MS-DEFCON 3: Issues with bootloader patches

Topic

New Reply

ISSUE 19.34.1 • 2022-08-23 By Susan Bradley This month’s updates are a great example of why my patching advice differs for consumers and businesses. F
[See the full post at: MS-DEFCON 3: Issues with bootloader patches]

Susan Bradley Patch Lady/Prudent patcher

9 users thanked author for this post.

jburk07, J9438, WCHS, MHCLV941, kandb, deuce120, abbodi86, geekdom, Alex5723

Reply | Quote

Replies

Installed on my 21H2 with secure boot on, no BitLocker.
No bad effects, no audio problems…

Reply | Quote

Alex5723 wrote:

Installed on my 21H2 with secure boot on, no BitLocker.
No bad effects, no audio problems…

Win 11? or Win10? and the OEM is…? I think the vendor makes a difference.

Reply | Quote

nuclear codes secure for now whilst offline, only at defcon3.
Win10 21H2 (x86 and x64) both fine with all offered.
3 x Win8.1 (x64) working well without the secureboot patch.(non UEFI/GPT)

If debian is good enough for NASA...

2 users thanked author for this post.

MrToad28, jburk07

Reply | Quote

Is KB~12170 an individual update or the monthly CU? I usually feel a bit thick when I read the defcon updates because they apparently list a whole bunch of single-repair downloads that I assume the IT experts install (or don’t install) to fix problems identified during the month.

I always wait until a week or so before the next early-month Update Tuesday before I hit Resume Updates on my PC and two laptops and let the CU, .net, and anti-malicious software downloads install themselves. Usually Susan is pretty clear in her post-23rd-of-the-month-or-thereabouts column, saying “Go for the CU now but take the usual backup precautions” but her statement today—“But if you are a normal user, with normal levels of paranoia to get you through the normal security risks of daily life, I’m not convinced that this update is mandatory“—is as clear as mud to me. Does “not mandatory” mean I should skip this month’s CU update? Or will there be another defcon notice later this week to say the issue is fixed or not dangerous or is now part of the complete CU package?

If the advice is to NOT install this month’s CU, instructions on how to reset the update delay date to early October without hitting Resume Updates first and starting the download would be very useful.

Reply | Quote

Wayne wrote:

Is KB~12170 an individual update or the monthly CU?

Individual, not CU.

Wayne wrote:

Does “not mandatory” mean I should skip this month’s CU update?

No.

3 users thanked author for this post.

jburk07, Chris B, Wayne

Reply | Quote

Successfully installed KB5012170 on 9 different Win10 PC’s this weekend with absolutely no problems.

They’re a mix of both UEFI/GPT and Legacy/MBR but BitLoocker has never been activated on any of them.

4 users thanked author for this post.

MrToad28, jburk07, WCHS, geekdom

Reply | Quote

I also successfully installed KB5012170, but I also disabled BitLocker after update installation.

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

1 user thanked author for this post.

jburk07

Reply | Quote

Successful installation of KB5012170 on 4 Windows 10 21H2 machines, mostly Dell with legacy boots, but a Surface LT 2 with UEFI boot also had no problem. No Bitlocker activation on any of them; all booting from SSDs if that could make a difference. Caution might be indicated with some configurations, but many are not likely to notice anything given this mix.

2 users thanked author for this post.

jburk07, MrToad28

Reply | Quote

Is it this one or is there another to dig out?

https://www.askwoody.com/forums/topic/cve-2022-3430-cve-2022-34303-cve-2022-34301-and-kb5012170/

seems to be “separate” at MS catalogue, and is apparently a problem for specific software.. not the world in general.

 

Reply | Quote

Are you asking if KB5012170 is KB5012170?

I’m confused by your confusion.

Reply | Quote

not confusing at all

Reply | Quote

The way that I am reading Susan’s advice is that one should allow Windows Update (for the average home user) to try to do its thing with the August updates.  IF the installation fails for any reason, then block it.

2 users thanked author for this post.

jburk07, The Surfing Pensioner

Reply | Quote

How do you disable Bitlocker? I didn’t even know it existed on my Windows 10 Pro and have just had to look it up. Many thanks,

Reply | Quote

Just found Bitlocker on my PC and it’s turned off. Does that mean I can give installing KB5012170 a go? Thanks again.

Reply | Quote

I didn’t have any problems with it on my Win10 Pro installations (without Bitlocker activated). And the host computers’ BIOSes are up to date. But mine are test VMs.
I think Susan is suggesting for Consumers to hold off at this time.

1 user thanked author for this post.

jburk07

Reply | Quote

Thanks, PK. I normally update shortly before the next Patch Tuesday. My Updates Pause will run out on 11/9/22, so shall have to update by then.

Reply | Quote

Thank you Susan for your update and the link to blockapatch.com.  I viewed the YTube vid also.  As a W8.1 consumer user with UEFI/SecureBoot enabled I’m following your tip to hide the update for now.  W8.1 makes it easy to hide updates, as you know.  I do not like to install updates for the sake of Microsoft publishing them thus your input is valuable to me and others in making the decision.  Certainly if there becomes a need for this update then I’ll download/install.  Bottom line is we appreciate your help.

2 users thanked author for this post.

The Surfing Pensioner, MHCLV941

Reply | Quote

Concerned about apparent audio issues with KB5016616.   See a note in Linda’s Master Patch List and a great deal of “chat” on the web.   On Microsoft’s site they talk about “This issue is resolved using Known Issue Rollback (KIR).”   Sounds like some kind of automatic fix.  Anyway I’m holding up the install of this update until I get more info.

Reply | Quote

Yes that is an automatic fix that they will be rolling it back, but it may take time for the fix to get to you.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

So maybe it doesn’t make sense to install the update?

Reply | Quote

It’s a security update.  Given that they are autofixing it, it’s not wise to not install it.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

jburk07

Reply | Quote

Sounds like the KIR has to be there prior to KB5016616 being installed.  Any idea how one determines if it is on ones machine?

“This issue has been resolved with the Known Issue Rollback (KIR). Note: This KIR prevents the issue on Windows devices that do not have KB5015878 installed, but does not affect devices already affected by this known issue. Note that it can take up to 24 hours for the solution to be automatically pushed to consumer devices and unmanaged business devices. Restarting your Windows device may allow the solution to be applied to your device faster.”

Reply | Quote

Known issue rollback is one of those where you may have to reboot a second time to get it to trigger.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

But how can I tell if  it’s “triggered”   Info is stored in the registry in : Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FeatureManagement\Overrides\4\xxxxxxxxxx   But there is some number assigned to the KIR, but I don’t know what it is for this KIR.

Reply | Quote

Hey Y’all,

Successfully installed on All 4 of my Dells.
Set Targeted Version to 21H2 for 3 of the machines and will let 22H2 load on the test bench machine when it comes out. Of course I have Reflect Images if things go south when that update occurs.

May the Forces of good computing be with you!

RG

PowerShell & VBA Rule!
Computer Specs

1 user thanked author for this post.

jburk07

Reply | Quote

For those of you with Android devices, Android 13 is now out.

Would that I had control of my cell phone to install Android 13. However, before I can do so, Samsung must decide if it is going to support my phone (an S20) by adding its “custom” touches (most of which I would remove if I could) then T-Mobile must do the same (again, most of which I would remove if I could).

I am not holding my breath!

Reply | Quote

Today I clicked to resume updates.  KB5012170 downloaded and installed in a flash, seconds.  No problem.  My version of Windows 10 does not have bitlocker if that matters.   I see someone else mentioned it.

No problems I notice using my computer, but a new error popped up in Event viewer.  I don’t know what it does but my computer works fine as far as I can tell.  Searched on line and this has popped up for others.  News flash: I am not going through the whole restart in safe mode stock answer from Microsoft.  Has this happened to anyone else?  Does it matter?

 

Log name:  Microsoft-Windows-ModernDeployment-Diagnostics-Provider/ManagementService

Source:  ModernDeployment-Diagnostics-Provider

Event ID:  1010

Autopilot.dll WIL error was reported.

HRESULT: 0x80070491

File: onecoreuap\admin\moderndeployment\autopilot\dll\dllmain.cpp, line 178

Message: NULL

Thanks for your time.

HP Pavilion Desktop TP01-0050 – 64 bit
Windows 10 Home Version 22H2
OS build 19045.5487
Windows Defender and Windows Firewall
Microsoft Office Home and Business 2019
-Version 2501(Build 18429.20132 C2R)

Reply | Quote

Is this a business or corporate computer? Autopilot is a deployment tool in businesses to install standardized operating systems.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

mpw

Reply | Quote

That error has apparently affected many non-business and non-corporate computers lately.

The file mentioned doesn’t exist on most machines, so it’s not directly autopilot-related.

It seems like a bug in the Microsoft Account Sign-in Assistant service. The errors go away if that is disabled, but that breaks a bunch of Office/Outlook/Edge sync stuff:

Many persistent errors in Event Viewer … “Autopilot.dll wil error was reported”
[Nine pages of reports over four months]

2 users thanked author for this post.

windbg, mpw

Reply | Quote

To Susan

I have stand alone windows 10 home edition.  I don’t sync anything.  But I use office outlook 2019.  If Microsoft Account Sign-in Assistant is not needed for outlook or word I would gladly disable it.

