|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
Is it just me or is April patching sort of like April weather? Really unpredictable. We just got a totally revised Security update rollup (aka “A” pa
[See the full post at: Patch Lady – We just got a new update for April]
Susan Bradley Patch Lady/Prudent patcher
The Catalog download for KB4093118 for Windows 7 x64 – the only download for KB4093118 that I tested – has not changed since its initial release. The digital signature for file windows6.1-kb4093118-x64_5ea1778b896fcc764e0db8da7d094f62dc98d82f.msu is dated April 2, 2018. I’m not sure if file pciclearstalecache_275ee12e503f3d6b89d3f725fa950c8973f20d2d.exe was present in the Catalog a few days ago.
It is a new update in WSUS, while the old version is expired. Not a simple (metadata) revision this time.
This does not mean that those who installed the original patch have to do anything special other than upgrading in place, at least in theory.
To be on the safer side though, one has to uninstall everything related to at least 2018-04 and 2018-03 or even better 2018-02 and 2018-01 in addition to those mentioned before and wait for Patch Lady’s instructions. Or for those even more defensive, wait for Woody’s MS-DEFCON to change to 3 or above.
@mrbrian
Maybe not yet?
EDIT: Actually the core update KB4093118-x64 has the date of 2/04/2018.
The updated component dated 12/04/2018 is PCIClearStaleCache.exe
I would say that those who installed the updates previously successfully will not have the new one offered, as there is no real change, but different internal logic of installing the bundled components.
See https://www.askwoody.com/forums/topic/april-2018-patch-tuesday-is-here-and-its-a-biggie/#post-183436.
I don’t think so
KB4093108 contain some components that don’t have inbox SP1 baseline (i.e. they didn’t got upgraded with SP1), so CBS can’t calculate the supersedence
not to mention the GDR/LDR mess with Wondows 7
I confirm @MrBrian’s findings, although I did not reproduce the test in full. It appears that KB4100480 is no longer offered, not sure if related to supersedence or because it was silently withdrawn, being considered just a short term out-of-band workaround.
What I find interesting is that KB4099950 is still being offered regardless of the other patches, or at least in some context.
Windows 7 is too messy to spend more time with it. I am not using Windows 7 anymore except for one test VM. I am on 17133.73 on few personal machines and I don’t find any serious issues at all, although Microsoft seems to think otherwise. I have an ongoing interest in Windows 7 just because its updating is so intriguing and messy, otherwise I find it past its due date. I don’t even use Windows 7 at work, being on Windows 10 for a long time now. Those looking for quality and not interested in the latest fads should use Windows 8.1, which is still maintained well by its association with Windows Server 2012 R2.
KB4100480 was still being offered in Windows Update less than two hours ago.
I just updated 4 Win7 machines (2 Home x86, 1 Home x64, 1 Ultimate x64) with April updates. All were offered KB4099950 checked, the 64-bit was also offered kb4100480 checked. One old laptop x86 got kb4093108 and kb4092946. All the rest got kb4093118.
No black screen, no BSOD, no loss of network connectivity, no messed up profiles. All seem to be working OK.
I tested again and confirm that KB4100480 is still offered.
For the other confused users here, it should probably be mentioned again and again that the best approach is to install the updates as they come on Windows Update and avoid installing manually, being concerned with “Groups” and other dubious types of implementation.
Just follow Susan Bradley and you cannot fail.
Hi Ch100,
I don’t think you noticed, but even Susan made a recommendation for Windows 7 users to uninstall updates back to December, and wait until Microsoft fixes the mess…
Its been a mess, and there are real reasons not to update automatically. There are sound reasons for choosing Group B (as a way to not allow Microsoft to put telemetry onto my machine, or for those that must avoid a particular patch for their system to function okay).
I wish it was as easy as you descibe, but Microsoft isn’t being just a little flakey… they are being a lot flakey…
Non-techy Win 10 Pro and Linux Mint experimenter
I certainly wish I could have stayed with Group B, but it became too much for this old pea brain. I’ve been following Woody on this forum and on Infoworld and then Computerworld for sometime, but only recently got up the courage to ask questions. I’m grateful to him, Patch Lady and all the other MVPs who make it possible for non-techies like myself to keep and continue using our old Win 7 machines. Don’t know what I’ll do in 2020 when I’ll need a new computer. Maybe a Chromebook as has been suggested here.
