July 2018 Security patches are out

Topic

New Reply

Martin Brinkmann should have a full list on ghacks shortly. In the interim, here’s the full list of downloads in the Microsoft Catalog. Odd that so ma
[See the full post at: July 2018 Security patches are out]

5 users thanked author for this post.

SueW, geekdom, Elly, Microfix

Reply | Quote

Replies

Woody, post is now up on Ghacks:

microsoft-windows-security-updates-july-2018-release-overview

Many thanks to Martin Brinkmann.

If debian is good enough for NASA...

6 users thanked author for this post.

SueW, Elly, woody, BobbyB, PKCano

Reply | Quote

@microfix thx for that did you catch that in the list?

Evaluates the Windows ecosystem to help ensure application and device compatibility for all updates to Windows (what does that mean?)

Got me stumped as well. Does it mean theyre going to up the “snooping” Telemetry etc as I see kb2976978(Win8.1) + kb2952664(Win7) are making the rounds, yet, again. Then again these seem to be 2-3 times a year reissue, so possibly I am reading something in to it that’s not there.

4 users thanked author for this post.

SueW, Microfix, Elly, FakeNinja

Reply | Quote

A new and improved death star on it’s way?

If debian is good enough for NASA...

2 users thanked author for this post.

BobbyB, Cybertooth

Reply | Quote

Occasionally MS botches their telemetry updates, such that these updates may result in momentary slowdowns of the user’s computer. This is how I caught KB2952664 on one of my computers even though I thought that I had been careful to avoid installing it. The slowdown was so serious that it would intermittently prevent my AV product from being able to send file hashes to the AV cloud in order to verify that the files were safe. My AV product occasionally popped up a message that it had lost Internet connectivity.

My guess is that the botched version of KB2952664 was occasionally exceeding the maximum number of allowable HTTP connections. This is a really bad thing since most AV products now also use the cloud to check files, in particular when you are using your web browser and when you are downloading emails. A momentary loss of Internet connectivity forces the AV product to rely only on its internal defenses.

3 users thanked author for this post.

OscarCP, geekdom, BobbyB

Reply | Quote

Sure sounds like a fancy nondescript way to say “here’s an update to snoop some more”.
Thank goodness for the 30 day deferral, because I’ll be using the next 30 days to wait for someone to break that patch apart and see what it does (Martin @ GHacks, abbodi86 or someone from the MDL forums surely will) especially as it correlates to Basic telemetry collection being allowed – and go from there.

Reply | Quote

Group B Security only patches for July 2018 have been posted on AKB2000003.

9 users thanked author for this post.

sldc88, SueW, abbodi86, lanceboil, David F, samak, Elly, columbia2011, Microfix

Reply | Quote

Yeah and Windows Update is trying to push the KB2952664 spyware update, listed as “Important” WITH the Box Checked, onto Windows 7 users again this month for the umpteenth time in history.

7 users thanked author for this post.

SueW, anita.yk, GoneToPlaid, Elly, jburk07, BobbyB, Microfix

Reply | Quote

Looks like MSFT still haven’t fixed the W7 NIC issue when it comes to patching on certain systems.

If debian is good enough for NASA...

3 users thanked author for this post.

Elly, jburk07, BobbyB

Reply | Quote

Also pushing KB 2976978 on Win8.1

5 users thanked author for this post.

WildBill, Elly, jburk07, BobbyB, Microfix

Reply | Quote

Affirmative, marked as important.

1 user thanked author for this post.

Elly

Reply | Quote

KB2952664 is way past its teens. She has become a middle aged woman in terms of the plethora of versions. Happy Birthday to KB2952664! Full sarcasm is implied.

I already have a CMD file which iteratively removes all versions of KB2952664 from a Win7 computer. This weekend and if I have time, I will create a similar CMD file to check for and then, optionally, to uninstall all versions of KB2976978 from a Win8x computer. All of the code will remain identical, except for simply changing the name of the KB which is to be iteratively uninstalled.

