By Susan Bradley • Comment about this alert

In the August updates, Microsoft introduced a bug that impacted Windows users who dual-booted into Windows and Linux.

At first it was thought the bug had not been fixed in the September updates, but upon further investigation, I learned that it had been addressed. Because it is now fixed, I find no reason to delay updates further and am therefore lowering the MS-DEFCON level to 4.

I have reposted Microsoft’s release health note August 2024 security update might impact Linux boot in dual-boot setup devices in our Forums. Here’s the bottom line:

IMPORTANT: This known issue only occurs with the installation of the August 2024 security and preview updates. The September 2024 security update (the Resolved KBs listed above) and later updates do not contain the settings that caused this issue. If you install the September 2024 update, you don’t need to apply the workaround noted.

If you’ve installed the August updates and use dual boot, I recommend uninstalling the August update and then installing the September updates.

If you are an Apple user, you probably have heard the news that new phones and new devices are now available. Will provided a quick overview in his recent article September slumber. Importantly, I recommend an intervening step before rushing to install version 18 of iOS and iPad OS: install all minor versions of your current OS before rushing to v18. For example, go to Settings | Software Update on your iPhone, where you will be offered iOS 17.7 as well as 18 (bottom of image at left).

However, there are two good reasons not to install iOS 18 just yet. First, I never recommend installing the .0 release of any operating system — there’s no reason for you to be the guinea pig (I mean beta tester, not to insult the pet) for Apple. Second, the big news for iOS 18 is Apple Intelligence, but it is not provided in 18.0. It’s coming later this fall, or so Apple says.

There’s good reason for caution. There are already reports of users not liking dark mode and how it affects icons in the UI. Some reports complain of slowness. There are quite a few reports and YouTube videos about these and other matters. So get your phone as current as you can with iOS 17.7, but wait for the dust to settle before venturing beyond.

Mac Sequoia is also having some growing pains. Many users are complaining about regressions that cause problems with the firewall. That’s just one more reason not to be first.

Microsoft finally acknowledged what we’ve known all along: When Windows machines won’t update — and fail with (0x800f081f CBS_E_SOURCE_MISSING) in CBS logs — the only way you can fix the machine so that it can install future updates is to do a repair install over the top. I’ve reposted Microsoft’s health release in the Forums.

As a result of needing to do a repair install when issues occur, download a 23H2 ISO to ensure you have the necessary tools should you need them, especially before 24H2 is released. Go to the Windows 11 page and click on Download Windows 11 Disk Image (ISO) for x64 devices. Save it on your system or a flash drive, so you’ll have it if you need to do a repair install.

24H2 is still rumored to come out in October. Microsoft is starting to lay the groundwork for the 24H2 release, so much so that rumors will be flying. As I’ve said before, ensure that you use the InControl tool to keep yourself on Windows 11 23H2 for the time being.

For those on Windows 10 with machines capable of running Windows 11 but who don’t want Windows 11 at this time, run InControl and choose Windows 10 version 22H2. Windows 11 will not be installed until you tell InControl otherwise.

I’m not tracking any major issues with Windows 10 release KB5043064, and thus I recommend installing it. For Windows 11, I urge you to be on Windows 11 23H2 and install KB5043076. Any reported issues have been “one-offs” and relatively insignificant.

If the idea of repair installs on servers gives you pause, I understand. In my own case, I have been willing to perform them on file servers but am somewhat hesitant to do so on database servers and domain controllers. You may be better served by utilizing a script to fix the issue.

An alternative for domain controllers is to stand up a new server and transfer the FSMO roles to take over the damaged server. Microsoft indicates that it will be investigating the CBS_E_SOURCE_MISSING error and will follow up. It says:

You are more likely to observe this error if your organization’s devices’ manifest, registry, cat files or other parameters installed by a previous Windows update were corrupted. In these cases, a later Windows update servicing the same binaries will not install, resulting in the CBS_E_SOURCE_MISSING error.

I have not been tracking any major issues with the SQL updates released in September. However, always make sure that you have a backup of any key databases as well as a plan for recovery before installing the updates.

If you’ve been seeing Server 2016 hang, not install updates, and instead roll back and automatically uninstall the updates, you may want to use the registry key noted by Microsoft. This issue occurs because the Trusted Installer service did not finish the installation process within the default timeout period of 15 minutes.

Note: This change sets the timeout value to three hours (10,800 seconds). This should be sufficient for most situations. However, you may have to try a larger value in your environment. Restart the server, and then apply the patch again. Other potential issues and resolutions are documented by Microsoft in the Learn post Windows Update issues troubleshooting.

Here’s hoping Microsoft will use some of that AI marketing (that it is no doubt developing) for the upcoming Ignite conference in November to get to the root of these updating issues.

If you still use WSUS to patch your computers and servers, be aware that Microsoft posted Windows Server Update Services (WSUS) deprecation to the Windows IT Pro Blog. Deprecation means that no further development work will be done on WSUS, nor will new features be considered. The blog post states:

While the WSUS role remains available in Windows Server 2025, we recommend organizations transition to cloud tools, including Windows Autopatch and Microsoft Intune for client update management and Azure Update Manager for server update management.

For many years, WSUS has been the red-headed stepchild and not well supported. If you still use it, I strongly recommend that you purchase the add-on program WSUS Automated Maintenance (WAM), a software that helps maintain the platform. Clearly, Microsoft wants us to migrate to Intune or WuFB (Windows update for business). I’ll be covering your options in future newsletters.

Resources

Contribute your thoughts in this article’s forum!

Susan Bradley is the publisher of the AskWoody newsletters.