Thanks for your objective evaluation of the two OSs.
It seems that a third type of supersedence that I’ll call install-supersedence is needed to explain what’s going on here.
Who knows? It may be a subset of the CBS supersedence, or of the metadata supersedence, but you may have just discovered something new. 
Here is the data from Windows Update MiniTool:
[ 2018-04 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4093118) ] http://download.windowsupdate.com/c/msdownload/update/software/secu/2018/04/pciclearstalecache_275ee12e503f3d6b89d3f725fa950c8973f20d2d.exe http://download.windowsupdate.com/d/msdownload/update/software/secu/2018/04/windows6.1-kb4093118-x64_665b6f6da6110aaa40524cf6905f509f0fd7fbc4.cab http://download.windowsupdate.com/d/msdownload/update/software/secu/2018/04/windows6.1-kb4093118-x64-express_c1473ce4b149cf34239c364a9787030447e376ca.cab http://download.windowsupdate.com/d/msdownload/update/software/secu/2018/04/windows6.1-kb4093118-x64_d08c60eff8509d0e496b5953df853302dc492bc6.psf
What are the implications for those on Automatic Update, whose PCs previously installed KB 4100480 and KB 4099950 earlier and then installed KB 4093118 (while it was briefly a checked update). Should they need to uninstall the three updates and reinstall the new version of KB 4093118, or does the bundled re-patch just assure the equivalent?
Group A, Win7Pro-64_SP1, Intel Ivy Bridge (dual core) processor.
Last night I went on to update my “20180407_201712+2018upd” baseline. Here’s the current status (as of today, Friday 13th, 2018 – lucky me…):
1. Stable branch [new “20180412_BASELINE” backup image]
Installed KB890830,KB4092946 – AOK (this will be my new “baseline” – the one I’ll roll back into in case anything goes wrong). KB4092946 supersedes KB4096040 with newer files: just ignore the weird version numbering (IE 11 now reads “11.0.9600.18977 update 11.0.56” instead of “11.0.9600.18954 update 11.0.57” – i.e. the build number increased as expected but the update version decreased, goodness knows why).
2. Current branch -> BETA TESTING [new “20180412_UPDATED” backup image]
Once “20180412_BASELINE” was in place I went on to fully update the system and installed the four security-only monthly updates (rebooting four times, once right after installing each one of these): KB4056897 (2018-01), KB4074587 (2018-02), KB4088878 (2018-03) and KB4093108 (2018-04). In the end, the good news are (for as crazy as it may sound) so far so good: WU is not “offering” me nothing but the 2018-04 Monthly Rollup (which I’m not going to install, so I hid it) and AOK (apparently). I’ll be using this branch for the next few days and keep my fingera crossed not to run into much trouble (if things go wild again, I’ll just roll back to “20180412_BASELINE”).
A few important tip notes:
TIP NOTE #1: To be fully updated I had to install all the four security-only updates, because they’re not cumulative (they don’t supersede the previous ones). After the bumps and itches earlier this year and the March madness I had decided to deliberate stick to an “outdated” system and wait until April. And so I did (because, well, a four-months gap is clearly too much. Enough is enough and, at some point, I will have to move forward. And Friday the 13th seemed to be just perfect ;)). I’ve also been keeping tabs on the differences between file versions. Using Microsoft’s own .CSV listings (linked at the bottom of each KB article) I built a simple Excel spreadsheet with four tabs and the file information details and gradually eliminate the superseded files from the previous months (my simplified, customized version of the Master Patch List). If you decide to (wisely) follow this “Group B over the Group A path” know that you will end up with an interesting hybrid mix – but a “safe” one, IMHO: with any luck you’ll be “protected” while (hopefully) not jeopardizing your system with buggy updates. And once a “good” Monthly Rollup comes up (will it?), you’ll just have to apply it to catch up (wouldn’t it be wonderful not to get into that ugly install-try-remove-try endless loop again?). To get a clear picture of what I’m talking about, the sample shortlist below enumerates a few files currently present on my “20180412_UPDATED” updated system (randomly chosen among some of the critical core pieces of the Windows Operating System):
