Widespread reports of problems with the second March Win10 cumulative update, KB 4551762, the SMBv3 patch

Topic

New Reply

I was afraid this would happen. When Microsoft releases two security patches back-to-back, it’s rare that the second patch goes in without problems. I
[See the full post at: Widespread reports of problems with the second March Win10 cumulative update, KB 4551762, the SMBv3 patch]

3 users thanked author for this post.

ve2mrx, GreatAndPowerfulTech, Elly

Reply | Quote

Replies

If I’m on 1809, am I ok to just wait this out?

Reply | Quote

Yes, you are OK with v1809 as long as you take precautions to prevent MS from forcing V1909 on your computer.
V1809 is EOL on May 12, 2020 – so don’t wait too long.

You should download the Media Creation Tool and Make an ISO of v1909 now, though. Put it in a safe place so you can upgrade when you are ready. In the event that v2004 is released, v1909 will no longer be easily available.

1 user thanked author for this post.

woody

Reply | Quote

@PKCano

I’m on enterprise 1809, so it’s not Eol till next yer

Reply | Quote

Oh, you failed to mention
By all means, wait it out until you are ready.

Reply | Quote

Enterprise (non-LTSC) and Education editions of 1809 are supported until May 2021.
LTSC 2019 based-on 1809 get supported until Jan. 2029

Reply | Quote

So far this year I have everything Microsoft has had to offer when I Check for updates:

KB4551762 Cumulative Update for Windows 10 Version 1909 for x64-based Systems
Successfully installed on 3/12/2020
KB4540673 Cumulative Update for Windows 10 Version 1909 for x64-based Systems
Successfully installed on 3/10/2020
KB4535996 Cumulative Update for Windows 10 Version 1909 for x64-based Systems
Successfully installed on 3/10/2020
KB4052623 Update for Windows Defender Antivirus antimalware platform – (Version 4.18.2001.10)
Successfully installed on 2/27/2020
KB4537572 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1909 for x64-based Systems
Successfully installed on 2/27/2020
KB4524244 Security Update for Windows 10 Version 1909 for x64-based Systems
Successfully installed on 2/11/2020
KB4537759 Security Update for Adobe Flash Player for Windows 10 Version 1909 for x64-based Systems
Successfully installed on 2/11/2020
KB4532695 Cumulative Update for Windows 10 Version 1909 for x64-based Systems
Successfully installed on 1/28/2020
KB4534132 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1909 for x64-based Systems
Successfully installed on 1/28/2020
KB4532938 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1909 for x64-based Systems
Successfully installed on 1/14/2020
KB4528760 Cumulative Update for Windows 10 Version 1909 for x64-based Systems
Successfully installed on 1/14/2020

I have no glitches, no issues, no performance drop-offs, no right-click context menu hesitations, no black screens, no BSOD’s, no slow boots (I can restart from the A side and boot to the B side of my dual boot in less than one minute, either way), no system hangs.

In other words, nothing at all unusual to report.  Both sides of my dual boot are normal, and the B side is definitely not an installation supported by Microsoft.

Always create a fresh drive image before making system changes/Windows updates; you may need to start over!

We all have our own reasons for doing the things that we do with our systems; we don't need anyone's approval, and we don't all have to do the same things.

We were all once "Average Users".

Computer Specs

4 users thanked author for this post.

rexr, jayinalaska, abbodi86, Barry

Reply | Quote

I had no problem installing KB4551762 but KB4540673 didn’t show up in Windows update

on my PC, weird !! I’m on 1909 built 18363.720.

Reply | Quote

[EP]

Microsoft stopped offering KB4540673 after Thursday morning March 12 on WU and issued KB4551762 instead

so you were 2 days late to the party

• This reply was modified 5 years ago by EP.

Reply | Quote

I don’t honestly see masses of reports.  I see some, but not widespread.  On the machines I have patched, not seeing issues.  I’d be asking what a/v?  Are you up to date on video and bios?  Any other unusual programs or apps that you use?

Susan Bradley Patch Lady/Prudent patcher

6 users thanked author for this post.

jayinalaska, safir, abbodi86, b, Barry, bbearren

Reply | Quote

Microsoft forum information clearing house is reporting problems:

https://answers.microsoft.com/en-us/windows/forum/all/cumulative-updates-march-10th-2020/3ae91128-4211-44c5-8e8d-325fd0c3d499

 

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

Reply | Quote

Another Issue that I faced on my device was, post the patch install and reboot, the trackpad became non-responsive. Had to remove the patch, hit the reset button, followed by another reboot to get it working again. I am running Win10 1909 build 18363.719 with synaptics pointing device.

 

Reply | Quote

Possible related issue: Installed the update yesterday, turned on PC this morning, Windows Update did its usual automatic check for updates, and for the past hour, it is still checking for updates. Wonder if it is related to the patch or is another issue? Anyone experiencing anything similar?

Reply | Quote

WSaltamirano wrote:

KB4540673

I just found that KB4540673 is for built .719 but I’m on .720.

Reply | Quote

Build .720 is KB4551762 which was issued on Mar 12 and replaced KB4540673 that was issued on Patch Tues.

Reply | Quote

Installation issues depend on the system state, and whether the user run Update Cleanup constantly or tweak the system with 3rd party tools that may disable or remove system components

Reply | Quote

Have you generated anything that is reproducible?

