Windows 10 cumulative updates out

Topic

New Reply

Sunuvagun, the Win10 update page has been updated, and it IS showing KB 3201845/version 1607 build 14393.479. The Reddit thread is up. If you have any
[See the full post at: Windows 10 cumulative updates out]

Reply | Quote

Replies

Yes!
KB3206632 hit my machine at 1:00PM EST. I have it hidden. It replaced KB3201835, on my Pro. machine.
KB3205386 hit the home machine Ver. 1511 at the same time. I also have that one hidden by Wushowhide. Now waiting for Defcon 3, 4, or maybe 5?

Reply | Quote

KB3205383 – Windows 10
KB3205386 – Windows 10 1511
KB3206632 – Windows 10 1607/Windows 2016
KB3209498 – Security Update for Flash
KB890830 – MSRT

other patches for Windows 7, Office2013/2016, 8.1 and about everything else including patches for Windows 2016 Technical Preview 5 (I don’t know why this is still maintained when the full release has made it into CBB).

Reply | Quote

KB3201845 is NOT expired, is still a valid patch.
Only older versions of MSRT – August 2016 for all OS versions – are expired this time.

Reply | Quote

tey just hit and some office flash too, the page got a new format as well, getting quite the little collection here

Reply | Quote

Got KB 3206632 and hid it. KB 3201845, which I had also hidden is now gone

Reply | Quote

Patience, grasshopper….

Reply | Quote

I think KB3201845 is a quality update and KB3206632 is security. The version of 1607 goes from 14393.479 to 14393.576

Reply | Quote

Yes… but they’re both cumulative…

Reply | Quote

Makes sense, as 3206632 replaces 3201845.

Reply | Quote

@Woody

“@teroalhonen caught a key change: “Addressed a service crash in CDPSVC that in some situations could lead to the machine not being able to acquire an IP address.” That’s the fix for the mysterious “Wi-Fi doesn’t have a valid IP configuration” bug.”

The service mentioned is one of the Cisco extensions which comes with many Wi-Fi drivers and was causing similar problems with Windows 7. I used to avoid Cisco extensions as they are useful only in few scenarios (VPN) and when I was more careful with what I used to install.
Are we convinced that all people experiencing the DHCP issues had the Cisco components installed?

Reply | Quote

Supersedence rules, it is as Woody says. If you hide KB3206632, KB3201845 will become visible again, just like magic

Reply | Quote

Notes for Windows 7, Windows 8.1, and Windows Server 2012 users:
1. File diagtrack.dll is not present in any of the three December security-only update file lists, so you very likely don’t get Diagnostics Tracking Service in the December security-only updates.
2. Potentially bad news for Group B regarding bug fixes: See https://www.askwoody.com/2016/microsoft-fixes-problems-with-win78-1-group-b-security-only-patching-method/comment-page-1/#comment-111044.

Reply | Quote

@PKCano

https://blogs.technet.microsoft.com/mu/2016/10/25/patching-with-windows-server-2016/

Same rules like for Windows 7, only worded differently.
KB3201845 is like the preview patch of the future, as Windows 7 is not there yet with the CU mechanism.
The true patch which would normally be installed in Enterprise and by those who know how to manage AU is this one, released on the main (second) Patch Tuesday.

Reply | Quote

Woody was right when he stated few times in the last few days that we haven’t seen the security patch for Windows 10 yet and we should wait at least few more days after the release of KB3201845, as this was not an early release, but rather a delayed release of the non-security patch. KB3201845 was instead released on the normal date or close to it for Insiders only.
Nothing wrong with KB3201845 though, other than maybe the annoying long time to install or uninstall for those who found a reason to do so.

Reply | Quote

I’ve installed the updates on Windows 10 and it’s now notched the version up to 14393.576. It’s available for the Current Branch AND Current Branch for Business*.

*https://technet.microsoft.com/en-us/windows/release-info.aspx

The mysterious Wi-Fi bug seems to have been fixed by the CDPSvc (Connected Devices Platform Service) patch.

Details of the other changes can be found here:

https://support.microsoft.com/en-us/help/4000825/windows-10-update-history

I’ve not had any issues with it and so far it seems like the changes are mainly “quality” (security).

Reply | Quote

Quick question for a not so tech wise me. I would like to delay installing the updates but, I just booted up and the updates are downloading as I type this. I have Home version Win 10 and I can schedule when to reboot to update, but the updates will already be downloaded. If Microsoft pulls them for a problem before I update, am I stuck with the bad downloaded ones anyway. I have no way to turn off updates in Home like earlier versions of Windows???
Thanks

Reply | Quote

See http://www.infoworld.com/article/3138088/microsoft-windows/woodys-win10tip-block-forced-win10-updates.html

Reply | Quote

Yer a brave man, Gunga Din….

Reply | Quote

Nope. It has to be something inherent in the latest CDPSVC.

We also don’t have an explanation for why so many machines went haywire starting last Wednesday/Thursday.

Reply | Quote

Thanks for article, helps a lot. I was still wondering if there is anyway to get rid of these updates that have already been downloaded other than install them ?

Reply | Quote

In view of “Woody’s Win10Tip: Block forced Windows updates”, shouldn’t “but MS-DEFCON doesn’t really apply to Windows 10” at https://www.askwoody.com/ms-defcon-system/ be updated?