http .sys [v6.1.7601.24000] Updated only by KB4056897 (2018-01) ole32 .dll [v6.1.7601.24000] Updated only by KB4056897 (2018-01) spoolsv .exe [v6.1.7601.24000] Updated only by KB4056897 (2018-01) tcpip .sys [v6.1.7601.24024] Updated only by KB4074587 (2018-02) authui .dll [v6.1.7601.24052] Updated only by KB4088878 (2018-03) mssmbios.sys [v6.1.7601.24056] Updated only by KB4088878 (2018-03) pci .sys [v6.1.7601.24056] Updated only by KB4088878 (2018-03) zipfldr .dll [v6.1.7601.24056] Updated only by KB4088878 (2018-03) winload .exe [v6.1.7601.24069] Updated by KB4093108 (2018-04) wsnmp32 .dll [v6.1.7601.24080] Updated by KB4093108 (2018-04) win32k .sys [v6.1.7601.24093] Updated by KB4093108 (2018-04) advapi32.dll [v6.1.7601.24094] Updated by KB4093108 (2018-04) kerberos.dll [v6.1.7601.24094] Updated by KB4093108 (2018-04) kernel32.dll [v6.1.7601.24094] Updated by KB4093108 (2018-04) lsasrv .dll [v6.1.7601.24094] Updated by KB4093108 (2018-04) lsass .exe [v6.1.7601.24094] Updated by KB4093108 (2018-04) ntdll .dll [v6.1.7601.24094] Updated by KB4093108 (2018-04) ntkrnlpa.exe [v6.1.7601.24094] Updated by KB4093108 (2018-04) ntoskrnl.exe [v6.1.7601.24094] Updated by KB4093108 (2018-04) schannel.dll [v6.1.7601.24094] Updated by KB4093108 (2018-04) user .exe [v6.1.7601.24094] Updated by KB4093108 (2018-04) wow32 .dll [v6.1.7601.24094] Updated by KB4093108 (2018-04) wow64 .dll [v6.1.7601.24094] Updated by KB4093108 (2018-04)
TIP NOTE #2: While I report that my system is AOK (regarding usability, stability and performance) keep in mind that this legacy system is not hardware-“patched” yet against the Spectre/Meltdown joke. My last BIOS update was back in November, 2017 (before all of the Spectre/Meltdown fuss). Recently, the BIOS manufacturer released a BIOS update, specifically meant to address the CVE 2017-5715 (Branch Target Injection, Spectre Variant 2) vulnerability – but I did not install it yet (the manufacturer documentation suggests that rolling back from this particular BIOS update might be possible, but I’m not that optimistic regarding BIOS updates: for now I’ll just wait and see), thus no new Intel microcode here, I guess. Those of you on the same boat but willing to take a chance (and follow that hardware upgrading “path”) should probably download the Jan 27, 2018 KB4078130 patch and install it right after the 2018-01 (KB4056897) security-only monthly update (before installing the 2018-02 (KB4074587) one): that extra step might (eventually) save you from pain…
TIP NOTE #3: Generally speaking, as a rule of thumb there are four regular updates that are usually “safe” to install (and easy to quickly revert without any ill effects, if anything goes wrong – which, luckily, doesn’t happen so often): a) MRT (KB890830, the Swiss-army Malicious Removal Tool that gets updated every month); b) Flash (only if you haven’t got rid of it yet, which you should – seriously); c) Cumulative Security Updates for Internet Explorer and d) .NET Framework (if you use it – and if you do, on Windows 7 I strongly encourage you to stick to the 4.6.2 version for as long as you can and avoid the 4.7.x branch, because that newer version introduced a lot of “improved” things related to the big “to Windows 10 evolution” that, from my own painful experience, simply seem to break too many things – really not worth the hassle).
Okay, that’s it (for now).
Good luck to everyone and, once again, kudos to the Pros (Woddy, Susan and all the other top-notch MVPs out there). 
Now we know why April is the cruelest month! Good grief, it’s a patchwork of patches ?.
What with MS’s 2nd try at the April roll-up patch, KB4093118 out, I fired up a test Win7x64 Pro system that hasn’t been updated since 3-10-18, when I installed the Feb. cumulative patch, 2018-02/KB4074598
I ran a manual check for Updates, and it gave me KB4100480/2018-03 Security Update for Windows 7×64, AND KB4093118/2018-04 Security Monthly Quality Roll-up for Win7x64. Both were checked.
