Patch Management

Errors During WSUS Update Synchronization for April 2017 Updates

There have been multiple reports where WSUS and SCCM administrators are seeing the following error message when trying to sync updates: SoapException: Fault occurred at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall) at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters) at Microsoft.UpdateServices.ServerSyncWebServices.ServerSync.ServerSyncProxy.GetUpdateData(Cookie cookie, UpdateIdentity[] updateIds) at Microsoft.UpdateServices.ServerSync.CatalogSyncAgentCore.WebserviceGetUpdateData(UpdateIdentity[] updateIds, List`1 allMetadata, List`1 allFileUrls, List`1& updatesWithSecureFileData, Boolean isForConfig) at Microsoft.UpdateServic...

Microsoft Breaks Skype Room Systems v2 Updating Capability with an Update

Skype Room Systems version 2 has an update waiting for it in the Windows Store. Unfortunately, due to the March 22, 2017 update for Windows 10 (KB4016635), the app cannot be updated. Microsoft is expected to release a fix for the problem – over Windows Update. Customers who need it fixed now can update manually. Details in KB4018816. Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in San Francisco in 2017!

A Patcher’s PSA: Adobe Acrobat and Reader Getting Major Version Number Updates in April

According to Adobe… Starting in April, 2017, all customers on the Continuous track will move from 15.xx to 17.xx after the patch is deployed. There will be no change for customers on Classic track or older versions like Acrobat/Reader XI. … New version number will appear on splash screens, MSI queries, ARP, DLL file versions, About box and application version (for Mac). SCCM/Casper will also start reporting the new version. If there are any software audit scripts that check for version number, they will start reporting 17.xx version. … Remember, if there are any patch deployment scripts which use version number checks before applying a patch, they may need changes to handle 17.xx version number. Full announcement: Acrobat’s getting a new version number (Reader too!) Looki...

Microsoft Releases Fix for Form Display Issue for CRM 2011 on IE11

We noted last week that a recent CU for Windows 10 users broke data display for CRM 2011 customers using Internet Explorer 11. See that here: Windows 10 March CU KB4013429 Breaks Data Display for Dynamics CRM 2011 Microsoft has now delivered a fix for this issue with March 22, 2017—KB4016635 (OS Build 14393.970). The fix also includes a resolution to the problem where some customers 0x80070216 error when trying to update apps from the Windows Store. The update is available through Windows Update, or can be downloaded manually from here: http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4016635 Because this is another CU, it replaces the previously released update KB4015438. Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connec...

Veeam Finds that KB4013429 Breaks Hyper-V 2016 Backup

Microsoft’s monthly updates always provides fodder for complaint – and that’s just with Microsoft’s own products. But, the inability to test against 3rd party products is another potential pitfall of Microsoft updates. That’s why its so important to test the updates before deployment. Case in point: Veeam has found that the recent KB4013429 breaks the company’s Hyper-V 2016 Backup product. Veeam’s alert here: Microsoft KB4013429 breaks Hyper-V 2016 Backup The KB alert states that… …the issue persists if the following conditions are met: Cluster resource owner node is not upgraded VM owner node is upgraded   Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in ...

Micosoft Separates Internet Explorer Security Updates from Windows Security Updates

As it has done with Windows 10, Microsoft continues to monkey around with Windows 7 SP1 and Windows 8.1 updates for efficiency. In the latest round of changes, Microsoft’s Configuration Manager team blog has revealed that this month (March) starts a new process where Internet Explorer updates have been separated from general security updates. IE updates will remain separate and will need to be deployed separately.  This is an effort to “simplify servicing” and reduce the size of the downloads. With this separation, the Security Only Quality Update package size will be significantly reduced, but you will need to deploy and install the Cumulative Security Update for Internet Explorer to remain secure for the latest supported version of the browser if you elect not to deploy...

