that server and deal with patching issues.  If I can walk over to the server, I’ve gone ahead and patched.  If I’m remote to the server, it depends on if there is a remote network management tool like an iLO or Drac (HP or Dell) and/or how responsive the support team is in the datacenter.

    The side effect of losing networking still feels like there is some other trigger at play in non VMware shops.  I’ve seen people report the issue mostly where a static IP has been assigned.

    One concern as Woody has already pointed out, next month’s preview of non security updates already has the same side effect.

    So bottom line, determine your zeal for updating, throw a bit of salt over a shoulder, squint your eyes real tight, and keep your fingers crossed while you update.  Hey, wouldn’t hurt would it?

    Windows Patches/Security ,
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    March 2025
    S M T W T F S
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    3031  

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.