March 2019 Patch Tuesday patches

Topic

New Reply

They’re starting to roll in. The Microsoft Update Catalog lists 124 patches. Individual Windows KB articles aren’t updated yet. More as the day unfold
[See the full post at: March 2019 Patch Tuesday patches]

5 users thanked author for this post.

Myst, deanwmn, xmanc026, abbodi86, PhotM

Reply | Quote

Replies

Win  8.1 x 64 updated – no problems found.
XPmode updated (14 updates) – no problem found.

1 user thanked author for this post.

alQamar

Reply | Quote

Group B Security-only patches have been updated on AKB2000003 on Mar 12, 2019.

UPDATE:
Win7 Users will also need the Servicing Stack KB4490628 – Download 32-bit or 64-bit
Please install it FIRST and wait 10-15 minutes to give the installation time to complete. Then reboot the computer before installing anything else.

These are direct download links from the Microsoft Catalog.

11 users thanked author for this post.

deanwmn, banzaigtv, wEarwOlf505cole, The Surfing Pensioner, alQamar, SueW, abbodi86, Kranium, Elly, woody, Microfix

Reply | Quote

I really don’t get the MS notes… I get that in theory it would be great to install the Servicing Stack all alone, but I have PCs that are off the network, turned off for vacations, etc. There is no way I can approve just this one patch on WSUS and get it to install before other updates in the real world.

Edit to remove HTML

Reply | Quote

I find myself unable to install the KB4490628? I let Windows Update do its thing on 13th but when I checked, it listed two updates as ‘Pending’ (KB4474419, KB4489878) and the Stack update KB4490628 failed. I’ve tried to install it multiple time, using both Update and standalone installs but with no success. Would appreciate some advice pls

Reply | Quote

What error code(s) are you getting?

Have you tried running the Windows Update Troubleshooter?

Reply | Quote

On a Windows 7 Pro SP1, Group A, the 2019-03 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4489878) will not progress beyond 56%.  This loop occurs after the “Successfully Installed” reboot.  I did follow PKCano’s instructions:
Hide all the other pending (checked and unchecked) updates in the Important Updates.
Check for updates.
Install Servicing Stack KB4490628 (succeeded)
Wait 10-15 minutes to give the install time to complete. Then reboot.
Nothing has made the 2019-03 Rollup work.  I officially give up on the 2019-03 Rollup.  Woody had noted that on April 3, 2019, Microsoft admitted that there’s an issue that is fixed in next month’s Preview, but that seems to be a risk I am not willing to take.

Reply | Quote

Just patched home system (1809 Pro) with no obvious issues. Patch application speed was improved from previous months.

If they’d be bothered to transition that performance enhancement to Server 2016, I’d be a happier camper.

1 user thanked author for this post.

alQamar

Reply | Quote

Martin Brinkmann over at ghacks has published the excellent detailed rundown of MS patches released today for various OSes.

Windows - commercial by definition and now function...

2 users thanked author for this post.

alQamar, woody

Reply | Quote

Windows 7, SP1       I was offered March KB4474419 security update to update to SHA-2  ?  How badly is this going to bork systems, if at all. Hard to be optimistic about these out of the blue updates as they pop up.

Reply | Quote

Yep, I’ve been talking about that since November. You’re going to need it, in order to install patches after July.

2 users thanked author for this post.

deanwmn, alQamar

Reply | Quote

hi woody.

The KB4489899 cumulative update for Windows 10 version 1809 has two known issues listed:
https://support.microsoft.com/en-us/help/4489899/windows-10-update-kb4489899

Those using Win10 v1809 should definitely wait for the next update in late March rather than install KB4489899

2 users thanked author for this post.

alQamar, woody

Reply | Quote

To be fair, the folks who might be affected by the first issue need some remedial education. 

The second issue (related to internal/external audio devices) seems more likely to be of consequence for the AW crowd with better-than-average hardware.

Reply | Quote

EP wrote:

Those using Win10 v1809 should definitely wait for the next update in late March rather than install KB4489899

Absolutely. Also, note that the same acknowledged bug also appears in the March 1 “February” cumulative update.

Reply | Quote

“The second issue (related to internal/external audio devices) seems more likely to be of consequence for the AW crowd with better-than-average hardware.”

Like every gamer out there, and some non-gamers.

Reply | Quote

jabeattyauditor wrote:

To be fair, the folks who might be affected by the first issue need some remedial education.

They got it:

ADV190010 | Best Practices Regarding Sharing of a Single User Account Across Multiple Users

2 users thanked author for this post.

rc primak, Elly

Reply | Quote

Very strange. For the first time ever that i can remember the patches were already installed and waiting a restart.

Even though i am usually pretty quick on the draw on patch tuesday i always have to hit check for updates.

Also no notification that the computer was awaiting a restart.

 

Barry
Windows 11 v23H2

Reply | Quote

Desktop – Routine Definition Updates for Windows Defender plus
KB2538243 – Security Update for Microsoft Visual C++ 2008 Service Pack 1 Package

NAS – Routine Definition Updates for Windows Defender plus (with restart)
KB4486553 – Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809 for x64
KB4482887 – Cumulative Update for Windows 10 Version 1809 for x64-based Systems

Latitude E5420 – Routine Definition Updates for Windows Defender, nothing further.

Always create a fresh drive image before making system changes/Windows updates; you may need to start over!

We all have our own reasons for doing the things that we do with our systems; we don't need anyone's approval, and we don't all have to do the same things.

We were all once "Average Users".

Computer Specs

Reply | Quote

just as many other C++ updates available via MS download pages also this package is still outdated

KB2538243 – Security Update for Microsoft Visual C++ 2008 Service Pack 1 Package

use All in One Runtime from computerbase.de to fix your security holes with C++. MS does not care. 

