MS-DEFCON 4: Install or defer updates? Your choice.

Topic

New Reply

ISSUE 19.43.1 • 2022-10-25 By Susan Bradley I’ve got a slightly mixed message about the latest round of updates. In the most general terms, updates th
[See the full post at: MS-DEFCON 4: Install or defer updates? Your choice.]

Susan Bradley Patch Lady/Prudent patcher

4 users thanked author for this post.

geekdom, J9438, windbg, Pim

Reply | Quote

Replies

As for the ‘dribbles’ – it seems Microsoft still doesn’t get it. I was happy when they announced there would be just one feature update a year. But wait, this is Microsoft. So they decided to release / push features as they like, without any scheme. Sigh.

The part about Basic Auth in Exchange server is for Exchange Online. The existing on-premise versions do not get ‘Modern’ authentication.
If you are on Windows 7 and your mail program suddenly throws errors about authentication, then be aware about the TLS update issued years ago. This one is installed as part of Windows Update, but not activated: Update to enable TLS 1.1 and TLS 1.2 as default secure protocols in WinHTTP in Windows (microsoft.com)
And beware – the ‘easy fix’ doesn’t enable it all the way, you still have to Enable TLS 1.1 and 1.2 on Windows 7 at the SChannel component level as described in the article.

 

1 user thanked author for this post.

Pim

Reply | Quote

Thanks for your post. I was not aware that besides the Easy Fix I also needed to manually add another set of registry keys. Could you tell me what is the difference between the first couple of registry keys that the Easy Fix does add and the ones for Schannel that it does not add? I am reasonably tech savvy, but this goes (way) over my head. What would I not be able to do if I have not set the Schannel registry keys?

A couple of months ago after an internet search I had already installed the Easy Fix when I was not able to use the Media Creation Tool for Win10 on my Win7 system. After installing it the MCT worked again, even though I had not added the second set of registry entries.

I do not use an Exchange server, but I would like my Win7 system to be fully capable of using TLS 1.1 and 1.2 to avoid any issues that might pop up in the future.

Thanks in advance.

Reply | Quote

The KB article is a bit ambiguous? It says “This update adds support for DefaultSecureProtocols registry entry that allows the system administrator to specify which SSL protocols should be used when the WINHTTP_OPTION_SECURE_PROTOCOLS flag is used.”

And then it says: “…As these protocol versions are not enabled by default in Windows 7, you must configure the registry settings to ensure Office applications can successfully use TLS 1.1 and 1.2.”

Don’t know why the ‘easy fix’ doesn’t add the additional registry keys? But if it works for you, I wouldn’t bother those additional registry keys.

Earlier this year, I had a couple of machines having trouble with Outlook 2010 and Windows Live Mail 2011 throwing authentication errors and I had to both run the ‘easy fix’ and add those additional registry keys to get them running again.

1 user thanked author for this post.

Pim

Reply | Quote

I ran wumgr and the only update was KB5018410, which I hid based on the Patch list.  Wasn’t sure what other updates you are referring to that should be installed, but if anything comes up, I will check it against the patch list.

1 user thanked author for this post.

Marcus Weldby

Reply | Quote

Susan wrote, “You may find that you’ve been beating your head against the wall this month, trying to get your beloved email client to receive and send email.”

I am confused. On Win Home versions does that mean emails accessed through the web like http://www.outlook.com, http://www.yahoo.com, or http://www.gmail.com will stop working?

Reply | Quote

No. The warning is for those using an older email client program that does not support modern authentication. All web browser access will continue to work.

--Joe

2 users thanked author for this post.

Geo, J9438

Reply | Quote

What about Outlook 2016 – part of MS Office Retail C2Run?

Is this up to standards?

Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)

Reply | Quote

Gee, Susan, where have I been looking for months to find something like InControl to manage Windows updates, in particular a potentially forced Windows 11 upgrade?  Thank you for the info.  Now I have to get back to my client who bought a laptop to control an HVAC system.

Ben Myers

Reply | Quote

Susan, forgive me for my confusion, but you moved it to Defcon 4 saying we can install now, but all of the Win10 and Win11 updates in the current Master Patch List (Oct 19) say to defer or avoid. I’m not sure what to install as a result of the change to Defcon 4.
Thank you!

