Bad patch lists

Topic

New Reply

Speaking of elevating comments to the front page, I just got this comment from CAB: I’d like to know if this list of MS ‘patches’ to not install(or ha
[See the full post at: Bad patch lists]

Reply | Quote

Replies

We block 3083710 and 3083711 as they do appear to be just another set of Win10 update patches.

I was under the impression that 3012973 was one of the Upgrade to Win10 patches that came out. We block that.

We still block 3132372 as I don’t remember hearing anything else saying that this situation was resolved yet.

You should probably have 3114409 on that list, the ol’ Outlook launching in Safe Mode patch hell. Even though it’s fixed with 3114570, it’s another garbage one that requires a patch to fix a bad patch, hence 2 different updates with broken clients in between.

We still block the update to SP4 for SQL Express 2005 because of numerous past issues that we had with every client that still uses 2005. Patch was 2463332. I can’t recommend that others do the same, but there are a few legacy environments that we support where this is required.

We still block 3008923 as it requires 3025390 to get IE to not screw up again. We had tons of clients with web apps throwing up complaints on that, and we really don’t want to go through 2 patch cycles to fix it. As far as I can see, they never released a revised version that combines both fixes into one.

There isn’t a good reason to, but we’re still blocking 3102429 after the hell we went through for clients that use crystal reports.

Also, Woody – I’m not seeing 3136449 from your list. Doesn’t appear to be a valid patch number?

Reply | Quote

(It’s not my patch list!)

I’m not sure what 3136449 is, either…..

Reply | Quote

With all respect Woody, your approach is very Sweden 1939. That’s why there are no Swedish war heroes. If one is hardcore about sticking to Windows 7 all updates even slightly remotely associated to Windows 10 need to be obliterated. The list I have been sharing on various sites is THE LAW! Because I say so haha. I need to put it in numerical order so it’s easy to follow, will post it later. After my weekend partying. That will also help in those cases where people share random lists mishmashed with updates for 7, 8 and 8.1. I have also noticed a few “recommended to remove” patches that have never existed in the first place..Some drunk noob in Oklabama got a 1 and 7 mixed up here and there and all of a sudden that thing is in .bat files that promise to remove God knows what. Oh and sorry Sweden for using you as an example for oblivious weakness, I’m Finnish what can I say..

Reply | Quote

Jag ger!

Never met a Swede I didn’t like… Drunk noob’s in Oklahoma is another story. As long as they aren’t at a Trump speech, I’ll forgive ’em.

Reply | Quote

Maybe 3136449 is supposed to read either 3135449 OR 3146449 as per the list on this site:
http://forum.notebookreview.com/threads/windows7-8-updates-to-hide-to-prevent-windows-10-upgrade-disable-telemetry.780476/

Reply | Quote

Woody, you say “Run GWX Control Panel frequently”. I can find no instructions on Ultimate Outsider on how to “run GWX” as you would a manual virus scan. Do you mean check for updates frequently and update as necessary?

iPhone 13, 2019 iMac(SSD)

Reply | Quote

GWX now has a Monitor Mode, and if you’re using that, GWX Control Panel runs itself frequently. If you aren’t using Monitor Mode, simply re-run the program from time to time, and anytime you install anything from Microsoft.

Reply | Quote

Woody, what do you mean by “as along as they aren’t at a Trump speech”?

Reply | Quote

Hi, I can’t seem to get it straight. I know it’s recommended to only install security updates, but do I install them today?
I bit the bullet and turned my WU on to your recommended setting (I’ve had it turned off altogether) and I see there are a whole bunch of security updates for Microsoft .NET Framework (whatever that is) and Windows 7. Should I be installing these or should I wait?

I also see the one for Internet Explorer 11 that contains the Windows 10 banner business. I use IE solely to run Netflix (which didn’t like my Firefox settings) but I see from reading your articles that it’s important to keep IE up to date. So should I be installing this update and counting on GWXCP to take care of any Windows 10 nastiness?

Then there’s the malware tool; I understand it’s always safe to install? But should I be doing it right away?

And there’s an update for Microsoft Security Essentials — again, do I wait or do I install it today?

