May’s messy updates

Topic

New Reply

PATCH WATCH By Susan Bradley Although the May releases for both Windows and Apple have not introduced side effects or hiccups so far, they haven’t bee
[See the full post at: May’s messy updates]

Susan Bradley Patch Lady/Prudent patcher

8 users thanked author for this post.

lmacri, abbodi86, fisher75, DLivesInTexas, rc primak, jburk07, geekdom, windbg

Reply | Quote

Replies

From what I’ve read, this will not affect BIOS PCs, only UEFI ones, so it should be entirely safe for older PCs.

Furthermore, from reading Microsoft’s notes for KB5025885, you can disable secure boot to recover if things do get screwed up to the point that you can’t boot normally. It would be nice to know for sure if that is actually true!

1 user thanked author for this post.

Fred

Reply | Quote

I wouldn’t be too sure about that. The method of Secured Boot is used for reasons of minimizing ∅Day risks in the boot process, and therefore the vulnerability of the whole operating system.

* _ ... _ *

Reply | Quote

Fred wrote:

I wouldn’t be too sure about that. The method of Secured Boot is used for reasons of minimizing ∅Day risks in the boot process, and therefore the vulnerability of the whole operating system.

Secure boot is only available if you enable UEFI boot mode.

On older systems/motherboards, without new firmware (highly unlikely), there won’t even be UEFI and secure boot options!

On newer systems/motherboards, if you set the boot mode to Legacy BIOS, the secure boot option either won’t be available (i.e. it’ll be grayed out/missing) or it’ll be ignored during the boot process.

Reply | Quote

The attacker has to get onto the system first.

It’s beginning to look like this is a “gee that’s nice, but more marketing” than actual real protection.  It’s not the panacea that was touted.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

Graham

Reply | Quote

Windows 11 KB5026372 fails to install with 80070002, 0x800f081f errors, VPN issues too

..The Windows 11 update (KB5026372), however, is causing various issues on user systems. Many users are reporting that the update itself is failing to install. Typically, affected users are reporting about two error codes accompanying the installation failures. These are 0x800f081f, and 80070002, though a user “Federico Z” on Feedback Hub has also added the “8007054F” error to the list…

The 0x800f081f is apparently a Deployment Image Servicing and Management (DISM) issue and seems to be happening to more people. Over on a thread by Srihan Tiwari on the Microsoft forum, the question has been upvoted by 37 using the “I have the same question” option..

Another fairly common issue seems to be related to VPN where affected users are saying Layer 2 Tunneling Protocol (L2TP)/ IPSec (Internet Protocol Security) protocol has been broken by the latest Patch Tuesday.

Meanwhile, users say the SSD speed degradation issue still remains. This bug was seemingly introduced back with the March Patch Tuesday…

Reply | Quote

Microsoft investigates slow Windows VPN speeds after May updates

Microsoft is investigating major speed issues affecting L2TP/IPsec VPN connections after installing recent Windows 11 updates.

According to reports from Windows users and administrators, the connection bandwidth issues were first caused by the optional KB5025305 April 2023 non-security update.

Redmond rolled the same fixes and improvements bundled in the KB5025305 preview update into the mandatory KB5026372 cumulative update released during this month’s Patch Tuesday, causing the connection issues to be experienced by a larger number of Windows users.

Based on reports seen by BleepinComputer since the updates have been available, both updates are triggering the L2TP/IPsec VPN speed issues after deployment.

“No problems connecting to the VPN, just once you get in the speeds are extremely slow and RDP basically just times out. A quick search of the web confirms that KB5025305 causes speed issues on L2TP/IPsec VPN,” one Windows admin shared on Reddit.

“Our users are facing this, with a strange oddity: a group of 5-6 users is able to get 100m down and 80m up speeds, but the vast majority get sub 1m down and sub 1m up speeds,” another admin told BleepingComputer…

Reply | Quote

it appears that the KB5012170 updates can no longer be installed after installing the recent May 2023 updates, at least under most Win10/Win11 versions that I’m using.

the May updates like KB5026361 for win10 21h2/22h2, KB5026372 for win11 22h2 seem to prevent/block installation of KB5012170 causing “the update is not applicable to your computer” message to appear when attempting to install KB5012170 if that one is not yet installed, which I have tested & verified this behavior myself on those win10/win11 os versions.

Reply | Quote

Windows 11: Last updated: 2023-05-18

Start menu, Windows Search and UWP apps might have issues opening

The Start menu, Windows search, and Universal Windows Platform (UWP) apps might not work as expected or might have issues opening. Affected Windows devices might have damaged registry keys or data which might affect apps using Microsoft Office APIs to integrate with Windows, Microsoft Office, or Microsoft Outlook or Outlook Calendar. An example of an app affected by this issue is ClickShare. The underlying Issue is not caused by the installation of an update to Windows and might be exposed by an update to an affected app.

