-
Since all Microsoft updates are signed, they are tamper-proof and thus secure regardless of whether the transport is secure.
That was my first thought. But did you read my addendum here?
Tested: Windows accepts altered updates …
Within my German blog post, a reader did a simple test. He downloaded an update package via Microsoft Update Catalog. Then he used Notepad++ to edit some strings within the update package. The saved package is flagged ‘as modified’ on digital signature property page. But Windows accept this update and install it.
I guess (haven’t tested it), the digitale signatur proof check will be executed for .cabs included. The post from Mr. Brian below indicates, that some parts are checked and others not.
So: Overall I guess, it’s a ‘non optimal’ solution, Microsoft decides to use (nicely spoken). Well, we can discuss about http versus https. But then explain, why they offer kb articles via https, while downloads from http download links are redirected to https pages – and Update Catalog downloads still shipped via http.
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
3 users thanked author for this post.
-
A few more details may be read within my blog post Microsoft delivers updates via HTTP & more security obscurity
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
-
Just in case update KB4058258 is failing with error 0x80073715 – I’ve addressed the whole mess in Windows10: Update KB4058258 causes error 0x80073715.
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
-
I can confirm that – see my blog post Updates KB4074906 (.NET), KB4077561 (Windows 8.1), and KB4056446 (Windows Server 2008)
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
-
Yea, read it within an internal MS MVP forum this weekend. Know his posts since I was active in Microsoft’s news groups a decade ago. So sad, may he R.I.P.
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
1 user thanked author for this post.
-
Ok, it seems I was lured into the wrong direction by Microsoft’s Security Center and it’s download links. I’ve added my blog post.
Defender and MSE are updating itself – and it seems that yesterday the Security module has been updated. That’s what I found out comparing the details on 2 Win 7 machines (one, which is always online and one, which hasn’t been booted since 3 days).
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
-
I’ve published now an English language article about that issue. My German blog post received several comments from affected users. The beta patch from Kaspersky is out – further details may be found within the linked English blog post.
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
-
Yes, it’s fixed. The question how they fixed it: via ActiveX an control in IE 11. If somebody used my workarounds and lost some update settings options or if the bug isn’t fixed, see Windows 7: Fix broken Update (Error 0x80248015) 12/4/17 for further assistance.</span>
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
1 user thanked author for this post.
-
I’ve posted an article within the MS Answers forum and escalated it to all moderators. Let’s hope, they will forward it to Microsoft’s developers. See also my blog post Windows 7: Error 0x80248015 in Update Search (Dec. 4, 2017)
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
-
But we should mention, that after unchecking the option, this option is gone. I’ve posted a note and linked also a blog post how to fix that 2nd issue – but till know, the blog post is only in German.
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
1 user thanked author for this post.
-
-
Update KB4049016 seems to be pulled
.NET Framework Update KB4049016 pulled?Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
-
Just like to mention that the article about CDPUserSvc mentioned by Woody in Computerworld is now in English available.
Windows10 / Server 2016: Issues with CDPUserSvc
My proposal is to try process isolation for the service. Maybe it helps to avoid the ‘stopp working’ issue.
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
1 user thanked author for this post.
-
The November 2017 patch day brought some users some nasty surprises. Beside the MSRT thing mentioned above, we have the:
- Epson dot matrix printers killed (briefly mentioned two posts above)
- HP’s 3D Guard won’t work after KB4048955 for Windows 10 Version 1709
I’ve documented it within my blog post Issues with Microsoft’s November 2017 Updates.
Addendum: It seems that Microsoft has released a new version of MSRT, that has been fixed.
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
-
The MSRT thing and it’s flagging seems strange. I noticed, it was flagged as important, but unchecked. Then readers commented, that during the first update checks, the MSRT update has been checked. Obviously MS got aware of install issues, and they unchecked this update.
I’ve documented it within my blog post Issues with Microsoft’s November 2017 Updates.
Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author
https://www.borncity.com/win/
Author