Finally, there’s KB3138612, which is not a security update — do I want it?

I haven’t even looked at the optional updates yet.

Thanks for your help — I will eventually get my head around this!

Reply | Quote

KB 3118401 raised the hackles on my neck – was it the KB or a draft of air from the window ?

Reply | Quote

Incidentally, I see that the update for MSE is from February 23, which seems surprising as I didn’t see it last week when I turned WU on just long enough to check for updates. There were no security updates that I could see last week.

Reply | Quote

OK I have been maintaining a list of MS malware since last fall, even though my procedure is to reject all but security updates. Here it is. Don’t expect a lot of explanations other than the cryptic notes to myself. I have collected the list from this forum and other sources.

My list of Microsoft malware: Updated March 11, 2016

KB2506928
KB2545698
KB2592687

KB2660075

KB2726535

KB2876229

KB2923545
KB2952664 Installed itself on RH computer 12/1/15 even though not selected
Installed itself on RH computer in 3/3/16 update even though not checked

KB2966583
KB2970228
KB2976978
KB2977759
KB2990214
KB2994023
KB2999226

KB3012973
KB3021917
KB3022345
KB3035583 GWX
KB3044374
KB3046480
KB3050265
KB3065987
KB3068708 telemetry
KB3075249 telemetry
KB3075851
KB3077715
KB3078667
KB3080149 telemetry
KB3083324
KB3083710
KB3090045
KB3102810
KB3102812

KB3112336
KB3112343
KB3123862
KB3124263? Cumulative update
KB3135445
KB3138612
KB3139929 Cumulative security update for IE, carries KB3146449, Woody says avoid

KB3141092? Installed itself on LH computer 3/3/16 even though not selected,reportedly piggybacks on Security Update KB3134814 if IE11 is installed

KB3146449 Promotes Win10, piggybacks on KB3139929

Reply | Quote

Thanks!

Reply | Quote

We’re still at MS-DEFCON 2. There are no known exploits for any of the March security patches. There’s absolutely no reason to install any of them — unless you’re carrying nuclear launch codes, or sensitive financial information for 100,000 of your closest friends.

Reply | Quote

Drunk noob’s at a Trump speech…. Not sure what I meant by that. Must be getting tired.

Reply | Quote

OK. I turned it off again. Will watch the DEFCON rating. Thanks!

Reply | Quote

How bad is the telemetry introduced with the above mentioned patches on Windows 7? Is it comparable to what we experience on Windows 10 or a lighter version of it? The same patches apply to Windows 2008 R2 Server I think and in such a situation, business customers who are the most users of the server version would get the same treatment.
I remember some posts elsewhere on this site saying that by disabling the relevant service the telemetry can be deactivated without negative side effects.

Reply | Quote

If you’re talking about the last item on my list, it is KB3146449, not 3136449.

Reply | Quote

Just a heads-up: Your main text shows my list twice.

Reply | Quote

Oops. Thanks. Change made.

Reply | Quote

How do I run GWX Control Panel? Is there a RUN or SCAN button that I can click as I can’t find it? It is monitoring in the notification area so I thought it was running automatically.

Reply | Quote

It is running automatically, if it’s down in the system tray/notification area. You don’t need to lift a finger. It’ll fix anything Microsoft throws at your system.

Reply | Quote

I have been avoiding KB2952664 for some time now and it is still listed in “Optional” when I run WU but I checked today and sure enough it was installed with a date of 5/22/2014, so that update has been around for some time evidently.
I uninstalled it so will recheck the next time I run WU.

Reply | Quote

Woody, this is a bad list.

It contains several entries that have absolutely nothing to do with the “upgrade to Win10” nagware. Some of them are “quality of life” patches, some are bug fixes and some are even security updates! It is a VERY bad idea to not install the latter. Others are only remotely related – like one which is actually a cumulative update containing several important and only one “bad” update. I suggest removing these entries from your list:

KB2506928
KB2545698
KB2592687
KB2660075
KB2726535
KB2876229
KB2923545
KB2970228
KB2994023
KB2999226
KB3046480
KB3077715
KB3078667
KB3090045
KB3102810
KB3102812
KB3124263
KB3139929
KB3141092

Please check their descriptions on Microsoft’s site.

