Search Results for 'KB3133977'

Woody:    Thanks very much for your response.  I’ve got a couple of questions about it in order to try to clarify my understanding.  Here are my questions:
1.   In your response, you said that in broad terms you “have those in Group B skip the Recommended updates”.  How do I tell which ones are “Recommended updates”?  In my Update window,  I see the words “Important”  and “Optional”  and “Security”,  but I don’t see the word “Recommended”.  Generally the window looks pretty much like Figure 4-4 in your book  “Windows 7 All- in-One for Dummies”,  and I don’t see the word “Recommended” in that Figure 4-4.  I assume that there’s a difference between “Important” and “Recommended” because Microsoft uses the terminology “give me recommended updates the same way I receive important updates”.   On Page 659 of your book,  you say “there’s  a very thin line between Important and Recommended”,   and then you say “see the nearby ‘What’s a critical update?’ sidebar”.  But when I read that sidebar,  I don’t see the word “Recommended” there.   Also, I don’t see the word “Recommended”  in the Microsoft article entitled   “Description of the standard terminology that is used to describe Microsoft software updates”,   and so I’m having trouble finding the difference between a “Recommended” update and an “Important” Update.   So I’d appreciate it if you could answer how to tell which updates are “Recommended”.
2.   In your reply, you also said “The most important part: If you see something that’s checked, don’t uncheck it unless the instructions specifically tell you to uncheck.”  In my experience,  usually the ones that Microsoft lists as “Important”  are checked,  and so based on that, I would install those ones that are checked (after you’ve given the Defcon Go-ahead).   But I’m wondering if the waiting period you give before giving the Defcon 3 go-ahead is long enough.  Here is one possible example:   I’ve kept screenshots of all my Windows Updates windows for the past few years and I notice that in April of 2016, the box for KB3133977 was checked.  As far as I can tell from your Defcon 3 article of April 28, 2016,  you did not recommend unchecking the box for that one.   However later in May of 2016, it surfaced that that was a problematic update which then resulted in some postings on your own website in May of 2016  as well as elsewhere on the Internet (see article “Microsoft Warns Windows 7 Has A Serious Problem” at  https://www.forbes.com/sites/gordonkelly/2016/05/04/microsoft-warns-windows-7-boot-up-problem/#42105aad7295 .  According to that article,  it turns out that in April of 2016 Microsoft switched it from “Optional” to “Recommended”.  I do know that I myself unchecked the box for that update,  but I think I did so based on your article of March 11, 2016,   in which you said “In the future,  only install security patches for Win7 and 8.1. Don’t install optional patches”.  It had appeared to me that it wasn’t described by Microsoft as either a security patch or an optional patch (it appeared to me that it was described as an “Important” patch),  so I made an assumption that I should uncheck the box for it.  But some people may not have,  and perhaps some of them ran into trouble later.  This is just something I happened to run across,  and so it’s possible I’ve got the whole thing mixed up, but don’t have time to research the whole history on it (and it’s a little confusing also because my screenshot shows it as “Important”  rather than “Recommended” and I’m still a little unclear about the difference between “Optional”, “Recommended” and “Important” partially because in my mind the word “recommended” has a connotation of being “optional”),  but the only reason I mention it is to help me understand Windows Updates better,  and also it makes me wonder whether your waiting time is long enough before you give the “Go Ahead”,  and so I ‘d appreciate any thoughts you might have on this.   It’s quite possible that this may be an example of why you gave it a level of Defcon 3,  rather than a higher- level Defcon 4 or 5,  but I just thought I would ask.

 

EDIT  Html to text

abbodi86 wrote:

It’s ASUS fault then

Mmm…not really. Simply because Secure Boot was enabled in BIOS, the setting is ignored by any operating system which doesn’t support this feature. The real issues are that:

— KB3133977 didn’t check to see which version of Windows 7 was installed in order to determine if KB3133977 should be applied.

— And then KB3133977 tried to update Bitlocker with Secure Boot features, simply because KB3133977 saw that Secure Boot was enabled in BIOS, even though no version of Windows 7 supports Secure Boot.

The upshot is that KB3133977 wrongly tried to shoehorn Secure Boot into the Windows 7, if Secure Boot was enabled in BIOS, into the Windows 7 boot process even though Windows 7 doesn’t support Secure Boot.

 

ch100 wrote:

…How do you uninstall components from KB3125774? I cannot comment about the ASUS issue and you mentioned Bitlocker. The convenience update is supported on the Enterprise version, instructions and details were posted on Technet which is not a site for home users, but a lot of home users installed this update successfully. What is the relationship with Bitlocker?

Re the ASUS and Bitlocker issue, see:

http://www.infoworld.com/article/3065487/microsoft-windows/recommended-kb-3133977-patch-can-cause-asus-pcs-to-freeze.html

The upshot is that KB3133977 is a Bitlocker patch. This patch should only apply to Windows 7 Enterprise and Ultimate versions which support Bitlocker, yet this patch tries to install on all versions of Windows 7. That is one issue. The other issue with this patch is that on many ASUS motherboards, ASUS enabled Secure Boot in BIOS even though Windows 7 does not support Secure Boot. The result for such ASUS motherboards is that, after this patch is applied, the ASUS computer is bricked. Woody’s Infoworld article mentions two ways to “un-brick” an ASUS computer after this patch is installed.

