May 2018 Patch Tuesday has arrived

Topic

New Reply

The May Security Updates have been released for all versions of Windows. Today, Windows 10 v1803 becomes officially available. As usual, Martin Brinkm
[See the full post at: May 2018 Patch Tuesday has arrived]

12 users thanked author for this post.

Anton Karlan, Chessie, SueW, John in Mtl, Pepsiboy, zeuswoz, WildBill, Great Lake Bunyip, Elly, geekdom, woody, Mr. Natural

Reply | Quote

Replies

Group B Security-only Updates for Win7/8.1 have been updated in AKB2000003

12 users thanked author for this post.

Anton Karlan, Chessie, SueW, FakeNinja, David F, John in Mtl, bifido, Pepsiboy, abbodi86, MikeFromMarkham, The Surfing Pensioner, radosuaf

Reply | Quote

I stumbled upon the new 1803 update after running windows update on a clean install. Now reporting as version 17134.48. (Standalone, not on a domain)

First thing to note. You’ll want to review all your privacy settings again. Looks like many if not all are reset and turned back on. AND now it says things like your camera and microphone are ON and now you have to click another button to change the setting. If you don’t read the dialogue you may overlook this situation. The slider bar to disable doesn’t appear on the main screen. So they’ve opened things back up again and making it a bit sneakier to notice that privacy settings are once again all open.

Red Ruffnsore

7 users thanked author for this post.

KevinG3, Great Lake Bunyip, Elly, Cybertooth, BobbyB, Ascaris, woody

Reply | Quote

Doesn’t fix the x86 System Image Backup issue.  Hello Macrium!

4 users thanked author for this post.

AlexEiffel, jelson, Great Lake Bunyip, woody

Reply | Quote

Also be sure to note the new Activity History setting. I just noticed it and after checking it is also on the original 1803 release. This is not new to the cumulative patch. There is a setting on by default stating “Let Windows collect activity from this PC” which I promptly disabled. If you really want to dive into this head first you can also enable to sync all your stuff to the Microsoft cloud.

Red Ruffnsore

3 users thanked author for this post.

radosuaf, Great Lake Bunyip, woody

Reply | Quote

No 1803 feature update in WUHide-Just security update for adobe and antivirus malware monthly update. No 1803.

So does that mean I’d have to manually hide it at the end of the month on defcon 3 when I try check for updates, run wuhide, hide it, restart/shut down, check WUHide and see if it’s there before I disabled it?

Because I can skip the month until it’s safe to install other updates and when they work the bugs out.

Reply | Quote

SKIP THIS MONTH FOR NOW.

Hang on a sec. You’re running 1803? Intentionally?

Man, I don’t have any good advice, other than roll back to 1709 or 1703.

1 user thanked author for this post.

Great Lake Bunyip

Reply | Quote

I would say 1607 (soon out of support as if it matters much 🙂 ) and 1703 are better options than 1709.
Otherwise, 1803 is just fine for those used to 1709 and its minor, never resolved bugs.

Reply | Quote

Depends on what you’re using it for.

I’ve been developing software with Visual Studio while immersed in my Win 10 v1709 VM lately, and it’s been hanging together pretty well I guess… I’ve noticed a few quirks… Like if I click a column heading to sort by extension in a Tortoise SVN panel it can take 30 seconds or more vs. being instantaneous on a decent OS.

And I’ve never been able to tweak v1709 to be as lean as all prior versions…

Generally speaking, though, v1709 could be considered workable I suppose. Given another 6 to 12 months I imagine it could be patched into being a halfway decent version.

-Noel

Reply | Quote

This is my point too. I was on 1709 until the very early stages of the 1803 pre-release. I don’t find it worse that 1709, even now after few days since the official release, with an exception which is Windows Update behaving as bad as 1607 used to be when it was released.
I found 1709 buggy, one good example being widely reported audio issues which I experienced too. I stopped paying so much attention to the exact issues after few days, as there will soon be another change which makes everything history.
I consider seriously staying on 1809 a bit longer starting 6 months from now, 1809 being a version common with LTSB/LTSC, desktop and server.
With a bit of effort, Enterprise and Pro can be made to look and behave close enough to LTSB/LTSC.