I went ahead and installed them both while monitoring the C:\Windows\Logs folder for a new entry to see if the “C:\Windows\Logs\PCIClearStaleCache.txt” file was created, indicating that the PCI Slot registry keys were deleted. That file was created and reported the registry keys were deleted.
I rebooted, and the system came back up normally, can access the ‘net and my local server, so no IP address or net card problems.
So I guess I can sort of confirm that KB4093118 does ‘fix’ the netcard problem by removing the PCI Slot registry entries. This system is using a dynamic IP address, so I can’t speak to it fixing a static IP address glitch.
I have another ‘test’ system, I might set that one up and assign it a static IP address, see if it will find these two updates, and install them, see what happens. Nothing else to do on a rainy Friday evening in the Pacific Northwest, LOL.
I am interested in KB4093108, the April security only update.
So far, Specci is the only one to have mentioned it here, and I am not entirely clear of the implications.
Are there the same problems with this one as with the security and etc. rollout KB4093118, or is it a different story? And if different, then what is it?
Thanks.
Group B, Windows 7, SP1, x64, Intel I-7 “sandy bridge” CPU.
Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).
MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV
“Are there the same problems with this one as with the security and etc. rollout KB4093118”
No. KB4093108 apparently cannot cause the two recent networking issues because it doesn’t contain file pci.sys. KB4093108 apparently also doesn’t fix the two recent networking issues on computers that already have those issues.
I don’t know. I plan to install the April 2018 updates today. I usually install updates on the first Saturday after Patch Tuesday. Disclaimer #1: I don’t follow the MS-DEFCON system. Disclaimer #2: I make a full backup (image) immediately before installation.
Disclaimer #2: I make a full backup (image) immediately before installation.
EXCELLENT ADVICE irrespective of whether following the AskWoody MS-Defcon or not
I am beta testing KB4093108 (so far with no ill effects), but you should probably wait.
I did not ran into any network issues because, as MrBrian correctly points out, the tcpip.sys file was not updated by KB4093108 (it’s still the one patched by the KB4074587 (2018-02) security-only monthly update):
http .sys [v6.1.7601.24000] Updated only by KB4056897 (2018-01) ole32 .dll [v6.1.7601.24000] Updated only by KB4056897 (2018-01) spoolsv .exe [v6.1.7601.24000] Updated only by KB4056897 (2018-01) tcpip .sys [v6.1.7601.24024] Updated only by KB4074587 (2018-02) authui .dll [v6.1.7601.24052] Updated only by KB4088878 (2018-03) mssmbios.sys [v6.1.7601.24056] Updated only by KB4088878 (2018-03) pci .sys [v6.1.7601.24056] Updated only by KB4088878 (2018-03) zipfldr .dll [v6.1.7601.24056] Updated only by KB4088878 (2018-03) winload .exe [v6.1.7601.24069] Updated by KB4093108 (2018-04) wsnmp32 .dll [v6.1.7601.24080] Updated by KB4093108 (2018-04) win32k .sys [v6.1.7601.24093] Updated by KB4093108 (2018-04) advapi32.dll [v6.1.7601.24094] Updated by KB4093108 (2018-04) kerberos.dll [v6.1.7601.24094] Updated by KB4093108 (2018-04) kernel32.dll [v6.1.7601.24094] Updated by KB4093108 (2018-04) lsasrv .dll [v6.1.7601.24094] Updated by KB4093108 (2018-04) lsass .exe [v6.1.7601.24094] Updated by KB4093108 (2018-04) ntdll .dll [v6.1.7601.24094] Updated by KB4093108 (2018-04) ntkrnlpa.exe [v6.1.7601.24094] Updated by KB4093108 (2018-04) ntoskrnl.exe [v6.1.7601.24094] Updated by KB4093108 (2018-04) schannel.dll [v6.1.7601.24094] Updated by KB4093108 (2018-04) user .exe [v6.1.7601.24094] Updated by KB4093108 (2018-04) wow32 .dll [v6.1.7601.24094] Updated by KB4093108 (2018-04) wow64 .dll [v6.1.7601.24094] Updated by KB4093108 (2018-04)
In a nutshell, if you followed Susan Bradley’s advice and have just rolled back to December, 2017 (like I did) you should start by doing a full image backup (if you haven’t done so yet) and then (downloading the standalone installers from Catalog):
1. KB890830 (MRT 5.59 [April 2018])
2. KB4093110 (only if Flash is being used -> will update it to 29.0.0.140)
3. KB4099950 (despite not having installed any March-related stuff yet at this point)
4. KB4092946 (cumulative security update for IE)
5. KB4054998,KB4054981 (only if .NET Framework is being used -> stick to v4.6.2, if possible, and avoid upgrading to v4.7.x)
6. Set the QualityCompat flag (never mind Microsoft saying it is not required anymore)
At this point, a full image backup is highly recommended: this will be your “safe” (stable, but inherently insecure – no Jan-Apr security-only updates yet) baseline.