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

Reply | Quote

No

the PSFX format they produced in 1809 is a gift, but it has its risk of not finding source files

on 1903 they changed CUs to be like service packs and directly update system packages, and that added more risk of breaking CU installation

1 user thanked author for this post.

geekdom

Reply | Quote

[geekdom]

Short form: Microsoft updates run forward and backward flagging changes only. I found this explanation based on your reply:
https://docs.microsoft.com/en-us/windows/deployment/update/psfxwhitepaper

Source and further information:
https://techcommunity.microsoft.com/t5/windows-ama-archive/windows-10-version-1809-cumulative-updates/m-p/301562

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

• This reply was modified 5 years ago by geekdom.
• This reply was modified 5 years ago by geekdom.
• This reply was modified 5 years ago by geekdom.

1 user thanked author for this post.

abbodi86

Reply | Quote

I’m aware of that
but it does not always work as expected, specially with non en-us systems and tweaked/modified images

Reply | Quote

SMB Compression is not yet used by Windows or Windows Server, and disabling SMB Compression has no negative performance impact.

This is quite an imprecise and confusing claim. SMB Compression is certainly not yet used in Windows Server 2019 and previous versions, but not used in Windows at all? If that was true then how could Windows possibly be vulnerable?

Maybe they mean “SMB Compression is not yet used by Windows or Windows Server, so disabling SMB Compression has no negative performance impact.”

This could make sense if both the server and client in 1903/1909 support compression, but only if the other side tries to negotiate it, and neither actually try to negotiate it. This would mean that current clients and servers would only start speaking compression with a new windows version (or an exploit program). But if this were the case, it seems strange that the vulnerability would affect both the server and client.

Reply | Quote

It comes down to new stuff has bugs.  None of us may be actually using it, but attackers will be.

Susan Bradley Patch Lady/Prudent patcher

3 users thanked author for this post.

johnf, GreatAndPowerfulTech, Elly

Reply | Quote

I understand that; but the sentence is still confusing. If I had two Windows 10 1909 boxes and one of them hosted an SMB share, surely they would use SMB compression if it was not disabled via the registry on the server?

Yet the new sentence in the knowledge base article implies that is not the case.

SMB Compression is not yet used by Windows or Windows Server, and disabling SMB Compression has no negative performance impact.

It’s very hard to google now that the search results are filled with articles about the CVE, but I’ve seen benchmarks comparing SMB3 compression on and off, so surely people can already use SMB3 compression without doing anything special; considering it takes a registry setting to turn it off, it must be on by default.

Reply | Quote

File Explorer crashes got worsen on my PC after this update.

Reply | Quote

Details?

It’s highly unlikely that this patch alone would cause File Explorer problems. But then… you never know…

Reply | Quote

have updated 5 systems without any problems and not heard of any problems for anyone i know either. so so far so good, does not feel like the problem seen are “widespread” more like the normal spread, problems are always more visibly reported then smooth rides

1 user thanked author for this post.

jayinalaska

Reply | Quote

One data point.

Paused updates until March 12th.  Installed KB4551762.  Currently 1909, build 18363.720.  No observed issues.

Win 10 home - 22H2
Attitude is a choice...Choose wisely

Reply | Quote

KB4551762 installed fine on all my Intel CPU PCs and FAILED on both Ryzen CPU PCs !!

Would be curious if the other people having problems with this patch have Ryzen CPUs…

 

Reply | Quote

Did an “in-place” repair install of Windows 10 (1909) and the problem was solved.

Reply | Quote

Windows 10 Pro 64-bit.  MS apparently has now begun to modify the 1803 cumulative updates beginning in March to block these from being installed on Pro edition.   We are checking for upgrade to the 1909 release.   Used a DVD to do an offline installation of 1909 build 18363,592, standalone applied the SSU update KB4541338, and then standalone applied the March 1909 KB4540673 update for build 18363.719.  Machine stable for 3 days, except that the wanted view/sorting of folders does not persist.

1 user thanked author for this post.

abbodi86

Reply | Quote

How are they blocked exactly?
i mean when you run the msu file, does it give “not applicable” error?
or does it install, but after reboot it fail and revert back?

Reply | Quote

In previous months since EOL the monthly 1803 updates would install on Home successfully and without any messages.   Now with the March 2020 update, the standalone installer immediately gives a “not applicable” error before doing any installation of the package.  So MS has changed the code in the MSU to check for Pro (and certainly also Home) edition and stop the installation.

2 users thanked author for this post.

woody, abbodi86

Reply | Quote

[EP]

the KB4540673 update for 1903/1909 is without the SMBv3 security fix though, mr anonymous

windows update may no longer be offering it and will issue KB4551762 instead

• This reply was modified 5 years ago by EP.

Reply | Quote

Agreed — the KB4540673 appears to be generally stable (so we picked that one to get as currently updated as we could while remaining stable), the newer KB4551762 seems to be unstable and causing grief for a number of users.  Happily the earlier March 2020 KB4540673 can still be obtained by manual download from MS Update Catalog as of several days ago.

Reply | Quote

the KB4540673 update is always available on MS Update Catalog

Reply | Quote

KB 4551762 installed automatically on my machine, happened to catch it mid download. Was stuck on 100% downloaded for about 10 mins, then kicked into life and installed fine.

Reply | Quote

this came out on Bleepingcomputer’s web site, woody
https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4551762-security-update-fails-to-install-causes-issues/

one potential solution there is to do an “in-place” upgrade

also check on this new “print” issue with KB4551762:
https://www.askwoody.com/forums/topic/win10-1909-kb4551762/

Reply | Quote

Any changes/updates to report?

With everything else going on the March CU’s don’t seem to be getting much attention.

 

Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)

Reply | Quote