Reply | Quote

When I checked for updates I got 1803 again. So I used Wushowhide to hide it (again), but afterwards I didn’t get any other updates. Where are the updates for 1709??

1 user thanked author for this post.

Sailor

Reply | Quote

I’m not seeing many of the patches yet, either. Furiously running updates on all my bare metal and virtual machines.

In particular, as of 4:10 pm Nashville time, I’m not seeing updates for Win10 1703 or 1709.

Reply | Quote

Here I am missing Adobe flash 29.0.0.171 update KB4103721

Reply | Quote

It’s not unusual for Microsoft to be a day or two late on the monthly flash update. There is a new flash update from Adobe but that would be for people running the standalone version and not the one that comes with Windows 10.

Red Ruffnsore

Reply | Quote

The update for IE11 Flash KB4103729 has shown up on my Win8.1

1 user thanked author for this post.

ch100

Reply | Quote

1803 seems to have WU issues.
I said in an earlier post that usoclient startscan was not working as expected for Windows 10.
The detection in WSUS seems to happen for Office and possible for MSRT, but the CU KB4103721 is not seen in WSUS while it is seen and installed by scanning against Windows Update with the built-in Check for Updates or WUMT.
There is KB4103729 – 2018-05 Security Update for Adobe Flash Player for Windows 10 Version 1803 in WSUS, but it is not detected. No update for Flash Player for 1803 detected in WU either.
Still very early days, suitable to install only for those who want to have a bit of extra fun, or for those many more who don’t read any of the tech sites and get along with the OS as Microsoft intends it to be used, without caring about what happens under the bonnet. How many of us really understand what happens behind the scenes when iOS is getting updated?

Reply | Quote

Confirming this. I have flash player for 1803 and KB4103721 ready for installation in WSUS. My system running 1803 is telling me I’m up to date even though I’m not. And WSUS does not see my pc as available for the updates.

Red Ruffnsore

Reply | Quote

Yep, sure looks like 1803 is unable to communicate with WSUS. I tried resetting the windows update catalog and that didn’t fix it. I manually ran KB4103721 and after reboot it still didn’t see the flash update available on WSUS. When I pointed it to Microsoft update it then downloaded the flash update. I’ll see if I can verify this on another machine, but on my pc is no longer communicating with WSUS.  Cue the rolleyes smiley.

Red Ruffnsore

Reply | Quote

Confirmed on a second machine. 1803 is not communicating with WSUS.

Red Ruffnsore

Reply | Quote

@heikwith: May 2018 Adobe Flash Update is KB4103729, not KB4103721 as the 4103721 patch is a CU for v1803.

Reply | Quote

I’m on 1703.  Scanning for updates today was a little amusing.  The upgrades entry I had for 1709 has been replaced with KB4103727 having the “title:”

{{YEAR}}-{{MONTH_NUM}} Cumulative Update for {{OperatingSystem}} for {{Architecture}}-based Systems ({{KBNUM}})

I imagine this is my upgrade to 1803, but I can’t say it’s described as such.

3 users thanked author for this post.

Great Lake Bunyip, woody, Sailor

Reply | Quote

The amusing entry has been updated from KB4103727 to KB4103729 with the title “Feature update to Windows 10, version 1709.”

Reply | Quote

What’s happening with the Master Patch List page? There are no references to today’s patches, but even worse one from the middle of last month is still marked as “Too early just released” under “Safe to Install”.

Reply | Quote

The Master Patch List is generated by Susan Bradley (Patch Lady), not MS. The patches just came – give her time to get it together.

7 users thanked author for this post.

EH, HiFlyer, BobbyB, AlphaCharlie, Great Lake Bunyip, ch100, woody

Reply | Quote

The Master Patch List is an enormous undertaking – performed by a volunteer.

8 users thanked author for this post.

walker, EH, HiFlyer, AlphaCharlie, WildBill, Great Lake Bunyip, Elly, ch100

Reply | Quote

start blocking the KB4135059 update if you do NOT want your Win10 machine to be automatically upgraded to the 1803 version.