Also, it misses patches that ARE related to the “upgrade to Win10” nagware. I can’t be bothered to narrow them down right not but here is the list that I use (you have several of the entries on your list but not all):

“KB971033”: “Update for windows activation technologies”,
“KB2902907”: “Description not available, update was pulled by microsoft”,
“KB2922324”: “Description not available, update was pulled by microsoft”,
“KB2952664”: “Compatibility update for upgrading Windows 7”,
“KB2966583”: “Improvements for the System Update Readiness Tool in Windows 7 and Windows Server 2008 R2”,
“KB2976978”: “Performs and collect compatibility appraiser logs in order to ease the upgrade experience to Windows 10”,
“KB2977759”: “Compatibility update for Windows 7 RTM (for Windows Customer Experience Improvement Program)”,
“KB2990214”: “Update that enables you to upgrade from Windows 7 to a later version of Windows”,
“KB3012973”: “Upgrade to windows 10”,
“KB3014460”: “Update for windows insider preview / upgrade to windows 10”,
“KB3015249”: “Update that adds telemetry points to consent.exe in Windows 8.1 and Windows 7”,
“KB3021917”: “Update to Windows 7 SP1 for performance improvements”,
“KB3022345”: “Update for customer experience and diagnostic telemetry”,
“KB3035583”: “Installs the ‘Get Windows 10’ app in Windows 8.1 and Windows 7 SP1”,
“KB3044374”: “Update that enables you to upgrade from Windows 8.1 to Windows 10”,
“KB3050265”: “Updates Windows Update Client for Windows 7 (changes system files to support upgrade)”,
“KB3050267”: “Updates Windows Update Client for Windows 8.1 (changes system files to support upgrade)”,
“KB3065987”: “Updates Windows Update Client for Windows 7 and Windows Server 2008 R2 (changes system files to support upgrade)”,
“KB3068708”: “(replaces KB3022345) Update for customer experience and diagnostic telemetry”,
“KB3072318”: “Update for Windows 8.1 OOBE to upgrade to Windows 10”,
“KB3075249”: “Update that adds telemetry points to consent.exe in Windows 8.1 and Windows 7”,
“KB3075851”: “Updates Windows Update Client for Windows 7 and Windows Server 2008 R2 (changes system files to support upgrade)”,
“KB3075853”: “Update for windows update client for windows 8.1 and windows server 2012 r2 august 2015”,
“KB3080149”: “Update for customer experience and diagnostic telemetry”,
“KB3083324”: “Windows Update Client for Windows 7 and Windows Server 2008 R2: September 2015”,
“KB3083710”: “Windows Update Client for Windows 7 and Windows Server 2008 R2: October 2015”,
“KB3112336”: “Windows Update Client for Windows 8.1 and Windows Server 2012 R2: December 2015”,
“KB3112343”: “Windows Update Client for Windows 7 and Windows Server 2008 R2: December 2015”,
“KB3123862”: “Updated capabilities to upgrade Windows 8.1 and Windows 7”,
“KB3135445”: “Windows Update Client for Windows 7 and Windows Server 2008 R2: February 2016”,
“KB3138612”: “Windows Update Client for Windows 7 and Windows Server 2008 R2: March 2016”,
“KB3146449”: “Updated Internet Explorer 11 capabilities to upgrade Windows 8.1 and Windows 7”

Reply | Quote

Hi Woody,
Just wondering if you’ve had time to check into KB3068708, which some of us discussed in January on your blog — starting with this post: https://www.askwoody.com/2015/ms-defcon-4-get-windows-and-office-patched-but-watch-out-for-kylo-ren/comment-page-1/#comment-71189.
Thank you!
D

——————————————–
PS – I worked in Sweden for a while and my impression was that Swedish people are generally pretty great!

Reply | Quote

I sadly confess that I haven’t had time.

I’ve known a few Swedes in my day as well. I’m most impressed with their excellent guitar work, but that’s another story.