Actually right now I’m using office outlook and word without signing in to my Microsoft Account.  Maybe if I don’t want to send Microsoft a copy of everything I do I can disable it.  It does generate a lot of errors.  Six at a time.

 

HP Pavilion Desktop TP01-0050 – 64 bit
Windows 10 Home Version 22H2
OS build 19045.5487
Windows Defender and Windows Firewall
Microsoft Office Home and Business 2019
-Version 2501(Build 18429.20132 C2R)

Reply | Quote

I tried WuMgr awhile ago but chose not to stick with it because it included optional updates without identifying them as optional.  Does WUSHOWHIDE and WUMT do the same thing?

Reply | Quote

None of those (AFAIK) will specify whether any available updates are optional or otherwise.

In a real sense, when using WuMgr all listed updates are optional, since none of them gets forced down your throat and you can pick and choose which ones (if any) to install. That said, I tend to treat “cumulative” and “security” updates as Recommended, and all other updates (previews, drivers) as Optional. I stay far away from Previews, and for drivers, I eventually get around to installing them unless known to cause a problem.

 

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

1 user thanked author for this post.

jburk07

Reply | Quote

When I was playing with WuMgr it included an update that was listed in the optional area of Windows Update.  I saw because I was new WuMgr so was comparing the two.  There wasn’t a clear way to identify it as “option” in WuMgr by its description.  Researching the kb was the only way I could come up with.  The thought of having to research kb’s in order to determine “optional” was more than I cared to have take on.

Reply | Quote

That’s the reason for my rule of thumb, to generally treat cumulative and security updates as “recommended” and all others as “optional.” Most of the time, this is how they shake out anyway when we look them up. I no longer bother to research the updates, unless Susan here reports some kind of issue with them and then I do try to determine if the problem might affect my PCs.

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

Reply | Quote

When using Windows Update, a preview will be optional, but will not be labelled as preview. Here is this month’s Windows 11 (21H2) Cumulative Update Preview from Check for Updates with no mention of Preview:

Here is the information in Microsoft description:

August 25, 2022—KB5016691 (OS Build 22000.918) Preview

https://support.microsoft.com/en-us/topic/august-25-2022-kb5016691-os-build-22000-918-preview-59097044-915a-49a0-8870-49823236adbd

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

2 users thanked author for this post.

jburk07, WCHS

Reply | Quote

Windows 11 Pro 21H2 x64 22000.918

• Updated 8/25/2022  2022-08 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows 11 for x64 (KB5016594)
• Updated 8/26/2022  2022-08 Cumulative Update  for Windows 11 for x64-based Systems (KB5016691) — (Preview)

No difficulties installing either of these updates and rebooted without error.

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

1 user thanked author for this post.

jburk07

Reply | Quote

Installed on Windows 11 Version 22H2 (Release Preview):

2022-08 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems (KB5016695)

2022-08 Cumulative Update Preview for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 for x64 (KB5016591)

No apparent issues after restart.

Reply | Quote

Cybertooth wrote:

None of those (AFAIK) will specify whether any available updates are optional or otherwise.

In a real sense, when using WuMgr all listed updates are optional, since none of them gets forced down your throat and you can pick and choose which ones (if any) to install. That said, I tend to treat “cumulative” and “security” updates as Recommended, and all other updates (previews, drivers) as Optional. I stay far away from Previews, and for drivers, I eventually get around to installing them unless known to cause a problem.

 

Agree 100% on recommended updates. I generally shy away from all drivers updates from Microsoft but I found something about them that surprised me.

I work with a lot of Dell Optiplex PCs, many of which are “obsolete” and “outdated” according to some, though they work just fine in their settings. Anytime I have to reinstall Windows, even using Dell’s own OS-install driver installation service, I often have a couple of unknown devices left. Invariably they are obscure and there is no apparent impact of their being unknown.

However, one day not long ago, I let Windows install all the driver updates that it had waiting in the background. Much to my surprise, after the machine restarted, there were no more unknown devices.

2 users thanked author for this post.

jburk07, Cybertooth

Reply | Quote

I recommend downloading ISOs of 21H2 to ensure that you have copies should you need to perform a repair installation.

Are the directions in Squirrel away a clean copy of Windows, which was for Win 10– version 2004, still good for 21H2?

1 user thanked author for this post.

jburk07

Reply | Quote

Correct.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

jburk07

Reply | Quote

WCHS wrote:

Are the directions in Squirrel away a clean copy of Windows, which was for Win 10– version 2004, still good for 21H2?

If anyone out there has recently made a 21H2 iso file, can you tell me how big it is? I need to know whether to use a single-layer or a double-layer CD disk.
20H2-.631 iso was 478.43 GB double-layer
21H1-.928 iso was 444.93 GB single-layer

Reply | Quote

You will need a double layer DVD for the Win10 x64 ISO.
The Heidoc ISOs ar x86/x64

Reply | Quote

PKCano wrote:

You will need a double layer DVD for the Win10 x64 ISO [for 21H2].

The iso that you get from using the Media Creation Tool (MCT) is Build 1288, which dates back to Oct 12, 2021. That’s old. Do you think that there will be a newer build available later, before the MCT closes out 21H2 and begins to offer 22H2?

Reply | Quote

PKCano wrote:

The Heidoc ISOs ar x86/x64

Hi PKCano:
What build is your Win10_21H2_19044_220724.iso file?
I’ve never downloaded from the Heidoc site with the Heidoc iso downloader .exe file.
First of all, is the URL for the downloader https://heidoc-net-windows-iso-downloader.en.uptodown.com/windows ?
When I go there, the latest iso file is a build with the date November, 2021? Is your iso file a build with a later date?

Reply | Quote

MS doesn’t make ISO files every time it issues an update.
There are only a few ISO files issued per version (for consumer download, not counting the dump) during a version’s lifetime (between the version before and the version after). Usually, there is a RTM ISO at the beginning, and maybe one or two later ones per version). So, I suspect that all those are the same Build.

Reply | Quote

PKCano wrote:

MS doesn’t make ISO files every time it issues an update.

I knew that, but I am thinking that historically, MS had made a new iso file of the latest build just before it releases an upgrade (this time from 21H2 to 22H2). I don’t have enough experience with these iso’s to know. But, a build that dates back to Oct 12, 2021 is nearly a year old!! That’s the date of the build (1288) that the MCT is creating right now. My PC is running Win 10, 21H2, Build 1826, which is the July 12, 2022 Patch Tuesday CU.

I guess that since CUs are cumulative, if I had to use the Build 1288 iso, it would take only the latest CU to bring the CU patches up-to-date. Is this correct?

Reply | Quote

WCHS wrote:

20H2-.631 iso was 478.43 GB double-layer
21H1-.928 iso was 444.93 GB single-layer

Sorry, gotta move the decimal point 2 digits to the left
20H2-.631 4.78 GB (double layer)
21H1-.928 4.45 GB (single layer)
21H2-.1288 4.49 GB (it fit on a single layer DVD – but the build is from Oct 12, 2021 – very old date)

Reply | Quote

Just another Forum Poster wrote:

They’re a mix of both UEFI/GPT and Legacy/MBR but BitLoocker has never been activated on any of them.

Are any of them DELLs?

Reply | Quote

Yes, 2 were Dell PC’s.

1 user thanked author for this post.

jburk07

Reply | Quote

Susan Bradley wrote:

Given that they are autofixing it, it’s not wise to not install it.

So does KIR and “autofixing” mean that if you did not install KB5015878 (a week C CU preview, released July 26) but you DID install KB5016616 (a week B CU – released Aug 9) and have audio problems as a consequence, the rollback (when it comes out) will nullify the fix that causes the audio issue(s), but will otherwise leave in place all of the other fixes for all of the other problems, including security ones, that it (KB5016616) was designed to fix??

Reply | Quote

The way I understand it is that the KIR applies to the preview KB (KB5015878) and the final release (KB5016616).  Also the KIR must be present on the PC when either of these KBs are installed for it to work.  It doesn’t do anything if the KIR appears after the installation of the KB.  The question is how can one tell if the KIR is present.

Reply | Quote

When you are using Windows update the known issue rollback is automatically applied.  You’ll know it was applied if suddenly your sound issue goes away and your computer works.  Buried in event logs there will be logging that it was applied but there’s nothing visible in the Windows update gui.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

The KIR must be applied before the update is installed otherwise the KIR does nothing –

per Microsoft on the KB5016616 page : “This issue has been resolved with the Known Issue Rollback (KIR). Note: This KIR prevents the issue on Windows devices that do not have KB5015878 installed, but does not affect devices already affected by this known issue. Note that it can take up to 24 hours for the solution to be automatically pushed to consumer devices and unmanaged business devices. Restarting your Windows device may allow the solution to be applied to your device faster.”

1 user thanked author for this post.

Tex265

Reply | Quote

My reading of the issue agrees with @sheldon.

sheldon wrote:

This KIR prevents the issue on Windows devices that do not have KB5015878 installed, but does not affect devices already affected by this known issue.

So how do we tell if the KIR has been installed?

Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)

Reply | Quote

And what are the expectations if KB5015878 isNOT installed and you install KB5016616 ? I am still confused if I should install or wait for something to install before KB5016616.

1 user thanked author for this post.

WCHS

Reply | Quote

If you scan through the MS page for KB5016616 and click through the blue reference links, there is one with the word “health” in it.

The page opening states “After installing KB5015878 or later updates, some Windows devices might have issues with audio not working.”

Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)

Reply | Quote

Yes the KIR/audio issues apples to both KB5015878 and KB5016616.   Is the KIR on my PC is the million dollar question.  Answer I have no idea.

Reply | Quote

Just another Forum Poster wrote:

Yes, 2 were Dell PC’s.

Why does that matter? I installed KB5012170 on my Dell XPS 8930 yesterday which has UEFI with Bit Locker OFF. No problems that I can see.

I rebooted once …no problems.

Reply | Quote

Mele20 wrote:

Why does that matter?

It was in answer to the question.

WCHS wrote:

Are any of them DELLs?

Reply | Quote

KB5016690 (OS Build 17763.3346) preview

Addresses an issue that might cause error 0x1E when you shut down or restart a device….

Windows 10 servicing stack update – 17763.3232

You must install the August 10, 2021 SSU (KB5005112) before installing the LCU.

Reply | Quote

I’m confused by the output wushowhide. I have a Dell XPS 13 9370 purchased 5/1/2019 and Dell’s Update tool tells me This system is up-to-date. Yet when I run the wushowhide app the display {attached} shows a bunch of updates, most of which I would expect the Dell Update app to have handled. All of the updates predate my purchase by many years except possibly two. How should I treat this? Just hide everything since Dell Update seems to be ignoring them?

 

Reply | Quote

Brother, I’ve got a Dell Inspiron 5348 and I’ve been using wushowhide for years. I specifically use it to block Windows updates I initially don’t want on my computer, such as KB5012170, which remains blocked.

 

I also have a number of other updates from Intel and Qualcomm show up, similar to what you displayed, which either show up as hidden or have been made to hide. I keep them hidden and I ignore them. One of them ‘System’ from Intel dates back to 2016, the year after I bought my computer. Everything runs fine without it.

 

I suggest that you try hiding eveything except for the Windows updates you want to install and you’ll most likely find that the rest can remain hidden for as long as you like as they most likely are simply not needed at the present time.

 

File under: Fix It, If It Ain’t Broke Don’t

Reply | Quote

pnshldn wrote:

I’m confused by the output wushowhide….

I always let DELL Update do the driver/BIOS/Firmware updating because its updates are machine-specific (i.e., I never let WU do the updating of anything that is INTEL or Firmware.) You can usually discover the DELL driver that corresponds to the INTEL driver in WUSHOWHIDE by using the version number as a search term on the Dell support page. But, these INTEL or Dell Firmware drivers won’t disappear from WUSHOWHIDE after DELL Update installs its corresponding machine-specific one; they will always be there, so keep them hidden.

I don’t know about your Logitech drivers. I have only a Logitech mouse and it’s always been working fine, so I have just kept that driver hidden in WUSHOWHIDE.

Reply | Quote

Forgive me but I am terribly confused.

I did WUSHOWHIDE for KB5012170 and installed the .net and malicious. Then today was offered KB5016616 unexpectedly. I went to Susan’s spreadsheet and it shows defer for this, but I am not seeing why? Should I permanently defer this one? Why ?

Thanks.

I’ll wait for a reply before I hide this one.

Reply | Quote

The Master Patch List shows Install for KB5016616, not Defer.

Reply | Quote

Thanks. Off to look again.I could swear it said DEFER.

Reply | Quote

Ahh, I was looking at the August 9th HTML. I see now install, but an audio warning. Is there more info on that? What machines? What are symptoms? Is there a fix?

I’ll search a bit more.

Reply | Quote

Boy, is this confusing. It appears I should wait until a fix for audio issues is available before installing KB5016616? Have never seen something like this. I did not install the preview. I assume I should wait for installing this. Or is it working for most people without the fix?

Reply | Quote

Installed August updates with no issues.  BitLocker OFF.  No issues with KB5012170, CU KB5016606 update.

FWIW.  For those with Win10 Home editions like me who believed they do not have BitLocker, I would suggest you might want to do a search of your computer to insure it’s not preloaded and sitting there waiting to be activated.  I found out to my surprise BitLocker was indeed on my new Win 10 Home Edition laptop. It was auto activated after I  searched my MS account for the Recovery Key.  It was not activated or turned on when I logged in to my MS account.  After MS uploaded the Key, I noticed BitLocker was turned on.  So much for MS info link in my Settings under Device Encryption that Bitlocker “is not available on Win 10 Home” being accurate.  I turned off BitLocker and have the Recovery Key.

 

 

4 users thanked author for this post.

Microfix, The Surfing Pensioner, GeoffB, Fred

Reply | Quote

Yep. Noticed that it is available and activated by default on new home systems on both Dell and HP systems. The 2 I had I “think” were S mode . One I know for sure was.

Reply | Quote

Pixie:  you mentioned that you have a ‘new’ laptop running Win 10 Home, but the laptop did have BitLocker pre-installed.  What brand/model laptop is it?

 

GeoffB

Reply | Quote

GeoffB

I have a HP Spectre 360 Convertible, 11th Gen.  I spoke with Best Buy where I purchased it and they said many new computers, Home Edition included are coming preloaded with BitLocker waiting to activate.  I did not know this when I purchased as I have never used nor want BitLocker.

Reply | Quote

Well, I logged on to my MS account and discovered that, yes, my W10 Home laptop does indeed have bitlocker installed. I had never known that before. However, the account also stated that no recovery key had ever been uploaded to the account – presumably because bitlocker has never been activated – and so no recovery key could be provided. My guess is that a recovery key is only issued when bitlocker is activated? And my intention at the moment is to leave bitlocker inactive on both my PCs. I’ve managed fine without it all these years.

Reply | Quote

I never manually activated BitLocker.  When I saw it was on my computer I logged into my MS account and went to manage BitLocker Key.  I wanted the Key in case it ever got activated.   When I clicked on that link MS automatically uploaded a BitLocker Key.  I printed that Key keeping in safe place.  Went to check my device encryption and to my surprise BitLocker had been automatically activated.  I turned it OFF.  I do not know if it got activated from the Key printing or if it was the Windows update KB5012170.  I tend to believe it was the printing of the BitLocker Recovery Key that turned it on.  Only took about 15 minutes to decrypt once I turned it off.   Another issue with BitLocker turned ON is I read that in order for BIOS to update it will ask for the BitLocker Key  before BIOS will update.  Another reason for me to have it turned OFF.

I guess it’s a two edged sword, if no Key exists and it gets accidently activated by say a Windows update and without a Key my computer would be locked.  I wasn’t happy it activated and turned on, but since it was activated I can now turn it off or on.  It’s off and I intend to keep it turned off.

I can only speak to my recent experience and at least I know it’s turned off and if it ever gets accidently turned on and computer locked, I have the Key to unlock.

 

Reply | Quote

Imagine how many others out there are in your shoes.
The average User probably has no idea that the computer is encrypted (or maybe even what encryption even is).
And if there is a Local ID, instead of an MS ID, they most likely do not have any idea that the key exists, much less how to find or save it.
And, do they have a backup? Probably not
It’s not IF, it’s WHEN……..

Reply | Quote

Would make an interesting blog topic and/or newsletter article as well as hitting search engines.

If debian is good enough for NASA...

Reply | Quote

PKCano wrote:

The average User probably has no idea that the computer is encrypted (or maybe even what encryption even is).
And if there is a Local ID, instead of an MS ID, they most likely do not have any idea that the key exists, much less how to find or save it.
And, do they have a backup? Probably not
It’s not IF, it’s WHEN……..

The last time you postulated this perceived impending disaster nine days ago and said, “It’s not IF, it’s WHEN.“, I explained that it can’t happen:

b wrote:

Not just Pro, but it’s suspended until the key is backed up:

When a clean installation of Windows 11 or Windows 10 is completed and the out-of-box experience is finished, the computer is prepared for first use. As part of this preparation, BitLocker Device Encryption is initialized on the operating system drive and fixed data drives on the computer with a clear key (this is the equivalent of standard BitLocker suspended state). In this state, the drive is shown with a warning icon in Windows Explorer. The yellow warning icon is removed after the TPM protector is created and the recovery key is backed up, as explained in the following bullet points.

BitLocker device encryption

The first of those “following bullet points” from that link stipulates that;

If the device isn’t domain joined, a Microsoft account that has been granted administrative privileges on the device is required. When the administrator uses a Microsoft account to sign in, the clear key is removed, a recovery key is uploaded to the online Microsoft account, and a TPM protector is created. Should a device require the recovery key, the user will be guided to use an alternate device and navigate to a recovery key access URL to retrieve the recovery key by using his or her Microsoft account credentials.

Automatic device encryption has worked this way on millions of laptops since Windows 8.1 was released nine years ago:

On compatible hardware, Windows 8.1 also features a transparent “device encryption” system based on BitLocker. Encryption begins as soon as a user begins using the system; the recovery key is stored to either the user’s Microsoft account or an Active Directory login, allowing it to be retrieved from any computer.