Updating from this point onwards implies you’re entering the Twilight Zone (the 2018 patch madness for Windows 7) but, as Woody pointed out, the Jan-Mar updates have stabilized and are now mildy “safe”. Thus, you may wish to try this (non Woody/MVPs-validated, just my own experience – and I’m just another bloke here) “update as much as possible leading to the most stable and less buggy Windows 7 x64 system you may hope for right now” simple process:
7. KB4056897 (2018-01 security-only update). IMPORTANT: If you have an AMD processor, DO NOT reboot immediately once the installation finishes: install KB4073578 first! and then, reboot.
8. KB4078130 (only if you’ve upgraded your BIOS since January 1st, 2018 with the Spectre/Meltdown patching microcode – that will help with performance issues, by partially disabling the Meltdown mitigation which seems to be responsible for slowdowns, bugs and alike)
9. KB4074587 (2018-02 security-only update). Reboot.
10. KB4088878 (2018-03 security-only update). Reboot.
11. KB4099467 (if you happen to run into the “stop error 0xAB when logging off” issue – I haven’t, but there’s no way to guarantee you won’t)
At this point a full image backup is, again, recommended: this will be the (currently) “as much updated and less buggy as possible” baseline for your Windows 7 system.
Now, as we speak (April 14th, 2018) we still don’t know how “safe” KB4093108 actually is. If you’re not beta testing (like I am), wait. There might be dragons – huge ones, in fact (some of the updated files – win32k.sys, ntoskkrnl.exe, lsass.exe and others – are a big part of Windows’s core and, therefore, critical pieces of the system’s stability).
Also, keep in mind I’m deliberately not saying anything about Office updates (a whole other story on its own) or Windows 2008 Server R2 updates (not maintaining any, right now – and WSUS is another beast to tame).
Good luck everyone.
“As in what other update(s) might have to be installed manually before KB4093108 can/should be installed.”
None that I’m aware of.
Yikes, good find!
I just installed KB4099950 via Windows Update on a test computer. It did not create the log file \windows\logs\PCIClearStaleCache.txt, so I assume that PCIClearStaleCache.exe did not run. Then I uninstalled KB4099950, and downloaded KB4099950 from the Catalog and installed it. This time log file \windows\logs\PCIClearStaleCache.txt was present.
This issue is hopefully fixed by the April 17, 2018 KB4099950 update, which I believe is a metadata-only fix.
@MrBrian– I’m group A runing Win7 Home Prem. sp1 x64. While waiting for the smoke to clear on the March rollup I’ve now realized that i never installed 4088875. The last time it appeared I believe it was unchecked and then disappeared and was replaced with the April rollup. My question is will I be OK having not installed the March rollup or do I need to do that before installing April’s rollup?
I have KBs 4096040, 4099950,4100480 installed.
Thanks!
Win 10 Pro v.20h2
The Windows monthly rollups are cumulative, so you can install just the latest one to be caught up in regards to Windows monthly rollups.
Just to get my 2-cents in on a possible way to get ‘Group B’ systems caught up to April:
The systems I’ve been working on today are a couple I use for testing update procedures.
One is an older Compaq laptop (Win7x64 Home Premium, AMD CPU) that I don’t use much, it spends most of it’s time in a carry-bag that I take out on service calls. The last time it was updated was back in mid-March with the February Security Only update and the IE 11 cumulative update. I was skipping the ‘March Madness’ with most of my personal systems, but have caught up a few of them the last few days.
I just got done catching it up to date using the ‘Group B’ method. What follows are the steps I used to catch it up, they might help others who have been holding off on the Group B update process.