4 users thanked author for this post.

Seattle27, Great Lake Bunyip, woody, columbia2011

Reply | Quote

Oh gawd. Not another one of those “Compatibility update for upgrading to Windows 10 version 1803” patches. Based on the KB article, it looks like it should only be offered to Win10 1803 machines. Are you seeing it offered elsewhere?

2 users thanked author for this post.

Pepsiboy, Great Lake Bunyip

Reply | Quote

No, this is dynamic update for 1803 setup media, it’s only applied if you are doing upgrade (manually or through WU)
it does not push upgrade or apply to other Windows 10 versions

3 users thanked author for this post.

woody, ch100, Seattle27

Reply | Quote

Now *that* makes sense….

Reply | Quote

Missing patch KB4103727.

Reply | Quote

Counting vulnerabilities, critical and important, I fail to understand how Win 10 and Edge can be claimed to be “the most secure ever”?

Or are Win 7/8 deliberately “under-patched”??

3 users thanked author for this post.

FakeNinja, John in Mtl, Cybertooth

Reply | Quote

Either Microsoft are purposely not patching some vulnerabilities in Win 7 and 8.1 like you said, however, this would be risky as Microsoft has been caught doing this before and would proabably lead to a lawsuit.

Another possilibity is that Windows 10 simply has more security holes than Windows 7 and 8.1. Let’s say that for example, there are a couple of critical vulnerabilites in the Windows store, since Windows 7 doesn’t have that, it would mean that Windows 7 is safe. Windows 10 keeps getting new features all the time, which will obviously also introduce new security problems as well, while Windows 7 and 8.1 only gets more and more secure all the time.

Reply | Quote

Windows 8.1, Group A (modified). I usually don’t see anything in my WU pipe until the morning of the 2nd Wednesday. Still checking throughout today.

Also on Office 2013 Click-to-Run. All KB’s, non-security & security are ready for me on Patch Tuesday. Which gives me an extra week to update & lock down Office, if I need it.

Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...

Reply | Quote

I’m not seeing any of the updates listed at the ghacks site  on any of my three 1607 computers other than the Malicious Software Removal tool and the Office Updates. I’m also seeing the Upgrade to Windows 10 version 1709 and the usual cadre of compatibility updates for upgrading to Windows 10 version 1709. That’s all. (Please excuse my many edits. I had eye surgery yesterday and I’m not seeing or feeling so great! 🙂

Reply | Quote

hey dononline, i seeing the same thing you are and i have my glasses on this time.  No 1607 2018-05 are being seen as required or getting deployed.

1 user thanked author for this post.

dononline

Reply | Quote

The SMB memory leak problem that has plagued every 2018 Windows 7 updates so far, apparently has been finally fixed with the May updates KB4103712 (Security only) and KB4103718 (Rollup).

Perhaps it is finally time to patch up Windows 7 x64, which for me is still staying at the December 2017 patch level, if no significant problems are discovered in the coming days?

However, if problems are found later, then I will not hesitate to continue to keep to December 2017 level. There have been no problems for me so far even though I am behind “fully patched” by at least 4 months. I am more convinced than ever that missing some of these patches may not be a bad thing at all.

Quoting Noel Carboni :

Put another way, why should we work so hard for Microsoft?

Hope for the best. Prepare for the worst.

7 users thanked author for this post.

Chessie, HiFlyer, Pepsiboy, columbia2011, The Surfing Pensioner, AlphaCharlie, Noel Carboni

Reply | Quote

How does the “SMB leak” show up? I have a Win 7 system that’s on the April patches now having run continuously for almost 2 weeks straight. Memory usage is nominal, handles nominal…

-Noel

Reply | Quote

It shows only on dubious configurations. I am sure you don’t use one of them. ?

Reply | Quote

Things are getting weird in .NET territory.

Are we not getting group A and group B updates for .NET?

I haven’t seen this before, but this month for the first time, .NET updates now come in two flavours, “Security and Quality Rollup” AND “Security Only” Non-Rollup.