Workaround: To mitigate this issue, you can uninstall apps which integrate with Windows, Microsoft Office, Microsoft Outlook or Outlook Calendar. Updates to affected apps or guidance from the developer of the app might also be available. If you are using ClickShare by Barco, please see Symptom: Start Menu and other shell components fail when Apps including Barco’s ClickShare access Office APIs and Unresponsive Windows taskbar or user shell folder permissions issues with ClickShare App Calendar integration…

Reply | Quote

Windows 10 May 2023 Patch Tuesday update is causing various issues for users

Earlier this month, Microsoft released the KB5026361 update for those running Windows 10. The update, which was released as a part of Patch Tuesday, fixed a bunch of security issues. However, it looks like the update also introduced some unintentional bugs to the operating system.

According to posts on Reddit and Microsoft Feedback Hub, users are experiencing a variety of issues after upgrading their Windows 10 machines to the latest update.

A majority of the reports involve Blue Screen of Death (BSoD) errors for Windows 10 users with the error code “PROCESS1 INITIALIZATION FAILED”. A quick glance on an outdated Microsoft article about the error code reveals that it has something to do with the Bootcat file.

This issue occurs because the Bootcat.cache file is corrupted or because the size of the Bootcat.cache file is changed since the last successful start….

Furthermore, users noted that they are getting error code 0x800f0922 when trying to install the update on their machine. There are also reports of users getting random restarts, a string of error messages, update failures and crashes after installing the update…

* My Windows 10 Pro 22H2 with KB5026361 install is running fine.
I don’t use any 3rd party performance/system tweaks… apps nor Microsoft store apps. Using local user with admin rights.

1 user thanked author for this post.

windbg

Reply | Quote

I have a problem.  This morning I ran Windows Update to install the May updates.  Three were listed: KB890830 (MRT.exe), KB5025367 2023-04 Cumulative Update Preview for .NET, and KB5026361 (May Cum for Win 10 22H2).  The first two installed without problem, and WU requested a reboot, which I postponed, as the 5026361 update was still downloading.  Even though Wu says that the update is 100% downloaded, it has not completed its download.  (I have submitted a bug report to the “black hole” Feedback Hub.)  My Internet has a problem where sometimes it will stop for a few seconds; I do not know if it is my at&t U-verse or the Internet chip on my Asus motherboard; I have not yet contacted Asus support   In any case, my Internet failed for a few seconds while the patch was being downloaded.  Then the update finished its download (via the Task Manager graph).  I saw no evidence in the WU window that the update was being installed.  The update did not appear in the WU window.  So, I rebooted.  After the reboot (no problems) I again ran WU, and a search for updates produced no new updates.  The WU screen that shows installed updates shows that 5026361 had been installed.  I looked at the System EventLog, and 5026361 was not listed in an EventID 19 log entry.  I have no idea if this update was really installed.  How can I tell if the update was installed?  I did a quick search, and I could not find a site that tells me what executables were updated, so that I can check my system.  Can I download this update manually from the MS Catalog and then try to install it?  Thanks.

Reply | Quote

Windows Update -> View update history -> link at the top “Uninstall updates”
This takes you to the list of actually installed updates.
Is KB5026361 there? If so, it is installed.

Reply | Quote

bsfinkel wrote:

KB5025367 2023-04 Cumulative Update Preview for .NET

Don’t install previews.

bsfinkel wrote:

and WU requested a reboot,

Use WUmgr. You won’t get restart requests in the middle of updates and you will be able to hide unwanted updates.

Reply | Quote

KB5026361 is listed in the “uninstall” page, so I will assume that it has been installed.  I will report the problem of no System EventLog entry to MS via the Feedback Hub.

As for the April .NET preview – I do not want to install previews, and I have told MS via the “black hole” Feedback Hub that previews should NOT be in the required updates.  I assumed (maybe incorrectly) that since this was the April preview, there was no May update. and that it was safe to install.  I have not yet researched WUmgr.

Reply | Quote

AKB2000016 is a good place to start for info about some of the built-in constraints for Windows Update. There are different sections for Home and Pro. There are screenshots at the bottom to show where the settings are in Group Policy (Pro only) and the Registry.

There are other Knowledge Base articles to Help with controlling upgrades (feature updates) using scripts and Registry Settings. See Index here.

1 user thanked author for this post.

Fred

Reply | Quote

Installed May update KB5026361 this morning, now on W10 Pro 22H2 build 19045.2965 with no apparent issues.

However I was previously hiding (via WUMT) KBs 5012170, 5005463 and 4023057 and only the last one now registers as hidden. There is no evidence of the first two having been installed or awaiting installation – any ideas why they’ve disappeared?

Win10 22H2 Pro, MBAM Premium, Firefox, OpenOffice, Sumatra PDF.

Reply | Quote

Because they are no longer required / have been superceded and WU has removed them?

cheers, Paul

1 user thanked author for this post.

TonyS

Reply | Quote

Thanks Paul, that was the only reason I could think of. It happened on the desktop and now on the laptop as well, so it must be a result of May update.

Win10 22H2 Pro, MBAM Premium, Firefox, OpenOffice, Sumatra PDF.

Reply | Quote

Can we leave bitlocker on when updating or should we turn it off if we have a UEFI system?

Reply | Quote

Bitlocker should remain on. Windows is supposed to update successfully with it in place.

As always, make an image backup before the update.
Test you can boot your backup recovery media and see the local disk and the backup.

cheers, Paul

1 user thanked author for this post.

Linda2019

Reply | Quote