Microsoft Provides a Workaround for WSUS Synch Problems, But Can’t Tell Us Why Problems Exist

You’re not going crazy. Customers are experiencing intermittent failures when synching WSUS.

When running standalone WSUS or System Center Configuration Manager integrated with WSUS, software update synchronizations may fail on an intermittent basis, while subsequent synchronizations may be successful.

Details: Windows Server Update Service (WSUS) to Microsoft Update sync fails

According to the newly created article, Microsoft knows the problem, knows it exists, and can even suggest a temporary workaround, which is…

Synchronization/import of previously failed definition updates should be successful with subsequent software update synchronizations.

However, the cause is still To be determined.

Microsoft Japan Gives the List of January’s ‘Problematic’ Updates for Windows 7 Network Connectivity

UPDATE: Microsoft quietly resolved the issue described in this article using KB4487345

Original article…

Microsoft USA rarely apologizes for bad patches and definitely refuses to concede that any are problematic, however, Microsoft Japan has now listed out the updates (translated page) from January 2019’s Patch Tuesday that are giving companies fits when trying to connect to their networks.

What started out as the inability to connect to network shares has also been reported to keep users from connecting to shared printers.

After applying one of the following update programs published on January 8, 2019, to the file server and accessing the file server (the computer holding the shared folder ) by using the local user belonging to the Administrators group, The event of connection failure will occur.

This may cause problems such as access to a shared folder or connection to a network printer.

[ Workaround ]

When accessing the file server, use a local account that does not belong to the Administrators group, or use a domain account.

[ Corrective measure ]

Please check the Known Issues section of each update for the latest information on countermeasures against this problem.

OS version Problematic Update
Windows 7 SP1 / Windows Server 2008 R2 SP1

(Monthly Rollup)

KB 4480970 (Monthly Rollup)
Windows 7 SP1 / Windows Server 2008 R2 SP1

(Security-only update)

KB 4480960 (Security-only update)
Windows Server 2008 SP2

(Monthly Rollup)

KB 4480968 (Monthly Rollup)
Windows Server 2008 SP2

(Security-only update)

KB 4480957 (Security-only update)

As soon as we update the compatibility situation, this blog is also planned to be updated.

Good on you, Japan!

CVE-2019-0543 Changes How Windows PowerShell and PowerShell Core 6 WinRM Based Remoting Works

If you’re attempting to do loopback remoting for Windows PowerShell or PowerShell Core 6 after applying January security updates, you may have run into problems.

Per Microsoft…

The breaking change is not in PowerShell but in a system security fix that restricts process creation between Windows sessions. This fix is preventing WinRM (which PowerShell uses as a remoting transport and host) from successfully creating the remote session host, for this particular scenario. There are no plans to update WinRM.

Further…

The breaking change only affects local loopback remoting, which is a PowerShell remote connection made back to the same machine, while using non-Administrator credentials.

Details and workaround: Windows Security change affecting PowerShell

Tracking: KB4480966 for Windows 10 1803 Causing False Positives for Malware for Some

Not every malware tool is affected by this particular bug, but if your particular malware tool is casting errors about d2d1.dll being a Trojan after installing KB4480966 for Windows 10 1803 after the release of this month’s Patch Tuesday stack of updates, you can rest assured it’s a false positive.

You can effectively add an exclusion for this file to your malware package.

Thread: Since Update KB4480966; d2d1.dll a Trojan?

Tracking: KB4480966 for Windows 10 1803 Causing Unrecognized Database Format Error

UPDATE: Microsoft is working on a solution for this problem and since originally reported, it is now known that it affects 1803, 1709, and 1703. There is a workaround, however. See: Customers Still Using Access 97 Databases Affected by Windows 10 Patch Tuesday Updates

Original article…

Microsoft is off to a sound start for 2019. As the days have progressed past the company’s first Patch Tuesday of the year, bug reports are continuing to roll in.

One additional bug has been uncovered by some customers in that after installing KB4480966 for Windows 10 1803, .mdb databases are unrecognizable.

See: Unrecognized database format after January 2019 update KB4480966

So far, no workaround is available and Microsoft hasn’t yet acknowledged if its a widespread problem or not.

Microsoft Reverts Changes to KMS Servers that Caused Widespread Problems with KB971033

UPDATE: What seemed like yet another problem with yet another Microsoft patch has turned out to be something else. The issue, as it turns out, was a combination of customers installing KB971033 and Microsoft making changes to its license activation servers.

From Activation failures and “not genuine” notifications around January 8, 2019, on volume-licensed Windows 7 KMS clients:

A recent update to the Microsoft Activation and Validation unintentionally caused a “not genuine” error on volume-licensed Windows 7 clients that had KB 971033 installed. The change was introduced at 10:00:00 UTC on January 8, 2019, and was reverted at 4:30:00 UTC on January 9, 2019.