I deliberately wrote my CMD files to automatically crash if your computer has issues with updates which failed to properly install, such that installation files for the failed update remain on your computer. In other words, these issues must first be resolved before any of my CMD files will run properly. I also wrote my CMD files to check whether or not the dirty bit has been set for your OS hard drive. The dirty bit gets set when Windows detects that your hard drive has issues and is failing and perhaps already has uncorrectable sectors. My CMD files deliberately exit with a warning about a failing OS hard drive, and without having touched a thing on the failing hard drive. Detecting both of these potential issues is inherently important to do, before I will allow my CMD files to touch your computer’s hard drive when my CMD files either check for installed updates, or when uninstalling any updates. The upshot is that my CMD files first check for these potential issues before my CMD files are permitted to proceed any further.

Note that there are three infamous updates which install telemetry in Win7. A separate iterative removal process must be used for each of these telemetry updates. I decided that it potentially is not wise to try to combine the removal process for all three of these telemetry updates into a single CMD file. So instead, I created individual CMD files which fully uninstall a given telemetry update, since there may be many versions of the specific telemetry update which must be removed. The upshot is that there may be potential issues which might be encountered when iteratively uninstalling more than one KB update. I don’t know if such potential issues might exist, yet I am not willing to experiment in order to find out. Thus, the sensible procedure is to iteratively uninstall only one KB at a time.

The point of all of the above is that it is possible for Group A users to mostly rip their computers to Group B. I don’t write CMD files which would additionally do things such as disabling CEIP, and disabling telemetry related scheduled tasks in Task Scheduler. Why? Because you should learn how check for and then how to make these changes yourself, so that you know how to perform these tasks if you have to reinstall Windows. This is not rocket science. I instead prefer that users to learn how to do this on their own.

Best regards,

–GTP

2 users thanked author for this post.

SueW, wdburt1

Reply | Quote

Peabody here reporting on Windows 7 updates:

• Windows Malicious Software Removal Tool (KB890830)
• Security and Quality Rollup updates for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 7 SP1 and Server 2008 R2 SP1 (KB4340556)
• Darth Vader Update for Windows 7 (KB2952664)
• July Security Monthly Quality Rollup (KB4338818)
• Microsoft .NET Framework 4.7.2 (KB4054530)

All installed without error and the system rebooted without error.

Please note that I have GWX Control Panel to prohibit Windows 10 upgrade.

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

9 users thanked author for this post.

cesmart4125, Chessie, sldc88, abbodi86, GoneToPlaid, Microfix, Elly, BobbyB, jburk07

Reply | Quote

Ha! Luke Skywalker is protecting our W7x64, Yoda is on standby for our W8.1×64 and I’m in the Cloud City with Linux 😀

Darth Maul and General Grievous are looking after W10’s 😡

If debian is good enough for NASA...

6 users thanked author for this post.

johnf, anita.yk, Elly, geekdom, OscarCP, BobbyB

Reply | Quote

geekdom: You (Peabody?) have/has installed “Darth Vader”? Am I wrong, or isn’t that the dodgy revenant update that never dies?

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

As near as I can tell, Microsoft never borks that patch. It may be irksome, but it’s also the canary in the coal mine. I figure if it fails, there must be serious difficulties.

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

1 user thanked author for this post.

OscarCP

Reply | Quote

MS has borked KB2952664 at least once. See my post about it in this same thread.

1 user thanked author for this post.

geekdom

Reply | Quote

What? No stealth mode?

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

Reply | Quote

Peabody was a cartoon character in Peabody and Sherman which was in turn part of Rocky and Bullwinkle suite. Peabody opened with “Peabody here.” Peabody was a dog and Sherman was his boy.

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

3 users thanked author for this post.

WildBill, OscarCP, Elly

Reply | Quote

well geekdom, does your Win7 machine have the KB3184143 update installed?

Don’t use Win7 without KB3184143 if you want to get rid of all those Win10 upgrade offers.

Reply | Quote

EP wrote:

well geekdom, does your Win7 machine have the KB3184143 update installed?

Yes.

I don’t have Windows 10 upgrade offers.