3 users thanked author for this post.

bagman, LHiggins, Tex265

Reply | Quote

I am soooo sorry – I got busy at the office and forgot to upload the matching updated master patch list.

Hang on a second, I’ll fix!!

Susan Bradley Patch Lady/Prudent patcher

2 users thanked author for this post.

Marcus Weldby, LHiggins

Reply | Quote

Great, thank you!!

Reply | Quote

Master Patch List @ AskWoody

Okay try the listings now.  Sorry about that, as you can tell these lists are not automatically uploaded to the site and I didn’t upload the latest version.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

OK, still confused. I’m looking over the Win10 patches and the “22H2 release” is classified as “Install”. But on the Master Patch List Page you say, “I do not recommend deploying Windows 11 or 22H2.” Can you please help me out here. Thanks again!

Reply | Quote

There may be folks that play with 22H2 or have purchased a device with 22H2.  For them I recommend installing the security updates.  But I still don’t recommend that if you are on a 21H2 (either win10 or win11) that you move to them at this time.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

Marcus Weldby

Reply | Quote

OK, got it, thank you!

Reply | Quote

To mix it up further for Homeusers..
Having took the necessary precautions prior to making significant OS changes, I updated from Win10 21H2 to 22H2 on the 19th October with NO issues on both devices (x86 and x64) Both systems are as stable as 21H2 was relative to everyday homeuse.
The upgrade transition was slick without any event viewer errors and with an O&O shutup10++ config re-introduction all went well and still does. So far, 21H2 has been the most stable for me and 22H2 doesn’t look like a bad choice either IMHO

If debian is good enough for NASA...

6 users thanked author for this post.

Noel Carboni, Geo, Cybertooth, DrBonzo, Alex5723, PKCano

Reply | Quote

Can’t speak for Win11 as our devices don’t cut it (no, not doing the bypass with rufus) Win11 is the flogship* for MSFT and with that, problems, disfunction and a less intuitive GUI with the expectancy of a better OS. (yes we’ve all been sold that before LOL)
* no, not a typo, just take a minute and go figure… 😉

If debian is good enough for NASA...

1 user thanked author for this post.

Cybertooth

Reply | Quote

Win10 21H2 has been rock solid for us. Haven’t done any client machines to 22H2 yet.

I’ve been running Win11 21H2 on my unsupported main machine (CPU 7th gen) and a couple client machines for a couple months. Rock solid also. Got bored this weekend so did the upgrade on mine to 22H2. Pretty uneventful upgrade which took maybe 20 minutes.

Seemed OK with a few exceptions – Quickbooks seemed even slower than usual (to be fair I didn’t run it long enough to see if it would get better), my beloved Dell Mobile Connect was giving me errors that my phone didn’t see my machine on wi-fi direct, yet it was listed. Probably just needed to be re-paired but that’s a PITA. The deal breaker was that all my saved RDP credentials no longer worked. Saw some workarounds with Credential Guard, but with the other RDP issues and all I just went back to 21H2 with my image. Will let it mature a bit more.

Reply | Quote

Just when you thought you were through — the previews are here:

2022-10 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems (KB5018496)
https://support.microsoft.com/en-us/topic/october-25-2022-kb5018496-os-build-22621-755-preview-64040bea-1e02-4b6d-bad1-b036200c2cb3

2022-10 Cumulative Update Preview for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 for x64 (KB5018341)

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

Reply | Quote

Never knew askwoody recommended installing ‘Previews’, did I miss something?
AFAIK: ‘Previews’ were never recommended unless there was a mission critical issue fix within and even so, testing is still required before administering.

If debian is good enough for NASA...

Reply | Quote

Note that is not Ms. Bradley recommending any action. It is just an announcement that the update is available. Askwoody does NOT recommend preview updates for most people. You should check to see if there is a specific problem affecting your systems that is resolved by the update to decide whether or not to install the update. Normally, you’d just leave it alone until the next Patch Tuesday.

--Joe

Reply | Quote

Exactly, Woody didn’t recommend them either 🙂

If debian is good enough for NASA...