The only way to get the secure versions is this great tool (skip other installations) or dl them via Visualstudio portal.

more information:
https://borncity.com/win/2017/12/19/the-problem-with-c-redists-3rd-party-security-patches-i/

 

Edited for HTML. Please use Text tab for copy/paste

 

Reply | Quote

Microsoft will pester Windows 7 users to upgrade to Windows 10 with pop-up notifications

“This is a courtesy reminder that you can expect to see a handful of times in 2019. By starting the reminders now, our hope is that you have time to plan and prepare for this transition. These notifications are designed to help provide information only and if you would prefer not to receive them again, you’ll be able to select an option for “do not notify me again”, and we will not send you any further reminders. Just as software has changed over the years, so has hardware. To learn more about the latest line-up of modern PCs and information for moving from Windows 7 to Windows 10, just click on the “learn more” button on the notification.”

https://blogs.windows.com/windowsexperience/2019/03/12/making-the-transition-to-windows-10-and-office-365/

1 user thanked author for this post.

woody

Reply | Quote

I think this is going to blow up again. See the main post:

https://www.askwoody.com/2019/gwx-redux-were-going-to-get-upgrade-to-win10-nag-notices-in-win7/

Reply | Quote

Windows 7 x64 Home Premium, Group A

Does anyone know whether the new SSU update KB4490628 needs to be installed exclusively? Or if WU offers it along with the March rollup KB4489878 that Windows will “know” to install the SSU update prior to the rollup? I am recalling that when the previous SSU update KB3177467 was offered that it was marked as exclusive, meaning that all other offered updates had to be hidden in order for WU to offer KB3177467.

Reply | Quote

The SSU should be installed exclusively.

See #340687 above

2 users thanked author for this post.

ashfan212, woody

Reply | Quote

Thank you for the reply. Any idea whether WU will initially only offer KB4490628? Or will the SSU update be offered concurrently with the March rollup, MSRT, Office updates, the .Net rollup, etc.? If the SSU update is offered concurrently with other updates, is it sufficient to uncheck all updates except the SSU update or will I need to physically hide all other concurrently offered updates, install the SSU update, and then physically unhide the hidden updates?

Reply | Quote

Wait until the MS-DEFCON level hits 3 or 4 or 5.

At that point I’ll have full instructions. But the short answer is you don’t need to check or uncheck anything: the installer will put things together in the proper order.

At least, it has in the past.

1 user thanked author for this post.

ashfan212

Reply | Quote

Windows 7 SP1…….Do you see any harm or potential problems with installing this update today, so that I don’t overlook it before installing the March updates later or should I wait for the all clear later on and install it then before updating the March updates?

Reply | Quote

If in any doubt yourself, follow the MS-DEFCON system, that’s what it is there for

Windows - commercial by definition and now function...

4 users thanked author for this post.

Myst, woody, dlsdjh, Elly

Reply | Quote

Luckily, KB4490628 is not exclusive, that’s why it’s offered normally with other updates

i don’t know if Windows Update will handle the installation logic correctly, but just to be safe, uncheck all updates and only check/install KB4490628 alone
then you can proceed to other updates including the Rollup

1 user thanked author for this post.

PKCano

Reply | Quote

I’m experiencing the opposite. Please reconsider.

Regards, VZ

Reply | Quote

I actually did not had Win7 machine to check
i was talking based on analyzing KB4490628 msu/cab file and update.mum precisely, it does not have any “exclusive” attribute like KB3177467

so it can be integrated offline normally (tested that)
it also should be show on WU normally with other updates, unless they manipulated the metadata

i will check that soon

1 user thanked author for this post.

woody

Reply | Quote

I approved all of the updates on WSUS for my test VMs and the SSU update for Win7 did not come first and did not come with the other patches.  WSUS offered it to clients after they restarted from installing the other patches.

EDIT TO REMOVE HTML. Please use the “Text” tab in the entry box when you copy/paste

Reply | Quote

I got mine KB4490628 after restarting from the core patch.

Reply | Quote

Waited to install February patches until now.  Installed all but KB 4487000 due to a few reports of blue screens.  After reboot checked updates and KB 4487000 wasn’t there anymore. Only March security rollup 2019-03 (KB4489881) is available in updates. Wondering if I made the best decision in this case. Will wait until Defcon 4 before March updates are installed.

Reply | Quote

If you hide the March security rollup 2019-03 (KB4489881), the Feb patch KB 4487000 will show up in Windows Update.

Reply | Quote

Didn’t hide any updates from February.  Installed all but the security rollup and rebooted. Checked updates and the Feb rollup update was no longer there.

Reply | Quote

anonymous wrote:

Checked updates and the Feb rollup update was no longer there.

Of course not. It was superceded by the March update (that contained it) that you installed.

1 user thanked author for this post.

woody

Reply | Quote

According to the MS support pages, neither the SHA-2 update KB4474419 nor the new SSU update KB4490628 has any prerequisites. Therefore, installing KB4474419 followed by KB4490628 followed by the March updates appears to be the intended order.

Windows 7 x64 Home Premium, Group A

1 user thanked author for this post.

dlsdjh

Reply | Quote

It would probably be better to install the SSU KB4490628 first and give it time to finish the installation (10-15 minutes) before installing the other patches.

See #340687 above.

Reply | Quote

If I am understanding you correctly, you are advising to install the SSU update by itself rather than in conjunction with the other March updates. I assume that you do not disagree with installing the SHA-2 update KB4474419 prior to the new SSU update KB4490628.

Reply | Quote

PKCano wrote:

It would probably be better to install the SSU KB4490628 first and give it time to finish the installation (10-15 minutes) before installing the other patches,

I meant FIRST.
The SSU has to be installed EXCLUSIVELY – that means BY ITSELF.
It is the update for the Windows Updating system.
It cannot be installed with other updates.
In fact, it may not show up in the WU Important queue until there are no other pending updates.
Which means, you may have to temporarily HIDE all the other pending updates to be offered the SSU.

See #340687 above.

The SHA-2 patch is not mandatory until July.

6 users thanked author for this post.

Lori, phaolo, The Surfing Pensioner, fernlady, Elly, ashfan212

Reply | Quote

Windows 7 Pro SP1 x64  Group A   Updates current thru February

Just checked on March updates received:

KB4489878, KB4474419, MSRT

But no KB4490628

Should I hide first 3 and hope KB4490628 appears?  Or manually download KB4490628 from the MS Catalog?