Reply | Quote

What do you mean you haven’t had time, what with publishing a thousand-word book, running and supplying-with-content multiple publishing platforms, graciously interacting with and helping countless commenters across those platforms, and having one of your own systems commandeered by MS…
pffft.

That’s why I haven’t mentioned it up to now – but when I saw this article which is specifically about all the Win 7 KBs to avoid, I thought I’d pop the topic in this comments section as a reminder.

I appreciate that it’s a back-burner issue for you!

If anyone else has thoughts/experiences/suggestions about kb3068708 (which seemingly comprises a kernel update for win7 as well as win10 prep stuff), please share.

Reply | Quote

Whew. These past few weeks have been very hectic…

This is a good place to ask about other people encountering problems!

Reply | Quote

I thought readers might like to know more about the updates that supposedly have nothing to do with the push to get Windows 10 installed on users’ computers.

In several instances, Woody himself has fingered these updates as bad actors.

I count one security update included by mistake (KB3124263), one included because it is combined with a Win10 ad-generating routine (KB3139929), and one because it is a hybrid security/non-security update (KB3141092) piggybacking on a security update.

The list:

KB2506928 Described by Microsoft as (apparently) a bugfix. https://support.microsoft.com/en-us/kb/2506928 Included in a list of M$ spyware at https://www.hackread.com/microsoft-updates-spy-on-windows7-8-users/

KB2545698 Described by Microsoft as a bugfix. https://support.microsoft.com/en-us/kb/2545698 Included in a list of M$ spyware at https://www.hackread.com/microsoft-updates-spy-on-windows7-8-users/

KB2592687 The Remote Desktop Protocol (RDP) 8.0 update lets you use the new Remote Desktop Services features that were introduced in Windows 8 and Windows Server 2012. These features are now available for computers that are running Windows 7 Service Pack 1 (SP1) or Windows Server 2008 R2 Service Pack 1 (SP1). https://support.microsoft.com/en-us/kb/2592687 Included in a list of M$ spyware at https://www.hackread.com/microsoft-updates-spy-on-windows7-8-users/

KB2660075 Bugfix having to do with time and date https://support.microsoft.com/en-us/kb/2660075. Included in a list of M$ spyware at https://www.hackread.com/microsoft-updates-spy-on-windows7-8-users/

KB2726535 Adds South Sudan to the list of countries in Windows Server 2008, Windows 7, and Windows Server 2008 R2. https://support.microsoft.com/en-us/kb/2726535. Included in a list of M$ spyware at https://www.hackread.com/microsoft-updates-spy-on-windows7-8-users/

KB2876229 Updates Skype. https://support.microsoft.com/en-us/kb/2876229. Sets MSN/Bing as defaults. https://malwaretips.com/threads/beware-of-optional-windows-update-kb2876229-skype-bundled-with-msn-bing.44282/. Included in a list of M$ spyware at https://www.hackread.com/microsoft-updates-spy-on-windows7-8-users/.

KB2923545 Update for the Remote Desktop Protocol (RDP) 8.1 in Windows 7 Service Pack 1 (SP1) and Windows Server 2008 R2 SP1. https://support.microsoft.com/en-us/kb/2923545. Included in a list of M$ spyware at https://www.hackread.com/microsoft-updates-spy-on-windows7-8-users/.

KB2970228 After you apply this update, the new Russian ruble symbol can be input by using the physical keyboard, Windows on-screen keyboard (osk.exe), or Tablet PC Input Panel (Tabtip.exe) in Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 8, Windows RT, Windows Server 2012, Windows 7, and Windows Server 2008 R2. Additionally, the new currency symbol is added on the Currency tab of the Region settings in Control Panel. https://support.microsoft.com/en-us/kb/2970228. Identified as a bad patch. http://www.infoworld.com/article/2608894/microsoft-windows/users-find-fix-for-botched-kb-2982791-and-kb-2970228-windows-update.html. Pulled by Microsoft. http://www.infoworld.com/article/2608894/microsoft-windows/users-find-fix-for-botched-kb-2982791-and-kb-2970228-windows-update.html. Included in a list of M$ spyware at https://www.hackread.com/microsoft-updates-spy-on-windows7-8-users/.