Did Microsoft announce that they are splitting out the .NET updates like this, like they had been doing for OS updates?

No matter where you go, there you are.

Reply | Quote

Actually, it has happened before – the split into rollup and security only updates for .NET Framework. I don’t remember when, exactly, but at least once in calendar year 2017.

Plow through this link to get both types of updates for May.

https://blogs.msdn.microsoft.com/dotnet/2018/05/08/net-framework-may-2018-security-and-quality-rollup/.

Click on the big purple font at the top (.NET Blog) and you can find similar info for previous months .NET Framework updates. (There’s a lot of useless stuff there, for me at least, so you might have a fair amount of scrolling to do.)

BTW, it doesn’t seem to me that Group A or Group B has ever included .NET Framework updates, but I might be wrong.

Reply | Quote

Yes, .NET Rollups are splitted like Monthly Rollups since the model changed

nevertheless, .NET updates are generally safe

4 users thanked author for this post.

walker, HiFlyer, Heavenly, woody

Reply | Quote

Win 10 updated to .48 version. No issues noted so far. Haven’t checked W8.1 yet.

Fractal Design Pop Air * Thermaltake Toughpower GF3 750W * ASUS TUF GAMING B560M-PLUS * Intel Core i9-11900K * 4 x 8 GB G.Skill Aegis DDR4 3600 MHz CL16 * ASRock RX 6800 XT Phantom Gaming 16GB OC * XPG GAMMIX S70 BLADE 1TB * SanDisk Ultra 3D 1TB * Samsung EVO 840 250GB * DVD RW Lite-ON iHAS 124 * Windows 10 Pro 22H2 64-bit Insider * Windows 11 Pro Beta Insider

1 user thanked author for this post.

columbia2011

Reply | Quote

Is it me, or are those Windows updates getting worse and worse. Today was an absolute disaster in matter of lost time. First of all an Office Update started, then the ‘expected’ KB rolled in. Unfortunately, at the same time my virusscanner also started installing a software-update. And then there are the obligatory updates for apps no one ever uses. All in all that resulted in waiting 45 minutes before my HD calmed down finally. After that I had to restart for the update to be installed. Which costs another 10 minutes. Very, very productive (not). Hopefully there will be no side-effects of running so many updates at once, totally out of control for the average end user. Windows 10 is not usable for professional work, that’s for sure. Right now, I can’t avoid it completely because of exactly this kind of work. But I hope one day soon I can get rid of it forever. :-/

Reply | Quote

@anonymous:  Yes, I think the Windows Updates are getting worse, for sure!   I’m almost afraid to even “check for updates” anymore.

I continue to NEVER get an email notice if anyone replies to a message I send, and I’ll give the “subscribe” another day or 2 before I know for certain if that is functional.   I haven’t had any notices from AskWoody in my emails for almost a week now.   I noted that others have had the same problem.    I hope and pray that this “system” isn’t broken as it takes 3 times as long to try to locate subjects I am trying to follow.    Anyone have a clue as to what is happening???    🙁

Reply | Quote

Apparently “Check for updates” isn’t “Check for updates” anymore.

They might as well label the button “I dare you!”…

1 user thanked author for this post.

columbia2011

Reply | Quote

I got a report from @Jim that his Win10 1709 machine was updated overnight, to build 16299.431, even though he had metered connection turned on. Can anyone confirm?

Reply | Quote

Updating my 1709 VM this morning. I was offered KB4103727 Build 16299.432, the Flash update and MSRT. No 1803 as yet.
Settings Feature Updates=365, Quality Updates=0, no pause, GP Auto Update=Enabled,2 (notify download/install). I had to hit the “Download” button initiate the install.

I initially got a Stop Error 0x800705b9 (NetID.sys) – forgot to take it off metered connections. No problem after that.

I will disconnect from the Internet before reboot to prevent surprises.

2 users thanked author for this post.

columbia2011, woody

Reply | Quote

Update finished in record time. winver showa 1709 Build 16299.431. But I am being offered KB4103727 again in WU for download. Hmmmmm….. ???
I am going to see if it will download/install again.

