Microsoft Windows Security Updates July 2018 release overview - gHacks Tech News

Microsoft Windows Security Updates July 2018 release overview

It is July 10, 2018 today and that means it is time for our monthly Microsoft Patch Day overview. Microsoft releases security updates for company products on the second Tuesday of each month.

Our coverage includes all important information about today's releases. It begins with an executive summary that lists the most important information right away. We look at the operating system distribution of patches for all supported client and server versions of Windows, and list all released updates afterward.

Links are provided to Microsoft Support pages to look up additional information and to download the updates.

Our overview includes security advisories and known issues, direct downloads of security patches, and links to resources.

Check out last month's overview here.

Microsoft Windows Security Updates July 2018

The following Excel spreadsheet contains all security updates that Microsoft released today for all of its products. Click on the following link to download it:   July 2018 Windows Security Updates

Executive Summary

  • Microsoft released security updates for all client and server versions of Windows.
  • No critical vulnerabilities for all client and server versions of Windows.
  • Critical vulnerabilities in Edge and Internet Explorer.
  • Other Microsoft products with security updates are: Microsoft Office, .NET Framework, ASP.NET, Visual Studio, Skype for Business and Microsoft Lync, and Internet Explorer / Microsoft Edge

Operating System Distribution

  • Windows 7: 7 vulnerabilities of which 7 are important.
  • Windows 8.1: 9 vulnerabilities of which 9 are important.
  • Windows 10 version 1607: 8 vulnerabilities of which 8 are important.
  • Windows 10 version 1703: 8 vulnerabilities of which 8 are important.
  • Windows 10 version 1709: 8 vulnerabilities of which 8 are important.
  • Windows 10 version 1803: 7 vulnerabilities of which 7 are important.

Windows Server products

  • Windows Server 2008 R2: 8 vulnerabilities of which 8 are important.
  • Windows Server 2012 and 2012 R2: 9 vulnerabilities of which 9 are important.
  • Windows Server 2016: 8 vulnerabilities of which 8 are important.

Other Microsoft Products

  • Internet Explorer 11: 6 vulnerabilities, 4 critical, 2 important
  • Microsoft Edge: 19 vulnerabilities, 12 critical, 7 important

Windows Security Updates

KB4338823 -- Windows 7 SP1 Security-only update

  • Protection against Lazy Floating Point (FP) State Restore (CVE-2018-3665) for 64-Bit (x64) versions of Windows.
  • Security updates to Internet Explorer, Windows apps, Windows graphics, Windows Shell, Windows datacenter networking, Windows wireless networking, and Windows virtualization.

KB4338818 --  Windows 7 SP1 Monthly rollup

  • Same as KB4338823.
  • Internet Explorer update to conform to the policy that disabled the launch of Developer Tools.
  • Fixed DNS requests disregarding proxy configurations in IE and Edge (copy and paste gone wrong, Edge not available for Windows 7).

KB4338824 -- Windows 8.1 Security-only update

  • Protection against Lazy Floating Point (FP) State Restore (CVE-2018-3665) for 64-Bit (x64) versions of Windows.
  • Provides protections from an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass (CVE-2018-3639). (see here (client) and here (server)
  • Provides support to control usage of Indirect Branch Prediction Barrier (IBPB) on some AMD processors (CPUs) for mitigating CVE-2017-5715 (see here and here)
  • Security updates to Internet Explorer, Windows apps, Windows graphics, Windows Shell, Windows datacenter networking, Windows virtualization, and Windows kernel.

KB4338815 -- Windows 8.1 Monthly Rollup

  • Same as KB4338824
  • Internet Explorer update to conform to the policy that disabled the launch of Developer Tools.
  • Fixed DNS requests disregarding proxy configurations in IE and Edge (copy and paste gone wrong, Edge not available for Windows 8.1).
  • Fixed mouse stopped working after switching between local and remote sessions.

