Microsoft Security Updates February 2018 release - gHacks Tech News

Microsoft Security Updates February 2018 release

Microsoft released updates for the company's Windows operating system, Microsoft Office, and other company products on today's February 2018 Patch Day.

Our overview lists all important information to make it as easy as possible to keep an overview, download updates, look up additional information, and make better decisions in regards to the installation of updates.

It is recommended that you back up your system before you install any patches. The past has shown over and over again that updates may have negative effects on systems and that backups are the best option when it comes to rolling back.

Our guide lists all security and non-security updates that Microsoft released since the January Patch Day. Each patch is listed with its name, description, and link to Microsoft.

We list how Windows products and Microsoft browsers are affected by this month's updates, post known issues and security advisories. You find information on downloads and even direct links to downloads at the end of the article.

Microsoft Security Updates February 2018

Click on the following link to download an Excel spreadsheet that lists all security updates that Microsoft released in February 2018: microsoft-windows-february-2018-updates.zip

Executive Summary

  • Microsoft released updates for all supported client and server versions of Windows.
  • Security updates are available for Microsoft Office, Adobe Flash, Microsoft Edge and Internet Explorer as well.
  • All Windows systems are affected by one critical vulnerability.

Operating System Distribution

  • Windows 7: 15 vulnerabilities of which 1 is rated critical and 14 are rated important
  • Windows 8.1: 12 vulnerabilities of which 1 is rated critical, 10 are important, and 1 is moderate
  • Windows 10 version 1607: 17 vulnerabilities of which 1 is rated critical and 16 are rated important
  • Windows 10 version 1703: 18 vulnerabilities of which 1 is rated critical and 17 are rated important
  • Windows 10 version 1709: 19 vulnerabilities of which 1 is rated critical and 18 are rated important

Windows Server products

  • Windows Server 2008: 11 vulnerabilities of which 1 is rated critical and 10 are rated important
  • Windows Server 2008 R2: 14 vulnerabilities of which 1 is rated critical and 13 are rated important
  • Windows Server 2012 and 2012 R2: 12 vulnerabilities of which 1 is rated critical 11 are rated important
  • Windows Server 2016: 17 vulnerabilities of which 1 is rated critical and 16 are rated important

Other Microsoft Products

  • Internet Explorer 11: 2 vulnerabilities, 1 critical, 1 important
  • Microsoft Edge: 14 vulnerabilities, 11 critical, 2 important, 1 moderate

Security Updates

KB4074588 -- Cumulative Update for Windwos 10 version 1709 to build 16299.248.

  • Addresses issue where child accounts are able to access InPrivate mode on ARM devices even though their browsing and search history is sent to their parents. This occurs only on Microsoft accounts belonging to children that are managed using the Microsoft Family service and for which parents have enabled activity reporting. This applies to Microsoft Edge and Internet Explorer.
  • Addresses issue with docking and undocking Internet Explorer windows.
  • Addresses issue in Internet Explorer where pressing the delete key inserted a new line in input boxes in an application.
  • Addresses issue in Internet Explorer where selected elements wouldn't update under certain circumstances.
  • Addresses issue where some users may have experienced issues logging into some websites when using third-party account credentials in Microsoft Edge.
  • Updates time zone information.
  • Addresses issue with browser Compatibility View settings that occurs during updates.
  • Addresses issue where, in certain hardware configurations, the frame rates of DirectX Games were unintentionally limited to a factor of the display's vertical synchronization.
  • Addresses issue that causes delays when switching keyboard languages using Alt+Shift.
  • Addresses issue where surround sound audio endpoints reverted to stereo after restarting.
    Improves and reduces conditions where certain Bluetooth keyboards drop keys during reconnection scenarios.
  • Corrects mouse delays for devices that incorrectly report the battery level status.
  • Addresses issue where MMC application snap-ins—such as Services, Local Policy Admin, and Printer Management—fail to run when Windows Defender Application Control (Device Guard) is turned on. The error is "Object doesn't support this property or method".
  • Prevents use of the Pre-production Onesettings endpoint for Windows Setup when test signing is enabled.
  • Addresses issue where installations of Windows Server, version 1709 are not automatically activated using the Automated Virtual Machine Activation (AVMA) feature on Hyper-V hosts that have been activated.
  • Addresses issue with the Auto-register Inbox templates feature for UEV where the Scheduled Task didn't have the proper trigger.
  • Addresses issue where the App-V client didn't read the policy for SyncOnBatteriesEnabled when the policy was set using a Group Policy Object (GPO).
  • Addresses issue where the Supported On field for the Enable App-V Client policy is blank in the Group Policy editor.
  • Addresses issue where the user’s hive data in the registry is not maintained correctly when some App-V packages belong to the connection group.
  • Provides additional logging for administrators to take action, such as picking a proper configuration for their App-V package, when there are multiple configuration files for a single package.
  • Addresses issue with App-V packages that aren't compatible with registry virtualization using kernel containers. To address the issue, we changed the registry virtualization to use the earlier (non-container) method by default. Customers who would like to use the new (kernel container) method for registry virtualization can still switch to it by setting the following registry value to 1:
    Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Compatibility
    Setting: ContainerRegistryEnabled
    DataType: DWORD
  • Security updates to Microsoft Scripting Engine, Microsoft Edge, Internet Explorer, Microsoft Windows Search component, Windows Kernel, Windows Authentication, Device Guard, Common Log File System driver, and the Windows storage and file systems.

