Patch Lady – proving that documentation is key

Patch Lady here:  Tonight I noticed that the recent update for Windows 10 1709 KB4090913 now includes the following in the release notes indicating that it DOES address the problem with the race condition that occurred in the January and February updating cycles.

• Addresses issue where some USB devices and onboard devices, such as a built-in laptop camera, keyboard, or mouse, stop working. This may occur when the Windows Update servicing stack incorrectly skips installing the newer version of some critical drivers in the cumulative update and uninstalls the currently active drivers during maintenance.  (that sentence was there before)
• Addresses issue where some devices may fail to boot with “INACCESSIBLE_BOOT_DEVICE”.  (AH HA, this is new!)

That last one was not in the original KB release.  So now that it appears that this KB does help prevent this issue, let’s look at the issues left to worry about:

This is a minor cosmetic-y issue in my opinion and can be (annoyingly) ignored.

That is a standard “known” issue after the Spectre/Meltdown patch era and will be included as a known issue going forward for all cumulative updates.

That side effect only impacts customers running 1709 Server core and Windows server 2016.  While concerning (and pointing out that we still need backups), it won’t impact Windows 10 1709.

Am I ready to give this update the all clear?

Well?  Um… how about we still wait a few more days to just make sure there isn’t any more side effects.

March 2018 Office non-security updates have been released

Microsoft has released the March 2018 Office non-secruity updates. These are NOT covered under February’s DEFCON-3 patching. Wait to install them until any potential problems are known and for the Patch Lady’s guidance. If you are following Woody’s DEFCON system, wait for the March DEFCON patching go-ahead.

Office 2010

Update for Microsoft Outlook 2010 (KB4018314)

Office 2013

Update for Microsoft Office 2013 (KB3172471)
Update for Microsoft Office 2013 (KB4011152)
Update for Microsoft Office 2013 (KB4018297)
Update for Microsoft Project 2013 (KB4018292)
Update for Microsoft Visio 2013 (KB4011230)
Update for Skype for Business 2015 (KB4018290)

Office 2016

Update for Microsoft Office 2016 (KB4011624)
Update for Microsoft Office 2016 (KB4011671)
Update for Microsoft Office 2016 (KB4011728)
Update for Microsoft Office 2016 (KB4011729)
Update for Microsoft Office 2016 (KB4011732)
Update for Microsoft Office 2016 (KB4018295)
Update for Microsoft Office 2016 Language Interface Pack (KB4011731)
Update for Microsoft OneNote 2016 (KB4011733)
Update for Microsoft Outlook 2016 (KB4018296)
Update for Microsoft Project 2016 (KB4011734)
Update for Microsoft Visio 2016 (KB4011661)
Update for Skype for Business 2016 (KB4011725)

There were no non-security patches for Office 2007.

[The KBNew list of all new and modified March KB articles has been updated, and now includes the March non-security Office patches. We’re showing more than 300 new and changed KB articles since March 1.]

Problems with yesterday’s Win10 1709 patch, KB 4090913, starting to appear

I’m seeing some reports of problems with yesterday’s Patch Monday single-purpose cumulative update for Win10 1709.

Computerworld Woody on Windows.

UPDATE: We have a report of the “reboot to black” bug in the Win7 Feb. Monthly Rollup KB 4074598.

Patch Lady – Servicing Stack Updates

Patch Lady Susan here:  This will be a post whereby I don’t answer a question, but rather bring up many more questions. Firstly here are some OLD background posts on what is going on with the component based servicing process which is the underlying engine that does the installing and updating on a Windows machine since the Vista era.

First read part one on Windows servicing from the Joscon blog.

Then read part two on Windows servicing from the Joscon blog.

And here another one to read as background material.

Read all of those first.  It gives you a bit of background in how vastly Windows has changed in updating since the Windows XP era.

For all of the times I track issues with patching, there is one truth in how we deploy now — assuming a healthy machine and a large enough hard drive, one can go from newly installed to fully patched in a much much shorter time frame than we ever could in Windows 7 era.  With a minimum of rebooting I can get a machine fully operational  – and even better – installed from scratch in less than an hour if the machine is peppy and has a ssd hard drive.