Note This timing coincides with the release of the “1B” January 2019 updates (KB 4480960 and KB 4480970) that were released on Tuesday, January 8, 2019. These events are not related.

The article goes on to recommend uninstalling KB971033.

Microsoft has yet to apologize for causing the widespread panic, only taken time to explain it.

— original article —

UPDATE with Workaround – Tracking: KB971033 Affecting KMS for Windows 7 Clients

According to new reports, there’s a bug in the KB971033 update that is causing problems with Windows 7 clients and KMS.

UPDATE:  A poster to a thread on Reddit concerning this issue offers a workaround that was obtained by Microsoft:

Action Plan :Uninstall KB971033

Reboot

Run Command Prompt as administrator

i. Type: net stop sppsvc

ii. Type: del %windir%\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 /ah

iii. Type: del %windir%\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 /ah

iv. Type: del %windir%\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

v. Type: del %windir%\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\cache\cache.dat

vi. Type: net start sppsvc

vii. Type: slmgr /ipk 33PXH-7Y6KF-2VJC9-XBBR8-HVTHH

Type: slmgr /ato

As others have correctly pointed out, the key in step vii is for Windows 7 Enterprise. Use the correct key for your environment. https://docs.microsoft.com/en-us/windows-server/get-started/kmsclientkeys

Lenovo Computers Running Windows 10 version 1607 May Not Boot After Installing KB4480961

Lenovo computers running an older version of Windows 10 (1607) may not be able to boot, according to reports.

Microsoft has acknowledged this and updated its guidance and known issues for the update page.

Problem:

After installing KB4467691, Windows may fail to startup on certain Lenovo laptops that have less than 8 GB of RAM.

Workaround:

Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.

If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.

Microsoft is working with Lenovo and will provide an update in an upcoming release.

Microsoft Acknowledges KB4480970 Bug for SMBv2 Shares, Provides Explanation and Guidance

Customers are experiencing a severe bug in KB4480970 where computers are unable to access network shares. Reports have been rolling in steadily since the roll-up for Windows 7 was released.

Microsoft has now updated the roll-up history page to reflect the bug, issue some reasoning, and apply some guidance for affected customers.

Problem:

Local users who are part of the local “Administrators“ group may not be able to remotely access shares on Windows Server 2008 R2 and Windows 7 machines after installing the January 8th, 2019 security updates. This does not affect domain accounts in the local “Administrators” group.

Guidance:

To work around this issue use either a local account that is not part of the local “Administrators” group or any domain user (including domain administrators).

We recommend this workaround until a fix is available in a future release.

2018 Holdover Bug Causing Renewed Problems with Network Connectivity for Windows 7

A bug that has existed for much of 2018 for Windows 7 and Windows 2008 R2 has once again begun causing problems for users of those operating system versions.

The original bug forced many to reinstall hardware drivers for their network cards…

After you apply this update, the network interface controller may stop working on some client software configurations. This occurs because of an issue related to a missing file, oem<number>.inf. The exact problematic configurations are currently unknown.

To locate the network device, launch devmgmt.msc. It may appear under Other Devices.

To automatically rediscover the NIC and install drivers, select Scan for Hardware Changes from the Action menu.

Alternatively, install the drivers for the network device by right-clicking the device and choosing Update. Then choose Search automatically for updated driver software or Browse my computer for driver software.

UPDATE: The following is now resolved with KB4487345.

However, a new wrinkle may have been exposed in that network shares are no longer accessible using SMBv2.

The problem is exhibited in both KB4480960 and KB4480970.

A workaround has been offered that requires modifying the Windows registry – proper rights are needed to make the change:

reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f

A reboot is required.

You can also just remove the update, but this security patch is pretty critical to install.

Forgo the Amazon Echo Auto Sticky Dashboard Mount for the Official Air Vent Mount

Despite not being widely available yet, Amazon has begun shipping its Echo Auto device to those who pre-ordered the device in 2018. The device is said to have been pre-ordered by over 1 million customers which may help explain why it has taken Amazon so long to begin fulfilling orders.

The Echo Auto device comes with a dashboard mount. This mount adheres with a sticky pad. Most car owners try to avoid adhering anything to their car, but Amazon now has a separate add-on that can be used to mount the Echo Auto device in the car’s vent.

Available for $15 from Amazon:  Echo Auto Air Vent Mount

The Air Vent Mount is actually in stock.  Until Amazon kicks manufacturing into a higher gear, you can display the air vent mount as a token of hope.

January 2019 Patch Tuesday Update for Windows 10 1803 Prohibits Pinning Web Links

Microsoft has begun to deliver its security updates for exposed bugs for its regular Patch Tuesday for January 2019. In doing so, Windows 10 1803 comes with an annoyance that users should be aware of:

After installing this update, some users cannot pin a web link on the Start menu or the taskbar.

Microsoft is working on a fix and promises to deliver this fix sometime near the end of January.