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

Reply | Quote

Here’s the list for Windows 8.1 (some KB’s changed to prevent confusion):

Important (automatically checked)

• Windows Malicious Software Removal Tool (KB890830)
• Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2 for x64 (KB4340558)
• July Security Monthly Quality Rollup (KB4338815)
• July Security Update for Adobe Flash Player (KB4338832)
• Darth Vader (“Compatibility”) Update for Windows 8.1 (KB2976978)

Recommended (on my machine, Not automatically checked)

• Microsoft .NET Framework 4.7.2 (KB4054566)
• Update for Windows 8.1 [Telemetry?] (KB3080149) This was last published on 9/7/2015 & will never be on my machine.

Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...

Reply | Quote

There is a Servicing Stack Update for Win10 v1709 KB 4339420. If you are installing manually, it should be installed prior to the CU KB 4338825.

4 users thanked author for this post.

GoneToPlaid, Elly, CADesertRat, Microfix

Reply | Quote

Edit your post to be in all RED, since what you mentioned is extremely important for all Win10 users.

Reply | Quote

So is all .NET stuff safe to download?

1 user thanked author for this post.

GoneToPlaid

Reply | Quote

We are at MS-DEFCON 2; wait for MS-DEFCON 3.

Unless you have a specific reason to patch or enjoy beta testing, wait.

Woody’s MS-DEFCON System explanation is here:
https://www.askwoody.com/ms-defcon-system/

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

4 users thanked author for this post.

SueW, Demeter, RockJohny, Elly

Reply | Quote

We have no idea what’s safe to download yet. It just came out.

Give the Guinea Pigs and Beta Testers time to work it out. Wait for DEFCON-3.

5 users thanked author for this post.

SueW, Demeter, RockJohny, Elly

Reply | Quote

If you’re on Windows 10 1803, Windows Update takes care of the botched up .NET 4.7.2 release shipped with that Windows version. If .NET 4.7.2 was installed before today on a previous Windows version, make sure to check out https://support.microsoft.com/en-us/help/4054530/microsoft-net-framework-4-7-2-offline-installer-for-windows and reinstall again from the upated installer! Re-running the updated .NET 4.7.2 should not cause any issues. In order to re-install .NET 4.7.2 without reboot, make sure to shut down all .NET apps (including Web apps running in IIS) before running the installer.

Reply | Quote

If the .NET 4.7.2 SDK was installed before today as well, make sure to download (https://www.microsoft.com/net/download/visual-studio-sdks) and re-install again.

Reply | Quote

Noob on Windows 7 here,

I’m guessing .NET isn’t just for programmers, correct?

1 user thanked author for this post.

WildBill

Reply | Quote

Yes, you are correct.

1 user thanked author for this post.

RockJohny

Reply | Quote

The latest is .NET Framwork 4.7.2 (in-place upgrade for any previous 4.x version installed) and can be found at https://www.microsoft.com/net/download/visual-studio-sdks as well (via the ‘Runtime’ link). Since the latest fixes are included, it’s safe to install. And yes, Windows 7 SP1 is supported (check out the ‘Release details’ link).

Reply | Quote

Good question. I want to know what is the latest .NET updates which everyone says is safe to download and install, since I have not updated .NET on my Win7 computers in a while.

On another note, last month’s (June) IE cumulative update appears to be fine on all of my Win7 computers.

Reply | Quote

I seem to have versions 1.1 and 4.6.1 installed on my gaming Windows 7 home desktop, and routinely install all important updates covering those, but I do not have 4.7.x installed as that is both unnecessary and reported to be problematic.

When we get the all-clear this month, I will therefore expect to install KB4340556 (Quality Rollup) but not KB4054530 (optional and 4.7.2 based).

The last .Net Framework update I installed was KB4099633 in May 2018.

1 user thanked author for this post.

cesmart4125

Reply | Quote

It would certainly seem that now would be a good time to reinstall GWX Control Panel in the event that you ever trusted Microsoft enough to uninstall it in the first place!

1 user thanked author for this post.

BobbyB

Reply | Quote

Are you saying this only in the context of Win10 users, or are you saying this in the expanded context for Win7 and Win8x users, in addition to Win10 users?

