{"id":15211,"date":"2019-04-29T10:30:10","date_gmt":"2019-04-29T18:30:10","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2019\/04\/29\/news-8960\/"},"modified":"2019-04-29T10:30:10","modified_gmt":"2019-04-29T18:30:10","slug":"news-8960","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/04\/29\/news-8960\/","title":{"rendered":"Microsoft Patch Alert: April patches have sharp edges, with several missing, others reappearing"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/images.idgesg.net\/images\/article\/2017\/09\/windows_patch_security3-100734732-large.3x2.jpg\"\/><\/p>\n<p><strong>Credit to Author: Woody Leonhard| Date: Mon, 29 Apr 2019 09:32:00 -0700<\/strong><\/p>\n<p>You have to wonder who\u2019s testing this stuff.<\/p>\n<p>Admins, in particular, have had a tough month. April brought widespread breakdowns \u2013 bluescreens, hangs, very sluggish behavior \u2013 to hundreds of thousands of Win7 and 8.1 machines. This wasn\u2019t a \u201csmall percentage\u201d kind of event. For some companies, rebooting overnight on Tuesday brought seas of blue screens on Wednesday morning.<\/p>\n<p>The first round of cumulative updates and Monthly Rollups arrived on Patch Tuesday, but the now-ubiquitous second round didn\u2019t show up until late Thursday afternoon, two and a half weeks later. Talk about admins taking a beating.<\/p>\n<p>We still have one Tuesday left this month \u2013 the mythical \u201cE week\u201d that Microsoft never talks about \u2013 so the month may yet end with both a bang and whimper.<\/p>\n<p>Here\u2019s how things look as early Monday morning.<\/p>\n<p>It took a while, but the second round of April patches <a href=\"https:\/\/www.computerworld.com\/article\/3391064\/where-are-the-april-windows-patches.html\">finally arrived<\/a>. The one exception is for Windows 10 version 1809, which still hasn\u2019t seen an \u201coptional non-security\u201d patch. (They\u2019re \u201coptional\u201d because you have to be a seeker \u2013 click Check for updates \u2013 in order to get hit with the patch.)<\/p>\n<p>We have a <a href=\"https:\/\/www.askwoody.com\/forums\/topic\/there-they-are-second-april-patches-are-out-and-they-look-lame\/#post-994776\" rel=\"noopener nofollow\" target=\"_blank\">reliable report<\/a> that the second patches this month were held up because of continuing problems with the Japanese new era date bugs. That same report also says that even the latest patches have bugs. I find it all amazing \u2013 Microsoft\u2019s been working on this problem for at least a year, and the patches-of-patches have been stumbling all over themselves.<\/p>\n<p>Even Win10 1903 \u2013 the version still in beta testing \u2013 got a new patch, <a href=\"https:\/\/blogs.windows.com\/windowsexperience\/2019\/03\/20\/announcing-windows-10-insider-preview-build-18362\/#TRYJeOYRsGpvKIde.97\" rel=\"noopener nofollow\" target=\"_blank\">KB 4497093<\/a>, bringing the build number up to 18362.86. It\u2019s for \u201cInsiders who are currently in the Fast ring only and on Build 18362.53. We\u2019ll roll this out to the Slow and Release Preview rings in a bit.\u201d<\/p>\n<p>April\u2019s Patch Tuesday brought immediate complaints of Win7 bluescreens. <a href=\"https:\/\/www.computerworld.com\/article\/3388643\/this-month-s-windows-patching-debacle-gradually-comes-into-focus.html\">Within a couple of days<\/a> we found out that six patches \u2013 for Win 7, 8.1, Server 2008 R2, 2012 and 2012 R2 \u2013 had conflicts with five different companies\u2019 antivirus products. The current tally:<\/p>\n<p><strong>Sophos\u00a0<\/strong>\u2013 The company <a href=\"https:\/\/community.sophos.com\/kb\/en-us\/133945\" rel=\"noopener nofollow\" target=\"_blank\">now says<\/a> it\u2019s figured out the source of the problem:<\/p>\n<p>\u201cWe have identified a permanent fix and are now automatically rolling out the fix to customers starting 25th April 2019. This will take place over a two- to three-week period.\u201d<\/p>\n<p>Microsoft continues to block the six dirty patches on systems running Sophos Endpoint.<\/p>\n<p><strong>Avira\u00a0<\/strong>\u2013 The folks at Avira have been remarkably quiet. Our latest <a href=\"https:\/\/www.askwoody.com\/forums\/topic\/report-from-the-field-about-ongoing-win7-avira-problems\/#post-1089226\" rel=\"noopener nofollow\" target=\"_blank\">report from UAz<\/a> says they may have finally hit upon a solution \u2013 verified in the very early hours of Monday morning. Earlier attempts at an Avira solution failed, sometimes spectacularly. Microsoft has not changed its terse announcement:<\/p>\n<p>\u201cMicrosoft has temporarily blocked devices from receiving this update if Avira antivirus software is installed. We are presently investigating this issue with Avira and will provide an update when available.