KB2994023 RDP bugfix. https://support.microsoft.com/en-us/kb/2994023. Included in a list of M$ spyware at https://www.hackread.com/microsoft-updates-spy-on-windows7-8-users/.

KB2999226 This update allows Windows desktop applications that depend on the Windows 10 Universal C Runtime release to run on earlier Windows operating systems.https://support.microsoft.com/en-us/kb/2999226. Woody, 10/13/15: “The new Universal C Runtime is needed when programmers use the new Windows 10 Software Development Kit to build Universal/Metro apps and you try to run them on Windows 8.1. It’s a mammoth patch, first issued for both Win 7 and Win 8.1 on Sept. 15, then issued for Vista on Sept. 29.” http://www.infoworld.com/article/2992476/microsoft-windows/what-happened-to-windows-patches-kb-2999226-and-kb-3083710.html.

KB3046480 Update that has effect when you upgrade Windows 8.1 or Windows 7 to a later version of Windows. https://support.microsoft.com/en-us/kb/3046480. Woody, 4/30/15: “The patches appear to be innocuous and seem to mostly pave the way for Windows 10… [KB3046480] helps to determine whether to migrate the .Net Framework 1.1 when you upgrade Windows 8.1 or Windows 7 (presumably to Windows 10)” http://www.infoworld.com/article/2916823/operating-systems/microsoft-re-releases-seven-optional-patches-including-kernel-patch-kb-3046480.html

KB3077715 All additional time zone changes that were released as hotfixes after update 3013410 was released are incorporated in this update. https://support.microsoft.com/en-us/kb/3077715.

KB3078667 Update resolves an issue in which a memory leak occurs in Desktop Window Manager (dwm.exe) in Windows 7 Service Pack 1 (SP1) or Windows Server 2008 R2 SP1. https://support.microsoft.com/en-us/kb/3078667. Included in user’s list of updates to avoid. http://www.sevenforums.com/general-discussion/384345-how-stick-windows-7-not-forced-windows-10-a-2.html

KB3090045 This update applies to some reserved devices that are upgrading to Windows 10 from Windows 8.1 or Windows 7 Service Pack 1 (SP1). https://support.microsoft.com/en-us/kb/3090045. Woody, 10/7/15: “If you see any of these patches: KB 3035583, KB 2952664, KB 2977759, KB 3068708, 3022345, 3075249, or 3080149, [UPDATE: or 3083324, which now appears to be “Important”] [UPDATE: or 3090045, which is supposed to help upgrading to Win10] make sure they’re unchecked, right-click on the patch and “Hide” it. They’re all Win10 nags or telemetry patches.” https://www.askwoody.com/tag/kb-3090045/.

KB3102810 Update that contains some improvements for Windows Update Client in Windows 7 Service Pack 1 (SP1) or Windows Server 2008 R2 SP1. https://support.microsoft.com/en-us/kb/3102810. Indentified as including Win10 upgrade elements. https://voat.co/v/technology/comments/853510. Another site says this: “Fixes an issue regarding long wait while searching for Windows Updates but also has Windows 10 Upgrade preparation for Windows 7.” http://forum.notebookreview.com/threads/windows7-8-updates-to-hide-to-prevent-windows-10-upgrade-disable-telemetry.780476/.

KB3102812 Update that contains some improvements for the Windows Update client in Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2. https://support.microsoft.com/en-us/kb/3102812. Indentified as including Win10 upgrade elements. https://voat.co/v/technology/comments/853510. And: “Fixes an issue regarding long wait while searching for Windows Updates but also has Windows 10 Upgrade preparation for Windows 8.” http://forum.notebookreview.com/threads/windows7-8-updates-to-hide-to-prevent-windows-10-upgrade-disable-telemetry.780476/.

KB3124263 Cumulative security update for Windows 10 Version 1511 includes improvements in the functionality of Windows 10 Version 1511 and resolves vulnerabilities in Windows. https://support.microsoft.com/en-us/kb/3124263. Problems reported: http://windowsreport.com/kb3124263-windows-10-update-problems/. Not sure why this was in my list—possible typo.