Now that you have that background (and probably a bit of headache reading all that) I’ve noticed something recently with Windows 10 releases.  We are getting a servicing stack update about each time we get a patch for the platform.  Take today’s release to fix the USB issue in the form of KB4091913.  Concurrently with that release was a servicing stack update in the form of KB4091914.

The increasing use of servicing stack updates just leads me to have more questions and not a lot of good answers.  Historically such updates were rare, not every release.  They are usually not uninstall-able, and help windows update do a better job.

My concern is that once upon a time Microsoft mandated that every update could be uninstalled to allow you to roll back from any issue.  There have been some historical scattered reports of issues that occur after a servicing stack update has been installed. Conversely there have been times – especially on Windows 7 – where a servicing stack update has done wonders to speed up the install of updates.

I’ll see if I can dig into why we’re getting these more often. In the meantime, keep an eye out for this and I’ll let you know if I see any side effects.

Microsoft claims it’s solved the USB problem with Win10 1709 cumulative update KB 4090913

Welcome to Patch Monday!

A few hours after I posted my diatribe in Computerworld, taking Microsoft to task for not fixing Win10 Fall Creators Update, version 1709, wouldn’tcha know it, but Microsoft released yet another cumulative update for 1709 that claims to fix one (not all) of the admitted problems with Win10 FCU.

KB 4090913 brings Win10 version 1709 up to build 16299.251.

According to the KB article its sole raison d’être is fixing the USB bug introduced in the last cumulative update.

Addresses an issue in which some USB devices and onboard devices, such as a built-in laptop camera, keyboard, or mouse, stop working. This may occur when the Windows Update servicing stack incorrectly skips installing the newer version of some critical drivers in the cumulative update and uninstalls the currently active drivers during maintenance.

That’s all she wrote. The other bugs are still there:

• Windows Update History reports that KB4054517 failed to install because of error 0x80070643.
• After installing this update, some devices may fail to start, and return INACCESSIBLE_BOOT_DEVICE.
• Because of an AD FS server issue that causes the WID AD FS database to become unusable after a restart, the AD FS service may fail to start. / There is no way to undo the database corruption. To return your AD FS server to a functional state, you must restore it from a backup.

There’s also an out-of-out-of-band Servicing Stack update, KB 4090914.

I suggest you hold off until we find out if this patch actually fixes the problem, or if some other ogre jumps out and bites.

Drumroll, maestro! Introducing our new MVPs

I’m very happy to announce the coronation of six new MVPs.

@AlexEiffel

@Ascaris

@Elly

@PaulT

@RCPrimak

@RetiredGeek

Each has demonstrated both remarkable technical capabilities and — every bit as important — a willingness to help the hapless. Like me, for example.

Please join me in welcoming them to the AskWoody sanctum sanctorum, and wish them a long and happy reign!

MS-DEFCON 3: Most February 2018 patches are good to go

Unless you’re running Windows 10 Fall Creators Update (version 1709), now’s a good time to get all outstanding Microsoft patches installed.

Important details in Computerworld Woody on Windows.

KB Error: In the Computerworld article I list KB4077525 as the Security-only patch for Win7, but it’s for Server 2016. The Security-Only Feb patch for Win7 is KB4074587.

Thx, @PKCano!

If you’re using the newer Office file formats in older versions of Office, the Compatibility Pack is going away in April

As many of you know, Microsoft changed the format of Office documents in Office 2007. The old DOC documents became DOCX, XLS workbooks became XLSX, PPT Powerpoint stacks became PPTX, and various additional file formats (templates and the like) changed.

The net result was that anybody who wanted to use Office 2003 to open or edit Office 2007 or later documents was up the ol’ creek without a paddle.

That’s where the Office Compatibility Pack comes into play. There’s a complex description in KB 924074, but the upshot is that Office Compatibility Pack works like a babel fish for Office 2003 and the (free) Word, Excel and PowerPoint viewers.

Now comes word that Microsoft is discontinuing the Office Compatibility Pack in April. Specifically, the OCP download page now says:

The Office Compatibility Pack is being retired in April, 2018. At that time, it will no longer be available for download and will no longer receive security updates.

For most of you that won’t make any difference. But if you’re still running Office 2003 (which is a mighty decent version!), it’d be wise to get the OCP installed now.

Thx JNP.