IF KB4490628 should be exclusively installed FIRST, why does it not appear until the update que is empty (logically indicating one would have installed them, not hid them?)

And if it is not necessary until July, why cant the normal March updates be installed first and then KB4490628 when if appears later?

Just askin”

Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)

Reply | Quote

Did you read the post directly above?
There is no reason to repeat it.

Reply | Quote

bbearren wrote:

Desktop – Routine Definition Updates for Windows Defender plus KB2538243 – Security Update for Microsoft Visual C++ 2008 Service Pack 1 Package NAS – Routine Definition Updates for Windows Defender plus (with restart) KB4486553 – Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809 for x64 KB4482887 – Cumulative Update for Windows 10 Version 1809 for x64-based Systems Latitude E5420 – Routine Definition Updates for Windows Defender, nothing further.

Second round, Desktop:
KB4489899 – Cumulative Update for Windows 10 Version 1809 for x64-based Systems
KB4489907 – Security Update for Adobe Flash Player for Windows 10 Version 1809 for x64-based Systems
KB4482887 – Cumulative Update for Windows 10 Version 1809 for x64-based Systems

Second round, NAS:
KB4489899 – Cumulative Update for Windows 10 Version 1809 for x64-based Systems
KB4489907 – Security Update for Adobe Flash Player for Windows 10 Version 1809 for x64-based Systems

Second round, Latitude E5420
KB4489899 – Cumulative Update for Windows 10 Version 1809 for x64-based Systems
KB4489907 – Security Update for Adobe Flash Player for Windows 10 Version 1809 for x64-based Systems
KB4018363 – Update for Microsoft Access 2010 64-Bit Edition
KB4461626 – Update for Microsoft Office 2010 64-Bit Edition
KB4462229 – Update for Microsoft Outlook 2010 64-Bit Edition
KB2589339 – Update for Microsoft Office 2010 64-Bit Edition
KB4462226 – Update for Microsoft Office 2010 64-Bit Edition
KB4486553 – Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809 for x64

Always create a fresh drive image before making system changes/Windows updates; you may need to start over!

We all have our own reasons for doing the things that we do with our systems; we don't need anyone's approval, and we don't all have to do the same things.

We were all once "Average Users".

Computer Specs

1 user thanked author for this post.

woody

Reply | Quote

I updated a Win 10 1809 test laptop today without any apparent issue. However, reading the release notes for KB4489899 I wondered:

a) why release an update if you already know there’s 2 issues with it?

b) why are you using the phrase ‘Windows Linux’?

It’s ‘Windows Subsystem for Linux’ (WSL)… stop trying to subsume, Borg!

 

1 user thanked author for this post.

alQamar

Reply | Quote

Rick Corbett wrote:

However, reading the release notes for KB4489899 I wondered:

a) why release an update if you already know there’s 2 issues with it?

You think they shouldn’t fix 36 issues, some critical, because of two obscure issues affecting a tiny percentage of users which were already known in previous updates? Microsoft should not release any update until it was capable of fixing every outstanding issue? I hope that never happens.

1 user thanked author for this post.

rc primak

Reply | Quote

b wrote:

… because of two obscure issues affecting a tiny percentage of users which were already known in previous updates?

Actually… how common is the MSXML6 dependency anyway?
Because, well, according to Microsoft one of the affected applications is the Group Policy editor…

Then again it now seems to be a known issue in all of this year’s Windows 10 cumulatives, including January. Yes, also 1607 / Server 2016, 14393.2724 and later builds.

Really should keep a revision history of those MS KB articles or something, just to keep track of when “known issue” entries get modified…

Reply | Quote

OK, here’s my experience with the Servicing Stack KB4490628 for Win7:.
It acts like any other Servicing Stack.
It does not show up in the Windows Important Update queue unless there are no other pending updates in the Important Update queue.

To install it FIRST, by itself. this is what you should do:
Hide all the other pending (checked and unchecked) updates in the Important Updates.
Check for updates.
Install Servicing Stack KB4490628
Wait 10-15 minutes to give the install time to complete. Then reboot.
Unhide any of the updates you want to install and install them.

6 users thanked author for this post.

Lori, SueW, wEarwOlf505cole, alQamar, fernlady, abbodi86

Reply | Quote

? says:

hi PK,

when the time is right could a person get the KB4490628 from:

https://www.catalog.update.microsoft.com/Search.aspx?q=KB4490628

and run it from the desktop?

Reply | Quote

Yes, the Servicing Stack can be downloaded from the Catalog and manually installed.
After doing so, wait 10-15 minutes before installing anything else to give the installation of the Servicing Stack time to complete.

See #340687 above.

2 users thanked author for this post.

rc primak, alQamar

Reply | Quote

Thanks PK.

Given that the servicing stack update isn’t required until July, an alternative to hiding everything now in order to get it offered and installed with a view then to revealing the hidden updates to get them installed is presumably to forget about it for now, have the regular updates installed normally and then install the servicing stack update when it is offered? All, of course, when the Defcon rating moves to 3 or higher.

Depending on how reliably the servicing stack update goes, a further alternative may well be to leave it well alone until May or even June in order that any necessary hotfixes can be applied to it in the meantime while still getting it installed in time for July.

Reply | Quote

The servicing stack is KB4490628, and according to the MS support page for the March Win 7 Rollup and also for the Security Only, is required before either is installed.

KB4474419 is the SHA-2 update, and is the one required by July (although my notes say its required by August, but I could be wrong).

4 users thanked author for this post.

Lori, SueW, The Surfing Pensioner, columbia2011

Reply | Quote

The requirement for SHA-2 support varies by OS for some reason.  Server 2008 SP2 needs it by July and Server 2008 R2 SP2 and Windows 7 SP1 need it by August.

 

https://support.microsoft.com/en-us/help/4472027/2019-sha-2-code-signing-support-requirement-for-windows-and-wsus

Reply | Quote

@DrBonzo is correct. It is the SHA-2 update KB4474419  that is not mandatory until July.
You need the Servicing Stack KB4490628 now.