Windows 8.1 Security and hardware compatibility

If people were getting locked out of brand-new computers without any chance of finding the key, don’t you think we (and Microsoft) would have heard about it by now?

Reply | Quote

See #2472612. That actually happened in spite of what you are posting.

Reply | Quote

PKCano wrote:

See #2472612. That actually happened in spite of what you are posting.

It DIDN’T happen, as you weren’t locked out without a key.

No key is needed until it’s been saved to an MS or AD account.

Reply | Quote

Normally no recovery key is needed at all until some oopsie occurs.  Which is why you go for years forgetting that you HAVE bitlocker enabled.  Given that it’s 22H2 prep time I’m planning a “care and checking under the hood of your PC prep checklist” and include “check if bitlocker is on or off and if on, do you know where your recovery key is?”

Susan Bradley Patch Lady/Prudent patcher

2 users thanked author for this post.

wavy, Perq

Reply | Quote

There are two ways that bitlocker is activated:

1. during the setup process (especially certain Dells and Surface devices) will go through the process of setting up bitlocker
2. If you turn it on manually

Updates do not enable bitlocker.  I guarantee that KB5012170 did not enable it.  Nor did printing a bitlocker recovery key. The fact that you had a bitlocker recovery key means it was already enabled at an earlier time.

Susan Bradley Patch Lady/Prudent patcher

3 users thanked author for this post.

WSBirdLady, DrBonzo, WCHS

Reply | Quote

I’ve had encryption turned on on Dells and HPs at Setup.
However, I have never seen it turned on by updates either..

1 user thanked author for this post.

DrBonzo

Reply | Quote

I have a Win 10 Home and a Win 10 pro computer. On each I have disabled Bitlocker (control panel/system and security/administrative tools/services, and then double clicking on Bitlocker and choosing ‘disable’). Have there been reported incidents of the KB5012170 update – or for that matter any other update – actually changing the ‘disabled’ setting to something else?

1 user thanked author for this post.

WCHS

Reply | Quote

No.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

DrBonzo

Reply | Quote

DrBonzo wrote:

Have there been reported incidents of the KB5012170 update – or for that matter any other update [my bold] – actually changing the ‘disabled’ setting to something else?

Susan Bradley wrote:

No.

Not even a FIRMWARE update?

Reply | Quote

On August 24, I installed 4 Microsoft updates using a scan by Belarc Advisor for guidance (as I do each month for many years) on Windows 10 21H2.

One of those updates disappeared a few hours ago from Settings “View Update History”. Also, Belarc Advisor now shows three Microsoft updates needed rather than four. Unfortunately, I did not take good notes, as I usually do, when I manually downloaded and installed each uppdate from Microsoft Catalog. (I’m kicking myself about this laxity but I am under tremendous stress/pressure at this time and updates had been fine for months with zero problems until now so I thought I could risk not be so careful just this one time…ha, ha …lesson learned).

Anyhow, what update is KB 5015895? Very little about it on the internet but I installed it on August 23 using Belarc Advisor current scan as guidance. I get a Microsoft Office 404 error now when I search for it on the internet using Duck Duck Go and it has disappeared from View Update History. I’ve never had Microsoft Office (use Open Office) and I am a bit surprised that Belarc Advisor, which I have used for MANY years, would have listed it ( and currently still have listed) as an update for my computer using Windows 10 21H2. I will call Belarc about it. (I called them about 10 or so years ago twice regarding different issues and they were outstanding in their support even though I only have the free version available for home users).

I suppose I should not be surprised, yet I am, that even with Winaero Tweaker active and with Windows Updates ALWAYS DISABLED by it except for the few minutes it takes each month to allow Windows Updates to be active (to manually download the updates one by one when I temporarily lift the Tweaker blocking of Windows Updates) Microsoft has entered my machine and REMOVED two of the updates I manually installed on August 24 (looking at View Update History where now two of the four updates are no longer listed as installed). That’s extremely creepy. Possbly though this is an issue with Belarc Advisor….I hope not.

Mods… if you want to move this fine as this thread is for bootloader patches (I had no problems installing that) but this thread is covering others patches too it seems so I put this here.

Reply | Quote

Mele20 wrote:

it has disappeared from View Update History.

KB5015878 is a July Cumulative Update Preview and preview updates get superseded (disappear from the list of installed updates) when the regular monthly update gets installed.

I.e. a June preview update will be replaced by the July regular update, the July preview update will be replaced by the August regular update, etc., etc.

So, if you installed the new August update (KB5016616) it “replaced” KB5015878 which explains why it’s no longer listed.

BTW, Susan’s recommendation is to not install preview updates.

 

Reply | Quote

OK,  I realize this thread is getting blurred and I am partially to blame for that not understanding if I should or should not install KB5016616. Still unclear, so I did a simple Google for KB5016616 issue OR problem and much more issues than I am seeing here. For example, loss of notepad, never rebooting, etc:

https://community.spiceworks.com/topic/2460386-outlook-desktop-crashing-after-installing-kb5016616

https://www.windowslatest.com/2022/08/22/microsoft-confirms-major-audio-issues-in-windows-10-kb5016616-august-2022-update/

https://answers.microsoft.com/en-us/windows/forum/all/windows-10-update-kb5016616-hangs-on-reboot-after/8722de52-46ca-44ed-af4f-281b9f57a225

https://windows101tricks.com/apps-missing-after-windows-10-update/

https://www.reddit.com/r/elgato/comments/wm7ibn/latest_windows_10_cumulative_update_kb5016616/

Just a small sampling.

So, @SB can we find a place, even here, where it is more clear what to do with KB5016616?? I am going to hide it until fully understand if it is worth ANY risk to try to install this one.

Thanks!

 

Reply | Quote

As I said in the article, if you’ve already installed it, go on with life.  Use the tools to hide it and I do not feel that this will cause undue risk in a home/consumer setting.

http://www.blockapatch.com has three different tools you can use to block the update.

 

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Just another Forum Poster wrote:

Mele20 wrote:
Why does that matter?

It was in answer to the question. [i.e., Are any of them DELLs?]

Yes, it matters (to me), because I have two DELL machines. I am Win10, 21H2.

I asked because when MS issued a Secure Boot DBX Security Update (KB4535680) on Jan 12, 2021, I hid it with WUSHOWHIDE and then three weeks later, DELL released a new Firmware update, which appeared in Dell Update soon after. When I installed the new Firmware, the Security Update disappeared from WUSHOWHIDE and I was saved from having to install it. I am waiting to see if the same thing will happen this time.

As a matter of fact, I subscribe to DELL Technical Updates and I have received an email that a new Firmware update has, indeed, been released. I am waiting for it to appear in Dell Update and to see if, when installed, this new Secure Boot DBX Security update (KB5012170) will also disappear from WUSHOWHIDE and will also save me from having to install it and possibly run into the error code.

Reply | Quote

First problem after AUG. updates.
On some sites video is not recognized as such, isn’t loaded and can’t be played by Chrome, Edge (loads blank frame), Firefox ESR.

Exp : Video url : https://vod.sport5.co.il/?Vc=147&Vi=413091
Passed the link to MPC-HC and got an error ‘can not render the file.

Did Aug. updates screw up codecs ?

Reply | Quote

Your example video plays just fine in all of my browsers (Chrome, Edge, Opera, SeaMonkey — a Firefox derivative) and MPC-HC.

So, whatever’s causing your problem, that “suggests” it’s not the main security updates (i.e. KB5016616 and KB5012170) as both were installed on my PC’s.

Take a look at your audio driver to see if maybe it was updated/changed (my PC’s are set to never install driver updates.)

Reply | Quote

Just another Forum Poster wrote:

(my PC’s are set to never install driver updates.)

So is my PC.

Audio driver works fine with youtube, MPC-HC movies… only problem seems to be with video in frames.

Reply | Quote

OK, I hid KB KB5016616 using wushowhide this morning. Windows update just reported it is available for download! I tried wushowhide again and it is not there to hide, so has to be hidden.

Anything I can do? I really am concerned about this one with all I read going wrong.

Reply | Quote

Did you clear the WU queue after you hid KB5016616?
It remains in the queue until WU checks for updates on its own schedule, or you manually clear the WU queue.
See #2472576 for instructions on clearing the queue.

Reply | Quote

@PKCano, I did not.

I checked wushowhide and it IS hidden and nothing else to hide. I have not looked at WU itself.

“Now click on Pause, wait a few seconds and click on Resume Updates. This will cause WU to “Search for updates.” It will find/download/install only the updates you have not hidden. (You can stop holding you breath now!)”

Is this saying open WU, pause updates (for some amount of time?) Then click Resume and all will be good? It will not download the hidden?

I also can wait until tomorrow to see if it tells me again I have updates to install.

And while we are at this, is anyone agreeing this should still be a DEFER for so many potential problems on …1616

Reply | Quote

You can wait until the next time WU updates on its own, or you can follow the instructions to manually clear the queue.