KB4074591 -- Cumulative Update for Windwos 10 Version 1511 to build 10586.1417

  • Updates time zone information.
  • Addresses issue that causes services.exe to stop working after applying the "Obtain an impersonation token for another user in the same session” privilege to Windows Server 2012 R2 computers. These computers then enter a restart loop. The system may report the SceCli event ID 1202 with error 0x4b8. It may also report the Application Error event ID 1000 with the faulting module name scesrv.dll and the exception code 0xc0000409. This privilege was first introduced in Windows Server 2016.
  • Addresses issue where MMC application snap-ins—such as Services, Local Policy Admin, and Printer Management—fail to run when Windows Defender Application Control (Device Guard) is turned on. The error is "Object doesn't support this property or method."
  • Addresses issue with URL redirects in Internet Explorer.
  • Addresses issue where some users may have experienced issues logging into some websites when using third-party account credentials in Microsoft Edge.
  • Addresses issue with browser Compatibility View settings that occur during updates.
  • Security updates to Microsoft Edge, Internet Explorer, Microsoft Windows Search component, Windows Kernel, Device Guard, Windows storage and file systems, Common Log File System driver, and the Microsoft Scripting Engine.

KB4074590 -- Cumulative Update for Windows 10 Version 1607 to build 14393.2068

  • Addresses issue with fragment identifier contained in links opened using the Enterprise Mode Site List to redirect from Microsoft Edge to Internet Explorer.
  • Addresses issue with rendering graphics elements with Internet Explorer.
  • Addresses a script-related issue that caused Internet Explorer to stop working in some cases.
  • Addresses issue in Internet Explorer where pressing the Delete key inserted a new line in input boxes in an application.
  • Addresses issue where some users may have experienced issues logging into some websites when using third-party account credentials in Microsoft Edge.
  • Addresses issue with browser Compatibility View settings that occured during updates.
  • Updates time zone information.
  • Addresses issue where telemetry data couldn't be uploaded using UTC because of networking environments that prevent access to the necessary CRL servers.
  • Addresses issue where MMC application snap-ins—such as Services, Local Policy Admin, and Printer Management—fail to run when Windows Defender Application Control (Device Guard) is turned on. The error is "Object doesn't support this property or method."
  • Addresses issue where a failover in MPIO while throttling input and output requests may cause all available paths to fail.
  • Addresses issue where the application pool CPU throttles when running IIS.
  • Updates Microsoft HoloLens CPU Microcode to address vulnerability CVE-2017-5715 - Branch target injection. Installing this KB for HoloLens applies all relevant OS and Microcode updates. See Advisory 180002 for more details.
  • Addresses issue where, after installing KB4057142 or KB4056890 on an SMB server, accessing files in directory junction points or volume mount points hosted on the server may fail. The error is “ERROR_INVALID_REPARSE_DATA”. For example, this symptom may be observed:
  • Editing some group policies using GPMC or AGPM 4.0 may fail with the error "The data present in the reparse point buffer is invalid. (Exception from HRESULT: 0x80071128)".
    Security updates to Microsoft Edge, Internet Explorer, Adobe Flash Player, Microsoft Windows Search Component, Windows Kernel, Device Guard, Common Log File System Driver, and Windows storage and file systems.

KB4074592 -- Cumulative Update for Windows 10 Version 1703 to build 15063.909.