Reply | Quote

My concerns are with Windows 7 and 8.1, I’ve no interest in Windows 10 but if it’s also appropriate for those users then fine. My point was in relation to Microsoft renewing their upgrading pressure on non-Windows 10 users which we’ve been expecting for some time in the light of the dismal Windows 10 market statistics and as we approach the EOL date for Windows 7. It’s especially important this month given that KB295664 has reared its head again. Microsoft may have said they won’t go down the GWX route again but who here honestly believes a word they say anymore?

Reply | Quote

Since Win 10 isn’t free no more, it is possible they will only do what they did for me when they noticed I installed a fresh Win 7 not even SP1: complain loudly your system is obsolete and you should get Win 10, which you can happily ignore.

Reply | Quote

Oh it’s still free. Google it and you’ll easily find out how you can still upgrade without having to pay.

Reply | Quote

Yes, but it isn’t in your face free for those they would try to push to upgrade.

Reply | Quote

The free Windows 10 update is no longer in effect, the “accessibility” offer is in fact gone.

If there’s another way to upgrade free I can’t find it via google.

Reply | Quote

Also 1803 has now officially been released to the Semi Annual Channel (formerly CBB). Confirmed on my PC (set to SAC, without further deferral).

https://www.microsoft.com/en-us/itpro/windows-10/release-information

1 user thanked author for this post.

zero2dash

Reply | Quote

Good catch.
Sure enough, availability of today for SAC. Wow…
It looks like that would also mean that if you update to 1803 at this point (on SAC with no deferrals), it will update to today’s release, 17134.165. (According to the chart you linked, and KB https://support.microsoft.com/en-us/help/4338819/windows-10-update-kb4338819.

Reply | Quote

No need to break it apart. It is always the same thing — gather telemetry about every single running program and process which is running on your computer. The only thing which changes is to hopefully make sure that Microsoft’s telemetry gathering does not interfere with AV programs, and to make sure that Microsoft’s telemetry gathering does not (as a result of bad code) noticeably slow down the user’s computer.

1 user thanked author for this post.

geekdom

Reply | Quote

KB4023057 for older Win10 releases seems to be making a recent comeback just like KB2952664 & KB2976978.

Reply | Quote

After reading all here, I can only conclude:

1. MS has no intention of fixing the NIC bug for WIN 7

2. MS has no interest in doing _anything_ for WIN 7, period, save for installing snoopware.

Thanks be for this site and group!

—

My, how the mighty at MS have fallen.

“O Tempora! O Mores!”

O, Bananas!

(A sense of humor is all that keeps me from going mad with IT; I’m still dreaming of that little rock out in the Pacific…and no, I’m not telling where it is. 🙂

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"The more kinks you put in the plumbing, the easier it is to stop up the pipes." -Scotty

3 users thanked author for this post.

Noel Carboni, SueW, Bill C.

Reply | Quote

MS has no intention of fixing the NIC bug for WIN 7

Seems not, but they have…

Evaluates the Windows ecosystem to help ensure application and device compatibility for all updates to Windows

Which really doesn’t compute, does it?

Reply | Quote

Group A,  except once again hid snoop 664.  W7x64, Home Premium, AMD, Microsoft Security Essentials, Office 2010, home user. Installed everything and MSRT.  No problems, no slow down.

Reply | Quote

Nibbled To Death By Ducks wrote:

2. MS has no interest in doing _anything_ for WIN 7, period, save for installing snoopware.

That has been obvious for some time now… To be honest, I wouldn’t blame them too much. It’s an old product. I’d blame them for abandoning W8.1 too early and for what W10 looks like.

