Microsoft Patch Alert: Lots of lingering problems in a very messy month

In spite of a whiplash patch/re-patch/re-re-patch cycle earlier this month, all is not doom and gloom. There've been a few actual fixes, too.

1 2 3 4 5 6 Page 3
Page 3 of 6

There are so many issues with this month’s security patches that it’s hard to decide where to begin. Let’s start with the problems that have been acknowledged, then move into the realm of what’s not yet fully defined.

Forced upgrades

Many users have remarked about how much the forced 1703-to-1709 Windows 10 upgrades feel like Microsoft’s detested forced upgrades from Win 7 and 8.1 to 10 – the “Get Windows X” campaign. Although the situation’s different on the surface, the net result is the same. Many people who were happily using Windows 10 Fall Update – version 1703 – were forcibly upgraded this month to the Fall Creators Update – version 1709 – even on systems that were not supposed to be upgraded.

At first, Microsoft ignored the uproar. But last week it quietly owned up to the move by putting this notification in the description for November’s Win 10 1703 Patch Tuesday cumulative update:

Known issues in this update:

Windows Pro devices on the Current Branch for Business (CBB) will upgrade unexpectedly.

Microsoft is working on a resolution and will provide an update in an upcoming release.

On the same day, Nov. 22, Microsoft released another cumulative update for 1703, KB 4055254, which doesn’t mention the problem. I’m going to guess it was fixed.

Those who were forcibly upgraded from 1703 to 1709 are now in limbo; if you allowed Win10 to automatically update itself, and the 1709 installer decided to take over, you’re stuck on 1709. Users had 10 days to roll back to the older version, and those days are gone.

That’s not good news if you hit problems with 1709, like the folder permissions problem or the autostart after boot problem. Those who got hit were upgraded without warning.

Broken Epson dot matrix printers

There are lots and lots of Epson dot matrix (and POS terminal) printers alive and well, thank you very much.

To recap, this month’s Patch Tuesday patches broke the Epson dot matrix driver for every supported version of Windows: Win10 1709, Win10 1703, Win10 1607/Server 2016, Win10 1511 Enterprise, Win10 1507 LTSC, Win 8.1/Server 2012 R2, Server 2012, and Win7/Server 2008 R2. (It’s quite remarkable: Microsoft is now actively supporting 11 versions of Windows – 14 if you count the Server versions separately.)

As noted yesterday, there are now fixes for six of those versions: Win 8.1/Server 2012 R2, Server 2012, and Win7/Server 2008 R2 and Win10 1703. There was a fleeting fix for Win10 1709, but it disappeared. As of this morning, there's a spot reserved for a Win10 1709 cumulative update, KB 4051963 for build 16299.96, but there's no KB article as yet and no reports of it rolling out. Presumeably, it'll include a fix for the Epson printing bug.

But there’s still no word on Epson printer fixes for Win10 1511 Enterprise or for Win10 1507 LTSC.

.NET patches appear, disappear, then reappear

Microsoft released four .NET Framework patches on Patch Tuesday:

  • 2017-11 Quality Rollup for .Net Framework 3.5.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB 4049016)
  • 2017-11 Quality Rollup for .Net Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB 4049017)
  • 2017-11 Quality Rollup for .Net Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows Embedded 8 Standard and Windows Server 2012 (KB 4049018)
  • 2017-11 Quality Rollup for .Net Framework 2.0 on Windows Server 2008 (KB 4049019)

The company then pulled all of them down before Thanksgiving. There was no official notice, just a string of comments on the MSDN TechNet blog that said, in effect, Microsoft hadn’t handled the supercedence chain on the patches properly and would fix the problem sometime after the U.S. holiday.

Sure enough, they were re-released yesterday.

CDPUserSvc_XXXX has stopped working

This bug, introduced in the Win10 1607 October cumulative update and both of the November 1607 cumulative updates, was finally acknowledged a little over a week ago. The three cumulative updates now contain this notice:

After installing KB4041688, KB4052231, or KB4048953, the error "CDPUserSvc_XXXX has stopped working" appears. Additionally, Event ID 1000 is logged in the Application event log. It notes that svchost.exe_CDPUserSvc_XXXX has stopped working and the faulting module name is "cdp.dll".

Microsoft is working on a resolution and will provide an update in an upcoming release.

Until then, follow the steps in the Per-user services in Windows 10 and Windows Server article.

To be clear, the bug has not been fixed, although it’s been well documented for six weeks. It even appears in the Win10 1703 Cumulative Update, KB 4051033, which was released on Nov. 27. Expect a real fix in the December Patch Tuesday crop.

Win10 1709 group policy setting incorrectly blocking cumulative updates

In Win10 1709 Fall Creators Update, adjusting the setting “After a Preview Build or Feature Update is released, defer receiving it for this many days” may, in fact, defer cumulative updates (which Microsoft insists on calling “quality updates”).

Poster Klaasklever who first described the bug on the TechNet, pointed to “reports that this issue is also caused by setting to defer Feature Updates in the Windows Update Settings within the normal Windows Settings App.”

It’s clearly a bug in Win10 1709, though it’s not clear which versions are afflicted – and there’s a possibility that the not-yet-released Win10 1709 cumulative update, KB 4051963 for build 16299.96, may fix it. As noted, there's no KB article as yet, and no reports of it rolling out.

‘Unexpected error from external database driver’ bug resolved

This bug, introduced in Microsoft’s October security patch release, led to Microsoft pushing out five patches in early November:

  • KB 4052234 for Windows 7 SP1 and Server 2008 R2 SP1
  • KB 4052235 for Windows Server 2012
  • KB 4052233 for Windows 8.1 and Server 2012 R2
  • KB 4052232 for Windows 10 Fall (“November”) Update, version 1511
  • KB 4052231 for Windows 10 Anniversary Update, version 1607, and Server 2016

Users who installed those patches (they had to be manually downloaded and installed) soon discovered that they all brought back old Windows security patches which themselves had bugs. Those buggy patches were yanked a few days later, and all mention of them was scrubbed as if they never existed.

In their stead, the Patch Tuesday Win7 and 8.1 Monthly Rollups and Security-only Updates and the Patch Tuesday patches for Win10 1709, 1703, 1607, 1511 and 1507 all claim to solve the problem.

Equation Editor bug resolved

Two weeks ago, I talked about the Equation Editor bug, CVE-2017-11882. There are a few exploits out in the wild at this point. If you’re concerned about them, you can bypass Equation Editor and eliminate the security hole by changing two Registry entries described in the Embedi article on the subject.

Good news? The HP Spyware update doesn’t appear to be a Windows problem. It’s all on HP.

Special thanks to @MrBrian, @abbodi86 and @PKCano

Did I miss a bug? Need a scorecard? I sympathize! Drop by the AskWoody Lounge.

1 2 3 4 5 6 Page 3
Page 3 of 6
How to protect Windows 10 PCs from ransomware
Shop Tech Products at Amazon