  • Addresses issue with a fragment identifier contained in links opened using the Enterprise Mode Site List to redirect from Microsoft Edge to Internet Explorer.
  • Addresses issue with scrolling through customer applications in Microsoft Edge.
  • Addresses a script-related issue that caused Internet Explorer to stop working in some cases.
  • Addresses issue with launching files using linked shortcuts in Internet Explorer.
  • Addresses issue with rendering graphics elements in Internet Explorer.
  • Addresses issue in Internet Explorer where pressing the Delete key inserted a new line in input boxes in an application.
  • Addresses issue where some users may have experienced issues logging into some websites when using third-party account credentials in Microsoft Edge.
  • Updates time zone information.
  • Addresses issue where telemetry data couldn't be uploaded using UTC because of networking environments that prevent access to the necessary CRL servers.
  • Addresses issue where the certutil.exe -MergePfx feature couldn't produce a merged EPF file for multiple V1 certificates.
  • Addresses issue where MMC application snap-ins—such as Services, Local Policy Admin, and Printer Management—fail to run when Windows Defender Application Control (Device Guard) is turned on. The error is "Object doesn't support this property or method."
  • Addresses issue where booting with Unified Write Filter (UWF) turned on may lead to stop error 0xE1 in embedded devices, particularly when using a USB HUB.
  • Improves performance of Intel processors that have Hardware P-States (HWP) enabled.
  • Addresses issue where customers sometimes see the error message "Something went wrong" after completing the out-of-box experience.
  • Security updates to Microsoft Scripting Engine, Microsoft Edge, Internet Explorer, Microsoft Windows Search component, Windows Kernel, Device Guard, Windows storage and file systems, and the Common Log File System driver.

KB4074593 -- Windows Embedded 8 Standard

KB4074594 — 2018-02 Security Monthly Quality Rollup for Windows 8.1 and Windows Server 2012 R2

KB4074597 — 2018-02 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2

All three address the following security issues:

  • Security updates to Windows Graphics, Windows Kernel, Common Log File System driver, Microsoft Windows Search component, and Windows storage and file systems.

KB4074598 — 2018-02 Security Monthly Quality Rollup for Windows 7 and Windows Server 2008 R2

KB4074587 -- 2018-02 Security Only Quality Update for Windows 7 and Windows Server 2008 R2

Both address the following security issues:

  • Security updates to Windows Graphics, Windows Kernel, Common Log File System driver, Microsoft Windows Search component, and Windows storage and file systems.

KB4074736 -- Cumulative security update for Internet Explorer: February 13, 2018

KB4034044 -- Security Update for Windows Server 2008 and Windows XP Embedded that fixes an information disclosure vulnerability in VBScript.

KB4057893 -- Security Update for Windows XP Embedded SP3 for x86-based Systems  --

KB4058165 -- 2018-02 Security Update for Windows Server 2008 -- addresses a security issue in Windows Kernel that could be abused for information disclosure attacks.

KB4073079 -- 2018-02 Security Update for Windows Server 2008 -- addresses an elevation of privileges vulnerability in the Windows Common Log File System driver.

KB4073080 -- 2018-02 Security Update for Windows Server 2008 -- Fixes an information disclosure vulnerability and an elevation of privilege vulnerability in Windows kernel.

KB4074589 -- 2018-02 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4074595 -- 2018-02 Security Update for Adobe Flash Player for Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, and Windows 10

KB4074603 -- 2018-02 Security Update for Windows Server 2008 and Windows XP Embedded

KB4074836 -- 2018-02 Security Update for Windows Server 2008 and Windows XP Embedded

KB4074851 -- 2018-02 Security Update for Windows Server 2008

KB4074852 -- 2018-02 Security Update for Windows XP Embedded SP3 for x86-based Systems

Known Issues

  • Windows Update History reports that KB4054517 failed to install because of error 0x80070643. -- Workaround: run a manual check for updates to make sure no further updates are available.
  • Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY.

Security advisories and updates

ADV180004 -- February 2018 Adobe Flash Security Update

Non-security related updates

KB4019276 -- Update for WES09 and POSReady 2009

KB4056446 -- Update for Windows Server 2008

KB4076492 -- 2018-02 Quality Rollup for .NET Framework 3.5.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4076493 -- 2018-02 Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows Embedded 8 Standard and Windows Server 2012

KB4076494 -- 2018-02 Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4076495 -- 2018-02 Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008

KB4077944 -- 2018-02 Dynamic Update for Windows 10 Version 1709

KB4077962 -- 2018-02 Dynamic Update for Windows 10 Version 1703

KB4078408 -- 2018-02 Dynamic Update for Windows 10 Version 1709

KB4087256 -- 2018-02 Update for Windows 10 Version 1709

KB4058258 -- Windows 10 Version 1709 update to build 16299.214

KB890830 -- Windows Malicious Software Removal Tool - February 2018

A big non-security update with improvements and fixes.