Fractal Design Pop Air * Thermaltake Toughpower GF3 750W * ASUS TUF GAMING B560M-PLUS * Intel Core i9-11900K * 4 x 8 GB G.Skill Aegis DDR4 3600 MHz CL16 * ASRock RX 6800 XT Phantom Gaming 16GB OC * XPG GAMMIX S70 BLADE 1TB * SanDisk Ultra 3D 1TB * Samsung EVO 840 250GB * DVD RW Lite-ON iHAS 124 * Windows 10 Pro 22H2 64-bit Insider * Windows 11 Pro Beta Insider

2 users thanked author for this post.

abbodi86, BobbyB

Reply | Quote

Win 7, 32 bit here. As it happens, yesterday I checked the supportpage for KB 2952664 (https://support.microsoft.com/en-us/help/2952664/compatibility-update-for-keeping-windows-up-to-date-in-windows-7). It was then dated April 11th or 18th – anyway, April. The page now has the datestamp of July 11th. It specifically still states:

This update performs diagnostics on the Windows systems that participate in the Windows Customer Experience Improvement Program. The diagnostics evaluate the compatibility status of the Windows ecosystem, and help Microsoft to ensure application and device compatibility for all updates to Windows. There is no GWX or upgrade functionality contained in this update. 

But somehow, I don’t trust Microsoft that much anymore …

~ Annemarie

1 user thanked author for this post.

WildBill

Reply | Quote

The Windows 8.1 equivalent is KB2976978. The message is the same, but the date is July 10, 2018… for now. So is the support page for KB2952664.

Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...

Reply | Quote

Strange thing…

I have fresh install of W7-64bit, moreless its GroupB style, plus NET 4.5.2 (and its updates), minus snooping KBs. Last WU scan (june, after defcon3) detect no missing updates. New scan right now detect missing KB3123479, which is quite old (1-2016, something about SHA1).

I backtrack my install scripts and found, I have REMed KB3123479 due to info, it was replaced by 5-2017 secuonly KB4019263 and this one is installed OK.

Something is rotten in the state of MS…

Reply | Quote

Hi, this .net update (kb4340558) seems to be failing on all my server 2012 r2, i have had a quick look on line and i have found there are other users with this issue, error code 0x80092004

anyone else?
Thanks

Edit to remove HTML. Please use the “Text” tab in the entry box when you copy/paste

4 users thanked author for this post.

jburk07, woody, geekdom, Microfix

Reply | Quote

The package seems to be broken (a component hasn’t a hash value). I’ve about 15 confirmations worldwide. I wrote a blog post .Net Framework: Update KB4340558 drops error 0x80092004?

Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author

https://www.borncity.com/win/

6 users thanked author for this post.

jburk07, columbia2011, woody, abbodi86, PKCano, Microfix

Reply | Quote

I got that error too
it’s caused by .NET 4.x rollup KB4338419, which somehow conflict with the last two rollups KB4229727 & KB4096417

the solution was to uninstall KB4229727 & KB4096417
then running to clean the leftovers:
Dism /Online /NoRestart /Cleanup-Image /StartComponentCleanup

(you may also run Disk Cleanup > Windows Update Cleanup)

then reboot
afterwards, KB4338419 was installed sucessfully

4 users thanked author for this post.

ch100, jburk07, woody, Microfix

Reply | Quote

@abbodi86: Thx for your hint – I’ve added this hint to the blog post – hope it helps affected users.

Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author

https://www.borncity.com/win/

Reply | Quote

You are welcome

but running DISM is not enough
KB4229727 & KB4096417 must be uninstalled beforehand

2 users thanked author for this post.

ch100, woody

Reply | Quote

Just a feedback: I suggested this approach to several people affected in Germany. The feedback from two was, that it unfortunately didn’t help.

Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author

https://www.borncity.com/win/

1 user thanked author for this post.

abbodi86

Reply | Quote

I don’t think this is an issue if .NET Framework 4.7.2 as it comes on MU is installed first and separate from the other patches for the month of July 2018.
All other patches should install smoothly after.

Reply | Quote

KB4338419 (2018-07 Security) is now revised not to be offered if KB4229727 (2018-06 Preview) is installed

Reply | Quote

Win 8.1 x64 – Updates installed except for KB2976978, which I hid.   KB4340558 is failing with error 80092004.   Seeing some discussions, no solutions over at https://answers.microsoft.com/en-us/windows/forum/windows8_1

I guess Win 8.1 was due for a bum update – it has been way too smooth compared to the other OS’s so far.   😬

2 users thanked author for this post.

