What happened to the February patches?

Topic

New Reply

There’s a lot of conjecture. I haven’t seen any Feb “Patch Tuesday” style patches. Have you? Hard to believe all of the patches – Vista, Win7, 8.1, va
[See the full post at: What happened to the February patches?]

Reply | Quote

Replies

perhaps Micro$oft has come to it’s senses, and wants to give some clearity and comfort for the common pc-slaves
🙂

Reply | Quote

From Gregg Keizer, Computerworld:

Microsoft shelves all February security updates
The company’s current patch policy makes it impossible to hold back just one fix, so no one gets anything.

http://www.computerworld.com/article/3169617/windows-pcs/microsoft-shelves-all-february-security-updates.html

They messed up royally on something in this month’s Security Patches. With Cumulative Updating, it’s all or nothing. So we get — NOTHING.

The CU issue you and we at AskWoody predicted has finally happened. And Microsoft has no workaround.

It isn’t Microsoft Update which is broken — it’s the whole d**ned patching system.

Thoughts, anyone?

Update: It turns out that this aspect of the lack of patches was already covered in a previous post and comments here at AskWoody.

I would tend to think that the other missing patches (unless the Flash Player and MSRT patches are also missing) comes from the same actions by Microsoft which pulled the Security Patches. Quite possibly, it’s all or nothing now at MS Updates.

-- rc primak

1 user thanked author for this post.

dononline

Reply | Quote

Not that we who follow AskWoody would be patching anything this early anyway… 😉

-- rc primak

3 users thanked author for this post.

DeWayne12, dononline, SueW

Reply | Quote

Besides the Defender update & KB3080149 (that I uninstalled to prevent telemetry updates), nothing else currently appears. As you said, KB2952664 & KB2976978 were re-released 02/09/17, but pulled with the rest. As for Why… I got nothin’. If Windows Update is compromised, that severely shakes any faith I have in Microsoft.

Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...

Reply | Quote

Just my personal opinion/speculation:

1) Roll-ups cannot be separated anymore, not even by the QA teams at Microsoft. They must be tested as one monolithic patch, and thus it all fails or all succeeds before sign-off.

2) If just one patch fails, but with low system repercussions, they would likely pass the roll-up for that month.

3) But if a patch fails in a way that spectacularly causes major grief for (enterprise systems) or (servers) or (large subsets of current hardware builds) then the entire roll-up is held back.

4) We anticipate (hopefully) one specific upcoming patch that is at the very heart of file transfers on a LAN. The SMB vulnerability. The SMB component has been a major pain in the past; changing it has broken file sharing from devices (scanning printers for example) and older clients. It’s also been a source of file lock contention grief in mixed environments (newer plus older clients and servers).

Getting that wrong in any way could be disastrous for file / data integrity for even very small networks.

~ Group "Weekend" ~

1 user thanked author for this post.

WildBill

Reply | Quote

That’s a valid analysis, but, but, but, but….

How catastrophic would a single patch be, in order to block all Win7 updates (Security only and Monthly rollup), all Win 8.1 updates (ditto), three Win10 cumulative updates, PLUS all Office security patches, IE, .NET, etc., etc.

I’m convinced it’s a problem with WU. Not MU, but WU.

1 user thanked author for this post.

dononline

Reply | Quote

If my theory turns out to be correct (a show stopping bug in the patch for SMB 2) then that would impact all current OS patches.

Security roll-up would include it, so would the Monthly roll-up.

I suspect that we’ll see updates for Feb 2017 within the week. It’s going to throw my schedule off. Sigh . . .

~ Group "Weekend" ~

Reply | Quote

It seems to me that an operating system patch could easily be catastrophic, as in “loses customer’s data”. Microsoft may want the world to stop believing that its data is important, but the world doesn’t necessarily agree.

-Noel

Reply | Quote

woody wrote:

There’s a lot of conjecture. I haven’t seen any Feb “Patch Tuesday” style patches. Have you? Hard to believe all of the patches – Vista, Win7, 8.1, va[See the full post at: What happened to the February patches?]

Woody,
Maybe my machine is messed up again, but hen I go to the catalogue I am able to bring up BOTH of those KB numbers.

Dave

Reply | Quote

Interesting. What happens when you click on this link?

http://www.catalog.update.microsoft.com/search.aspx?q=kb2952664

Reply | Quote

woody wrote:

Interesting. What happens when you click on this link?

http://www.catalog.update.microsoft.com/search.aspx?q=kb2952664

This message displayed: We did not find any results for “kb2952664”

1 user thanked author for this post.

woody

Reply | Quote

Fake news 🙂
Do you use WSUS?
Test again and let us know what you get.

Reply | Quote

? says:
Maybe most all of the machines are set to “never” check for updates and Microsoft\Windows update doesn’t quite know what to do? Personally I’m enjoying the peace and quiet, for now. I’m still waiting for the new 4.8 kernel in Ubuntu 16.04.2 LTS to hit the street so I can build some more persistent USB sticks!
thanks again to all the Woody watchers for being here to help me through the confusion that has become our brave new Microsoft…

Reply | Quote

I have had Linux Kernel 4.8 in Ubuntu 16.04 for a couple of months at least. My Intel NUC is up to kernel version 4.9. These have been available for some time now, just not in the official Ubuntu repositories or through the automatic updater.