KB4073291 -- Windows 10 Version 1709 update to build 16299.201

Adds additional lprotections for 32-bit versions of Windows 10 version 1709. Also addresses issue originally patched in KB4056892.  Has known issues

KB4057144 -- Windows 10 Version 1703 update to build 15063.877

Fixes lots of issues including unbootable state issues for some AMD systems, printing PDF issues in Microsoft Edge, or Windows Defender security issues.

KB4057142 -- Windows 10 Version 1607 update to build 14393.2034

The update includes quality improvements. Lots of fixes, some match KB4057144.

KB4075200 -- Windows 10 Version 1511 update to build 10586.1358

Non-security update for the November update version of Windows 10. Includes some fixes.

KB2952664 -- Compatibility update for keeping Windows up-to-date in Windows 7

Microsoft Office Updates

Microsoft released non-security updates for Office products last week. Check out this overview if you have not already.

Office 2016

KB4011686 -- Fixes remote code execution vulnerabilities in Office 2016.

KB4011143 --Fixes remote code execution vulnerabilities in Office 2016.

Office 2013

KB4011690 -- Patches vulnerabilities in Microsoft Office that could be exploited for remote code execution.

KB3172459 -- Security Update for Microsoft Office to address remote code execution vulnerabilities.

Office 2010

KB4011707 -- Fixes remote code execution vulnerabilities in Office 2010.

KB3114874 -- Fixes remote code execution vulnerabilities in Office 2010.

How to download and install the February 2018 security updates

windows microsoft february 2018 updates

All security updates for Windows are distributed via Windows Update and other update distributions services already. Users who want to install the updates right away may need to run manual checks for updates as these don't happen in real-time.

Do the following to run a check for updates:

  1. Tap on the Windows-key, type Windwos Update and select the result.
  2. Windows will either run a check automatically when the page opens, or after you select "check for updates".
  3. Updates should get downloaded and installed automatically after the scan. If they are not, click on the download button to start the process.

Direct update downloads

The following links point to the Microsoft Update Catalog website where you can download the updates as standalone files.

Windows 7 SP1 and Windows Server 2008 R2 SP

KB4074598— 2018-02 Security Monthly Quality Rollup for Windows 7
KB4074587 — 2018-02 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

KB4074594 — 2018-02 Security Monthly Quality Rollup for Windows 8.1

KB4074597  — 2018-02 Security Only Quality Update for Windows 8.1

Windows 10 (version 1511)

KB4074591 — Cumulative update for Windows 10 Version 1511

Windows 10 and Windows Server 2016 (version 1607)

KB4074590  — 2018-02 Cumulative Update for Windows 10 Version 1607 and Windows Server 2016

Windows 10 (version 1703)

KB4074592 — 2018-02 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

KB4074588 — 2018-02 Cumulative Update for Windows 10 Version 1709

Additional resources

Summary
Microsoft Security Updates February 2018 release
Article Name
Microsoft Security Updates February 2018 release
Description
Microsoft released updates for the company's Windows operating system, Microsoft Office, and other company products on today's February 2018 Patch Day.
Author
Publisher
Ghacks Technology News
Logo

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

  1. Dave said on February 13, 2018 at 9:12 pm
    Reply

    1709 16299.192 : Semi-Annual Channel (Targeted) here and not seeing any updates yet today.

    Which is a good thing I suppose. I do prefer to let others find out about bugs before I do ;)

    1. Martin Brinkmann said on February 13, 2018 at 9:34 pm
      Reply

      Yes, that is the best approach to things ;)

  2. AJ North said on February 13, 2018 at 9:47 pm
    Reply

    Thank you, Martin, for your always excellent ‘Black Tuesday’ overview!

  3. Ninveh said on February 13, 2018 at 10:34 pm
    Reply

    Thank you. Very valuable reference list.

    Note: the entries for Server 2012R2 are a bit messed up: pointing to server 2012 -not the R2, or linked to the wrong KB number.

    1. Martin Brinkmann said on February 14, 2018 at 7:24 am
      Reply

      Hi, which links are messed up?