BobbyB, Microfix

Reply | Quote

It’s your choice to install or not… mine is Not. If KB4340558 is messed up, Microsoft should fix it… once enough people complain. By waiting, it will be fixed by the time Woody moves us to MS-DEFCON 3 in August.

Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...

Reply | Quote

I have the same problem.
Installation of KB4340558 always fails on all my 3 Win 8.1 Professional machines with error code 80092004. Considering available posts on www I conclude the package to be faulty.

EDIT html to text – content may not appear as intended

Reply | Quote

I have 2 windows 2008 R2 servers, and I have not received the Security Quality Monthly Rollup for June or July.  The July update is kb4338818 and the June update is kb4284826. I’m not sure why i am not getting them as i seem to be getting all the other updates.  Should I go to Microsoft catalog and install them, or just not do anything.  Any help on this would be appreciated.

Reply | Quote

Are you using WSUS or patching as stand-alone?
It’s a little early to apply the July patch – we haven’t had time to see if there are problems with it. Susan Bradley’s Master Patch List is available (button at the top of the blog).

Reply | Quote

I am using windows update, and the Quality Security rollup updates have not shown up in windows update for June and this month/July.  I’m not sure why because I am getting all the other updates through windows update. Prior to June I had been getting the Quality Security rollup updates.  I’m not sure if i should wait awhile to install the June and July rollups or get them from the catalog and install them.

Reply | Quote

I’m all Win7 and am not patching until Malwaresoft fixes the NIC issue.

Reply | Quote

It may not get fixed. What is your next step?

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

Reply | Quote

I finally took the leap on my three Win7 64-bit laptops about ten days ago.  No NIC issues on any – 2 Intels and 1 Realtek.

2 users thanked author for this post.

Bill C., Elly

Reply | Quote

Status of Windows 10 1809 has changed to Semi Annual Channel on this link:

https://www.microsoft.com/en-us/itpro/windows-10/release-information

?????????????

Reply | Quote

I assume that you mean 1803 which has already been reported as being SAC.

Don't take yourself so seriously, no one else does 🙂
All W10 Pro at 22H2,(2 Desktops, 1 Laptop).

Reply | Quote

anonymous wrote:

Win 7, 32 bit here. As it happens, yesterday I checked the supportpage for KB 2952664 (https://support.microsoft.com/en-us/help/2952664/compatibility-update-for-keeping-windows-up-to-date-in-windows-7). It was then dated April 11th or 18th – anyway, April. The page now has the datestamp of July 11th. It specifically still states: This update performs diagnostics on the Windows systems that participate in the Windows Customer Experience Improvement Program. The diagnostics evaluate the compatibility status of the Windows ecosystem, and help Microsoft to ensure application and device compatibility for all updates to Windows. There is no GWX or upgrade functionality contained in this update. But somehow, I don’t trust Microsoft that much anymore … ~ Annemarie

Actually the bolded statement is correct now and has been.  The following were / are the following:

KB3035583 = GWX itself
KB2952664 = Compatibility Update and Telemetry
KB3021917 = More Telemetry

They say they will not do GWX again, OK, but the real question is what WILL they do?

See post #202733 above by EP on the KB3184143 update. that removed GWX.  It does NOT remove the KB2952664.

Caution, caution, caution is the best tactic.

Reply | Quote

I just update my Insider Preview to Build 17713.1000
Nothing on the MS Store App menu works – not Settings, not update, not Account…

Reply | Quote

Updating my 1703 VM today (CU KB4338826, IE11 Flash, MSRT and C++) when I  got a popup saying “Your Windows Update is not working properly. You need the Update Facilitation Service. Click OK below.” Oh, no you don’t! I clicked on the “X” and closed the box – it was not then listed in the downloaded updates.

I hope the “X” doesn’t mean “Yes” this time!

3 users thanked author for this post.

Elly, bobcat5536, woody

Reply | Quote

Just some new information for anyone using the smaller “Delta” updates:
Beginning February 12, 2019 Microsoft will end its practice of creating delta updates for all versions of Windows 10.
https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-quality-updates-explained-amp-the-end-of-delta/ba-p/214426

This will probably not affect too many people I suspect.