See #340808 above.

4 users thanked author for this post.

Lori, deanwmn, The Surfing Pensioner, DrBonzo

Reply | Quote

Thanks for clarifying the two different updates. The advice seems to be that KBKB4490628 needs to be installed first.

However, I am not being offered KB4490628 as a pre-requisite to being offered the usual monthly updates (roll-up and MSRT) plus KB4474419. That suggests MS intend that I should install those updates first, and then when there are no important updates left they will – presumably – offer me KBKB4490628. If I needed that one first, why would it not be offered to me first?

I won’t know the reality of that sequence in practice, of course, until the Defcon rating is raised! However, I do know what is being offered to me (I keep my secondary machine set to “Check and notify but do not download or install” precisely so I can interpret what is being said here in relation to what I am being offered, while keeping my primary machine set to “Never check” until I’m ready to install the updates – after the Defcon rating has been raised and the updates have been installed with no issues up to 48 hours later on my secondary machine), and it isn’t the one that I’m being told here that I need to install first.

I’m not contesting anything anyone is saying, just pointing out that what I’m being offered doesn’t comply with that advice.

For the record, I’m also being offered five Office 2010 updates. All so-called Important updates are checked.

Reply | Quote

Please see #340940  and #340808 above

Reply | Quote

I already did. That’s why I wrote what I said!

Reply | Quote

The answer to WHY you are not seeing the SSU and HOW to make it show up and install first are in those two links.

Reply | Quote

Yes I know that PK, as I said I’m not contradicting the advice given, merely saying it doesn’t match what MS are offering.

I appreciate your assistance as always, but users not committed to Group B aren’t going to go searching for information on updates that need to be installed but which aren’t being offered, nor are they likely to download an update from the catalogue. They’ll install the offered updates first, and if KBKB4490628 is then offered they’ll install that one too. Do we know of any way in which their system will be compromised by following this sequence as set by MS? Why are MS saying KBKB4490628 needs to be installed first while only offering it later? What is the practical issue that will arise if we simply follow the sequence in which the updates are offered?

These are the sort of questions I’m hoping there are clear answers to before Woody has to put his recommended practice together when raising the Defcon rating. They’re critical to the advice he will give at that time.

1 user thanked author for this post.

Christopher Stone

Reply | Quote

I can’t tell you why MS does what it does. But I do know it can cause a problem – it did the last time MS released the v2 of the last Servicing Stack KB3177467 (does that sound familiar, that was last Oct?) it was the same issue. At one point, the SSU becomes a prerequisite but it isn’t offered until last. All I can say is – crazy!

3 users thanked author for this post.

Lori, Christopher Stone, Seff

Reply | Quote

I’m running win7 pro 64bit and before applying march 2019 updates i was fully patched to feb 2019. I use WU (most of the time) and set “Check for updates but let me choose…..”. I’ve only used the MS Catalogue previously when there have been issues with some updates and i have wanted to install specific updates in a particular sequence.

For march 2019 WU offered me same as @Seff stated –

Windows Malicious Software Removal Tool x64 – March 2019 (KB890830)

2019-03 Security Update for Windows 7 for x64-based Systems (KB4474419)

2019-03 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4489878)

I installed these 3 updates successfully and WU then offered –

2019-03 Servicing Stack Update for Windows 7 for x64-based Systems (KB4490628) which I installed successfully.

I have done a quick check running the apps I typically use and all ok.

However I recommend applying MS patches according to Askwoody Defcon rating irrespective of the update method used.

1 user thanked author for this post.

Chessie

Reply | Quote

You’re not expecting M/S to be logical in its update sequence?

Reply | Quote

No indeed, although that would be good! What I am hoping is that by the time Woody gets to make his recommendations on raising the Defcon rating we can get to the bottom of why there’s a disparity in the way KBKB4490628 is being described as essential to be installed before it is being offered.

Reply | Quote

Well, for a die-hard Group B-er like me it’s no problem: you download the patches you really, really want from the Update Catalogue and install them manually and individually, then you go to WU for the odds and sods. It sounds like a bit of a nightmare for anyone in Group A.

Reply | Quote

I’m guessing that “ods” and “sods” mean “Office patches” and “./NET (if  listed as “OK” to install” in the Master Patch List. Also the MSRT du jour. All that should have shown up already in “Control Panel/System Security/Action Items/Windows Update

assuming Windows Update is set to “Check for updates and let me know, but let me install the patches” or words to that effect.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

That’s about it, and odd socks like the Silverlight update I installed on the 1st February because I was feeling sentimental (no, seriously, someone said it would be a good idea). My WU is routinely set to Never Check, but I change the settings to Check but Let Me Decide whether to Download and Install when I turn it on once a month. Then it gets turned off again and the little red cross on my Action Centre flag reassures me that my drawbridge is up.

Reply | Quote

There might be other good reasons for installing Silverlight, but the one I know for sure is that, if one has IE11 and Windows 7, the only way to watch videos from, for example, Netflix, using the Win 7 version of IE 11 that, unlike the Win 8.1 version, does not have an HTML5 converter, is with Silverlight installed and, preferably, kept up to date. But the need to use IE11 for that purpose is undermined, these days, by the availability of other browsers compatible with Win 7 and that come with HTML5 converters (Chrome, FF — finally, after at FF much resisting it, because of their opposition to DRM — Waterfox, etc.)

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

1 user thanked author for this post.

Lori

Reply | Quote

No, I don’t watch videos on IE11! but I seem to remember someone said if you’ve got Silverlight, keep it updated and I didn’t want to unistall it just in case. It’s not hurting anything, whilst updated. By the way, I’m reading with interest about your adventures with Linux, because if you get on all right with it I may well go for a Linux OS myself before the end of the year. Got to jump in some direction!

1 user thanked author for this post.

Lori

Reply | Quote

note that the KB4490628 servicing stack update supersedes/replaces the KB3177467 servicing stack update (all versions of that) as Microsoft said so in MS KB article 4490628:

Update replacement information
This update replaces the previously released update 3177467.

2 users thanked author for this post.