If you have an older graphics card from AMD/Radeon or NVidia, or hybrid Intel-NVidia graphics, do not go beyond kernel version 4.8. The 4.9 version kernel has no support for these drivers.

-- rc primak

Reply | Quote

I installed fresh W8.1 yesterday and it took like 2 hours for WU to find all the updates compared to few minutes for W7 just two weeks ago.

Reply | Quote

You still have not received Feb patches. They were not released on Patch Tues yesterday. Check back here for information on when Microsoft releases them.

Reply | Quote

Install manually first in this order, one by one, with restart if required after each patch:

KB3021910 (you may skip this one, but it is better to install in this order)
KB3173424
KB3172614

You will be fine after that.

http://wu.krelay.de/en/

2 users thanked author for this post.

woody, walker

Reply | Quote

woody wrote:

Interesting. What happens when you click on this link?

http://www.catalog.update.microsoft.com/search.aspx?q=kb2952664

Woody,
It says that this kb number can not be found.

Just now, when I went to the catalogue, I got the same results, nothing found.

Dave

2 users thanked author for this post.

ch100, woody

Reply | Quote

The suggestion (or was it hope!) that the delay shows that MS are finally becoming more responsive to their customers will be confirmed or otherwise according to whether they give a proper explanation as to the reason for the delay.

Reply | Quote

@Woody:

Is it “SAFE” to do the “Check for Updates”???

I had a warning from ESET showing the pending updates. It’s like it’s gone crazy on the following: The Intel’s were listed SIX times (same one). I only view the warnings to see what the present pending updates are.

Also Secunia (PSI 2) has notified me that the following is “insecure”:

“Version Detected MS Win7 is listed as Win 7 Home Premium, Win NT, Terminal service,
Personal 7601, while the latest version including one or more Security Fixes Is:

(does not provide any other information).
*************************************************

I would like to “Check the Updates”, however I have the FUD that something is not right.

This is becoming crazier and crazier. Guess it’s “WAIT” for something to “give”.

Anyone else seeing anything like this??? BTW, KB2952664 did not appear in the list.

Reply | Quote

Be careful of PSI. I also use version 2 and since the monthly rollup patch process started I never get 100% anymore as they use the Monthly Security Rollup as the key for having the correct security patches. It never recognizes Windows as fully patched (100%) unless you use the rollup. Since I use PSI mainly for my other programs, that has never been a problem for me.

Since I am Group B, I use the Security ONLY monthly patch. I always get 98% with Windows 7 being the culprit.

Now, to make a liar out of me ;), I did a PSI scan last night and got a 100%! I attribute that to the fact that PSI is unable to retrieve the patching data from MS.

I find PSI very useful, but I also use Belarc Advisor and it does say you have all the security patches if you use the Monthly Security Only patch routine.

2 users thanked author for this post.

Elly, walker

Reply | Quote

PSI is only going to give you the party line – and it isn’t working very well for Windows.

YOu don’t want any of those driver updates.

Stay cool. Look at the MS-DEFCON rating. No need to check for updates, no need to install anything.

4 users thanked author for this post.

Elly, SueW, dononline, walker

Reply | Quote

@Woody:

I never do “anything” until I see the MS DEFCON rating raised to a SAFE level by you. In the
past I’ve checked for updates a few times because it appeared to be “safe”, however with what’s occurring now, there’s no way I’m going to “Check for Updates”.

There are too many strange things happening.

THANK YOU ONCE AGAIN, WOODY!! 🙂 🙂 🙂

Reply | Quote

@Bill C.

Thank you for the information on the PSI. I’ve read before that it’s not reliable. I’ve had the same problem with the Win7 updates on Secunina. It can get frustrating, that’s for sure.

I checked ESET again, and now it’s down to only FOUR versions of the Intel, and one of them is a USB, otherwise the same as the other 3. It appears that “something” is occurring with these updates, which makes me very leery of the “Check for Updates”. It’s always on Never Check for Updates except when I’m checking. Thanks for the tip on Belarc Advisor, I don’t have that, so will try to check it out.

I’m Group B as well, and want to stay there!! Therefore I’ll just “WAIT” till I feel that
it might be “safe” to do the “Check for Updates”. Thank you again!!

Reply | Quote

Belarc Advisor is free. Download here http://www.belarc.com/free_download.html

1 user thanked author for this post.

walker

Reply | Quote

@PKCano: Thank you very much for this link to the free Belarc Advisor!! 🙂 🙂

Reply | Quote

@Walker: Be very cautious of any Intel updates unless you MUST have them.

I have Intel wired LAN on my desktop (a true Intel motherboard) in a machine I built myself. I have Intel Wireless, LAN and Bluetooth on my Lenovo Laptop.

