For February, a ‘bumpy’ Patch Tuesday journey
One week out from Patch Tuesday and it’s been a bumpy launch for the month, particularly for older variations of Home windows 10 and Server 2016. (Much less affected: the patron variations of Home windows 10 2004 and 20H2.)
Home windows Server 2016/1607 suffered the worst of the problems: the unique model of the Servicing Stack replace KB4601392 induced patching to get “caught.” Server patchers needed to soar via a ton of hoops to get the month-to-month safety replace put in. Microsoft pulled the dangerous replace and changed it with KB5001078. When you had been unfortunate and put in KB4601392 earlier than it was pulled, Microsoft has this steerage to manually reset Home windows updates elements.
Home windows Server 2016 lengthy has had a fame of being a horrible platform to patch. It installs updates slower than Home windows Server 2019 and usually takes longer to reboot afterwards — and Microsoft received’t (or can’t) backport the fixes from Server 2019 to the older platform. Not like Home windows 10, in the event you bought Home windows Server 2016 to your agency, you’ll be able to’t improve to Server 2019 without spending a dime; it’s a further buy. (Given the entire patching points on that platform, Microsoft, ought to present a license to Server 2019 without spending a dime for affected companies.)
When you nonetheless run Home windows 10 1909, you too had been impacted by a buggy replace: KB4601315. I personally seen on my 1909 workstation that I wasn’t provided that replace; I solely obtained this month’s .NET patch. I checked round on Askwoody.com and located I wasn’t alone. Others skilled the identical difficulty, particularly on client variations of Home windows 10. Two days after Patch Tuesday, Microsoft launched KB5001028, an “out of band” launch to repair a blue display that occurred whenever you tried to make use of a Wi-Fi Protected Entry 3 (WPA3) connection. Microsoft notes that you’re extra prone to encounter this difficulty when reconnecting to a Wi-Fi community after disconnecting, or when waking from sleep or hibernation. (It is a cumulative replace ,so it may be put in on prime of, or as a substitute of, the sooner February replace.)
Typically folks query why Microsoft’s pre-release beta testing Insider program, can’t discover points like this. The underlying drawback is that the Insider program is testing code for future releases of Home windows, it’s not testing patches and updates on the older releases most individuals nonetheless use. We’ve lengthy complained in regards to the lack of high quality management with Microsoft updates and, sadly, this seems to be one other less-than-stellar set of releases.
Microsoft for a few years has revealed a device that helped us block a hard replace till we had been able to cope with it, or till the replace had a repair launched. Known as the Wushowhid.diagcab device, we’ve used this to dam buggy updates for years. In the previous few weeks, nonetheless, Microsoft pulled the device from its web site with no reason why. The place is that this wushowhide device?
If you go to the website online detailing how one can block a buggy patch or driver, the obtain link is now a damaged link. We expect this was triggered by Microsoft eager to retire any internet obtain that depends on SHA1. However in doing so, many of those older, nonetheless helpful, instruments are now not accessible — which means we have now to search out them on third-party websites. We now not have an “official” website for these instruments.
I need you to do me a favor. Go to the website online the place we used to obtain the
This is the place you’ll be able to inform Microsoft to revive entry to the Wushowhid.diagcab device.
device and scroll to the underside of that web page. The place the footer links to the query, “Was this info useful?” and asks for a Sure or No, click on on the No button. When it asks “How can we enhance? The extra you inform us, the extra we will help,” reply with one thing like this: “Please repair the wushowhide.diagcab file and put it again in your website online. We’d like it to dam sure updates.” And hit ship. I’m hoping that if sufficient of us present suggestions that we want that device particularly Microsoft will re-release it.
Eliminating SHA1 isn’t the difficulty; it’s an older expertise and it permits attackers to spoof downloads and content material that might be utilized in assaults. Nevertheless it’s not cool that we have now now misplaced key instruments to maintain our methods purposeful. I’ve lately really helpful utilizing the Wushowhide.diagcab device to dam sure updates that may try to put in over and over with no decision. I really helpful to somebody affected by KB4535680, the replace for safe boot that wouldn’t set up, to make use of this device to cover the replace. On the time I gave that recommendation, the device was nonetheless accessible. Now they’d need to attempt to discover it on a third-party website. I’d relatively have the ability to level to an official device on an official Microsoft internet web page.
For these of you working Home windows 10 1909 with Conexant audio drivers, Microsoft remains to be indicating that the one technique to work round an ongoing driver difficulty is to let the 2004/20H2 function launch set up after which when it fails, and rolls again to 1909, let the method set up a second time. I stay uncertain whether or not Microsoft will make this course of higher for these impacted prospects. Keep tuned.
So what do I like to recommend at the moment? Be affected person. I’m nonetheless in testing mode to ensure I don’t see any points. Thus, I like to recommend staying in “pause” mode in the case of this month’s updates. We’ll preserve you knowledgeable right here and over on Askwoody.com of any of the main points.
Copyright © 2021 IDG Communications, Inc.