  4. Pete12 said on February 13, 2018 at 11:44 pm
    Reply

    This latest cumulative Windows 10 update did not show up in Windows Update !
    Downloaded from the MS-site , installed ,rebooted and now on 16299.248

    Remains the question why this update is not offered by Windows Updates……………???

    1. m said on February 14, 2018 at 5:25 am
      Reply

      Didn’t show up for me either, but maybe its due to bitdefender still blocking updates. I dunno.
      But I downloaded it from the website, and it installed flawlessly.

    2. kronos said on February 14, 2018 at 10:14 am
      Reply

      Same here, I need to manually install cumulative patches for 2 months now.

      1. Someonewhocares said on February 14, 2018 at 6:53 pm
        Reply

        Same here. No updates for windows since december. Office’s updates working fine though.

      2. Martin Brinkmann said on February 14, 2018 at 8:42 pm
        Reply

        This may be caused by antivirus software that is not compatible. Read the known issues, the AV needs to set a Registry key, if it does not, updates are not provided.

      3. Someonewhocares said on February 14, 2018 at 9:54 pm
        Reply

        I’ve no AV either :)

        I just have Simple Software Restriction Policy and Windows firewall control installed. But even with everything disabled still no updates.

        Tried the Windows Update Troubleshooter but no luck.

        I guess i need to install the updates manually from now on.

        Anyway thank you for the article!

    3. k said on February 14, 2018 at 5:14 pm
      Reply

      Here too nothing shows up, nor did it in January which I didn’t notice.
      Now I have just installed February manually without problem.
      It’s an Amd machine. Maybe it’s because of the meltdown fuss ?

    4. Sebq said on February 15, 2018 at 2:54 pm
      Reply

      From january 2018 Microsoft blocked windows updates for users without antivirus software:
      https://support.microsoft.com/en-us/help/4072699/january-3-2018-windows-security-updates-and-antivirus-software

  5. jelson said on February 14, 2018 at 4:31 am
    Reply

    Noticed an error — only in the text — in 2 places:

    “KB4056898 — 2018-02 Security Monthly Quality Rollup for Windows 7 and Windows Server 2008 R2”

    AND

    “Windows 7 SP1 and Windows Server 2008 R2 SP

    KB4056898 — 2018-02 Security Monthly Quality Rollup for Windows 7”

    ___

    The embedded links are correct:

    https://support.microsoft.com/en-us/help/4074598/windows-7-update-kb4074598

    AND

    https://www.catalog.update.microsoft.com/Search.aspx?q=4074598

    ___

    KB4056898 is the Jan 2018 Security Only patch for Win 8.1

    1. Martin Brinkmann said on February 14, 2018 at 7:21 am
      Reply

      Thank you, corrected.

  6. just said on February 14, 2018 at 4:40 am
    Reply

    Please correct the titles of “KB4056898” as both of them are linking to “KB4074598”

    1. Martin Brinkmann said on February 14, 2018 at 7:21 am
      Reply

      Thank you, corrected.

  7. Anonymous said on February 14, 2018 at 5:44 am
    Reply

    KB 4074736/Cumulative security update for IE 11 failed to install for some reason. I managed to successfully install the security-only update for Windows 7 beforehand, but after 6 tries, I still see error 80070057. Windows Update Troubleshooter was no help either, and my antivirus should be compatible for Meltdown/Spectre updates.

    1. seeprime said on February 14, 2018 at 7:27 am
      Reply

      After making a system image (in case the update borks the machine), I always download the KB from the Microsoft Update Catalog website. This seems to always install. Make sure you disable your antivirus, unless you’re using Defender.

      1. Anonymous said on February 14, 2018 at 7:35 am
        Reply

        I did download from the catalog website and disabled the antivirus. I even renamed the Software Distribution folder, but no luck. Now I uninstalled the security-only update to see if it’ll be any different.

      2. Anonymous said on February 14, 2018 at 7:41 am
        Reply

        And I tried uninstalling the security-only update to see if there’s any difference but no luck. :/ Wonder if the KB itself is having problems.

    2. Belga said on February 14, 2018 at 10:43 am
      Reply

      “The fixes that are included in this Security Update for Internet Explorer 4074736 are also included in the February 2018 Security Monthly Quality Rollup. Installing either the Security Update for Internet Explorer or the Security Monthly Quality Rollup installs the fixes that are in this update.”

      1. Anonymous said on February 14, 2018 at 4:24 pm
        Reply

        That still doesn’t explain why the KB failed to install.

      2. Belga said on February 15, 2018 at 10:25 am
        Reply

        No problem for me in Win 7 & Win 8.1.