Reply | Quote

Second install attempt failed with error 0x80240034.
On @gborn ‘s site I find:

Error 0x80240034 stands for WU_E_DOWNLOAD_FAILED, it says the update failed during download.

That would figute since the CU is already installed.

WU now reports that the computer is up to date.

2 users thanked author for this post.

columbia2011, walker

Reply | Quote

More problems have been reported after this round of Tuesdays updates which is now becoming a very regular occurrence.

Again, after much Googling and removing updates one by one, we finally came to the conclusion that two more Microsoft updates were also causing us problems.

Offending Updates
KB4103727 – Some non-English platforms may display the following string in English instead of the localized language: ”Reading scheduled jobs from file is not supported in this language mode.” This error appears when you try to read the scheduled jobs you’ve created and Device Guard is enabled.

KB4103718 – A stop error occurs on computers that don’t support Streaming Single Instructions Multiple Data (SIMD) Extensions 2 (SSE2).

Do a bit of basic searching on the internet and you will find a load of people complaining about these two updates.

1 user thanked author for this post.

walker

Reply | Quote

columbia2011 wrote:

KB4103718 – A stop error occurs on computers that don’t support Streaming Single Instructions Multiple Data (SIMD) Extensions 2 (SSE2).

How do we tell if our computers support that?

Reply | Quote

I would also like to know that answer.

Windows 11 Pro
Version 23H2
OS build 22631.4890

Reply | Quote

SSE2 was introduced by Intel with Pentium 4 (2000) and AMD with Athlon 64 and Opteron (2003). So that should only be an issue for particularly old computers, running Win 7 (8 already requires SSE2 to run at all) on them being rather questionable in the first place. But there may be some situations.

— Cavalary

3 users thanked author for this post.

HiFlyer, Seff, abbodi86

Reply | Quote

https://www.cpuid.com/softwares/cpu-z.html
https://www.hwinfo.com/

or Microsoft’s CoreInfo (command line)
https://docs.microsoft.com/en-us/sysinternals/downloads/coreinfo

2 users thanked author for this post.

woody, Seff

Reply | Quote

@Seff, if your PC’s CPU support SSE2, there will be no error.

Reply | Quote

Precisely, which is why I asked how we establish that. I have no clue what SSE2 is, let alone whether either of my computers supports it.

This is on the basis that I’d rather know whether I’m affected before I install the update rather than after I’ve installed it and either got the error or not!

Reply | Quote

Download Speccy.
It’s under CPU info

3 users thanked author for this post.

woody, fernlady, Seff

Reply | Quote

I downloaded Speccy. My PC’s CPU supports SSE2.

Windows 11 Pro
Version 23H2
OS build 22631.4890

Reply | Quote

https://en.m.wikipedia.org/wiki/SSE2
This article will help you also.

1 user thanked author for this post.

Seff

Reply | Quote

@Seff: any CPU from Intel Pentium 4, AMD Athlon 64 or later has SSE2 support.

Intel Pentium 3s, AMD Athlon XPs (K7 Semprons) and older do not have SSE2.
Those using Win7 on these ancient CPUs like Pentium 3 or Athlon XP should avoid installing any 2018 cumulative update as none of them work on non-SSE2 processors.

Reply | Quote

Listed file hashes for the IE update seem wrong. For the Win 7 x86 one at least, file downloaded from catalog is named ie11-windows6.1-kb4103768-x86_01e53038bb 110a8239b06799aa162881f39382aa.msu with the correct SHA1 hash deducted from name (01 e5 30 38 bb 11 0a 82 39 b0 67 99 aa 16 28 81 f3 93 82 aa) and SHA256 hash of 99 94 37 0f 09 57 22 71 71 84 a5 35 bf c3 a2 ab 4c 13 f9 1e 90 2a a8 bc 56 ee 3b 4c 62 88 81 f3 while those listed at https://support.microsoft.com/en-us/help/4103768/cumulative-security-update-for-internet-explorer are nothing like that, the Win 7 x86 one being 8D6376A0B99BFB2444F77515D0451F30638C345F for SHA1 and 74EC32CF3BC5193B6155B3E186442D23F36B1C74DCCAFC85E238D9FFF8E71DA2 for SHA256. So what’s up there?