I took a chance and just installed the March Security Only update (KB4088878), which according to the information on the MS support site:
https://support.microsoft.com/en-us/help/4088878/windows-7-update-kb4088878
had a ‘workaround’ as to not mess up network settings, therefore not needing KB4099950 to be installed.
I installed KB4088878, rebooted and the system came up fine, networking was normal. The ‘new’ KB4088878 also updated the PCI.SYS file to version 6.1.7601.24056 dated 2-10-18.
I skipped KB4099467 (fix for log-off bug), this system logged off and on just fine (YMMV).
I then installed the April Security only update, KB4093108, rebooted and the system came up fine. Then I installed the April IE 11 cumulative update, KB4092946, rebooted and the system is running normally.
So, it appears by being patient, I was able to catch up at least one ‘Group B’ system from the February level to April by installing only three updates. One other ‘Group B’ system I did about a week ago needed 4 or 5 updates installed to catch it up to April.
Hope this helps anybody in ‘Group B’ to get caught up.
Your system sounds like it is in basically the same update state as the system I updated the morning of April 14 (US PDT), and reported on a few posts up this topic in post number 184675.
I did not ever install KB4100480. KB4093108 supercedes it. I suppose you could uninstall KB4100480 before installing the updates listed below.
Since all Group B updates usually have to be installed manually after being downloaded from the MS Update Catalog website, I think if you download the KB’s I listed in my previous post (and repeated below) and install them in the order I did, you should be caught up to the April Group B level.
I got caught up with only 3 updates, I skipped KB4099467, as I mentioned. KB4099950 was not needed.
So the 3 updates that were used and installed in the following order
1. KB4088878, March Security Only–rebooted
2. KB4093108, April Security Only–rebooted
3. KB4092946, IE 11 Cumulative Update–rebooted
KB4099467 was skipped, as the system I worked on logs off and on normally. I’ve read in other posts that it doesn’t hurt to install it anyway, that’s up to you.
I’d make a full backup (or at least a System Restore Point), then download and install the updates I listed.
Good Luck
If using Windows Update, KB4099950 is bundled with KB4093118. In WSUS, I am not sure it is bundled. See Susan Bradley’s two articles here and here. But I have installed both, KB4099950 first then KB4093118, with no ill affects.
WSUS provides exactly the same patch for KB4093118, bundled with KB4099950.
KB4099950 is not provided separately in WSUS, but can be imported from the Catalog, although there is little reason to do so, as discussed in previous posts. The reason is that KB4099950 as update installed with the regular WU mechanism (same with WSUS), is not reliable in certain contexts, but running the downloaded msu from the Catalog is always reliable. This can be automated in larger environments via scripting, SCCM or other mechanisms.
So the best and most reliable implementation is to run KB4099950 manually, check for the log under C:\Windows\Logs to appear and next install the other patches, 2018-03 and/or 2018-04 according to preference. 2018-04 KB4093118 is enough as it supersedes 2018-03.
There is no harm in running KB4099950 after one of those patches if at all possible, for example when the bundled one did not complete successfully, but it is still preferable to install in the right sequence, i.e. before the Monthly patch.
So far, I see no scary bugs being revealed in large, bold-letter headings by the trade and the mainstream media across the world, the like of Specter, Meltdown, or MS-induced Total Meltdown. The concerns people are expressing here are about par for the game after a “normal” (or “new-normal”?) Patch Tuesday, and I see no reports of grave consequences to those running Windows 7 and daring enough to have installed already the E11 and the security only patches. At this point, at least.
Also, at this point, no reports yet on what happened to those few, if any, who have already installed the Office patches.
So, as usual, and having already patched on every single month through March with no apparent ill-effects, I’ll wait for a while longer, watching reports of what happens, here and elsewhere, to those patching early this month. If I do not hear repeatedly that something particularly bad has happened to them, then I might consider patching for April myself.
Group B, Windows 7 Pro, SP1, x64, Intel I-7 “sandy bridge”.
Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).
MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV
After backing up my files and creating a restore point before getting started with the patching.
Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).
MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV
What MS did different with KB4093118 was to “bundle” the other patch with it. That assures that both patches are installed together and in the right order. Since you have already installed both, you should not need to uninstall anything.
The Rollup patches are cumulative. That means May will include everything from April and before PLUS the May fixes. My guess is that the patch will still be bundled with the May update, or they will have incorporated the code into the May patch itself.