KB3139929 Update resolves several reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage in Internet Explorer… Additionally, this security update includes several nonsecurity-related fixes for Internet Explorer. https://support.microsoft.com/en-us/kb/3139929. Woody, 3/9/2016: “If Microsoft’s documentation is correct, installing Patch Tuesday’s KB 3139929 security update for Internet Explorer also installs a new Windows 10 ad-generating routine called KB 3146449.”

KB3141092 This security update resolves several reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage in Internet Explorer… Additionally, this security update includes several nonsecurity-related fixes for Internet Explorer. https://support.microsoft.com/en-us/kb/3134814. This hybrid update piggybacks on Security Update KB3134814. https://www.askwoody.com/2016/three-obnoxious-win78-1-updates-return-plus-two-warmed-over-patches-kb-3138612-and-3138615/.

Reply | Quote

Public Service Announcement: Whenever there’s a discrepancy between what I say and what Vesselin Bontchev says, take his word for it. Same with Susan Bradley.

Reply | Quote

Out of curiosity, I blended the list that Bontchev uses with my own. The list I posted on this site included 43 updates. I have deleted 11 updates, most because they lacked details of how they either greased the way for Win10 or served as spyware. I added to my list all updates that were included in Bontchev’s list and not previously included in mine–8 updates. The new list has 40 updates.

Reply | Quote

Shoot ’em to me!

Reply | Quote

Here’s the new list. I hope it comes through with the proper formatting. I have shamelessly cribbed some descriptions from Bontchev’s list, most of which were taken from Microsoft’s KB article descriptions.

My list of Microsoft malware Updated March 14, 2016:

KB971033–Update for Windows activation technologies*

KB2876229–Updates Skype, sets MSN/Bing as defaults

KB2902907–Description not available, update was pulled by Microsoft*

KB2922324–Description not available, update was pulled by Microsoft*

KB2952664–Installed itself on RH computer 12/1/15 even though not selected. Installed itself on RH computer in 3/3/16 update even though not checked.

KB2966583–Improvements for the System Update Readiness Tool in Windows 7

KB2976978–Performs and collect compatibility appraiser logs in order to ease the upgrade experience to Windows 10

KB2977759–Compatibility update for Windows 7 RTM (for Windows Customer Experience Improvement Program)

KB2990214–Update to upgrade from Windows 7 to a later version of Windows

KB2999226–The Windows 10 Universal C Runtime (CRT) is a Windows operating system component that enables CRT functionality on the Windows operating system. This update allows Windows desktop applications (Windows Store, other apps) that depend on the Windows 10 Universal CRT release to run on earlier Windows operating systems.

KB3012973–Upgrade to Windows 10

KB3014460–Update for Windows insider preview /upgrade to Windows 10*

KB3015249-Update that adds telemetry points to consent.exe in Windows 8.1 and Windows 7*

KB3021917–Update to Windows 7 SP1 for performance improvements

KB3022345–Update for customer experience and diagnostic telemetry

KB3035583 (THE BAD BOY)–Installs ‘Get Windows 10’ app in Win 8.1 and Win 7 SP1 (GWX)

KB3044374–Update that enables you to upgrade from Windows 8.1 to Windows 10

KB3046480–Update enables the system to determine whether to migrate the Microsoft.NET Framework 1.1 to a later version of Windows when you upgrade from Windows 8.1 or Windows 7 to a later version of Windows.

KB3050265–Updates Windows Update Client for Windows 7 (changes system files to support upgrade)

KB3050267–Updates Windows Update Client for Windows 8.1 (changes system files to support upgrade*

KB3065987–Updates Windows Update Client for Windows 7 and Windows Server 2008 R2 (changes system files to support upgrade)

KB3068708–Telemetry (replaces KB3022345)

KB3072318–Update for Windows 8.1 OOBE to upgrade to Windows 10*

KB3075249–Adds telemetry points to consent.exe in Windows 8.1 and Windows 7

KB3075851–Updates Windows Update Client for Windows 7 and Windows Server 2008 R2 (changes system files to support upgrade)

KB3075853–Updates Windows Update Client for Windows 8.1 and Windows Server 2012 r2 August 2015*

KB3080149–Telemetry

KB3083324–Windows Update Client for Windows 7 and Windows Server 2008 R2 September 2015

KB3083710–Windows Update Client for Windows 7 and Windows Server 2008 R2 October 2015

KB3090045–Update applies to some reserved devices upgrading to Windows 10 from Windows 8.1 or Windows 7 Service Pack 1 (SP1).

