Where we stand with messy September Windows and .NET patches
Credit to Author: Woody Leonhard| Date: Thu, 21 Sep 2017 10:54:00 -0700
This month’s Windows and .Net patches hold all sorts of nasty surprises — some acknowledged, some not, some easy to skirt, some waiting to swallow the unwary whole. Here’s a quick overview of what’s going on with this month’s missives.
Most important: If you can’t keep yourself (or your clients) from clicking “Enable Editing” in Word, you must install a broad range of .NET patches (if you’re running Windows 7 or 8.1) or cumulative updates (if you’re running Windows 10), like, NOW.
Cumulative Update KB 4038788, which brings the build number up to 15063.608, has two acknowledged (but not fixed) bugs:
I’m hearing reports that 4038788 brings out all sorts of problems with Edge — it’s not just on first launch, and re-starting Edge doesn’t solve the problems.
There’s an additional bug in 4038788, which has been fixed: On some OEM systems (read: HP), Windows logon has registry keys that conflict with the app readiness service. After 5-10 minutes of black screen, users regain use of their device. This issue is triggered every time that Windows is restarted. Microsoft fixed the problem with KB 4043292, which must be downloaded and installed manually.
When you run the Get-PhysicalDisk cmdlet, some disks may display an operational status of “In Maintenance Mode.” The Get-VirtualDisk cmdlet may also display the operational status of the virtual disk as “Degraded.” There’s a manual workaround described in KB 4043361.
On Windows Server 2016, when you try to download updates by using Windows Update (stand-alone or WSUS), the process hangs at 0 percent completion. Microsoft has a description of the problem and two manual overrides in KB 4039473.
There was a rollup for all versions that covers a remote code execution vulnerability known as CVE-2017-8759 in addition to a handful of non-security bug fixes. For unknown reasons, Windows 10 Creators Update got the security patch but didn’t get the bug fixes.
The .NET 4.5.2 rollup installer in some versions includes some bizarre non-English prompts, like the one in the screenshot below. Microsoft assures that it’s only a glitch in the installer and not harmful.
The .NET Security and Quality Rollups make certain custom images turn black. As Microsoft puts it: “After you install the September 12, 2017, .NET Security and Quality Rollups that apply to the .NET Framework 4.6, 4.6.1, 4.6.2, and 4.7, you experience rendering issues in Windows Presentation Foundation (WPF) applications that use WPF types in a Windows service.”
There’s a description of the problem on the Visual Studio forum and a workaround in KB 4043601. The workaround suggests that you uninstall the Security and Quality Rollup and install the Security-only patch.
There’s a well-publicized problem with Internet Explorer 11 suddenly sprouting a search box on the address bar after installing KB 4038777 (the Windows 7 Monthly Rollup) or KB 4036586 (the September Internet Explorer Security-only patch). For a detailed look at what’s happening, with screenshots, see ElderN’s post on the Microsoft Answers forum. Ends up the flim-flammery is a result of font sizes changed behind the scenes and a possible undocumented switcheroo in one of the IE settings. See @PKCano’s post.
Poster Richard has also identified a problem with starting IE 11 after this month’s Windows 7 updates — and he found a solution. Again, it’s related to undocumented changes in the Tab View settings and in font size. See post 8 on the AskWoody Lounge.
On the other hand, it looks like all of the officially acknowledged bugs in the August Windows 7 Monthly Rollup have been fixed.
Thanks to @MrBrian, @PKCano and dozens of additional testers – and complainers – on the AskWoody Lounge.