Reply | Quote

Ever since upgrading from 21H2 10 Home to 22H2 10 Home one week ago today I’ve been getting 40-to-50 event 1010 errors in the Event Viewer entitled Microsoft-Windows-ModernDeployment-Diagnostics-Provider/ManagementService with the caption “Autopilot.dll WIL error was reported, HRESULT: 0x80070491, File: onecoreuap\admin\moderndeployment\autopilot\dll\dllmain.cpp, line 191 Message: NULL.” They happen every few minutes and seem unrelated to anything that I’m doing on the laptop, where I’m signed in with a Microsoft Account. The upgrade from 21H2 to 22H2 went smoothly and took only a very few minutes; and nothing else is different. The laptop runs just as well as before the upgrade. Other than these Event Viewer errors, which don’t seem to affect anything I’m doing on the laptop, nothing else has changed from before the upgrade. Nothing new.

Reply | Quote

What is Windows Autopilot?

Windows Autopilot is a bundle of technologies that help in setting up new devices and can be used to deploy Windows PCs. The purpose of this software is to smoothen and simplify the lifecycle of Windows devices.

Before we look at any workarounds, we should look at some of the possible causes behind the error under discussion. The first, and a very common one, is outdated Windows running on your PC. Overclocked memory or dysfunctional Microsoft Account Sign-in Assistant service can also lead to this error. Let us now see how you can remediate this issue.

https://www.thewindowsclub.com/autopilot-dll-wil-error-was-reported-in-windows 

Does this help make sense of what may be going on here?

The only realistic solution to the error if these conditions can’t be addressed, is remove the Feature Update and go back to the previous version.

Something tells me you have device or driver issues in there, and these just showed up with the Feature Update.  Check for updated device drivers, and check the Device Manager for issues.

-- rc primak

Reply | Quote

Thank you for the referenced article and your advice. My system is completely up to date regarding Windows Update and my system does not use overclocking; and Windows Update does not indicate that I need any different or additional drivers or driver updates. I don’t have rapid boot enabled; I have hibernation disabled so that every time that I turn on the laptop (which is only for a few hours at a time three times a week) it boots directly from the operating system stored on the SSD; but I will try running DISM anyway. What I will try is disabling the Microsoft Account Sign-in Assistant service “wlidsvc.” As far as devices being disabled or non-functional, the only thing I have disabled is Bluetooth and Ethernet, since I never use either with this laptop and have no need to. My Microsoft account is only used to log into the operating system; I don’t use any Microsoft applications or software that requires a link to my Microsoft sign in credentials, such as Office or Mail or any of that stuff. I would only uninstall 22H2 and go back to 21H2 as a last resort, since I don’t believe that it is a good idea to allow the laptop to get too out of date as far as the operating system and its updates are concerned. I’ll let you know how my efforts turn out. Thank you!

 

Reply | Quote

I’ve done quite a lot of research regarding this Autopilot.dll WIL error and it appears that a whole lot of other users are having this same problem. It appears to be causing system crashees and BSOD problems with those who use other Windows and Microsoft applications that require authentication or log-in, which I do not. I don’t use Office, Word, Mail, or any other software that checks your Microsoft Account credentials. The article referenced suggests disabling the service causing the error message, but that would also prevent me from being able to log into my Microsoft Account when turning on and booting up the laptop, so I’m not doing that. And resetting Autopilot is worse, since it wipes out all of your personalized settings, folders and files and installed applications in your user folder. I also don’t want to revert my laptop to before upgrading to 22H2 from 21H2, or uninstalling the upgrade, because that doesn’t solve the problem either, just postpones it. Since these forty to fifty errors in the Event Viewer are not causing any system or software crashes on my laptop, I guess I’ll just live with them and hope Microsoft gets around to solving this issue sometime, since it appears a huge number of users are experiencing the same issue. BTW these errors were not caused by hardware or driver issues or problems, either.

 

Reply | Quote

Douglas wrote:

Ever since upgrading from 21H2 10 Home to 22H2 10 Home one week ago today I’ve been getting 40-to-50 event 1010 errors in the Event Viewer entitled Microsoft-Windows-ModernDeployment-Diagnostics-Provider/ManagementService with the caption “Autopilot.dll WIL error was reported, HRESULT: 0x80070491, File: onecoreuap\admin\moderndeployment\autopilot\dll\dllmain.cpp, line 191 Message: NULL.” They happen every few minutes and seem unrelated to anything that I’m doing on the laptop

Hi Douglas:

If you’re still seeing these ModernDeployment-Diagnostics-Provider / Autopilot.dll WIL errors being logged in your Event Viewer please my 03-Mar-2023 post # 2540417 for a possible solution.
—————-
Dell Inspiron 15 5584 * 64-bit Win 10 Pro v22H2 build 19045.2604 * Firefox v110.0.1 * Microsoft Defender v4.18.2301.6-1.1.200000.2 * Malwarebytes Premium v4.5.23.241-1.0.1927 * Macrium Reflect Free v8.0.7279 * Microsoft Office Home and Business 2019 (Version 2301 / Build 16026.20200) Click-to-Run

Reply | Quote

Thankfully, this month was far less uneventful. After the updates were installed and the system restarted, the system went to the desktop with no problems. Therefore, October patches installed with no problems to report on Win 8.1. 🙂

Installation Successful: Windows successfully installed the following update: 2022-10 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 for x64 (KB5018549)

Installation Successful: Windows successfully installed the following update: 2022-10 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems (KB5018474)

Installation Successful: Windows successfully installed the following update: 2022-10 Servicing Stack Update for Windows 8.1 for x64-based Systems (KB5018922)

Win 10 ver. 22H2 x64

2 users thanked author for this post.

Microfix, DrBonzo

Reply | Quote

Thank you!

Reply | Quote

Can you specify which older email client’s programs could stop working with the latest cumulative update ?

1 user thanked author for this post.

J9438

Reply | Quote

It’s not the email clients per se, it’s the connection you have to the mail server.  If your email provider is using Microsoft’s email server for their back end and you are using basic authentication – mere username and password – it may need to be reset up to use modern authentication.

And it’s not a patch triggering this, it’s on the ISP/cloud server side.

Susan Bradley Patch Lady/Prudent patcher

3 users thanked author for this post.

sheldon, J9438, Perq

Reply | Quote

Susan Bradley wrote:

you are using basic authentication – mere username and password – it may need to be reset up to use modern authentication.

Kind of scary so I Googled “modern Authentication” and found Microsoft article,

“https://learn.microsoft.com/en-us/microsoft-365/enterprise/hybrid-modern-auth-overview?view=o365-worldwide” which was like reading a dictionary.

For us ordinary Home clients that just want a simple way to access our email, do we have to worry about down the line in a few years that Microsoft will do to us as they are doing with the Win 8 scrapping? That we’ll have to go through some horrendous process to sign into our email that is far more complicated than the current ID/password/text-to-phone 2FA?

1 user thanked author for this post.

rontpxz81

Reply | Quote

I’m not sure if it should be this way, but on the laptop and on vmware I got the monthly updates running & have been offered the option to install the feature update.

For the last 25 days on this PC I got offered the “you can upgrade to Win11 if you want”. Upon resuming updates to install the monthly ones I got the “you can upgrade to Win11” but no optional for “you can go to the new feature update of Win10”.

I was somehow expecting to be presented with “both” optional choices ( upgrade and feature update…)

Reply | Quote

You scrared us for nothing, I’m on Win10 using Windows Live Mail 2011 and it still works.

Reply | Quote

Windows 10 Pro 22H2. KB4023057 is back.

1 user thanked author for this post.

Coldheart9020

Reply | Quote

October patch Tuesday KB5018410 broke Windows 10 OneDrive and OneDrive for Business

After installing this update, Microsoft OneDrive might unexpectedly close, and you might receive an error when attempting to do the following:

Sign out or unlink your account in the Microsoft OneDrive sync app.

Unlink sites or folders from syncing to your device from Microsoft SharePoint or Microsoft Teams sites.

Uninstalling the OneDrive sync app might fail.

Note These issues might affect both OneDrive and OneDrive for Business.

We are working on a resolution and estimate a solution will be available in the coming week.

Windows 10, version 22H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2

Reply | Quote

recently from Bleeping Computer – Microsoft: Windows domain joins may fail after October updates
https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-domain-joins-may-fail-after-october-updates/

the Windows domain join problem only affects certain business users (mostly enterprise users), not home/consumer users. use the workaround or avoid installing the October 2022 patches if using domain join operations.

Reply | Quote

Also only impacts “re-using an existing computer account (the changes do not affect new accounts).”  So it’s going to be a real corner case.   I don’t typically reuse an existing computer account

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Hardened Windows user had a cumulative update ready to download and install today.

KB5018496 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems

No hiccups, no changes on my telemetry settings.