When WU updates (on its schedule), the list of updates is put in a cache and not updated until the next time WU updates. What you see is the cached list in the queue. That’s why you have to clear it, b/c what you see in the WU queue list is what gets downloaded/installed.

Reply | Quote

Next scheduled update check came and now shows up to date, so 16616 successfully hidden while I see how many folks get bad reactions from it. Again, my searches showed more than just the audio issue. I shall wait. Thanks for the help!

Reply | Quote

PKCano wrote:

It’s not IF, it’s WHEN……..

Let’s look at the ‘not-IF-but-WHEN’ scenario.

I checked my MS Account and both of my laptops are listed under the Devices tab. I clicked on the link for ‘See Details’. Under ‘Bitlocker data protection’, I clicked on the link for ‘Manage recovery keys’. There it says for both devices that I do not have any BitLocker recovery keys uploaded to my MS Account, although I do have the BitLocker app and they have always been turned OFF (to my knowledge). They are OFF now, I do know that.

I am the only one who has ever touched these devices and no one helped set them up, so it’s not possible that someone else has them in his/her account. I am presuming that the devices came from the vendor with BitLockker OFF (and the vender never turned it ON) and I am sure that neither I nor anyone else has ever turned BitLocker ON on either device. I don’t think some update on the devices has ever turned it ON either. So, is this why I do not have any recovery keys (i.e., BitLocker has never been turned ON)?

What is the advice here?
1) Turn on BitLocker so that a recovery key is generated, presume that my MS account will have it (if not, how do I get it sent to my Account?), locate it there in my MS Account, and print out a copy of it for both devices?

2) Or is it possible that some Windows Update could turn it on, in which case a key would be generated, the update would fail, the machine would lock up, and I would have no access to the key on that machine? I have 2FA turned on for my MS Account and a log-in code is sent to either my primary or my secondary email address. I can access my primary email or my secondary e-mail in multiple ways to get the log-in code. Is it possible in the case of Windows Update taking over the machine and turning on BitLocker before the update fails, could I access the key using some other device (say my iPad) to log into my MS Account and find the key that way? (This, of course, presumes that when the malfeasant update turned BitLocker ON, it also arranged to have the recovery key sent to my MS Account – which might not be a safe presumption). What about that, too?

Reply | Quote

I have never seen a patch or an event trigger a spontaneous enabling of bitlocker when it’s in the off position.

Susan Bradley Patch Lady/Prudent patcher

4 users thanked author for this post.

rebop2020, The Surfing Pensioner, DrBonzo, WCHS

Reply | Quote

The Dell Win10 computer I set up over a year ago for a friend was with a Local ID (no MS ID involved).
One of the first things I did was to look for Bitlocker settings, because, I was aware from ASKWoody posts and other sources, that some new computers came with Bitlocker ON by default.
Sure enough, it was in the process of encrypting the drive.
I turned Bitlocker OFF and waited for the decryption to finish.
I also set up automatic backups.

Now, this User is my age. And I was setting it up because I had been taking care of their past computers for maybe 15 years. Computer use only, absolutely NO technical ability on the User’s part.
This was only the first time I ran into this situation. There are so many others since…..

1 user thanked author for this post.

DrBonzo

Reply | Quote

Am I correct in assuming that when you turned Bitlocker OFF, the decryption started and that you didn’t need a decryption key? I’m wondering because it seems from what I’ve read that you need a Microsoft Account to get a key and that you can’t get a key with only a local account.

Reply | Quote

The encryption had not completed.

1 user thanked author for this post.

DrBonzo

Reply | Quote

DrBonzo wrote:

you can’t get a key with only a local account.

For automatic device encryption, that is correct:

How was BitLocker activated on my device?

There are three common ways for BitLocker to start protecting your device:

Your device is a modern device that meets certain requirements to automatically enable device encryption: In this case your BitLocker recovery key is automatically saved to your Microsoft account before protection is activated.

An owner or administrator of your personal device activated BitLocker (also called device encryption on some devices) through the Settings app or Control Panel: In this case the user activating BitLocker either selected where to save the key or (in the case of device encryption) it was automatically saved to their Microsoft account.

A work or school organization that is managing your device (currently or in the past) activated BitLocker protection on your device: In this case the organization may have your BitLocker recovery key.

Finding your BitLocker recovery key in Windows

2 users thanked author for this post.

Mele20, DrBonzo

Reply | Quote

If you are logged into the running computer, you need no key to turn off/decrypt the bitlocker.  You just turn it off, it decrypts the drive.

You only get asked for the bitlocker recovery key when you hack /reset the password – or on rare occasions (I’ve hit it twice on a Surface) after a reboot on a patch install – I think they were both firmware updates.  The second time (two different patching events years apart) I tried turning the pc off and back on again and it didn’t ask for the recovery key the second time.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

DrBonzo

Reply | Quote

@SB

Regarding #2472528

Could we please get a definitive answer regarding how to tell if the KIR has been installed BEFORE we install KB5016616?  This seems rather important to know.

sheldon wrote:

This KIR prevents the issue on Windows devices that do not have KB5015878 (or later updates) installed, but does not affect devices already affected by this known issue.

Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)

Reply | Quote

It won’t kick in until after the July 26th or the August 9th update is installed. I didn’t experience any audio issues so it’s not widespread.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Seems to affect realtek audio drivers. Do you have realtek SB?

And by chance did it delete notepad, wordpad, paint?

Reply | Quote

Realtek High Def audio.

No, updates wouldn’t touch those applications and remove them. Someone manually using a de-crapifier/powershell would, but not updates.

Susan Bradley Patch Lady/Prudent patcher

2 users thanked author for this post.

The Surfing Pensioner, WCHS

Reply | Quote

Thanks. But…

https://windows101tricks.com/apps-missing-after-windows-10-update/

I misread slightly. 21H2 made thse apps optional and it seems without some of them KB5016616  will not install.

OK.will see what happens.

Reply | Quote

That post makes no sense.  That’s total click bait. (ads all over the site is a clue)

OH these apps go missing after this August update and then they point to posts from TWO YEARS ago?

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

According to Microsoft that is incorrect.  The KIR must be there when the KB is installed or it has not effect.  That is, if the KIR arrives after the KB is installed no effect.

Reply | Quote

Known issue rollbacks only kick in after a known issue.  I don’t think even Microsoft knows how these work (or documents it well enough).

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

They seem real clear -“This issue is addressed using a Known Issue Rollback (KIR). This KIR will prevent the issue on Windows devices that have not installed KB5015878, but will have no effect on devices already affected by this known issue. Please note that it might take up to 24 hours for the KIR to propagate automatically to consumer devices and non-managed business devices. Restarting your Windows device might help the KIR apply to your device faster.”

Reply | Quote

The known issue rollback is a piece of code in an update that gets rolled back when it senses an issue.  In corporate settings I have to trigger a group policy to make it kick in.  Given that the notation of the issue is documented as of August 19th, I don’t see how they can say that the KIR will prevent the issue, if you haven’t installed the patch that has the KIR code in it?

https://docs.microsoft.com/en-us/troubleshoot/windows-client/group-policy/use-group-policy-to-deploy-known-issue-rollback

Bottom line on this kind of side effect, install the update, if sound works you weren’t impacted, if your sound is impacted, uninstall the update, block it and the fix will be in the September updates.  Windows patches are uninstallable.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

The Surfing Pensioner

Reply | Quote

WCHS wrote:

uninstall the update, block it and the fix will be in the September updates. Windows patches are uninstallable.

I’m not following this. Another term for “update” is “patch”, right?
So how it is possible to uninstall an update that is uninstallable?

Reply | Quote

I’m tired today and may not be typing in clearly.  Windows updates can be un-installed.  The only exception is servicing stack updates. But any patch you install, you can un-install it/remove it.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

WCHS

Reply | Quote

To my mind you’re the voice of sanity, Susan! thanks for all you do.

1 user thanked author for this post.

WCHS

Reply | Quote

Thanks – I think I’ll pass on this update.

Reply | Quote

@sb

Susan Bradley wrote:

Bottom line on this kind of side effect, install the update, if sound works you weren’t impacted, if your sound is impacted, uninstall the update, block it and the fix will be in the September updates. Windows patches are uninstallable.

I don’t mean to pile-on, but this advice basically disregards the existence of the KIR to prevent the problem in the first place.  The CU either works or it causes problems, something we are trying to avoid.  And who says the fix will be in the September updates?

It appears @Mele20  #2472700 just got tagged with the sound issue, so he/she neither had the KIR fix already nor was the KIR installed after the CU was installed to automatically fix the issue.  Has anyone had the sound issue, and then miraculously it corrected itself  via this KIR?

Isn’t there anyone of the experts here that can tell what the KIR is/does and how to tell if it was automatically downloaded onto our computers?  Or how to obtain it?

Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)

Reply | Quote

Susan Bradley wrote:

Known issue rollbacks only kick in after a known issue.

I take it you mean “after a patch with a known issue is installed”. Otherwise, it could mean “after an issue is known but before the patch with the issue is installed” Trying to get the sequence of this straight in my mind and not assuming anything not there.