  8. swampcat said on February 14, 2018 at 7:22 am
    Reply

    Hi everybody!
    Martin, it seems that you missed KB2952664 came back again (!and again!) with this update.
    Got it for Win 7 x86 Ultimate and Win 7 Home Premium x64
    Morons currently managing VeryLittle&Soft are delusional or what?
    They convinced their users already – “switch to Linux”… what else?
    Cheers!

  9. Martin Brinkmann said on February 14, 2018 at 8:13 am
    Reply

    Sandboxie users should not install kb4074592 as it crashes the system when launching IE or closing Firefox in a sandbox:

    We are seeing BSODs with Windows 10 x86 1703 + kb4074592 when launching Internet Explorer or closing Firefox in the Sandbox. This affects Sandboxie 5.22 as well as the betas 5.23.x

  10. ilev said on February 14, 2018 at 8:32 am
    Reply

    I love Microsoft’s Windows 10 is more secure than Windows 7, Edge is more secure than Explorer !!

    Windows 7 : 15 vulnerabilities of which 1 is rated critical

    Windows 10 version 1709: 19 vulnerabilities of which 1 is rated critical

    Internet Explorer 11: 2 vulnerabilities, 1 critical

    Microsoft Edge: 14 vulnerabilities, 11 critical

  11. wyxchari said on February 14, 2018 at 9:11 am
    Reply
  12. Anonymous said on February 14, 2018 at 9:18 am
    Reply

    I give up. -_-

    I’ve tried nearly everything to install KB4074736 from MS catalog website only to continuously have that stinkin’ error 80070057, from disabling my antivirus to uninstalling a security-only update to renaming my software distribution folder.

    I’m starting to wonder if it’s the KB that’s having issues since the troubleshooter found nothing wrong on my Windows Update.

  13. TelV said on February 14, 2018 at 2:13 pm
    Reply

    Hi Martin,

    Thanks once again for all the hard work.

    There’s a link error regarding KB4074597 though.

    The first link for Windows 8.1 Security Only update KB4074597 to be found under the last description for Windows 10 links incorrectly to KB4074589 the latter of which only applies to Windows 8 Embedded and WS 2012 R2.

    The second link to KB4074597 under the heading “Direct Update Downloads” is however correct.

  14. John said on February 14, 2018 at 2:33 pm
    Reply

    My windows 7 box has gone into an update reboot for the last couple of hours… Is this expected? any idea roughly how many times it will reboot?

    1. Martin Brinkmann said on February 14, 2018 at 5:14 pm
      Reply

      Usually, it is a single reboot that is required. How many times did your PC reboot already? Maybe try and disable the update and see if it resolves the issue.

      1. Kevin said on February 15, 2018 at 4:05 pm
        Reply

        having the same issue… tried to not take the update.. ie. ignore… ugh… maybe I need to upgrade to windows 10 ?

  15. J R Behun said on February 14, 2018 at 3:45 pm
    Reply

    Windows 10 update of 13feb18 works fine on my two PCs with Intel processor, but on my AMD machine all runs except Chrome. I had to uninstall all of Chrome. (everything else seems to be okay on that AMD machine)

  16. TelV said on February 14, 2018 at 4:09 pm
    Reply

    Martin,

    You have a link to KB4076494 for NET Framework updates in the section called “Non-security related updates”.

    However, according the the KB article the update includes a security issue described as follows:

    “This security update resolves a security feature bypass vulnerability that exists when Microsoft .NET Framework and .NET Core components do not completely validate certificates. This security update addresses the vulnerability by helping to make sure that .NET Framework and .NET Core components completely validate certificates”.

    I’ve been trying to find the security only update KB4054999 on the Catalog site but can’t find it anywhere. Do you happen to know whether it exists in a standalone format, or am I going to be forced to install the whole package in order to get it?

    1. Martin Brinkmann said on February 14, 2018 at 5:12 pm
      Reply

      Hi, I had no time to look into this yet, but Microsoft’s classification is sometimes strange in regards to security / non-security updates.

      1. TelV said on February 15, 2018 at 10:56 am
        Reply

        Don’t bother Martin, after going to the catalog site and clicking the Download button, KB4054999 appears as a separate download: https://imgur.com/a/VWmRs

  17. StuStyle said on February 14, 2018 at 4:18 pm
    Reply

    This may be a more general Windows Update question but I’m unsure of the update behavior.