In my experiences, the Intel LAN on the Intel MB has been painless and easy. When the MB went out of support, the Lan driver updates stopped. I do know some of the later Lan updates will work, and did install them, but with hardware drivers for the most part I take the view of if it ain’t broken, except for video drivers. I also was familiar with the Intel support forums and found that you could use the newer drivers on my specific MB by very knowledgeable forum members and users. Additionally, this machine was a clean Win7Pro-64 SP1 install with no bloatware that usually infests purchased systems.

Now for the Laptop, it was/is different. Lenovo (and others) issue driver sets for the Intel components in their laptops. I have found laptop manufacturer updates usually may work fine with the original laptop install image, but may have customized interfaces, etc. Using the update from a specific component manufacturer (i.e., Intel wireless update from Intel) on a Lenovo laptop may be problematic or may work fine. However, if it goes south, you will be caught between the OEM part maker and the laptop makers support and/or forums (as they are, and they may vary wildly in quality and actual manufacturer input). Additionally, the manufacturer customized driver packages may have features that work with their own proprietary software. As a result those programs may lose functionality or even conflict.

I was aware of all of this, but then Windows Update issued a software update that broke the OEM part maker’s (Intel) driver or the manufacturer’s package (Lenovo’s Intel Driver). That happened to me when MS issued a package (KB3161608 / KB3172605) back in the summer of 2016 that broke my Intel Bluetooth on the Lenovo. (This blog/forum was a key part in getting it resolved, as were the Intel Forums, since both had members who had the same issue.).

That took well over a month to resolve waiting for an updated driver. Fortunately loss of BT was a convenience issue not a true out of service issue, and uninstalling the MS patch restored the BT. However those WU patches were also part of the fix at that time to glacial WU scanning. Getting to the BT fix led me though getting real familiar with Windows driver rollbacks, the Windows system restore process, BSODs, and failures to even boot. I finally found an Intel solution that worked. That was the Intel Driver Update Utility, but when doing the research I also found new information from Intel that you had to install the 2 updates over the original install in a specific order or you would get BSODs or be unable to boot. It was a good education, but not something I would like to repeat.

In a nutshell, my recommendations are (in no special order except #1 and the last item.):
1. NEVER install any hardware drivers through WU;
2. Always check your system makers support or forums for known issues before any install (by this I mean research and read first, then ask);
3. Check the OEM part makers support or forums before install for any issues;
4. Check AskWoody for any issues before install;
5. Check the MS technical sites before install;
6. And FINALLY, if it is not broken, leave that old driver be.

2 users thanked author for this post.

SueW, walker

Reply | Quote

@Bill C: Thank you for the very detailed information you posted about your
experiences with Intel, and other issues. You are a more advanced user than I am,
I can see that. I leave ALL of the Intel updates alone. It appears they are
a “mess”.

Presently I have everything “on hold”, and am hoping that the situation with the
updates will be resolved soon.

Thank you once again for your reply. 🙂 🙂

Reply | Quote

Windows Update cannot be compromised, as the old updates are available.
I think the current problem has something to do with the build/upload mechanism which has failed at some level.

3 users thanked author for this post.

abbodi86, thymej, walker

Reply | Quote

Well that is a comforting sign old patches are still available on WU, I would so hate to find out WU was compromised. If it was, I would so hope it would be caught before compromised patches went out.

Could you imagine if compromised patches went out, I don’t even want to think about it. If another patch could not fix it, the whole world might have to reinstall Windows (if you installed a compromised patch, that is).

Reply | Quote

Spot on 🙂

Reply | Quote

#ch100:

Thank you for the information relevant to the Windows Update. I’m sure you are
on the “right track”, because you are so knowledgeable. Although I’m very lacking
in computer skills, I follow everything. Thank you once again! 🙂 🙂

Reply | Quote

One thing that I’ve noticed in WSUS the past few weeks is that they’ve been expiring quite a lot of old, mostly cumulative updates. Like they were in cleanup mode. Maybe that had unintended repercussions?

1 user thanked author for this post.

ch100

Reply | Quote

I don’t think so. I think we’re seeing the effect of a breakdown in the distribution method.

But then… who knows? Maybe Microsoft will tell us someday.

3 users thanked author for this post.

Elly, walker, ch100

Reply | Quote

They are in cleanup mode which is excellent. WU is still working, WSUS is still working, there are no issues there, which means that the issue is localised to the February 2017 patches only.

1 user thanked author for this post.

walker

Reply | Quote

This likely indicates a major problem bc if it was a minor problem, the Feb 2017 Patch Tuesday would only be delayed for a week or two by M$.

Bear in mind that there was practically no updates for the Jan 2017 Patch Tuesday bc of the year-end holidays, ie M$ Windows Update staff were quite free from end Dec 2016 onward = they would have quickly solved a minor problem for the Feb 2017 Patch Tuesday.

1 user thanked author for this post.

212louis

Reply | Quote

I checked windows update on my W8.1 machine yesterday and found the WMSRT for January and those 2 weird Intel drivers. Funny thing was I was unable to get it to work before that. It just scanned endlessly.

Reply | Quote

Not you, it was for @pepsiboy

1 user thanked author for this post.

HiFlyer

Reply | Quote