Reply | Quote

Susan Bradley wrote:

I’m tired today …

No problem. ‘Uninstallable’ is ambiguous. It’s like ‘untieable’ – ‘you can’t tie it’ or ‘you can untie it’
Or like visually ambigous nested boxes (are they moving towards you? or are they moving away?) or the familiar drawing (is it a crone’s face? or is it a beautiful woman?). I’m tired, too. You can get fixated on one view and not see the other.
Following these posts since Tuesday is exhausting!

Reply | Quote

Does “cannot be removed” make it clearer?
CUs can be removed after installation, SSUs cannot be removed.

1 user thanked author for this post.

WCHS

Reply | Quote

PKCano wrote:

CUs can be removed after installation,

Yes, that helps immensely. Where would I find CU KB5016616 to uninstall, were I to install it via Windows Update, and then have audio problems? I’ve looked at View Update History>Uninstall updates, but only SSUs, security updates, and enablement packages are listed there. I’ve also looked at Control Panel>Programs and features, but no CUs are there either.

Reply | Quote

If you go to View Update History>Uninstall updates and scroll down to Microsoft Windows, you should see the last CU you installed. I can see mine. Presumably we don’t get to see the previous CUs because they are cumulative. But you can certainly uninstall the last one (I’ve had to in the past), and if you need to uninstall KB5016616 you will certainly want to do it before you get round to installing September’s patches. It’ll be sitting there, waiting for you.

Reply | Quote

The Surfing Pensioner wrote:

If you go to View Update History>Uninstall updates and scroll down to Microsoft Windows, you should see the last CU you installed.

I had looked there earlier, but the entry for the July CU was listed as a Security Update and not a Cumulative Update. I didn’t remember its KB# and since the MS Catalog and View update history always lists them as Cumulative Updates, that title was what I was looking for. But, thanks to your guidance, I looked again with the KB# in hand (KB5015807) and found it!

Reply | Quote

I tend to go by the KBs because I don’t understand the MS jargon. The KBs never change and you can always look them up.

Reply | Quote

WCHS wrote:

I had looked there earlier, but the entry for the July CU was listed as a Security Update and not a Cumulative Update.

The difference is a “Cumulative” update includes the SSU, the newly issued updates, patches & fixes, and all previously issued updates, patches & fixes (in case they’ve not yet been installed on your system) while a “Security” update only contains the updates, patches & fixes issued for that specific month.

As @PKCano pointed out, SSU’s cannot be removed and any previous updates, patches & fixes installed on your system don’t get “changed” during a monthly update (unless one or more of them is missing/superseded.)

So, once it’s installed, the complete Cumulative update cannot be removed, only parts of it can be removed (and those parts are listed as a Security update with the KB# for that month.)

Security updates can be removed but doing so only removes the updates, patches & fixes for that specific KB# and nothing else (i.e it won’t remove any updates, patches & fixes that are part of a different KB#.)

 

Reply | Quote

That explains a lot! It’s all clear now. Thanks.

Reply | Quote

CUs are Security Updates, issued on Patch (B) Tuesdays. Previews are non-Security Updates, usually issued on other Tuesdays (C, D, etc).
The SSU is bundled with (NOTpart of) the CU. It is not listed separately in Windows Update, but installs separately ( is listed separately in Installed updates).
CUs and Previews can be removed. SSUs cannot be removed.

This applies to Windows updates, not necessarily .NET or other updates.

Aside: If you observe the installation of the CU in Windows Update closely, you will see that, after the download, the progress of the installation goes from 0% to 100% in a relatively short time, then drops back to 0% and takes a longer time to reach 100% a second time. It is my guess that the first 0-100% is the installation of the SSU and the longer installation is the CU.

1 user thanked author for this post.

WCHS

Reply | Quote

Aha! I always wondered why my CUs installed twice. Now I know. Thanks.

1 user thanked author for this post.

PKCano

Reply | Quote

SSUs have to be installed uniquely. They can be installed before (recommended) or after the CUs. That has always been the case.
But they cannot be installed as a part of another update.

Reply | Quote

PKCano wrote:

SSUs have to be installed uniquely.They can be installed before (recommended) or after the CUs

SMQR patching method (AW group A)using WU in Win8.1, the SSU is always offered post CU installation after a restart
so is that not entirely accurate 🙂

If debian is good enough for NASA...

Reply | Quote

Yes. Unless you hide the other updates first, then unhide them after the SSU. Because it cannot be installed until/unless the WU queue is empty. An MS idiosyncrasy. But the recommended (not required) method is before.

Reply | Quote

b wrote:

In this case your BitLocker recovery key is automatically saved to your Microsoft account before protection is activated.

Why does Microsoft assume I only have ONE Microsoft account? I have FOUR acquired over the past 22 years. So, if I ever wanted to use BitLocker (absurd notion since I have desktops ONLY and do not live with others so others have no access to my Windows 10 or 8 computers) I would have to peruse all the Microsoft accounts to find the one that saved the key?

Is it possible to uninstall Bit Locker on a Windows 10 21H2 computer? I suppose when I buy a new computer (mine will be five years old in December) that it is likely to have Bit Locker enabled by default? That’s awful.

Why wouldn’t users of desktops in their homes simply remove the hard drive that contains the C drive before donating an old computer or taking it to the local dump? I have a small stack of drives removed from old computers over the years. The data was written over before the drives were removed but best to just keep those drives as destroying them is not easy.

Reply | Quote

In the case of the setup of a Surface device, it’s tied to the Microsoft account you used when you set up the device. Thus it’s fairly obvious which one it is.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Is the audio issue associated with the CU (KB5016616) for August or with the Boot Loader update (KB5012170)? After a SECOND reboot earlier today, I have no sound. I had sound after the FIRST reboot yesterday after I installed the CU and Boot Loader updates for Windows 10 21H2.

Edit: Not sure what I did but now I have sound! I tested various Windows sounds and could hear them via my speakers. Then suddenly my DVD drive also began to work when I inserted a music CD. It had not been working in that it appeared a music CD was playing but no sound was coming from my speakers and now I can hear the CD. But only in Windows Media Player using Realtek…appears nVidia playback is not working.

Reply | Quote

It is not related to the bootloader.  I’d try rebooting again to check.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Susan:  I have Windows Updates paused until 5 September.  Therefore, am I correct in assuming that I cannot run Wushowhide.diagcab now, because “Wushowhide uses the Windows Update Service to search for updates and will not run if the Service is Disabled” – I assume Paused = Disabled?

Appreciate your advice and patience!

 

GeoffB

 

 

Reply | Quote

Whoever you quoted has the correct information.
wushowhide uses the Windows Update Service to search for updates.
If Windows Update is Paused or Deferred, wushowhide is unable to use WU to list updates.

1 user thanked author for this post.

GeoffB

Reply | Quote

PK:  thanks for confirmation.

 

GeoffB

Reply | Quote

Windows 11 optional update (KB5016691) fixes USB printing, Bluetooth audio, and more

1 user thanked author for this post.

Cybertooth

Reply | Quote

Mele20 wrote:

Is it possible to uninstall Bit Locker on a Windows 10 21H2 computer?

You can disable BitLocker

Completely remove BitLocker Windows 10 –

BitLocker is a built-in feature of Windows, and while you can’t remove it, you can disable it and all its related services. By doing so you’ll permanently disable BitLocker on your PC.

Reply | Quote

Mele20 wrote:

Is the audio issue associated with the CU (KB5016616) for August or with the Boot Loader update (KB5012170)? After a SECOND reboot earlier today, I have no sound. I had sound after the FIRST reboot yesterday after I installed the CU and Boot Loader updates for Windows 10 21H2.

Edit: Not sure what I did but now I have sound! I tested various Windows sounds and could hear them via my speakers. Then suddenly my DVD drive also began to work when I inserted a music CD. It had not been working in that it appeared a music CD was playing but no sound was coming from my speakers and now I can hear the CD. But only in Windows Media Player using Realtek…appears nVidia playback is not working.

@Mele20

read the following:

https://www.neowin.net/news/microsoft-shares-workarounds-for-broken-audio-on-windows-10-after-kb5015878/

https://www.tenforums.com/sound-audio/197012-windows-updates-broke-sound.html

Reply | Quote

August patches installed with no problems to report on Win 8.1. 🙂

Installation Successful: Windows successfully installed the following update: 2022-08 Security Update for Windows 8.1 for x64-based Systems (KB5012170)

Installation Successful: Windows successfully installed the following update: 2022-08 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems (KB5016681)

Installation Successful: Windows successfully installed the following update: 2022-08 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 for x64 (KB5016740)

Win 10 ver. 22H2 x64

1 user thanked author for this post.

DrBonzo

Reply | Quote

Duplicated JD’s results on 2 Win 8.1 Dell laptops, except that I did NOT install the KB5012170 update.

Reply | Quote

FYI

1) The CU KB5016688 (Preview) for Windows 10 20H2, 21H1 & 21H2 dated 26Aug2022 has been released.

Re : https://support.microsoft.com/en-us/help/5016688

2) The CU KB5016592 (Preview) for .NET Framework 3.5 and 4.8 for Windows 10, version 20H2, Windows Server, version 20H2, Windows 10 Version 21H1, and Windows 10 Version 21H2 dated 26Aug2022 was also released.