KB3102810–Update contains improvements for Windows Update Client in Windows 7 Service Pack 1 (SP1) or Windows Server 2008 R2 SP1. [Second issue addressed is that] svchost.exe process occupies 100 percent of CPU usage when you upgrade a Windows Update client to Windows 10.

KB3102812–Update contains improvements for the Windows Update client in Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2.[Second issue addressed is that] svchost.exe process takes 100 percent of the CPU usage when you try to upgrade to Windows 10.

KB3112336–Windows Update Client for Windows 8.1 and Windows Server 2012 R2 December 2015

KB3112343–Windows Update Client for Windows 7 and Windows Server 2008 R2 December 2015

KB3123862–Updated capabilities to upgrade Windows 8.1 and Windows 7

KB3135445–Windows Update Client for Windows 7 and Windows Server 2008 R2 February 2016

KB3138612–Windows Update Client for Windows 7 and Windows Server 2008 R2 March 2016

KB3139929–Cumulative security update for IE, carries KB3146449, Woody says avoid

KB3141092?–Installed itself on LH computer 3/3/16 even though not selected, reportedly piggybacks on Security Update KB3134814 if IE11 is installed

KB3146449–Updated Internet Explorer 11 capabilities to upgrade Windows 8.1 and Windows 7 (piggybacks on KB3139929)

* Update added per Vesselin Bontchev 3/13/16 post to Ask Woody

Reply | Quote

@wdburt1 and @Vesselin_Bontchev,

Just wondering — in terms of KB3068708 (which seemingly comprises a kernel update for win7 as well as win10 prep stuff), are you comfortable with missing the kernel update for win7 in order to avoid the win10 prep stuff?

See more at: https://www.askwoody.com/2016/bad-patch-lists/comment-page-1/#comment-76864

I don’t know much about computers… the only kernels I have any real understanding of show up at the bottom of my bowl of popcorn :-)…

I don’t know if it’s bad to go without that kernel update (which I have so far gone without, because I’ve studiously avoided all win10 prep patches),
and
if there is any danger of not installing it, in terms of future kernel updates that might come through in standalone patches and be installed on my machine on top of an “incomplete foundation” in the kernel, since it’s missing the updates of KB3068708.
Or do new kernel updates always include every prior change to the kernel, just for completion’s sake?

Reply | Quote

Truth is, I maintain a listing of M$ malware solely to check against installed updates, in case something slips through, as it does from time to time. My personal approach is to install only security updates.

Reply | Quote

For those concerned with Telemetry implications in Windows 7, I found this recommendation from VMWare in relation to optimizing one of their virtual products which is VMWare View. Their recommendation is not related to privacy, but rather with reducing the load and Internet traffic for virtual desktops, the end result being the same, reducing or eliminating the telemetry. It seems that by disabling those settings and tasks, the potentially negative effects of certain updates can be annihilated.
Please be aware that the tasks which are recommended to be disabled, although they run at the scheduled time, in the description says that they do not upload information if CEIP is disabled globally. I have no reliable way to verify if this is true or not.
https://pubs.vmware.com/view-51/index.jsp?topic=%2Fcom.vmware.view.administration.doc%2FGUID-BE82165B-13BC-4FD9-A9CF-FBEF6343D98A.html

Disable the Windows Customer Experience Improvement Program
Disabling the Windows Customer Experience Improvement Program and the related Task Scheduler tasks that control this program can improve Windows 7 and Windows 8 system performance in large View desktop pools.
Procedure
1 In the Windows 7 or Windows 8 guest operating system, start the control panel and click Action Center > Change Action Center settings.
2 Click Customer Experience Improvement Program settings.
3 Select No, I don’t want to participate in the program and click Save changes.
4 Start the control panel and click Administrative Tools > Task Scheduler.
5 In the Task Scheduler (Local) pane of the Task Scheduler dialog box, expand the Task Scheduler Library > Microsoft > Windows nodes and open the Application Experience folder.
6 Disable the AITAgent and ProgramDataUpdater tasks.
7 In the Task Scheduler Library > Microsoft > Windows node, open the Customer Experience Improvement Program folder.
8 Disable the Consolidator, KernelCEIPTask, and Use CEIP tasks.