Lori, DrBonzo

Reply | Quote

<<It does not show up in the Windows Important Update queue unless there are no other pending updates in the Important Update queue.>>

This part is incredibly important.  I don’t have Windows 7 WU set to auto [life is too short for that].  Also, I never run the monthly “Windows malicious software removal tool” important update.  I don’t hide it — I just uncheck it.  That means I won’t get offered the SSU update, since hiding the tool  just makes the previous month’s tool show up, and thus the queue is never empty.  Hide, scan.  Hide, scan.  etc etc.  After about 6 of these loops the SSU was finally offered.

So it seems you should manually install the SSU (unless for some strange reason you have WU set to auto)

 

Reply | Quote

Yesterday I made a clean installation of windows 10, I installed several
updates, including kb4482887, which was installed correctly. However,
after today’s updates were installed, the update history shows that
kb4482887 was not installed correctly with error 0x80070643. But yesterday
it showed a correct update. Someone else happened to this?

Edited for HTML. Please use Text tab for copy/paste.

Reply | Quote

I have an interesting (to me, at least) observation about my Win 7 Pro SP1, x64 computer that I update according to Group B. For many consecutive past months Windows Update has offered KB2952664, along with the monthly Rollup, etc. Now, with the offering of the March Rollup, etc., KB2952664 is no longer offered. I have Windows Update set for ‘check for updates but let me decide whether to download and install’. I am completely up to date through February patches. Whenever I have in the past hidden KB 2952664, it has just kept coming back, so I don’t hide it, but rather ignore it and am just careful to never install it.

I’m wondering what the significance of it’s disappearance is? Has MS given up on KB2952664 (seems highly unlikely), are they going to replace it with some other update (seems more likely), have they incorporated it into some other update without telling anyone (seems pretty likely to me), or something else? Maybe it has something to do with their plan to show Win 7 users pop-ups stating that Win 10 is the preferred operating system. OR,…

Anybody else seen this and/or have any thoughts?

Reply | Quote

The KB2952664 functionality was integrated into the Rollup Preview in Sept 2018 and has since been a part of the Monthly Rollup. That may be why it it is not being offered to you through Windows Update, it would be redundant. And since you are using Security-only updates, you would not use it anyway.

1 user thanked author for this post.

DrBonzo

Reply | Quote

1803 Home patches installed without any apparent problem. ShutUp10 shows all settings held their previous status.

Lugh.
~
Alienware Aurora R6; Win10 Home x64 1803; Office 365 x32
i7-7700; GeForce GTX 1060; 16GB DDR4 2400; 1TB SSD, 256GB SSD, 4TB HD

Reply | Quote

On my windows 7 pro machine the Servicing stack kb4490628 showed up after all the other updates.  I installed those and rebooted the machine.  Then noticed the servicing stack showed up.  Should i do anything?  According to what I’m reading the servicing stack should have been installed first before other updates.  But that is not what windows updated did in my case.  I never checked for updates they were just there when I turn on the machine.  Should I do anything or just leave it alone.

Reply | Quote

If you have already installed the March patches, YES, you need to go ahead and install the Servicing Stack.

Most people here wait for a while after Patch Tuesday before installing the updates to be sure there’s no “gotcha” and to wait for instructions on how to patch safely. You can read about that DEFCON system by clicking on the “MS-DEFCON System” button in the top menubar.

Reply | Quote

What I need to do is install the updates on a Server 2008R2 thats for some reason never shows all the updates, only some.  It only showed the Malicious software removal tool.  So I need to manually do the others.  But I want to get the right order when I do decide to do it. Is it all that important to do them in any certain order?  As I stated on the windows 7 machine it automatically installed all the updates except the servicing stack kb4490628.  When I went back to look after the reboot it was there waiting to be installed.  So on the server should I install the servicing stack first, then the monthly rollup and ShA-2 patch?

Reply | Quote

See the bottom part of #340687 and also #340940.

Reply | Quote

1st Win 10 Monthly WU / 1803 Home – I’m set for Update Other MS Products & didn’t meter this time but only got KB4489868 March Cum Update/ KB4489907 Flash/ KB2538243 Visual C++ ….  Office ’16 File/Acct shows Auto Update-Inst BUT – 0 – Updates…. Will others come in stages or will I manually Install the rest? 6 Critical + 27 Important Total per AW Thread …

Sorry to be dense on this but clarify one more time & I’ll learn.

W10 Pro 22H2 / Hm-Stdnt Ofce '16 C2R / Macrium Pd vX / GP=2 + FtrU=Semi-Annual + Feature Defer = 1 + QU = 0

Reply | Quote

Are you running Office 2016 persistent version or are you running Office 2016 Click-to-Run?
The patches released through Windows Update are for the .msi (persistent) version installed locally.
The Office 365 and C2R versions have their own updating system, not through Windows Update.

Reply | Quote

PKCano wrote:

Are you running Office 2016 persistent version or are you running Office 2016 Click-to-Run? The patches released through Windows Update are for the .msi (persistent) version installed locally. The Office 365 and C2R versions have their own updating system, not through Windows Update.

Not the 365 /Best Buy Hm-Stdnt $99 Card has 25 digit#,  Nets Download/Inst with different 25# Prod Key. An open Word doc/ File/ Account … on the right Office Updates: Automatically downloaded & installed; Drop-dn arrow for Update Now/ Disable/ View/ About.

With 3 Macrium Bkups I can try Update Now, or Wait til Defcon rises. Just Presumed with No Meter that Office would Auto-download. Thanks for Reply.

EDIT: Thanks, Woody for EDIT capability remaining active!! Per PKC’s Reply below I DID clk Download Now for what IS – Click2Run Office ’16 -. Believe there is NO WU History Record for C2R but all is well. Main WU shows Up-to-Date but there’s No way to prove 6 Critical and 27 Importants were Inst’d with Only March CU and 2 others showing.

W10 Pro 22H2 / Hm-Stdnt Ofce '16 C2R / Macrium Pd vX / GP=2 + FtrU=Semi-Annual + Feature Defer = 1 + QU = 0

Reply | Quote

Sounds like you are running Click-to-Run (C2R). It does not update through Windows Update. It has its own updating system.