    We made a decision not to install last month’s Cumulative Win 10 x64 Ver 1709 Update (KB4056892). The main concern was the problems with booting and CPU slowdown after the patch was applied.

    If we apply this month’s Cumulative Win 10 x64 Ver 1709 update (KB4074588), does that also apply the updates from last month’s cumulative patch or is it just a cumulative update for the updates that have come out this month?

    I just want to make sure if we deploy KB4074588 it doesn’t apply the patches that were in KB4056892.
    Thanks!

  18. Linda said on February 14, 2018 at 6:53 pm
    Reply

    One of my colleagues had a Windows 10 update overnight (Feb 13, 2018). However, whenever he tries to open any file from the network, he gets an error message that “directory is invalid”. When we copy the file to his local computer and the file opens without any error message. We have another computer with Windows 10 and the latest updates but he has no problem accessing the same directory. Any idea what cause this and how to fix it? Thank you in advance for helping.

    1. Scott said on February 15, 2018 at 7:37 am
      Reply

      Don’t have any fix but after installing on one computer we lost a printer/scanner access on that computer (still can access it on the rest of the home network). After installing it on the other desktop we lost access to the prior desktop on the home network (requiring credentials even though we don’t have them and have tried all of the fixes!) We are not in IT so most of this is going over our heads but have traced this back to the patch we installed yesterday and today.

    2. Linda said on February 16, 2018 at 1:37 am
      Reply

      We did an update on the network and it seems to resolved the problem. However, we have no idea what caused the error message in the first place.

  19. exrelayman said on February 15, 2018 at 5:13 am
    Reply

    kb4074588 would not install on my Dell or Lenovo windows 10 pc laptop. So I tried the Delta update version instead of the cumulative update and it successfully installed on both of them. Neither pc set to automatic update knew about this update. Only manual updating from the microsoft update catalogue worked.

  20. Elena Rif said on February 15, 2018 at 4:02 pm
    Reply

    The latest critical updates for Windows 7 installed yesterday, February 14, 2018 automatically and closed the computer. Now when I turn on the computer, Word does not start or crashes immediately. I don’t know how to fix this, other than to restore the system to the previous state.
    I’ll appreciate the suggestions. Should I reinstall Office? Or are there other ways to fix this problem? Thank you.

    1. AJ North said on February 15, 2018 at 5:58 pm
      Reply

      Hello Elena,

      Reinstalling Office might prove useful, and that’s a relatively easy and quick procedure; but my expectation is that the problem resides elsewhere. However as it’s benign, why not; go ahead and give that a whirl.

      If that does not solve the problem, then the next thing I would try — after backing-up all my files & folders (which one ought to be doing on a regular basis…) — is engaging the System File Checker to ascertain the integrity of system files, and repair any that may be corrupted; here are complete instructions: https://www.howtogeek.com/222532/how-to-repair-corrupted-windows-system-files-with-the-sfc-and-dism-commands/ . (NOTE: if any corrupted files should remain that were not able to be repaired, then proceed to employing the WIN 7 “System Update Readiness Tool,” for which a download link is provided.)

      If THAT does not solve the problem, then, restoring the system to the Restore point created at the beginning of the installation of KB4074598 is a reasonable procedure to try— but before that, I would first try uninstalling KB4074598 (2018.02 Security Monthly Quality Rollup), restart twice (letting the machine run for about three minutes between shut-downs).

      Now, if that DOES solve the problem, then you might try manually downloading & installing the February 2018 Security Only Quality Rollup (yes, Microsoft’s nomenclature is less than helpful…), KB4074587; you will also need KB4074736, the February Cumulative Security Update for Internet Explorer. Links for downloading them are above (make sure to choose the correct “bitedness” — x32 or x64).

      Please post your results — and good luck!

      AJN

    2. A different Martin said on February 16, 2018 at 12:19 am
      Reply

      @Elena:

      Just for the sake of giving me something new to worry about ;-), what version of Word are you talking about? (I look after a few Windows 7 computers that have Office 2010 installed but haven’t applied this month’s Patch Tuesday updates to them yet.)

  21. Bored said on February 16, 2018 at 11:57 am
    Reply

    W7 SP1x64, using WSUS offline v11.1.1 with “security only update” CHECKED. It downloaded 4 kbs : kb2631813, kb4074736 and kb4074587 (only secutity rollup), kb4074598 (quality rollup – 234 Mo > I checked NOn WHY?!) To finally install NOTHING, “nothing to do”! Waste of time this tool finally. By Windows Update except for the NET.Framework 3.5, I have only the kb4034664 QR proposed. Bored.