A brief note to report my W7 machine continues to operate without issues.
I’m Group A, “check for updates but let me choose whether to download and install” and my monthly routine is to install each patch (other than KB2952664 and drivers offered by Microsoft) promptly as they are made available through Windows Update.
In other words, I don’t over-complicate the problem. I’m prepared to be an unpaid beta tester for Microsoft. I am in a simple operating environment and ensure that I have a recent Macrium Reflect system image available at all times.
KB4093118 April Security Quality Rollup W7 and KB890830 April Malicious Software Removal Tool were both installed last week without ill-effects.
Also current with Office 365, through April 11 monthly channel update.
Group A, Windows 7 Pro, SP1, x64, Intel I-7 “sandy bridge”.
Now that April ‘patching’ has begun in earnest, I’ve been wondering if there’s any way to now tell that the Total Meltdown gaping security hole has been closed? That MS’s latest patching has really fixed things?
Has anybody seen or heard of some nifty program to check that the hole is really closed, similar to the programmer & programming that discovered that MS had fouled up?
SkipH said he did not install it in #184751.
PKCano said “If you have already installed KB4099950, you should be fine to install either the Rollup or the Security only update when the time comes.” #184669
But you really need to read MrBrian’s #184690 and see if you have the log file \windows\logs\PCIClearStaleCache.txt on your drive. If you do not have that file I would go to the catalog.
If you have the file, I would say if it is “smooth sailing” let it go.
Anyone else, please speak up if needed.
KB4100480 isn’t metadata-superseded by any update according to the Catalog, and I agree with Microsoft’s decision. Some may wish to not install KB4093118 yet, and therefore in my opinion KB4100480 ought to be – and is – listed in Windows Update if it’s applicable and KB4093118 hasn’t been installed yet.
There should be no need to uninstall KB4088875. I would do the following:
1. Uninstall KB4099950.
2. Download KB4099950 from the Catalog.
3. Run the downloaded .msu file.
Colleagues! I have issues with constant loop reboots after installing the April rollup update KB4093118 on Windows 7 Pro 32bit. Symptoms and error are the same as in the article:https://windowsreport.com/kb4093118-issues/
I booted in safe mode and system automatically reverted back in mode before installing KB.
This boot loop information may help:
Colleagues! I have issues with constant loop reboots after installing the April rollup update KB4093118 on Windows 7 Pro 32bit. Symptoms and error are the same as in the article:https://windowsreport.com/kb4093118-issues/ I booted in safe mode and system automatically reverted back in mode before installing KB.
Hey, got the same boot loop issue on all my w7 32bits computers !
FYI I just tested the May update and the boot loop issue is still there 
Now, all is well. W7-64 Grp A
I did NOT do March Updates, gave up the defensive mode and first Inst’d Apr’s Kb 4099950 and the Apr Rollup Kb 4093118, Re-started and then inst’d Office 2010 stuff, 2 Net Frameworks (showed already inst’d), etc. (14) Total Inst’d. Macrium Image ready if needed.
With learning a new W10 laptop I don’t have the mental strength to read IF that’s OK.
I’ve found MULTIPLE Re-Starts are sometimes required FOR ME as everything was horribly sluggish until I did a 2nd Re-Start. Something’s amiss as it showed “Win is updating, Don’t Turn-Off the Computer” (that took forever) as though I had never Re-started.
You now need a staff to follow all of the threads and multi-links to the If, and’s, and but’s. Best Buy got me to 1709 as of Apr 6 updates and the first Forced W10 update I thought I evaded inst’d itself without issue. Good luck to all.
W10 Pro 22H2 / Hm-Stdnt Ofce '16 C2R / Macrium Pd vX / GP=2 + FtrU=Semi-Annual + Feature Defer = 1 + QU = 0
Not sure why it happens, but you can click on the subscribe button on the right top of any comment thread to re-subscribe (or to unsubscribe). You don’t have to make a new reply. It happens to me, too.
See the bottom left of this screenshot:
Non-techy Win 10 Pro and Linux Mint experimenter
@Walker
My main problem was I didn’t know how to “subscribe (I ticked “notify me of follow up replies by email” but didn’t realize to check the “subscribe” “button. I believe I’m now receiving all of the current emails. I’m at a loss to guide you beyond this — maybe someone else can chime in? There is so much info to absorb and if you aren’t getting the latest stuff it’s frustrating.