2 users thanked author for this post.

woody, abbodi86

Reply | Quote

KB4338814 pulled from WSUS for Server 2016.

Symptom: After installing this update on a DHCP Failover Server, Enterprise clients may receive an invalid configuration when requesting a new IP address. This may result in loss of connectivity as systems fail to renew their leases.
Workaround: Currently, there is no workaround for this issue. Microsoft is working on a resolution and estimates a solution will be available mid-July.

Yet another round of great testing and QA by M$.

1 user thanked author for this post.

woody

Reply | Quote

On our WSUS servers KB4338814 is still valid today 7/13/18 11:00 EDT after many bi-hourly synchronizations.

Did you mean to say that you chose to decline it on your WSUS, or that MS had expired it?  There is a big difference between the two.

Thanks in advance for clarifying,

Jim

Reply | Quote

It seems Microsoft no longer allows users to uninstall KB2952664, even with admin privileges.  I’ve made multiple attempts using “WUSA /uninstall /kb:2952664” as well as via the uninstall function in “Programs and Features” –> “Installed Updates”.

Using “WUSA” repeatedly just gives the appearance of success each time, but after the first attempt it should come back with something like “KB2952664 not installed on this computer.”

Invoking the uninstall function of the “Programs and Features” control panel applet brings up the obligatory confirmation dialog, followed by a progress bar dialog, followed by the disappearance of the “Update for Microsoft Windows (KB2952664)” item from the list view of installed updates.  However, refresh the view, and there it is, resurrected in all its adhesive never-say-die glory.

What to do?

Reply | Quote

KB2952664 has been re-released MANY times. Each subsequent release has the same KB number but is considered a “different” patch.

Consider that it has been installed multiple times on the computer. When you uninstall the currently active version, it seems that it was not uninstalled because it seems to reappear in the list of installed updates. But what you are seeing is not the version you uninstalled. What you see is the next last version.

To get rid of it, you have to uninstall ALL the versions that have been installed. You can keep uninstalling until all disappear. Or you can tru @GoneToPlaid ‘s removal method here. Here is some more information on the removal.

From now on, try to hide it before it gets installed because it will be reissued again and again as long as Win7 is supported.

3 users thanked author for this post.

walker, SueW, Elly

Reply | Quote

Think of it as the Silverlight of telemetry.

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

Reply | Quote

Well, I thought this particular problem didn’t affect me but I noticed that one of two W8.1 machines failed to install this months rollup.  It also failed to install the Flash Player update.  I ran Windows Update again today and both installed fine.

Reply | Quote

j’ai eu aussi la KB2952664 une de celles perverses qui participaient à la migration vers windows 10. Un conseil : choisissez “télécharger les mises à jour MAIS ME LAISSER CHOISIR DE LES INSTALLER” ainsi vous aurez la main mise sur toutes les mises à jour même les IMPORTANTES.

Translated: I also had the KB2952664 one of those perverse who participated in the migration to windows 10. One tip: choose “download updates but let me choose to install them” so you’ll have the hand on all updates even the IMPORTANT ones.

J’ai toujours refusé windows 10 et je me bats chaque début de moi pour débusquer les mises à jour complices d’une éventuelle installation de w10 à mon insu.

Translated: I have always refused windows 10 and I fight every beginning of me to flush updates complicit of a possible installation of w10 without my knowledge.

Je lis plus haut : “Pensez-y comme la Silverlight de la télémétrie” … est ce que ça veut dire que la mise à jour silverlight fait partie des MAJ néfastes et complices de la migration forcée vers w10 ?

Translated: I read above: “Think of it as the Silverlight of telemetry” … does that mean that the silverlight update is part of the harmful updates and complicit in the forced migration to w10?

merci d’avance !

Translated: thank you in advance !

Translated per Google Translate. Would really appreciate if someone could confirm it translated accurately. Apologies for any inaccuracies. TY- Elly

Reply | Quote

KB2952664 is a Compatibility patch that performs diagnosis on your computer and sends the information to Microsoft – a “snooping” patch.