2 users thanked author for this post.

alQamar, CraigS26

Reply | Quote

W7 Starter 32-bit & W7 64-bit March WU.
Installed 3-WU, OK. Followed by KB 4490628.
Not looking forward to MS W7 – W10 pop-ups.

Reply | Quote

EP wrote:

hi woody. The KB4489899 cumulative update for Windows 10 version 1809 has two known issues listed: https://support.microsoft.com/en-us/help/4489899/windows-10-update-kb4489899 Those using Win10 v1809 should definitely wait for the next update in late March rather than install KB4489899

the solution is to follow MS advice and uninstall IE. There are more capable, speedy and less troublesome browsers. IE was s*** and keeps being it.

Reply | Quote

mn– wrote:

b wrote:

… because of two obscure issues affecting a tiny percentage of users which were already known in previous updates?

Actually… how common is the MSXML6 dependency anyway?

MSXML4 and 6 should be uninstalled or at least patched manually (while removing the older SPs). On W10 they are no longer needed.

Reply | Quote

MSXML 3 and 6 are inbox components since Windows 7, they cannot be uninstalled

Reply | Quote

To ALL 1803’s ….. 1809 Install (likely @ Chk for Updates)  repeatedly was Stuck at – Installing 91% – UNTIL I DISabled Eset Security, Mbam, and SuperAS. Many UNinstalled their AV and Unchk’d all Non-MS members of Startup Tab in Task Mgr, so I was Lucky to avoid that. Google “Win 10 1809 Stuck at 91%” scenario and you will have much company & advice – IF needed.

W10 Pro 22H2 / Hm-Stdnt Ofce '16 C2R / Macrium Pd vX / GP=2 + FtrU=Semi-Annual + Feature Defer = 1 + QU = 0

Reply | Quote

Uninistalling third party antimalware products has been a requirement for any major Windows upgrade or feature update for a long time, if not forever. You can reinstall them after the upgrade.

-- rc primak

Reply | Quote

Has anyone checked out or opined about the new Intel driver patches? Available from:

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00189.html

There are patches for several Intel hardware drivers. I first saw this at:

https://www.theregister.co.uk/2019/03/14/intel_march_patches/

Reply | Quote

I use Intel’s own tools or visit their site and enter my specific PC make and model to determine which drivers need to be updated. I NEVER update Intel drivers on a per-component basis. Go to the manufacturer of your whole device and get new drivers from there if any are available. NEVER let Microsoft Update download or install ANY drivers!

If a driver is ever changed during an update or Feature Update, roll it back to the previously working OEM or installed driver. You do back up the System32 DriverStore FileRepository folder before each monthly round of updates, don’t you? That’s your local source for a driver restoration in Windows 10 if anything makes any unwanted changes.  Check for any changes and roll back as needed after any Feature Update.

-- rc primak

1 user thanked author for this post.

Lugh

Reply | Quote

rc interesting comment:

If a driver is ever changed during an update or Feature Update, roll it back to the previously working OEM or installed driver

When I feature updated from 1709 to 1803 last October the process changed just about all my drivers including Nvidia card drivers to an earlier version.

I posted and most here said it happens all the time and to leave well enough alone.

Since I did not make your suggested driver backup, best I could do now is go to my component manufacturers sites and install a more current version of each driver vs a restore from the past. But, should I do this? Leave well enough alone? Or, obtain specific drivers like Nvidia and Asus MB components?

Even if I make the suggested backup, should I/we restore them after a feature backup if all seems to be working with what the feature update installs?

Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)

Reply | Quote

Depending on how your components are performing, it might be a good idea to take the most important ones, like the NVidia graphics drivers, and a few at a time, gradually rebuild the OEM versions of all affected drivers. (The ASUS MB Drivers should exist all in one place, so they would be next in line for OEM restoration from the manufacturer’s site.) Then back up the DriverStore FileRepository as is suggested in my post. Continue making this backup whenever MS Updates look like they are coming your way, even the monthly CUs.

Even if I make the suggested backup, should I/we restore them after a feature backup if all seems to be working with what the feature update installs?

That’s essentially what I do after every Feature Update, if MS has messed with any of my drivers. But then, I have a single tool from Intel which will do that for me in one easy process. Then back up the FileRepository folder.

-- rc primak

Reply | Quote

Hey rc,

This is an oldie, but have a question on how to return a driver changed by MS back to one in a backed up System32>DriverStore>FileRepository folder.

I have hundreds of drivers files in that folder with unrecognizable names.

So I go to Device Manager and see that a device driver has been changed on say my Bluetooth Device.
How do I find the correct backed up device driver and get it reinstalled back into Device Manager? Could a device need multiple drivers to find?

Thanks

Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)

Reply | Quote

So, aside from the big batch, were some of these just late? Because I see there’s a kb4480730 for Windows 10 up to 1803, “Reliability improvement to Windows 10 update components” … appears to touch Cuassistant.dll and Culauncher.exe with tuesday’s date.

1 user thanked author for this post.

woody

Reply | Quote

And I see that the KB article now has a date of March 14.

See https://www.askwoody.com/2019/did-microsoft-just-re-release-kb-4480730-the-reliability-improvement-to-windows-10-update-components/

Reply | Quote

Today I checked what Windows Update offers on my 2 OS’s:

Windows 10 1809:
KB 890830 MSRT > installed with WuMgr > o.k.
KB 4487038 Flash > installed with WuMgr > o.k.
KB 4489899 CU > pending
I hid KB 4480116 a while ago, but now it’s gone all over sudden.

Windows 7 Pro SP1, Group B:
KB 890830 MSRT > will install later
KB 4489878 MRU > Group B: SO 4489885 > will install later
KB 4474419 SHA-2 > will install later
Strangely enough KB 4489873 IE March is not offered (yet).

LMDE is my daily driver now. Old friend Win10 keeps spinning in the background

Reply | Quote

KB 4489873 is available through AKB2000003 (unless MS pulls it).

1 user thanked author for this post.