ManageEngine Enters the Cross-platform Patch Management Game

ManageEngine today has announced a new product offering that enables customers to deliver patches automatically across Windows, Mac, and Linux. Called Patch Manager Plus, the product promises easy installation with a one-time setup. ManageEngine offers 3-editions: Free (for up to 25 PCs), Professional, and Enterprise. Press Release Automatic Patching for Windows, Mac, Linux, Third-Party Applications Easy installation and one-time setup; saves time, effort and cost Supports over 750 applications Download a fully-functional, 30-day free trial of Patch Manager Plus at http://ow.ly/d5lF309Y5Z1   PLEASANTON, Calif. – March 21, 2017 – ManageEngine, the real-time IT management company, today announced the launch of Patch Manager Plus, its simple and effective patch management sof...

Extra Windows 10 CU for This Month Rolling Out Now (KB4015438)

Microsoft is rolling out a second cumulative update for Windows 10 today –  just a week after the first. This one is intended to fix some bugs and issues that were introduced by the first one. KB4015438 is available now through Windows Update and here’s what it fixes: Addressed a known issue with KB4013429 that caused Windows DVD Player (and 3rd party apps that use Microsoft MPEG-2 handling libraries) to crash. Addressed a known issue with KB4013429, that some customers using Windows Server 2016 and Windows 10 1607 Client with Switch Embedded Teaming (SET) enabled might experience a deadlock or when changing the physical adapter’s link speed property. This issue is most commonly seen as a DPC_WATCHDOG_VIOLATION or when verifier is enabled a VRF_STACKPTR_ERROR is seen in the Mem...

Windows 10 March CU KB4013429 Breaks Data Display for Dynamics CRM 2011

UPDATE March 23, 2017: A fix is now available: Microsoft Releases Fix for Form Display Issue for CRM 2011 on IE11 If you’re a Microsoft customer using the combination of Windows 10 and Dynamics CRM 2011, you’ll want to be aware of that this month’s cumulative update for Windows 10 causes display issues for forms and data display in Microsoft’s customer relationship server. A community support thread is located here: Win10 March cumulative update KB 4013429 breaks display of forms in MS Dynamics CRM 2011 The workaround currently is to uninstall the CU. Additionally, some users are also reporting that Windows 7 and Windows 8.1 PCs have the same issue. For Windows 7 uninstalling KB4012212 solves the issue, for Windows 8.1 its KB4012216. Microsoft has yet to acknowledge...

Microsoft Delays Ending Security Bulletin Demise

In a blog post announcing the security updates for March 2017, Microsoft also distributed the following terse blurb: Security bulletins were also published this month to give customers extra time to ensure they are ready to transition their processes. Missing from the statement is a new deadline date.  Does this mean the company has moved it by a month since it skipped delivering security updates to customers in February – or is the date still undetermined? We’re reaching out to Microsoft for clarification. Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in San Francisco in 2017!

Patch Tuesday for March 2017 is Coming But Its Guesswork

Famously now, Microsoft skipped patching its Windows platform in February 2017 for an uncited reason and stated that it would restart the updating engines for March’s Patch Tuesday. Patch Tuesday is now just a day away and Microsoft has  a lot of catching up to do. Will the company provide security fixes for the myriad of zero-day flaws that have cropped up since the last security update? Will customers see fixes for vulnerabilities that have been left unfixed since late 2016? Can customers count on Microsoft to patch wide-open security holes that 3rd parties have take upon themselves to provide their own patches for Microsoft’s own customers? Missing a single month has had wide-ranging repercussions. For those tasked with keeping corporate assets safe it may have seemed like a...

Microsoft Pulls Bad Device Driver and Offers Workarounds

Just a couple days ago on March 8th, Microsoft delivered a device driver (Microsoft – WPD – 2/22/2016 12:00:00 AM – 5.2.5326.4762) that would not correctly detect mobile phones or portable devices like it should. After a big thread and help from the community that installed old drivers to both prove the problem and , Microsoft relented and removed the device driver from Windows Update. However, there are those that installed the device driver before Microsoft had the chance to pull it. Those people may still experience issues. In the thread the company representative offers some workarounds for those that soldiered in and installed all their updates quickly. These workarounds include using a System Restore Point, rolling back the specific device driver, and blocking it from installin...