Reply | Quote

FWIW CH… I disabled all of these tasks back in December when it was mentioned here at Woody’s that these tasks could be the cause for CPU spikes after every reboot/logon.

Immediately after disabling these tasks I restarted my Quad Core Win 7 x64 system and magically it was healed from those CPU spikes. I don’t know which one in particular was the culprit but having none of them enabled has returned my CPU’s resources back to me and I’ve seen zero ill effects.

By the way… I was opted out of ALL of the M$ CEIPs before disabling those tasks, so obviously simply opting out does NOT stop M$ from harvesting.

Reply | Quote

Thanks Ed, I have never tried disabling those tasks and I have been working with Windows 7 for a very long time, in relative IT time obviously
I have always been opting out from CEIP in the Action Center.
I also know that one of the processes taking large CPU cycles is svchost.exe, which is the Windows Update service in this case, while scanning for updates. This process tends to take less and less cycles when there are fewer and fewer updates left to be installed.
Associated with svchost is TrustedInstaller.exe which tends to get quiet after a while following new update installations and doing its cleanup job.
Another one which again does its job for about 10 minutes and gets quiet after .NET Framework updates is the .NET Framework optimization routine.
svchost.exe can be silenced by setting the Automatic Updates on Never check for updates, but do we want this?
I will do some monitoring to understand what is causing high CPU for CEIP, it must be one of those 5 tasks doing ‘nothing’.

Reply | Quote

Yes CH, I still have a fair amount of high CPU usage for several minutes after a reboot but nothing close to what I observed before.

Watching the CPU activity using Task Manager I no longer see two (and at times three) of the four cores sitting near 90% for up to 10 minutes since I disabled those tasks. All four cores bounce up & down at times reaching 75% now but no more constant high spikes. Now within 5 minutes or so after restarting all four cores have settled to 5% or under.

I have Windows updates set to notify but don’t download on this system.

Reply | Quote

Four new updates just hit. I found no documentation for any of them. (Win 7 x64)

These are regular (non-security); all were optional, unchecked, unitalicized.

KB3133977
KB3137061
KB3138901
KB3139923

Reply | Quote

Take that back. Found the documentation. All look benign as far related to Win 10.

KB3133977 (for BitLocker)
KB3137061 (Windows Azure VMs)
KB3138901 (Access to Internet is denied because proxy settings are overwritten in Windows 7 SP1 or Windows Server 2008 R2 SP1)
KB3139923 (MSI repair doesn’t work when MSI source is installed on an HTTP share in Windows)

Reply | Quote

KB 3139923 ? I have Win7 x64 home premium what is the latest news on this update saw some sites say this update caused the win7 update not to work anymore. Any news, Thanks, Kurt

Reply | Quote

Looks like KB3150513 needs to be added to the list of updates to block/prevent.

Reply | Quote

I took a glance at the list, I’m not sure about these from the list. Any comments?

KB2966583 an /update/ to System Update Readiness Tool, the SURT has been handy in the past, what’s wrong with this update?

KB2990214 / KB3044374:
http://www.infoworld.com/article/2910739/patch-management/microsoft-elaborates-on-kb-2990214-kb-3044374-windows-10-nagware-patches.html “Don’t think you can skip it”, also superseded by other updates

KB2999226 update to C runtime. just an updated runtime…

KB3015249 Typo? meant KB3075249?

KB3141092 Enterprise Mode Site List, how is this bad?

My list (comments welcome):
KB3035583
KB3123862
KB3146449
KB3022345
KB3068708
KB3080149
KB3075249
KB3090045
KB3150513
KB3139929
KB2976978
KB3072318
KB2952664
KB3021917
KB2977759
KB3081954

Reply | Quote