Now running Windows 11 Pro Version 22H2 (OS Build 22621.755)

Always create a fresh drive image before making system changes/Windows updates; you may need to start over!

We all have our own reasons for doing the things that we do with our systems; we don't need anyone's approval, and we don't all have to do the same things.

We were all once "Average Users".

Computer Specs

Reply | Quote

Douglas wrote:

I don’t use Office, Word, Mail, or any other software that checks your Microsoft Account credentials….but that would also prevent me from being able to log into my Microsoft Account when turning on and booting up the laptop,

Why do you need a Microsoft account and why Log in with Microsoft account ?
Create a use local account.

3 users thanked author for this post.

Noel Carboni, Coldheart9020, Fred

Reply | Quote

Alex5723 I never had a Microsoft Account until this month (October) in the more than 30 years that I’ve been using Microsoft operating systems, just used a local account Administrator account with no log in credentials. Then earlier in October I purchased a new Dell XPS-8950 desktop PC with a 12th generation Intel Core i7-12700 processor and Windows 11 2022 already preinstalled.  It would not let me bring the new PC up and running without getting a Microsoft Account and logging into Windows 11 2022 with my new credentials. The very next time that I turned on and booted up my Windows 10 Home 21H2 HP Omen Intel Core i7-7700HQ 7th generation laptop, where I had been using a local account Administrator log on since purchasing it over four years ago, it suddenly also required a Microsoft Account log-in credentials with no option for continuing without it. So I now log onto it as well with my new Microsoft Account credentials. Perhaps it is the change from an Administrator log-on to a Microsoft Account log-on that is causing the Autopilot DLL errors. But I saw no available option for proceeding without it. Another reason why I will always like Windows 7 x64 SP1 better than anything that came after.

 

Reply | Quote

Douglas wrote:

The very next time that I turned on and booted up my Windows 10 Home 21H2 HP Omen Intel Core i7-7700HQ 7th generation laptop, where I had been using a local account Administrator log on since purchasing it over four years ago, it suddenly also required a Microsoft Account log-in credentials with no option for continuing without it.

Douglas wrote:

… in the more than 30 years that I’ve been using Microsoft operating systems, just used a local account Administrator account with no log in credentials.

In my experience, there’s your reason.

Always create a fresh drive image before making system changes/Windows updates; you may need to start over!

We all have our own reasons for doing the things that we do with our systems; we don't need anyone's approval, and we don't all have to do the same things.

We were all once "Average Users".

Computer Specs

Reply | Quote

A positive data point:

I have been keeping my new Win 10 workstation up to date with 21H2, and when Windows 10 22H2 came out I first put it on a VMware virtual machine, then finding it to run well there I went ahead and updated my AMD hardware system over the weekend.

Win 10 22H2 was a quick update, just enabling some stuff that was apparently already there – and for me it did NOT undo my customizations nor re-enable any of the many things I’ve tweaked out of existence in pursuit of performance. Careful benchmarks showed I didn’t lose any performance, and it’s been 100% rock solid reliable in a couple of days of fairly hard use doing business management and Photoshop work.

After just a few days good experience so far I give Win 10 22H2 a thumbs up.

-Noel

3 users thanked author for this post.

LHiggins, Microfix, Just another Forum Poster

Reply | Quote

Windows 10 22H2, Microsoft FINALLY got it right off-the-bat! Upgrades went well as posted earlier and a fresh iso install was a breeze 2/2 can’t be bad..Trick or treat?

H A P P Y H A L L O W E E N

One for the Mac affectionados 😛

If debian is good enough for NASA...

Reply | Quote

Douglas wrote:

It would not let me bring the new PC up and running without getting a Microsoft Account and logging into Windows 11 2022 with my new credentials

How to Delete Your Microsoft Account & Create a Local Windows 10 (or 11) Login

3 users thanked author for this post.

Perq, windbg, Fred

Reply | Quote

I just wanted to let you know that disabling the WLID service in “Services” solved this problem. Disabling this windows sign in service had no effect on logging into Windows on boot-up; it apparently only affects signing into other Windows and Microsoft services, such as Outlook or Mail (none of which I ever use). I access my mail accounts via the Chrome browser and I use Microsoft Works 9 for everything else (does not require sign in credentials). And I no longer ever get any of the errors I referred to in my previous posts. Thanks for your replies.

 

1 user thanked author for this post.

Alex5723

Reply | Quote