Re : https://support.microsoft.com/en-us/help/5016592
Re : https://devblogs.microsoft.com/dotnet/dotnet-framework-august-2022-cumulative-update-preview-updates/

While extending the pause date for Windows Update on my laptop, I noticed that the CU KB5016688 (Preview) was offered as an optional update but not the CU KB5016592 (Preview) for .NET Framework 3.5 and 4.8 which had proceeded directly to download. As previews are not recommended, I did not proceed with the installations though.

HTH.

Reply | Quote

Still has the same audio issue!

Reply | Quote

Since no one seems to have a definitive answer as to where the KIR that fixes the loss of sound issue may or may not be at this time (see #2472787)  is it safe to assume that it will be included in the September CU?

Is so, I think the I’ll pass the uncertainty of the August CU.

Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)

Reply | Quote

[Bob99]

Tex265 wrote:

Since no one seems to have a definitive answer as to where the KIR that fixes the loss of sound issue may or may not be at this time (see #2472787)  is it safe to assume that it will be included in the September CU?

Is so, I think the I’ll pass the uncertainty of the August CU.

Per Microsoft’s own admission, the fix isn’t in the preview update for September, KB5016688, so it very well may not make it into the official September patch that will be released on September 13th. Are you willing to wait that long (perhaps, worst case, until October’s official patch) to patch a security hole because of an issue that’s fixed by KIR?

If you’ve already installed the official July patch and you still have sound, then KIR will fix your sound if you lose it after installing August’s update with no effort needed on your part aside from possibly rebooting your computer to have the KIR take effect. At least that’s how I read what MS has put out.

@Mele20 had this happen, from what I’ve read in the second paragraph of post 2472700.

• This reply was modified 2 years, 6 months ago by Bob99.

1 user thanked author for this post.

WCHS

Reply | Quote

@Bob99

Bob99 wrote:

If you’ve already installed the official July patch and you still have sound, then KIR will fix your sound if you lose it after installing August’s update with no effort needed on your part

Unfortunately that is NOT what Microsoft is saying.

This is what MS says regarding the KIR:

“This KIR prevents the issue on Windows devices that do not have KB5015878 (or later updates, eg: August CU) installed, but does not affect devices already affected by this known issue.”

And no one seems to know how or when the KIR gets activated or how to verify if it has been downloaded onto your computer.  Susan also thinks it is after the fact but again MS is very specific that it does not help AFTER the update is installed.

Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)

Reply | Quote

Per Susan’s own post earlier today on the main blog page…

…The Known issue rollback fix is offered up from Microsoft servers, but the code to trigger the known issue rollback (as I understand it) is only in the August and later updates.  Note that even in the preview updates, this known issue is still being tracked. I still think that the patch will be installed, some small percent may see audio issues and then the known issue rollback will kick in, make sure you reboot a day or two after installing updates, and the problem will go away, but I don’t have a system impacted to test my theory.

I added the bolding to the above quote for added emphasis. Goes back to what I said in my post from Sunday…if you currently have already installed the patch from July and don’t have any audio issues, then if you DO have issues after installing the August patch, Known Issue Rollback will kick in after a certain amount of time and fix the issue, but you’ll have to reboot to make it happen AFTER you’ve experienced the issue, unfortunately.

So, @Tex2265 , if you don’t currently have an audio issue and you’ve installed the July patch, then go ahead and install the August patch. If you have an audio issue after installing the August patch, Known Issue Rollback will kick in and fix the issue for you, but you’ll need to reboot your machine for the rollback process to properly complete. From what I can tell, @Mele20 experienced this first hand, as documented in post 2472700 above.

1 user thanked author for this post.

WCHS

Reply | Quote

FWIW, Win 10 Pro 21H2, GP-2, TRV Semi, Feature deferral on, GP windows driver updates disabled. Lost sound post July updates: dribs thru asus monitor, realtek & onboard not working. Older Dell. Bios latest. As it sounds (pardon pun) I won’t be getting it back via KIR discussion, thus nothing to lose. I’ll attempt Aug updates and report back. Glad have ipad.

Reply | Quote

Tex265 wrote:

And no one seems to know how or when the KIR gets activated or how to verify if it has been downloaded onto your computer.

KIR is a Microsoft server side fix not something that is downloaded to your PC

Reply | Quote

I don’t think so.  In  many cases the KIR will cause a feature to be rolled backed.   Something must be on your machine for that to happen.   for KB5016616  – ” Please note that it might take up to 24 hours for the KIR to propagate automatically to consumer devices …”

Reply | Quote

sheldon wrote:

In  many cases the KIR will cause a feature to be rolled backed.   Something must be on your machine for that to happen.

As stated by Microsoft :

““This KIR prevents the issue on Windows devices that do not have KB5015878 (or later updates, eg: August CU) installed, but does not affect devices already affected by this known issue.”

sheldon wrote:

In  many cases the KIR will cause a feature to be rolled backed.   Something must be on your machine for that to happen.

Reply | Quote

@Alex5723

Are you saying that Microsoft is saying that they installed the KIR onto their MS server to mitigate the sound loss problem and therefore if you download the KB5016616 CU now (after the server side KIR installation) that the sound loss problem will not happen as it is no longer being downloaded as part of the KB5016616 CU via the Windows Updater?

In essence the Known Issue has been Rolled back at the MS server level before it is downloaded to the local user machine?

Note however, that MS also states in the KR release:  “Please note that it might take up to 24 hours for the KIR to propagate automatically to consumer devices and non-managed business devices. Restarting your Windows device might help the KIR apply to your device faster.”

This seems to contradict my questioning clarification above.

Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)

Reply | Quote

I received an e-mail of @Alex5723 posting after
#2473336 and he says “Correct” to your statement “In essence the Known Issue has been Rolled back at the MS server level before it is downloaded to the local user machine” but that post has now disappeared.

@Alex5723: Did you withdraw your “Correct”??

Reply | Quote

and  ” propagate automatically to consumer devices …”    seems obvious to me

Reply | Quote

The only way I see that one can prevent the issue is to disable audio enhancements.

https://support.microsoft.com/topic/disable-audio-enhancements-0ec686c4-8d79-4588-b7e7-9287dd296f72

The Windows audio or sound troubleshooter might be able to resolve the issue for you. You can launch the troubleshooter from Fix sound or audio problems in Windows by selecting the Open Get Help button in the article. The Get Help dialog window should open, and you will need to select yes to open the troubleshooter.
If your device’s audio is still not working as expected, follow the instructions in Disable Audio Enhancements. Note: The article uses the microphone as an example, but you will need to do the steps for any affected audio device.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

FYI

1) Ghacks – Microsoft confirms and resolves Windows 10 audio bug (your device may still be affected)
—————————–
https://www.ghacks.net/2022/08/22/microsoft-confirms-and-resolves-windows-10-audio-bug-your-device-may-still-be-affected/

-There is also a “How to disable audio enhancements” in the article 1).

2) Windows IT Pro Blog – Known Issue Rollback: Helping you keep Windows devices protected and productive
——————————–
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/known-issue-rollback-helping-you-keep-windows-devices-protected/ba-p/2176831

From 2) Blog post above:

“Introducing Known Issue Rollback
——————————–
Known Issue Rollback is an important Windows servicing improvement to support non-security bug fixes, enabling us to quickly revert a single, targeted fix to a previously released behavior if a critical regression is discovered.”

-Emphasis is on KIR supporting ‘non-security bug fixes’.

An Extract from the Comments Section of 2) above:

Re : https://techcommunity.microsoft.com/t5/windows-it-pro-blog/known-issue-rollback-helping-you-keep-windows-devices-protected/bc-p/2324328/highlight/true#M2693
———————————————————————–
“KIR targets all machines for a Windows version(s) that is either having the issue or could have the issue regardless of whether the actual update has been installed eg. all Windows 10 version 2004 machines. This means that if a user has the update KB in question installed and is experiencing an issue, KIR will mitigate that issue i.e. the user will stop seeing problems after a reboot. If a user has not YET installed the update KB, the KIR configuration will sit dormant on the machine until the update is installed at which point the issue will be automatically mitigated without the user ever knowing there was a problem.

We are investigating the creation of some UI to help users know when the KIR has been configured on the machine. We don’t have this capability today unfortunately.”

HTH.

Reply | Quote

The chicken can’t fix the egg before the egg is installed.

I still say that “you can’t fix this after the patch is installed” is wrong and the known issue rollback will remedy it but it may take a reboot or two.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

PKCano

Reply | Quote

Susan Bradley wrote:

I still say that “you can’t fix this after the patch is installed” is wrong and the known issue rollback will remedy it but it may take a reboot or two.

That’s what the above implies.

vnffrmpn wrote:

KIR targets all machines for a Windows version(s) that is either having the issue or could have the issue regardless of whether the actual update has been installed

vnffrmpn wrote:

This means that if a user has the update KB in question installed and is experiencing an issue, KIR will mitigate that issue i.e. the user will stop seeing problems after a reboot.

vnffrmpn wrote:

If a user has not YET installed the update KB, the KIR configuration will sit dormant on the machine until the update is installed at which point the issue will be automatically mitigated without the user ever knowing there was a problem.