Silverlight is a browser add-on (like Flash Player or Java). It has nothing to do with an upgrade to Win10. However, it is rarely used by programmers and mostly useless.

3 users thanked author for this post.

walker, GoneToPlaid, Elly

Reply | Quote

When Silverlight is uninstalled on a system, multiple Silverlight updates will sequentially appear and each of those updates must be hidden. To date, there are 16 Silverlight updates that are hidden.

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

3 users thanked author for this post.

BobbyB, SueW, Elly

Reply | Quote

Merci pour le complément de renseignement. Bonne soirée à vous

Reply | Quote

Microsoft has published a KB article “0x80092004” error occurs and July 2018 .NET Security and Quality Rollup update KB4340557 or KB4340558 does not install after you apply June update KB4291497 or KB4291495 with two workarounds. Hope it helps.

Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author

https://www.borncity.com/win/

7 users thanked author for this post.

walker, GoneToPlaid, Elly, woody, abbodi86, SueW, Microfix

Reply | Quote

At least they responded….

Reply | Quote

And fairly quickly too. That is rather remarkable, given how long it usually takes Microsoft to admit that there are issues with their updates. Essentially, Microsoft is admitting that they add ingredients to their recipes for each month’s Security and Quality Rollups and then toss the bread into the oven, without first checking whether or not they have used the correct ingredients. The baked bread analogy was the best I could come up with at the moment.

Microsoft also states that they are aware of these issues and that they are working on a solution. Thank goodness that you moved to Defcon 2 as soon as the July updates were released. Windows 7 and Windows 8x users should get updated through June since it is important to implement Microsoft’s latest built-in Meltdown protection via Microsoft’s updates to these operating systems. Yet from my experience with updating my Windows 7 computers, getting updated to June 2018 and especially if users held at December 2017, requires installing the January through June 2018 updates in a special way, as I have previously documented. I am not sure if my documented methods for Windows 7 also applies to Windows 8x, yet it wouldn’t hurt for Windows 8x users to use my methods to get safely updated through June 2018.

1 user thanked author for this post.

woody

Reply | Quote

The server 2008 R2 July updates borked out SharePoint 2007 farm, uninstalled them all and trying to work out which update was the culprit.

1 user thanked author for this post.

woody

Reply | Quote

A few days after applying all the July updates (not instantly!), the servers started to perform really badly (physical Hyper-V server with several VMs, all on 2012 R2). Uninstalling KB4338815 on the VMs had minimal impact, uninstalling KB4338815 on Hyper-V host (which reverted it to KB4284815) worked wonders! Our users could finally use our ERP and accounting software solutions again without waiting for several minutes for each process that would usually take mere seconds.

Shocked at the poor patch quality! Hoping that Microsoft will release a fix at all (they’re promising mid-July on the KB page, at least for their known issues). I’ll make sure to delay updates for longer in the future!

1 user thanked author for this post.

woody

Reply | Quote

Update: KB4338831 should supposedly fix the known issues. Will try it in a few weeks…

Reply | Quote

KB4338831 running on physical and virtual servers smoothly for 6 days now, apparently fixing the issues from KB4338815. Really pleased with the current performance of the servers, user’s processes within server-based applications are fast again! 🙂

2 users thanked author for this post.

columbia2011, Microfix

Reply | Quote

Hello PKC, In Woody’s page of Group B updates for 7 and 8.1 it says, “Jul 2018 KB 4345459 (released 7/16/2018, replaces KB 4338823, fixes 0xD1 error, W3SVC, tcpip.sys) – Download 32-bit or 64-bit”, but in the article from MS it states it is NOT a replacement.

On the MS page it said, “This update does not replace a previously released update.”
https://support.microsoft.com/en-us/help/4345459/stop-error-0xd1-after-a-race-condition-occurs-in-windows-7-service-pac

Thank you, and the other good MVPs, for your help here at Woody’s.

Reply | Quote

Yes, I thought the same thing at first. But, read @abbodi86 ‘s information here, and the link in his post. I trust @abbodi86 ‘s assessment to be right-on. And MS’s documentation to be pitiful.

3 users thanked author for this post.

walker, Microfix, Elly

Reply | Quote