    1. A different Martin said on February 16, 2018 at 5:30 pm
      Reply

      @Bored:

      I also have W7 SP1 x64 and used WSUS Offline Update 11.1.1 with the “security only updates” option checked (as well as C++ Runtime Libraries and .NET Frameworks, Service Packs, and Windows Defender definitions).

      Once Belarc Advisor updated its database to reflect the most recent Patch Tuesday releases, around two and a half days after Patch Tuesday, it said I was missing KB4074587 (a critical Windows update package) and KB4074736 (a critical Internet Explorer update package). I don’t know what Windows Update would have said, since I’ve disabled it.

      Running WSUS Offline Update stage 1 (the “update generator,” i.e., downloader) resulted in a “file integrity verification failure.” I’ve been using WSUS Offline Update for around a year and this was the first real problem I’ve run into with it. Following a recommendation I found in a WSUS Offline Update forum post, I deleted the contents of WSUS’s \client\md\ subfolder and tried running the WSUS generator again.

      This time the generator validated the glb files, found the list of superseded updates, and downloaded 222 packages, of which the only packages from this month’s Patch Tuesday were the two missing security KBs identified by Belarc Advisor.

      The stage 1 download results *seem* kosher to me, I cloned my system drive last night, and I’m *definitely* not going to vet every last one of those 222 downloads, so I’m going to go ahead and proceed with stage 2, the update installer stage.

      Maybe you should try the WSUS Offline Update forum. If you can’t get a workable solution there, I’d say that you should:

      * Uninstall the unwanted “quality” update.

      * Maybe make a backup copy of your WSUS\log\download.log file, outside of the WSUS folder, for future diagnostic use. (The *install* log is located at C:\Windows\wsusofflineupdate.log and won’t be affected by the next step.) If you’ve done any customizing, like custom blacklists, maybe make a backup of those, as well.

      * Delete the entire WSUS folder.

      * “Reinstall” WSUS Offline Update from scratch at the root of your system drive (since WSUS doesn’t handle long paths well).

      * Run the stage 1 update generator and re-download your entire local repository of updates from scratch.

      If you have slow or metered Internet, you’ll probably try harder to fix the problem with your existing install — possibly by just moving your WSUS folder to the root of your drive — before resorting to this “extreme” measure.

      And as always after installing any Microsoft update package (whether quality or security-only), run a privacy tool to make sure it didn’t re-enable any unwanted telemetry or diagnostics.

      1. A different Martin said on February 16, 2018 at 10:01 pm
        Reply

        Stage 2 went fine. It didn’t find:

        * KB4055532 – 2018-01 Security and Quality Rollup for .NET Framework (Important)

        I’m not sure why that is; I’ll look into it. It found and installed:

        * KB4074598 – 2018-02 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (Critical)

        * KB4074736 – Cumulative Security Update for Internet Explorer 11 for Windows 7 for x64-based Systems (Critical)

        * KB4074587 – 2018-02 Security Only Quality Update for Windows 7 for x64-based Systems (Critical)

        Afterwards, Belarc Advisor gave me a clean bill of health as to missing security updates, and WPD gave me a clean bill of health as to privacy.

        Anyway, so far, so good.

      2. Anonymous said on February 19, 2018 at 11:33 am
        Reply

        I have deleted WSUS and with it redownloaded all updates, with only security patchs checked. Exactly the same, “nothing to do” and the last “Quality Security Patch” downloaded!! I downloaded the last only security patch on the Microsoft server (KB4074587 — 2018-02 Security Only Quality Update for Windows 7), it was installed normally. I will stop updating W7 with WSUS.

      3. A different Martin said on February 19, 2018 at 6:04 pm
        Reply

        For what it’s worth, Microsoft identifies KB4074598 (Monthly Rollup) as a *security* update:

        https://support.microsoft.com/en-us/help/4074598/windows-7-update-kb4074598

        Otherwise, I don’t know what might be going on with WSUS Offline Update on your computer. I’ve been using it to maintain five computers for around a year and in that time only had to manually install a single security update (flagged as missing by Belarc Advisor) on two of them. I’m pretty sure that gHacks commenter Yuliya mentioned a different third-party Windows updater not too long ago, but I no longer remember what it was called. Maybe that’s worth looking into.

  22. maxxxa said on February 19, 2018 at 1:35 pm
    Reply

    KB2952664 > /facepalm

Leave a Reply