2 users thanked author for this post.

owdrtn, Elly

Hmm…after several days, MS finally approved my post using my online name of GoneToPlaid. See:

Building Windows 7 Images in 2017

I pointed out that Microsoft used to have a published Hotfix for the Event ID 10 errors which everyone saw after installing Windows 7 SP1.

I pointed out that KB2020369 should be installed only by itself.

I pointed out that KB3125574, the Convenience Update Rollup, includes updates which may cause issues, includes the KB3133977 update which may brick some Asus computers and which will not install on Windows 7 OS versions which do not support Bitlocker, and includes updates which install telemetry. The potential for bricking of some Asus computers is not documented by MS. I pointed out that others have documented other issues and inherent flaws within this Convenience Update Rollup.

So, let me see if I have this straight. MS claimed that the Convenience Update Rollup did not include any updates which which had any other known issues aside from what is documented by Microsoft on this page:

Convenience rollup update for Windows 7 SP1 and Windows Server 2008 R2 SP1

All I can say to the MS documentation linked directly above is, Oh really?

Yet more importantly, MS, by finally approving my post (this took several days), is acknowledging that the Convenience Update Rollup (KB3125574) also includes deep telemetry, yet without any disclosure whatsoever from MS that KB3125574 (the Convenience Update Rollup) includes deep telemetry.

If anyone goes down the KB3125574 route, then there are individual updates which you will want to uninstall in order to remove the deep telemetry.

Finally!

OK, I went for it. I ran the search for updates Friday afternoon around 12:30 and it was still going a few hours later. I let it go until I checked it Saturday night and it gave me the list of available updates (which is said started around 6:30 on Friday). They looked OK and I ran the update.

Thank you!

Morty

Description      FixComments  HotFixID   InstallDate  InstalledBy             InstalledOn

Update                        KB3078667               Admin-PC\Admin     3/5/2017
Update                        KB3080149               Admin-PC\Admin          3/5/2017
Update                        KB3092627               Admin-PC\Admin          3/5/2017
Update                        KB3107998               Admin-PC\Admin          3/5/2017
Update                        KB3118401               Admin-PC\Admin          3/5/2017
Update                        KB3121255               Admin-PC\Admin          3/5/2017
Update                        KB3133977               Admin-PC\Admin          3/5/2017
Update                        KB3140245               Admin-PC\Admin          3/5/2017
Update                        KB3147071               Admin-PC\Admin          3/5/2017
Update                        KB3161102               Admin-PC\Admin          3/5/2017
Update                        KB3170735               Admin-PC\Admin          3/5/2017
Update                        KB3172605               Admin-PC\Admin          3/5/2017
Security Update               KB3177186               Admin-PC\Admin          3/5/2017
Update                        KB3179573               Admin-PC\Admin          3/5/2017
Update                        KB3181988               Admin-PC\Admin          3/5/2017
Update                        KB3184143               Admin-PC\Admin          3/5/2017
Security Update               KB3205394               Admin-PC\Admin          1/29/2017
Update                        KB3210131               Admin-PC\Admin          3/5/2017
Security Update               KB3212646               Admin-PC\Admin          3/5/2017

1 user thanked author for this post.

Elly

I tend to avoid adding unnecessary updates. Do you recommend the monitor keyboard and mouse optional updates? Occasionally I have had to replug my usb mouse and keyboard when they have stopped working.
I have cleaned out the problem/spying updates you advise against and have these left to consider. I am wondering about the cumulative updates especially.
Reliability Rollup for Microsoft .NET Framework (KB3179930)
(KB3133977)
(KB3137061)
(KB3138378)
(KB3138901)
(KB3140245)
(KB3147071)
(KB3161102)
(KB3170735)
(KB3172605)
(KB3179573)
(KB3181988)
(KB3184143)
(KB3185278)
Thanks.

ch100

these updates I have not installed and set to hidden

W7 PRO 64BIT HERE

KB3146706

KB3159398

KB3161949

KB3175024

KB2952664-W10 pesterware

KB3133977- Asus Board Related for Secureboot(bad patch)

KB3147071

KB3161102

KB3170735

KB3184143-W10 PATCH REMOVER- dont have any W10 patches

KB3185278- Unsure if I should install or leave off.

I was wondering if any of these I should install because I read that some break certain settings etc.

This site is great just I believe it needs a forum setup. Definitely a Bad and Safe Database need to be established in a separate area that can be seen at all times as WordPress is disorganized.

For Windows 7, the Simplix Update Pack page has a list of 16 undesirable and excluded updates as of September 17, 2016.

https://translate.google.com/translate?depth=1&ie=UTF8&nv=1&rurl=translate.google.com&sl=ru&tl=en&u=http://update7.simplix.info/

I unhid all my hidden updates, and the only pre-September 13 updates I have from the Simplix list are:
KB2952664
KB3021917
KB3068708
KB3080149

Also, while it’s not on their undesirable list, Simplix also does not include in their update pack:
KB3133977 [BitLocker update, causing boot failure on ASUS motherboards]

Also, of updates dated September 13, Simplix excludes
KB3172605 (Update adds a point telemetry consent.exe file) [July Rollup],
but includes in the update pack
KB3179573 [August Rollup].