Reply | Quote

I was convinced that it was about this service
https://en.wikipedia.org/wiki/Cisco_Discovery_Protocol
Now it makes more sense if that service is Connected Devices Platform Service

Reply | Quote

Yes it should. I need to re-write the whole page, but will wait until we have the AskWoody Lounge working. Thanks!

Reply | Quote

Easiest way – go ahead and let them install, reboot, and immediately uninstall them.

Reply | Quote

My mistake, it is about this service Connected Devices Platform Service and not the Cisco https://en.wikipedia.org/wiki/Cisco_Discovery_Protocol

Reply | Quote

Thank You…really appreciate the advice

Reply | Quote

CDPSVC = Connected Device Platform Service
it’s an inbox Microsoft’s service

Reply | Quote

Security-Only will never include telemetry service, even if the service later got security vulnerabilities

Reply | Quote

That’s a great article on InfoWorld Woody BUT you reference the following source:

https://tweakhound.com/2016/10/23/delaying-windows-10-updates/

‘Eric (a.k.a. TweakHound)’ states:

“To delay updates in Win10 you must be running Windows 10 Pro, Enterprise, or Education. Or, not Windows 10 Home.”

This seems to contradict your step 4 on InfoWorld where you state:

“If you don’t have Wi-Fi, and you’re using Win10 Home, you have two choices.”

^ Obviously this doesn’t prevent the person from using your Wi-Fi trick but the workaround you’ve explicitly stated that can be used in Windows 10 HOME wouldn’t seem to work (according to your own source).

One final observation is that buried at the bottom (i.e. once a person has carried out the instructions) of another source* from your InfoWorld article about the telemetry is worth emphasising:

“Actually settings telemetry option to “0 – Security” only works on Windows 10 Enterprise (including LTSB), Education, IoT and Server editions.”

^ Basically you can only choose Basic, Enhanced or Full and that can be done from the ‘Windows Settings’, ‘Privacy’, ‘Feedback & Diagnostics’ options.

Setting a ‘0’ through group policy will have no effect sadly.

* http://www.askvg.com/truth-behind-disallowing-telemetry-and-data-collection-trick-in-windows-10/

Reply | Quote

Oy. You’re right about the 0 in Group Policy. But I believe my second Step 4 technique works. I just don’t recommend it!

Reply | Quote

The 3.99 TB Disk Cleanup problem is still there.

-Noel

Reply | Quote

Yep.

Reply | Quote

If that’s true, then is my conclusion “then this user will be vulnerable” in the following example correct? If no, then why not?

Example: The November 2016 monthly rollup includes the telemetry-related Diagnostics Tracking Service. Suppose a security-related issue is found in the file that contains the code for Diagnostics Tracking Service, and a fixed version of this file is included in the December 2016 monthly rollup. Consider a user who installs the November 2016 monthly rollup, and then the December 2016 security-only update. If a fixed version of the file is not included in the December 2016 security-only update, then this user will be vulnerable.

Reply | Quote

Just seen this regarding MS and the French data protection authority

http://www.techrepublic.com/article/windows-10-snooping-microsoft-gets-more-time-to-tackle-excessive-data-collection/?ftag=TREe09998f&bhid=24599977487960047840462147647251

Reply | Quote

It’ the user choice then
you can’t expect MS to fix security issues in components that exist in Monthly Rollup outside the Rollup
he can easily uninstall the November 2016 monthly rollup and vulnerability is gone

Reply | Quote

To clarify, you believe that there isn’t a technical reason why Diagnostics Tracking Service couldn’t be included in a security-only update, but instead that the reason is due to a Microsoft policy decision?

Diagnostics Tracking Service also exists in components in updates that predate the cumulative rollups, such as KB3080149.

Reply | Quote

Including Diagtrack defeat the whole porpose of Securiy-Only concept
if a security issue hit Diagtrack, they might release a separate single security update fot it

Reply | Quote

Beware of the KB3209498 – Security Update for Flash Player for Edge.

Flash Player 24.0.0.186 is breaking several websites in most browsers and Windows versions.

The Comcast IPV4 / IPV6 test site at http://speedtest.xfinity.com/ being one of them.

Viper

Reply | Quote

Thanks!

Reply | Quote

It doesn’t break anything for me on IE11 and Firefox with native dual-stack and the IPv6 stack tuned to prioritise IPv4. This means DisabledComponents under IPv6 registry settings set to hex 20.
I did not test Edge and I will not, sorry.

Reply | Quote

KB3209498 for Adobe has caused both my windows 10 machines to be unable to post new items on facebook. Not sure what they use but suspect this update has broken something. IE locks completely and a kill is needed.

Reply | Quote

If you uninstall KB 3209498, does the problem go away?

Reply | Quote

There is a Beta of Flash available 24.0.0.189 (link somewhere here on AskWoody) but it doesn’t include integrated IE Flash. You’d have to use another browser and I believe you have to uninstall the current version of Flash first.

Reply | Quote

It also breaks .exe programs generated by VB6.

We have several laptops that run my booking software that produce the .jpg matrix shown at the bottom of the ‘Costs and Contacts’ page of our webpages. In the .exe program itself only the first 3 weeks of the matrix get displayed and any attempt to use the slider bar raises an overflow error.

It’s really annoying as we don’t use Flash Player and you can’t uninstall IE or Edge, neither of which we want.

Will Microsft reload the update again and if so can this be blocked?

Reply | Quote