Microsoft Patch Alert: October 2020

The big news with this month’s patches – aside from the usual smorgasbord of strange errors – has more to do with the patches that are outside the regular cumulative update stream. Remarkably, we didn’t get any security fixes for IE or Edge. And the new .NET “optional” preview patches aren’t optional at all.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 Page 3
Page 3 of 39

August 2020

With Windows 10 2004 gradually creeping (I use the term intentionally) onto more machines, faults and foibles are coming out of the woodwork. It looks like a fix for the long-lamented version 2004 defrag bugs is on the way, but we aren’t there yet. Lenovo isn’t too happy with the August version 2004 cumulative update. It’s still too early to move to 2004, in my opinion — and those problems ensure I’ll keep 2004 off my machines for a while.

Meanwhile, Microsoft extended the end of support date for Win10 version 1803 — a move that’ll interest exactly nobody except for admins with aging Win10 machines. Windows 8.1 patchers got left out in the Remote Access cold for a week. The .NET security updates have an odd, acknowledged bug with a manual registry workaround.

On the whole, though, the August patches have held up quite well.

As a bit o’ lagniappe, Patch Lady Susan Bradley has published the results of her two Patching Surveys — one for Consumers, the other for IT Pros. As you might imagine, the general level of satisfaction with Windows patches leaves much to be desired.

Windows 10 version 2004

The August cumulative update for Win10 version 2004, KB4566782 — the latest, bestest, bug-infested version of Windows 10 — has triggered the usual volley of complaints about blue screens, system slowdowns, crashes, and the like. Mayank Parmar at Windows Latest has details.

Most disconcerting is the volley of BSoDs described by Lenovo on 2019 and 2020 ThinkPads:

  • Blue Screen of Death (BSoD) when booting
  • Blue Screen of Death (BSoD) when starting Lenovo Vantage
  • Blue Screen of Death (BSoD) when running Windows Defender Scan
  • Can't login by Face with Windows Hello
  • Errors in Device Manager related to Intel Management Engine
  • Errors in Device Manager related to IR Camera

The bugs appear to be linked to using the Enhanced Windows Biometric Security setting in the ThinkPad’s BIOS. See the article for details.

The other big Win10 version 2004 news lies in the highly anticipated fix to the defrag bug that I talked about back in June. In spite of the recent, breathless headlines about a “new” bug in version 2004, this pesky little SSD biter has been documented on various Microsoft sites since January — before version 2004 shipped.

The bug involves an incorrectly set timestamp on defrag runs: Since the “Optimize Drives” app relies on that timestamp to keep from running too frequently, a bad timestamp leads to an overabundance of defrag runs, which can hurt any drive — but especially solid-state drives. There are also reports of TRIM function bugs associated with the Optimize Drives app. Those may be more serious. Lawrence Abrams at BleepingComputer has details.

In theory, Microsoft has fixed the bug. The fix may well appear in the “optional, non-security, C/D Week” patch for version 2004 that’s due any day now (making it an “E Week” patch). Most people expect that it’ll be part of the September Patch Tuesday crop.

If Microsoft does, indeed, fix the bug, it’ll be another significant undocumented bug in 2004 that’s finally met its match.

KB4023057 making way for version 2004

Microsoft releases an update to KB4023057 — the “Update to Windows 10, versions 1507, 1511, 1607, 1703, 1709, 1803, 1809, 1903, and 1909 for update reliability” patch — when it’s ready to start steamrolling new versions. I last talked about the patch a year ago.

You’ll see the patch offered if you haven’t yet moved to Win10 version 2004 and your PC appears to need it (with MS’s “artificial intelligence” playing the part of King Solomon). The patch itself isn’t available in the Microsoft Catalog because it’s delivered via the extra-official UUP delivery method.

If you want to move to 2004, and you’re offered KB4023057, go ahead and take it — but realize there are problems. If you’d rather wait for the inevitable fixes — such as the defrag fix mentioned in the preceding section, and many others both acknowledged and in gotcha mode — there’s no reason to install it yet.

.NET patches spring some odd bugs

The Knowledge Base articles for all of the August .NET patches have been modified to include a note about an odd bug. KB4569775 (the “Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 7 SP1 and Windows Server 2008 R2 SP1 and Windows Server 2008 SP2”) and the various KBs for .NET Framework 4.8 now have this admonishment:

Windows Presentation Framework (WPF) applications that use two or more HostVisual elements belonging to a common thread, where both HostVisual elements are asked to disconnect from their visual target at roughly the same time, mail fail with the following error:

Exception type:  System.COMException


Callstack:  top frame is System.Windows.Media.Composition.DUCE+Channel.SyncFlush()

There’s a manual fix that involves changing app.config or modifying the registry.

Windows 8.1 patched sooner or later

Usually Microsoft patches all versions of Windows at the same time. This month, though, Windows 8.1 missed two security holes in Windows Remote Access.

Eight days after the Patch Tuesday plop, Windows 8.1 got an additional patch, KB4578013, that only fixes those two security holes. It’s a catch-up patch of a patch. In order to get all of your Win 8.1 August patches, you have to install the second patch, too — or wait for the September Monthly Rollup, which should plug all the known holes.

There’s also a late-breaking warning about this second patch not playing politely with Cisco AnyConnect. The original, Patch Tuesday patch has no such problems.

Win7 printing problems

If you pay for Windows 7 Extended Security Updates, you may be seeing printer problems with the August patch, KB4571729. The root cause still isn’t known, but there’s an active discussion on the PatchManagement Group forum.

Patching survey

Patch Lady Susan Bradley has just released the results of her 2020 Windows and Office consumer patching survey. It’s a companion to the IT pros and consultants survey she released last week. With more than 1,400 participants, the study finds:

  • 44% of responding consumers declared themselves “satisfied” or “somewhat satisfied” with the quality of Windows and Office patches. IT pros and consultants pegged that at just 34%.
  • Only 21% of self-identified consumers felt that feature updates — new versions of Windows — are “Extremely useful” or “Somewhat useful.” Says Bradley: “I think Microsoft relies too heavily on input from members of the Insider program who want change for change’s sake, whereas most of us just want technology that works predictably and reliably.”
  • 47% of consumers feel that Windows should be upgraded once a year or once every two years.
  • A laudable 82% of respondents feel that Windows 10 meets their needs.

Party on, Panos.

Patching problems? Hit us on

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 Page 3
Page 3 of 39
It’s time to break the ChatGPT habit
Shop Tech Products at Amazon