@Peacelady: For all of the time I’ve been a member of this group, I’ve NEVER had to subscribe to a topic to get replies answered, etc. I don’t know what occurred, however I will start subscribing if it will provide assurance that I will be seeing all of the messages, irrespective if I’ve replied to them or not. Good luck to us all!
@Peacelady: Actually I’m referring to “both” issues. I have had a very large amount of “older” email replies, as well as the “menu pages” just ending too far back and not being current. I may try using the “subscribe and see if if will make a difference. I had so many old emails the other day, I couldn’t even get through them all. Hmmm. Will have to wait and see what happens, and hope for the best.
I also have a problem when there is a reference to a “message”, and I cannot locate the message. It would help a lot if there were some way to link to the message. Good luck to us all.
#walker
You get to the messages by clicking on the “Direct messages” button at the top of the main blog page.
Hi walker, I noticed you write about not getting through all your emails, and have a suggestion. First an explanation.
In the upper-right-hand corner of each page viewed while signed in to your account, your display name is shown in heavy typeface, underlined and colored as a hyperlink. Left clicking on that link opens your account information page. Below your generic avatar and display name are more links for topics started, favorites, and subscriptions.
When you subscribe to a topic, two actions are triggered. Every reply after is emailed to your registered address. Also the topic in your subscription list will turn boldface to indicate new comments are available, with convenient links for the topic header, first new comment, or last comment.
I would like to suggest that instead of subscribing, you may prefer ‘favoring’ a topic. At the top of each topic page is both options Favorite | Subscribe . Select the option you prefer; also you can deselect either option you no longer wish to continue.
When you have favored a topic the same activity will display in your favorites list instead, but without sending yet another email to burden your mailbox. This method may be more convenient to jump to topics and comments of interest while allowing you to more easily skip over items of less interest. And when you are no longer interested, a red X is available to remove the item from its favored status, just like the text switch at the top of the topic page.
Hope this can reduce some of the stress load you express here.
@Cascadian: Thank you for all of that additional information – – – – some of it may be “over my head”, however I think I am beginning to understand even more. PKCano is always good, and I see that you are as well . I may be able to experiment this coming week I hope. My thank you goes out to you and PKCano for your most kind assistance.
This patch took out a small office. Every PC has Windows 7 64bit and it took out the NIC drivers, bluetooth drivers, and Intel Chipset drivers. What a mess… All computer were Dell Latitude E6430,E6440 and a 9020 optiplex. Microsoft sucks… The Windows 10 Dell E7480 laptop was not affected as it is 64bit system.
And now this…
Microsoft has re-released KB 4099950 on 4/17. Same KB number, different title.
They don’t say “why” they re-released it (now with a “2018-04…” title instead of a “2018-03…” title). The KB article only gives this information:
This update must be installed before you install KB4088875 or KB4088878.
If you have previously installed KB4099950 prior to April 17, 2018 please uninstall the older version of KB4099950 and reinstall to assure you have the most recent version.
We had some issues where KB4099950 (the older version) may have actually caused the issue it was designed to protect against. We never installed the March rollups, but had 6 servers that received KB4099950 and lost their static IPs.
Funny enough, even though the patch was re-released, the official support page with the statement I highlighted above still says (in true Microsoft fashion):
Microsoft is not aware of any issues that affect this update currently.
Well, if there were no issues, why did you re-release it and ask users to uninstall the old one?
Anyone using SCCM knows that removing updates (via software updates), is a sorely-needed function in SCCM. I recommend that anyone who has ever experienced the pain of having to remove updates through an application deployment to support a request on Microsoft’s SCCM User Voice to add this feature. Here’s the link:
Edit to remove HTML. Please use the “text” tab in the entry box when you copy/paste.
I failed to install in 20 qty HP PC during Mar 2018 Monthly rollup, KB4088875 which auto disclined by Microsoft, KB4093118 and newly May 2018 Monthly Rollup KB4103718. Couldn’t get help… I uninstalled Jan-Feb 2018 monthly rollup but no luck.
Where did you exactly got the pci.sys version from MSU pkg?
the version still the same 6.1.7601.24056 since March Rollup
do you mean the version of PCIClearStaleCache.exe?
this is just fix registry issue, it’s not the pci.sys itself
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Notifications