1. Actually, there have been a few apparently non-snooping, non-upgrade updates since November 2015.

On my Win7 Pro x64 desktop, here are the non-snooping, non-upgrade (I think!) updates I’ve hidden since November 2015. I didn’t need them, but I don’t remember if there also were problems with any of them. All are Recommended. (I installed others I thought were safe and applied to my computer, like daylight saving updates.)

KB3107998 Remove Lenovo USB Blocker version 1.0.0.37 to avoid a system crash
KB3118401 Update for Universal C Runtime in Windows
KB3121255 “0x00000024” Stop error in FsRtlNotifyFilterReportChange; copy file may fail
KB3133977 BitLocker can’t encrypt the drive and the service crashes
KB3137061 Azure virtual machines don’t recover from network outage (data corruption)
KB3138378 Improves the reliability of Journal.dll by removing unused code
KB3138901 Users can’t access Internet when multiple users log on to Remote Desktop Services
KB3140245 Support for Transport Layer Security (TLS 1.1 and TLS 1.2)
KB3147071 Connection to Oracle database fails when you use Microsoft ODBC or OLE DB Driver

2. Woody, I can’t begin to express the gratitude I have felt to you over and over during this past year. I’ve faithfully followed your advice for many years, first on my 2002 WinXP Dell, and then on my beloved 3-year-old custom Win7 Pro i7 desktop, carefully configured to last till 2020. I thought the emotional roller coaster would be over after July 29, but no, you are still my computing lifeline! So here I am, a Group B senior citizen, hoping I can keep my Win7 computer safe on the net till 2020, anxiously studying Linux and Google alternatives just in case, and continuing to be deeply grateful to you for your sound advice and for providing a forum for truly informed discussion.

So Woody…..you are now recommending that IF we are in Group A that we should install the “optional” updates now too. Right? If so then I have 14 outstanding “optional” updates:
KB3087709
KB3102429
KB3118401
KB3121255
KB3133977
KB3137061
KB3138378
KB3138901
KB3139923
KB3140245
KB3147071
KB3161102
KB3172605
KB3179573
Are any of the above “optional” updates known to be avoided?
Thanks again and thank you to your loyal posters who keep all us ordinary Joes/Josies who would be lost without you all and your knowledge and all your advice!

Chris:

Thanks for the link. KB3161664 was already installed on both my desktop and laptop. In that other thread, Sudo15 mentioned having to add KB3161608. That is not installed on either of my computers, and I can’t find any record of it being offered to me. Is it installed on your computers?

EDIT: Just did a search and found a Woody Leonard column which said KB3161608 had been pulled by Microsoft, and replaced with KB3133977. KB3133977 was installed on both my computers on April 2.

Harry

Hi Woody:
Windows 7 SP1 64 bit. My windows update has been taking about one minute or less to search for updates for the last four weeks now. My updates are working like they did prior to start of 2015 when Microsoft started all their GWX agenda.EVERYTHING IS BEAUTIFUL. Hope this lasts. I have only 10 updates in my hide list.They are:
KB2952664
KB3021917
KB3068708
KB3080149
KB3102429
KB3133977
KB3137061
KB3147071
KB3172605
KB2882822
If anyone has any feedback,(should I restore any of them ?), please post a reply.
Herb K

Unfortunately it did not work for me. The KB3161608 is no longer available from MS and has been replaced with KB3133977. I can’t get the kb3133977 to d/l from the ms site. I did however manage to use the WSUS offline to get the updates to win 7 but the install part of the program seems to be missing . Anyone familiar with the WSUS OFFLINE please let me know, since it may be the only way I’m going to be able to update win 7.

Go to the WSUS Offline folder, open then expand Client where you will see an Update application which will start installing them.

https://malwaretips.com/threads/tutorial-how-to-download-and-update-windows-using-wsus-offline-update.57320/

After it’s done and any reboots, go to Windows Update to see if any more have been auto offered.

I am a bit confused. How do you know if you have KB3133977 installed via KB3161608? I have checked the ‘installed updates’ and ‘view update history’ but KB3133977 does not appear in either list. I checked ‘restore hidden updates’ and found a copy that was hidden some time ago.

I installed KB3161608 right before it was pulled and replaced with KB3172605. I needed to install KB3168965 from wu.krelay.de/en site first in order to get WU to function somewhat normal. Everything seems to be working OK now. The ‘check for updates’ takes less than a minute. Prior to installing these updates, WU never completed and trying to install an updates was a nightmare.

Unfortunately it did not work for me. The KB3161608 is no longer available from MS and has been replaced with KB3133977. I can’t get the kb3133977 to d/l from the ms site. I did however manage to use the WSUS offline to get the updates to win 7 but the install part of the program seems to be missing . Anyone familiar with the WSUS OFFLINE please let me know, since it may be the only way I’m going to be able to update win 7.