TJ

Reply | Quote

https://www.askwoody.com/patch-list-master/master-patch-list-february-2019/

The February Master Patch List says “.NET updates – included no new security updates, thus can be skipped this month”. There were security .Net updates last month wasn’t there?

Reply | Quote

Yes, there were Feb .NET Security Rollups and .NET Security-only Rollups

1 user thanked author for this post.

Lori

Reply | Quote

“Yes, there were Feb .NET Security Rollups and .NET Security-only Rollups”

The https://www.askwoody.com/patch-list-master/master-patch-list-february-2019/ should be updated to reflect that.

Reply | Quote

Both patches are on the list. KB4487078 Security Rollup and KB4487121 Security-only Rollup.

Reply | Quote

“Both patches are on the list. KB4487078 Security Rollup and KB4487121 Security-only Rollup.”

But the https://www.askwoody.com/patch-list-master/master-patch-list-february-2019/ February Master Patch List says “.NET updates – included no new security updates, thus can be skipped this month”. You don’t think that should accurately convey that there were Feb .NET Security Rollups and .NET Security-only Rollups?

Reply | Quote

I can only refer you to the MS pages for KB4487078 and KB4487121.

Reply | Quote

Win 10 1709 64 bit – March delta update, followed by Office 2013 updates installed OK on tw0 machines, stable for 2 days.   Blocked KB4480730 and Win 10 1803 with Wushowhide util.

Reply | Quote

Hi all,  I normally have used auto install without issue..but this update to my Win 7 Pro system froze my machine during the install at 54% and no amount of coaxing would fix that.    I had to manually shift back to a previously good image.  I’ve tried allowing the autoinstall to run again..but everytime it freezes at the same spot.  KB4489878 and KB4474419 remain as fails.

Other than turning off auto install (done), any thoughts of actions I should take?   Thank you!

Reply | Quote

There is a servicing stack KB4490628 that needs to be updated, but it won’t show up in Windows Update unless there are no other updates in the important list.

You can try this:
+ Temporarily hide all the updates in the important list.
+ Check for updates. KB4490628 should show up after you have hidden all the rest.
+ Install KB4490628, wait 10 minutes, reboot your computer.
+ Unhide the updates you hid earlier and see if they will install.

Reply | Quote

Just checked and found that 3 security updates were installed on my Win 7 SP1  PC on March 4th. Not by me, last time I checked and installed anything was on Feb 26th.  These were all Security updates that Microcrud took the liberty of installing themselves – KB4491113, KB4486474 and KB4486564.  I haven’t had any major problems with my PC since then but have been experiencing some small things.  It really irritates me that they would take the liberty of doing that and makes me want more and more to just hang up the PC forever and switch to Mac.  I need to switch to something that works with Ancestry, but that should be no problem.

1 user thanked author for this post.

Chessie

Reply | Quote

Hello @deanwmn-

Have you checked the Windows Update settings lately? Woody suggests setting to Never Update.

KB4486564 is a Security Only Update, which would have required manually downloading and installing. It would not show up in Windows Update, no matter what the update setting was.

Non-techy Win 10 Pro and Linux Mint experimenter

1 user thanked author for this post.

deanwmn

Reply | Quote

I did not download these patches! None of them. As I said before, the last time I even checked was on Feb. 26th.  Nor do I use IE11 – at all!  I use Chrome and if for some reason I’m unable to, I use Firefox. 11 is on my computer only because Microcrud, in all its great wisdom, won’t let me remove it!  But I removed the icon from my desktop and never use it.  I don’t like it, too many problems.  I thank you all for your input, but I assure you that I did not download those updates nor do I use IE 11.

Reply | Quote

My computer has been set to NO updates for well over a year now – more like two!  I do not allow updates to be downloaded unless they’re done by me.

Reply | Quote

• Bring up Internet Explorer
• Click on Help
• In the drop down menu, click on About

Is “Install new versions automatically” checked?

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

Reply | Quote

KB4486474 is the IE11 Cumulative Update and KB4491113 is a out-of-band fix for IE11. None of those updates were released through Windows Update.  All three are manual download and manual install. Someone did what we call a Group B update to your computer.

1 user thanked author for this post.

deanwmn

Reply | Quote

If deanwmn actively uses IE11 for her Ancestry work, would this account for updates being applied without Windows Update or manual download?

Reply | Quote

I’ve used IE 11 regularly for certain things for the last decade or so, and have never had an update that I did not either do or approve (Windows Update set to check for updates but let me decide whether to download and install)

Reply | Quote

I agree with DrBonzo: Rarely have I had a problem while using IE11, since it first came out. Very occasionally it has frozen and I ‘ve had to kill it from the Task Manager. But such problems seemed to have been caused by some incompatibility with software in the Web sites I was browsing at the time. In general, it is not a bad browser and has lots of useful items in the tool bar menus, making it easier to set it up at an advanced level, compared to other browsers that require entering line commands in the URL field. Its major limitation, I’ve found, is that the version for Windows 7 (but not for 8.1) lacks an HTLM5 decoder for viewing some (e.g. Netflix’s) streaming videos, so one needs to install, use, and keep on updating, Silverlight for that. As to patching IE11, if one does it separately and by hand, as Group B, then, same as with anything else, one should wait until it seems safe to do it, according to what people report happened after they patched it as Group B, whether Susan recommends installing the patch or holding for now, in her Master Patch List, etc. And, whether one uses it as a browser or not, one has to keep patching it, because it is used, or some of its components are used, by the Windows system in several of its tasks, including some the user might not be even aware of, besides browsing.

Those patching as Group A will get the IE11 patch installed with the rest of the monthly S&Q rollup. So they only need to worry that the rollup is OK to install, again according to the reports of other Group A users and as indicated in the Master Patch List, etc.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

Hello, #post-343071 here again. I should have used more words. All other browsers I use check for updates upon launch, or during a defined idle period while running. You may select from the usual options Auto/Ask/Never. My question was not about the appropriateness of IE11. I only wondered if it might do that same function without a human opening the Windows Update display, or calling from the catalog. I recognize IE11 has the benefit of system update channels that other browsers do not. Microsoft does seem to use all methods available to them, and I did not know if this could be another one.