Unfortunately for this:

vnffrmpn wrote:

We are investigating the creation of some UI to help users know when the KIR has been configured on the machine. We don’t have this capability today unfortunately.

So we can/should safely assume that by now the KIR is sitting dormant on our machines?

What if we are using wushowhide or similar app to control downloads since we don’t see this KIR pending?  The KIR forum referenced above seems to imply that KIR’s don’t utilize the normal Windows Updater system so maybe not a problem?

Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)

Reply | Quote

[Bob99]

What if we are using wushowhide or similar app to control downloads since we don’t see this KIR pending?  The KIR forum referenced above seems to imply that KIR’s don’t utilize the normal Windows Updater system so maybe not a problem?

TRUE, NOT a problem, so don’t worry about using any of the update assistants, as KIR works outside that framework with total disregard to your current update settings within the registry, which is what wushowhide, WUMT and WuMgr use to help you keep your update settings where you want them to be.

Steve Gibson’s InControl tool also probably makes registry changes to help you in its own way.

• This reply was modified 2 years, 6 months ago by Bob99.

1 user thanked author for this post.

WCHS

Reply | Quote

vnffrmpn wrote:

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/known-issue-rollback-helping-you-keep-windows-devices-protected/ba-p/2176831

Q&A from the above link.

Question:

ron S. asked
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Point of clarification. Is this feature is limited to Windows in a business setting?

Are Windows Home users are left out in the cold, with broken machines?

Answer:

Eric_Vernon Microsoft replied
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
This is not limited to the business setting. Group Policy is the KIR business setting solution. For other versions of Windows outside of a business setting AND are connected to Windows Update, KIR is implemented from our cloud service.

That verifies KIR’s get offered to non-business PC’s via Microsoft’s servers with no action required by the end user (other than needing a reboot for the KIR to take effect as has been mentioned previously.)

1 user thanked author for this post.

Microfix

Reply | Quote

Just another Forum Poster wrote:

That verifies KIR’s get offered to non-business PC’s via Microsoft’s servers with no action required by the end user (other than needing a reboot for the KIR to take effect as has been mentioned previously.)

So for the purposes of this KIR explanation, a business PC is Win10/Win11 Pro (even if you aren’t a business) and a non-business PC is Win10/Win11 Home?

Reply | Quote

WCHS wrote:

So for the purposes of this KIR explanation, a business PC is Win10/Win11 Pro (even if you aren’t a business) and a non-business PC is Win10/Win11 Home?

Nope!

The Windows “version” has absolutely nothing to do with whether it’s considered a Business/non-Business PC.

Group Policy is the KIR business setting solution.
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
For other versions of Windows outside of a business setting AND are connected to Windows Update, KIR is implemented from our cloud service.

So any version of Windows “not using the Group Policy” is considered a “consumer PC” and will use it’s connection to the Windows Servers to obtain/install the KIR.

1 user thanked author for this post.

WCHS

Reply | Quote

Just another Forum Poster wrote:

Group Policy is the KIR business setting solution. ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ For other versions of Windows outside of a business setting AND are connected to Windows Update, KIR is implemented from our cloud service.

Just another Forum Poster wrote:

So any version of Windows “not using the Group Policy” is considered a “consumer PC” and will use it’s connection to the Windows Servers to obtain/install the KIR.

Hmmm…. so I am a home user with Windows Pro 10 x64 and I utilize Group Policy settings to hold off monthly updates (the 2 setting, etc) until I select to allow their download in connection with wushowhide utility.

So that makes me a Business PC and I won’t be offered the KIR through the MS cloud service with no action required from the user?  This gets more and more confusing.

Please advise:

1. How a Business PC receives the KIR
2. How a Non-Business PC receives the KIR
3. What affect if any does utilizing Group Policy settings have on receiving he KIR

Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)

1 user thanked author for this post.

WCHS

Reply | Quote

The Group Policy being referred to is the specific Microsoft business level KIR Group Policy, not Group Policy in general.

For non-Business customers, the Windows Update process applies the KIR automatically, no user action required.

For Business customers, Microsoft provides an msi install file for the KIR which customers can propagate to managed systems by using their “business level” Group Policy infrastructure.

If the “business level” Group Policy has been installed on your PC, you’ll find one or more of the following entries in your Group Policy settings.

Local Computer Policy > Computer Configuration > Administrative Templates > KB ####### Issue XXX Rollback > Windows 10, version YYMM

Where ####### is the KB number with the problem, XXX is the issue number, and YYMM is the Windows version number.

Note: while it is “possible” to download and install a business level KIR msi file for a particular KB issue onto a non-business PC (if you can find the download location for it) you don’t really need to do that since it’ll get “automatically” installed on PC’s that do not use the “business level” Group Policy.

I did exactly that a year or so ago for a particular KIR before I realized I didn’t need to.

BTW, KIR’s have a limited lifespan (typically no more than a few months) and, after Microsoft issues an update that fixes the issue, are rescinded and no longer effective.

2 users thanked author for this post.

Tex265, WCHS

Reply | Quote

Per Susan, if you lose the sound, uninstall the August update (fingers crossed).

So then what?  Is there any indication that MS is working on an actual fix?  Will a fix be included in the September CU?  Do we go un-patched until when?

Just another Forum Poster wrote:

KIR’s have a limited lifespan (typically no more than a few months) and, after Microsoft issues an update that fixes the issue, are rescinded and no longer effective

Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)

Reply | Quote

Tex265 wrote:

So then what? Is there any indication that MS is working on an actual fix? Will a fix be included in the September CU? Do we go un-patched until when?

MS is aware of the problem but haven’t yet indicated when they’ll issue a fix for it.

Quote from KB5016616’s know issues section
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
This issue is resolved using Known Issue Rollback (KIR). Please note that it might take up to 24 hours for the resolution to propagate automatically to consumer devices and non-managed business devices. Restarting your Windows device might help the resolution apply to your device faster.

Remember, a KIR they’ve issued will remain “in effect” until such time as they actually issue a fix (or at least what they “think” is the fix!)

Also, the KIR they issued fixes the audio problem by rolling back the specific code that caused the issue, not the entire security update.

So, taking into account what the above quote from MS about the KIR says, you “should” be good-to-go to install the update once your PC has received the KIR.

Catch is, there’s no easy way to tell if that’s happen yet or not because KIR’s aren’t recorded anywhere in Window’s history/logs.

They add a new “sub-key” to the following registry key with EnabledState & EnabledStateOptions values (mine currently has 4 different sub-keys in it.)

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FeatureManagement\Overrides\4

And, since there’s no “direct correlation” between the ID numbers used for those keys and the KB “feature” it’s intended to rollback, there’s really no way to determine if a particular KIR has been installed or not.

1 user thanked author for this post.

Tex265

Reply | Quote

Just another Forum Poster wrote:

And, since there’s no “direct correlation” between the ID numbers used for those keys and the KB “feature” it’s intended to rollback, there’s really no way to determine if a particular KIR has been installed or not.

Very interesting.  I read somewhere that the KIR is quietly downloaded into the Registry but it did not say where.

I checked my Registry path that you provided. I have 3 sub-keys – 0, 15, 4.

Key 0 has 4 numerical entries, Key 15 has none, and Key 4 has 50 entries!

So I guess we wait it out.

Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)

Reply | Quote

Not sure exactly what the 15 sub-key is for (can’t find any info about it on the web and mine is empty) but, according to this post at Stack Overflow, the numbers are suppose to represent the priority group the override belongs to.

As for the 0 sub-key, that one’s for “user set” feature overrides and is typically set either via a specific choice somewhere it the Windows Settings or by using one of the “special tools” (like mach2 or ViVe) that allows you to enable/disable specific Windows features (provided MS hasn’t removed the feature ID — like the “Banner” they added to the top of the Settings menu which you “used” to be able to disable using one of those tools until they removed it’s ID.)

Reply | Quote

WCHS wrote:

if I had to use the Build 1288 iso, it would take only the latest CU to bring the CU patches up-to-date. Is this correct?

Yes, this is correct. Despite the ISO being of a much older build, a single CU would bring it up to the latest build version.

Reply | Quote

How can a user delay the update beyond the 5? week maximum?

When I updated 3 Win10 pro’s & 1 Win11Pro I delayed update the max to 9/10. Since the advice for consumers [No nuclear codes!] is to delay, instructions would be helpful. One other poster asked this but I saw no response.

Thanks

Reply | Quote

Read through this thread:

https://www.askwoody.com/2020/is-there-a-way-to-cheat-pause-update/

1 user thanked author for this post.

MrToad28

Reply | Quote

Susan Bradley wrote:

The only way I see that one can prevent the issue is to disable audio enhancements.

https://support.microsoft.com/topic/disable-audio-enhancements-0ec686c4-8d79-4588-b7e7-9287dd296f72

I utilize a separate sound card,  a ASUS Xonar DGX PCI-Express 5.1 Audio.

I followed the above link and looked in all the locations noted and do not see an Audio Enhancements Tab or checkbox entry in the Advanced Tab that I do have.

I do have a separate Xonar Audio Control Panel for sound settings.

Does this mean I have “immunity” from the loss of sound issue?

Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)

1 user thanked author for this post.

WCHS

Reply | Quote