Seeker's remorse: Where are KB 4458469 and the other Thursday Win10 cumulative updates?

Microsoft released a bunch of Win10 cumulative updates last Thursday. They’re still available for manual download from the Windows Update Catalog, but it looks as if the company stopped pushing them on Friday. It’s complicated.

patch on top of Windows logo
Thinkstock/Microsoft

Last Thursday, Microsoft released all of these Win10 cumulative updates:

  • KB 4458469 takes Win10 version 1803 to build 17134.319
  • KB 4457136 turns Win10 1709 into build 16299.697
  • KB 4457141 moves 1703 to build 15063.1358
  • KB 4457127 transforms Win10 1607 and Server 2016 to build 14393.2517

Each of the cumulative updates includes dozens of patches for what appear to be minor bugs. In the case of Win10 1803 and 1709, they were the third cumulative updates in nine days. So much for Patch Tuesday, eh?

We were also graced with the Preview Monthly Rollups for Win7 and 8.1:

  • KB 4457139 Win7 Preview of next month’s Monthly Rollup
  • KB 4457133 Win8.1 Preview of next month’s Monthly Rollup

While the Monthly Rollup Previews were posted and made available to anyone who checks the wrong box, as usual, the Win10 cumulative updates were pushed onto some Win10 machines on Thursday and possibly early Friday.

By the middle of the day Friday Eastern time, reports of the patches appearing through Windows Update dried up. Those of you battling the WSUS update server mess had intermittent problems getting WSUS to work. While it looks as if KB 4458469 showed up on WSUS on Thursday, at least for some, it disappeared on Friday. I think.

The whole situation is very unclear at the moment. Microsoft hasn’t said anything that I can find.

It’s hard tracking down automatic update behavior because Win10 has so many different settings, and the interactions among the settings is basically undocumented. If you want to know whether a specific patch is going to install through Windows Update, at a minimum, you need to know:

  • Whether you’re running Win10 Home or Pro
  • Whether Win10 Pro, is Windows Update advanced options set for Semi-Annual Channel or Semi-Annual Channel (Targeted)
  • Whether Win10 Pro, is Windows Update set to defer quality updates
  • Whether you manually clicked on “Check for Updates” — thus, you’ve been branded a “Seeker

One of Win10’s most insidious transitions, clicking “Check for updates” doesn’t check for updates — it installs available updates, unless you’ve explicitly blocked them using wushowhide. Worse, if you have the temerity to manually check for updates, Microsoft takes your action as granting permission to install updates that wouldn’t normally be installed automatically.

So where are we right now? Good question, with no clear answer.

The official Windows 10 release information page says that the latest version of 1803 includes last Thursday’s update, build 17134.319. The latest build of 1709 is listed as 16299.696, which also includes last Thursday’s update. Ditto for 1703 and 1607.

Individual KB articles reflect those build numbers, too. The KB articles say:

Install this update

To download and install this update, go to Settings > Update & Security > Windows Update and select Check for updates.

Which, at this point, doesn’t seem to be the case. Seekers can’t see the update — even accounting for the Home/Pro Semi-Annual Channel/defer quality updates settings.

A big part of the problem lies in the way Patch Tuesday has evolved. Or devolved. You may recall John Wilcox’s treatise on the Windows updating cadence. Back on Aug. 1, Wilcox assured us:

  • At times referred to as our “B” release, Update Tuesday (most often referred to as Patch Tuesday) updates are published the second Tuesday of each month. These updates are the primary and most important of all the monthly update events and are the only regular releases that include new security fixes.
  • An out-of-band release is any update that does not follow the standard release schedule. These are reserved for situations where devices must be updated immediately either to fix security vulnerabilities or to solve a quality issues impacting many devices.
  • The “C” and “D” releases occur the third and fourth weeks of the month, respectively. These preview releases contain only non-security updates, and are intended to provide visibility and testing of the planned non-security fixes targeted for the next month’s Update Tuesday release. These updates are then shipped as part of the following month’s “B” or Update Tuesday release.

There was no mention of how and when the “C” and “D” (and, next month, “E”) week releases would actually be, you know, released. In August we saw two cumulative updates — one on Patch Tuesday, the other on the last business day of the month. The one on the last business day was, if I recall correctly, distributed through normal Windows Update channels, no seeking required.

So far in September we’ve seen three cumulative updates, including one special-purpose bug fix (for 1803 and 1709) that was released on a Monday for reasons unknown. That patch (KB 4464218 for 1803, KB 4464217 for 1709) was NOT installed through Windows Update — whether you “seeked” it or not.

As best I can tell, the third set of cumulative updates was only installed on "seeker" machines — those who manually clicked on "Check for updates" — but only if they "seeked" (sought?) on Thursday, and they had defer quality upgrades set to 0.

Or maybe not.

No matter what actually happened, and what will happen in the future, this much is sure: Microsoft’s handling of updates is ridiculously (and unnecessarily) complex and the antithesis of transparent, regardless of the espoused goals.

Somebody tell me the rules for seekers. And tell me again why clicking on “Check for updates” automatically installs updates. In a transparent world, none of that would happen.

Somebody, somewhere, dreamed up all of these settings and presumably somebody, somewhere, knows how they interact. Whoever they are, they haven’t bothered to document key details.

Can you help unravel this Gordian knot? Join us on the AskWoody Lounge.

Related:
8 highly useful Slack bots for teams
  
Shop Tech Products at Amazon