I believe DrBonzo has described that does not happen, in his long experience. And deanwmn has added that does not describe her use anyway.

I remain curious how this happened, and concerned that this comment stream is suggesting she has allowed another human physical access. I would rather read the technical reasons that remote access or a system triggered event has been ruled out. Maybe in a question topic.

Reply | Quote

@anonymous – It seems that perhaps both of us are playing a bit loose with our words. When I used the word ‘update’ in my post above I was referring to updates of the type one is offered through Windows Update that are released (typically) on various Tuesdays of each month by Microsoft. In that context, I stand by the statements I made above.

Regarding IE11, when I go to Help —> About Internet Explorer, I get a pop-up window that gives “Version”, “Update Version”, and a box that I have checked to “Install New Versions Automatically”. I believe this box is referring to “Version”, but NOT to “Update Version”. Whenever I check “Update Version” it gives me the latest IE 11 patch (usually from a second Tuesday release) that I have manually installed. In contrast, I believe that “version” is something that is checked automatically every time I open IE 11, but I have never manually installed such a patch. I believe MS is using the word “Version” in a manner analogous to how Firefox uses “update”. If I recall correctly, FF is now at 65.0.2, a number I think MS would refer to as a “Version”.

Hopefully that clarified rather than confused things.

Reply | Quote

Perhaps a new program or malware might reset the Windows Updates settings. A new program would be likely to reset to automatic updating. Malware would be likely to block updating, so that it could continue to function and avoid detection. But neither is likely to install Group B (Security Only) updates, which need to be manually downloaded and executed.

Why would someone who has gone to the trouble to install remote access use it to do Group B updating rather than cause other malicious trouble? It just isn’t how someone or something with malignant intentions hides what they are doing…

I’m pretty much a hands on expert on having a chronic foggy brain and getting unexpected or unremembered results, and trying to walk back what it was I did to get there… and remembering or recording a wrong date is only one way I have messed things up. Combine that with a history of domestic violence, and stalking… well, I have to really check things out to avoid personal crazy-making. Mistakes happen to regular people… and/or it isn’t unknown that a friend or family member might want to ‘help’ by updating. It is much easier to rule out those sorts of things than doing a deep dive into malware scans, researching services and processes and monitoring internet connectivity through a firewall… It would need a separate topic to detail ways to insure your computer is remaining your computer, but again, the fact that Group B updating (which is manual) is involved, makes it unlikely @deanwmn has a need for that at this time.

Non-techy Win 10 Pro and Linux Mint experimenter

Reply | Quote

@deanwmn-

It is always disturbing to find unexpected changes with one’s computer. At this point, you should be confident that the particular patches you mentioned would have to be manually downloaded and installed.

I’m curious as to what patches you installed on February 28th. Are you following Group A or B patching, or have been going it alone?

Just to consider- It was March 4th that Woody recommended installing the February updates.

Also, whether you use IE 11, or not, it is part of Windows 7, and some of its components are used by other programs. It is best practice to keep it updated due to its integration within the OS, even for those of us who never use it.

Those patches are easy to uninstall, if you really don’t want them… but they would be appropriate for bringing Group B patching current.

If you come to the conclusion that someone else must have installed the patches, it may be time to review your security- who has physical access, what accounts (and what permissions they have) are on your computer, and changing passwords.

Non-techy Win 10 Pro and Linux Mint experimenter

1 user thanked author for this post.

Chessie

Reply | Quote

Microsoft is going to start changing the build numbers of Windows Server 2008 with each update now.  They started with this month’s preview rollup.

https://support.microsoft.com/en-us/help/4495374/build-number-changing-to-6003-in-windows-server-2008

1 user thanked author for this post.

abbodi86

Reply | Quote

aww – KB4023057 is back again, this time new date 3/19/2019 on MS Update Catalog:
https://www.catalog.update.microsoft.com/Search.aspx?q=4023057

Reply | Quote

I’ve been running Win10 1803 for several months without problems so far.  As usual on the day before the most recent Patch Tuesday, I opted to delay updates for 35 days.  I was surprised this afternoon to be greeted by a “We have an update for you…” window.  I checked Update & Security > Advanced and found that the delay button was “Off”.  I clearly remember turning the delay on and have no idea how it was turned off.  The update scheduled to be installed on the next restart is the infamous and regularly recurring KB4023057.  Assuming at this point that there’ s no reasonable means to prevent the installation on restart, I plan to uninstall that update after it has been installed.  Creation of a new disk image is now in process and will be completed before the next restart.

Windows 10 Pro 64 bit, 1803

Reply | Quote

In Group Policy:
Administrative Templates>Windows Components>Windows Update
Configure Automatic Updates = Enabled, set value to 2 (notify download/install)

Taht way, they won’t download without your clicking on “Download.”

1 user thanked author for this post.

snalmond

Reply | Quote

PKCano wrote:

In Group Policy: Administrative Templates>Windows Components>Windows Update Configure Automatic Updates = Enabled, set value to 2 (notify download/install) Taht way, they won’t download without your clicking on “Download.”

Done.  Many thanks!

Reply | Quote

Almost April and no word on if it’s safe to install the March updates for Windows 7-64bit-

KB4489878 monthly rollup

KB4474419 Security update

Getting late in the month and still no word-

Reply | Quote

It’s OK. Woody changes the DEFCON number when he thinks it’s safe. There is almost two weeks left before April Patch Tues.

Patience, Grasshopper.

2 users thanked author for this post.

Elly, Lars220

Reply | Quote

Didn’t see any too much mention of KB4489881. My mother contacted me yesterday complaining that her Win 8 Dell laptop was spontaneously rebooting. Took a look and it was Windows trying to repair itself and failing. Dug around a bit and found this:

https://answers.microsoft.com/en-us/windows/forum/all/windows-81-constantly-crashing-after-windows/911e794d-53d2-44fb-a027-060e56b83016

Sure enough, removed 4489881 and it’s been running fine.

1 user thanked author for this post.

columbia2011

Reply | Quote