Reply | Quote

Hello everybody,

Windows 10 home user here on 1803, of which I got via windows update last week. All is well.

Yesterday when I ran windows update, I got the cumulative update to build 17134.48, and MSRT. Again, everything worked, computer re-booted and all seems to be fine.

Something strange though appeared on the windows update screen before it prompted me to restart the computer. A Red message saying “Some Settings are Managed by Your Organization.” Errrrr….What organization? I thought you only see such a message if you are on Enterprise, Education, or are an insider?

I am going to assume that this was some glitch. Ah glitches…..The joys of Win 10.

After a bit of Googling this issue, it seems this has happened to other Win 10 home users. However, I could not find any good answers, just a bunch of gobbledygook….

Anybody have ideas about this? (a non-techie here)…..

Thanks!!

Reply | Quote

I saw this yesterday as well after a clean install of 1803 pro and running windows update. The machine was not on a domain yet the message “managed by your organization” was showing. I was scratching my head on that as well.

Red Ruffnsore

Reply | Quote

I have found “managed by your organization” to be the case if the default Group Policy settings have been changed from the default. It’s not just when you make GP settings changes directly. For example, check in WU if setting defer Feature= 365 and defer Quality = 30 changes to that message (as opposed to 0 and 0 default settings). Changing some of the GUI settings makes changes in GP and the Registry.

1 user thanked author for this post.

HiFlyer

Reply | Quote

The update for Flash Player doesn’t appear in the WU.
But it is found in the Windows Update Catalog:
https://www.catalog.update.microsoft.com/Search.aspx?q=KB4103729
(With last week’s dates).
There is also a descriptive page in M$:
https://support.microsoft.com/en-us/help/4103729/security-update-for-adobe-flash-player.

Reply | Quote

I use Windows 7 on my home PC.  As of today, 5/9/18, I have not received the updates for Patch Tuesday.  Does anyone know why?  This seems unusual.

Reply | Quote

The only thing I can suggest is that you check your Windows Update settings and ensure they are not set to “Never check for updates”, or do a manual check for updates. However, there’s no need to do anything along those lines until the DefCon rating has been raised to at least 3 and you actually want or need to install the monthly updates.

Reply | Quote

hey woody.

There are some issues with the KB4103721 cumulative update for v1803 – one causing some black screens as noted here:
https://mspoweruser.com/latest-windows-10-cumulative-update-for-aprile-update-is-causing-black-screen-for-some-pcs/

Reply | Quote

Anyone know if the CVE-2018-8174 is patched here, or “vulnerability resides in the VBScript Engine”?

And if this (8174) only is affected on those who have MS Office programs installed, I mean my Firefox opens .pdf documents and docs.google.com pages.

“Targets receive a malicious RTF Microsoft Office document”
https://arstechnica.com/information-technology/2018/05/microsoft-patches-critical-windows-bug-actively-exploited-in-the-wild/

Reply | Quote

Win 7×64, Home Premium, AMD,  Group A,  except never downloaded any Previews.  Installed May patches: KB4095874,KB4096418,KB4103718.  No Problems, no slow down.

1 user thanked author for this post.

columbia2011

Reply | Quote

W8.1Pro x64
Brought our Group A- from Dec 2017 to May 2018, now Group A. (Not in a VM)

Installed: 09th May
kb4103725 Security & Quality Update.
kb4103729 Adobe flash Player Update.
(Blocking MSRT via licence decline).

Installed: 10th May
kb4099635 .NET Security & Quality Update (late arrival)

No ill effects whatsoever to report after couple of days use.

If debian is good enough for NASA...

Reply | Quote

I have installed these patches on two or three Win 7 Pro 64-bit machines and so far so good:

KB4096418 (included in KB4099633)
KB4095874 (included in KB4099633)
KB4103712
KB4103768
And also the Windows Malicious Software Removal Tool x64 – May 2018 (KB890830)

Reply | Quote