\u201d<\/p>\n<p><strong>Arcabit\u00a0<\/strong>\u2013 The small Polish-language AV supplier has released an update that solves the problem, according to Microsoft, although the Microsoft link to Arcabit\u2019s support article points to a Technical Assistance phone number, and no discussion.<\/p>\n<p><strong>Avast\/AVG\u00a0<\/strong>\u2013 The company has <a href=\"https:\/\/kb.support.business.avast.com\/GetPublicArticle?title=Windows-machines-running-Avast-for-Business-and-Cloud-Care-Freezing-on-Start-up\" rel=\"noopener nofollow\" target=\"_blank\">issued hotfixes<\/a> to avoid the bluescreens. (Avast owns AVG.) Oddly, though, the way to install the hotfixes isn\u2019t what you might expect:<\/p>\n<p>That, to me at least, is a <a href=\"https:\/\/www.askwoody.com\/2019\/report-from-the-field-about-ongoing-win7-avira-problems\/\" rel=\"noopener nofollow\" target=\"_blank\">very distressing way<\/a> to apply a hotfix.<\/p>\n<p>Microsoft no longer blocks the six dirty patches on machines running Avast or AVG.<\/p>\n<p><strong>McAfee\u00a0<\/strong>\u2013 Late to the game, McAfee <a href=\"https:\/\/www.askwoody.com\/2019\/yet-another-conflict-acknowledged-with-this-months-win7-and-8-1-monthly-rollups-this-time-with-mcafee-endpoint-security\/\" rel=\"noopener nofollow\" target=\"_blank\">has acknowledged<\/a> that installing the dirty six patches may lead to slow boot up times or slow performance. The only solution to the problem, at present \u2013 aside from uninstalling the dirty six \u2013 is to disable any user-defined (non-default) Access Protection rules.<\/p>\n<p>Microsoft says it is \u201cpresently investigating this issue with McAfee,\u201d but they\u2019ve been saying that for a week.<\/p>\n<p>I\u2019m seeing <a href=\"https:\/\/www.askwoody.com\/2019\/are-you-seeing-update-kb-3185319-being-offered-for-internet-explorer\/\" rel=\"noopener nofollow\" target=\"_blank\">scattered reports<\/a> that Win7 users are being offered KB 3185319 \u2014 an update from Sept. 13, 2016 \u2014 as a checked Important update to Win7. It\u2019s part of the MS16-104 bundle. I wrote about bugs in this patch <a href=\"https:\/\/www.computerworld.com\/article\/3133845\/bugs-in-latest-windowsoffice-patch-bundles-create-confusion.html\">back in October 2016<\/a>. This isn\u2019t the first time we\u2019ve seen KB 3185319 appear out of the blue.<\/p>\n<p>There are also <a href=\"https:\/\/www.askwoody.com\/2019\/problems-reported-with-this-months-server-2008-monthly-rollup-kb-4493471\/\" rel=\"noopener nofollow\" target=\"_blank\">reports of locked Server 2008 machines<\/a>\u00a0after installing this month\u2019s Monthly Rollup, KB 4493471.<\/p>\n<p><em>Keep up with the latest on the <\/em><a href=\"https:\/\/www.askwoody.com\/2019\/where-we-stand-with-the-april-2019-patches\/\" rel=\"noopener nofollow\" target=\"_blank\"><em>AskWoody Lounge<\/em><\/a><em>.<\/em><\/p>\n<p><a href=\"https:\/\/www.computerworld.com\/article\/3216425\/microsoft-patch-alert-april-patches-have-sharp-edges-with-several-missing-others-reappearing.html#tk.rss_security\" target=\"bwo\" >http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/images.idgesg.net\/images\/article\/2017\/09\/windows_patch_security3-100734732-large.3x2.jpg\"\/><\/p>\n<p><strong>Credit to Author: Woody Leonhard| Date: Mon, 29 Apr 2019 09:32:00 -0700<\/strong><\/p>\n<article>\n<section class=\"page\">\n<p>You have to wonder who\u2019s testing this stuff.<\/p>\n<p>Admins, in particular, have had a tough month. April brought widespread breakdowns \u2013 bluescreens, hangs, very sluggish behavior \u2013 to hundreds of thousands of Win7 and 8.1 machines. This wasn\u2019t a \u201csmall percentage\u201d kind of event. For some companies, rebooting overnight on Tuesday brought seas of blue screens on Wednesday morning.<\/p>\n<p>The first round of cumulative updates and Monthly Rollups arrived on Patch Tuesday, but the now-ubiquitous second round didn\u2019t show up until late Thursday afternoon, two and a half weeks later. Talk about admins taking a beating.<\/p>\n<p>We still have one Tuesday left this month \u2013 the mythical \u201cE week\u201d that Microsoft never talks about \u2013 so the month may yet end with both a bang and whimper.<\/p>\n<p class=\"jumpTag\"><a href=\"\/article\/3216425\/microsoft-patch-alert-april-patches-have-sharp-edges-with-several-missing-others-reappearing.html#jump\">To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[10516,10909,13764,714,10525],"class_list":["post-15211","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-microsoft","tag-microsoft-office","tag-pcs","tag-security","tag-windows"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15211","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=15211"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15211\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=15211"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=15211"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=15211"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}