KB4338814 -- Windows 10 version 1607

  • Updates support for the draft version of the Token Binding protocol v0.16.
  • Fixed form submission issue in IE.
  • Updates Internet Explorer's Inspect Element feature to conform to the policy that disables the launch of Developer Tools.
  • Fixed wrong IME mode chosen on an IME-active element.
  • Fixed DNS requests issue where requests disregarded proxy configurations in IE and Edge.
  • Evaluates the Windows ecosystem to help ensure application and device compatibility for all updates to Windows (what does that mean?)
  • Security updates to Internet Explorer, Microsoft Edge, Windows apps, Windows graphics, Windows datacenter networking, Windows virtualization, Windows kernel, and Windows Server.

KB4338826 -- Windows 10 version 1703

  • Fixed form submission issue in IE.
  • Updates Internet Explorer's Inspect Element feature to conform to the policy that disables the launch of Developer Tools.
  • Fixed wrong IME mode chosen on an IME-active element.
  • Fixed DNS requests issue where requests disregarded proxy configurations in IE and Edge.
  • Fixed issues with updated time zone information.
  • Evaluates the Windows ecosystem to help ensure application and device compatibility for all updates to Windows (what does that mean?)
  • Security updates to Internet Explorer, Microsoft Edge, Windows apps, Windows graphics, Windows virtualization, Windows kernel, and Windows Server.

KB4338825 -- Windows 10 version 1709

  • Fixed wrong IME mode chosen.
  • Fixed form submission issue in Internet Explorer.
  • Fixed DNS requests disregarding proxy configurations in IE and Edge.
  • Addressed updated time zone information issues.
  • Fixed a Google Chrome not working issue on Cobalt devices.
  • Evaluates the Windows ecosystem to help ensure application and device compatibility for all updates to Windows (what does that mean?)
  • Security updates to Internet Explorer, Microsoft Edge, Microsoft scripting engine, Windows apps, Windows graphics, Windows datacenter networking, Windows virtualization, Windows kernel, and Windows Server.

KB4338819 - Windows 10 version 1803

  • Microsoft Edge DevTools Preview app allows debugging of WebView content in UWP apps.
  • Improved Universal CRT Ctype family of functions by correctly handling EOF as valid input.
  • Addresses an issue that may cause the Mitigation Options Group Policy client-side extension to fail during GPO processing. Error message is "Windows failed to apply the MitigationOptions settings. MitigationOptions settings might have its own log file" or "ProcessGPOList: Extension MitigationOptions returned 0xea".
  • Evaluates the Windows ecosystem to help ensure application and device compatibility for all updates to Windows (what does that mean?)
  • Security updates to Internet Explorer, Windows apps, Windows graphics, Windows datacenter networking, Windows wireless networking, Windows virtualization, Windows kernel, and Windows Server.

KB4134651 -- Security Update for WES09 and POSReady 2009 for x86-based Systems

  • An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory.
  • A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory.

KB4291391 -- Security Update for Windows Server 2008 and Windows XP Embedded

  • A denial of service vulnerability exists in the Windows Domain Name System (DNS) DNSAPI.dll when it fails to properly handle DNS responses.

KB4293756 -- Security Update for Windows Server 2008

  • A denial of service vulnerability exists when Windows improperly handles File Transfer Protocol (FTP) connections.

KB4295656 -- Security Update for Windows Server 2008

  • An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory.

KB4338597 -- Security Only Update for .NET Framework 3.0 on WES09 and POSReady 2009

KB4338598 -- Security Only Update for .NET Framework 4 for WES09 and POSReady 2009

KB4338615 -- Security Only Update for .NET Framework 2.0 on WES09 and POSReady 2009

KB4338820 -- Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4338830 -- Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4338832 -- Adobe Flash Player update

KB4339093 -- Cumulative Security Update for Internet Explorer

KB4339291 -- Security Update for WES09 and POSReady 2009

  • A security feature bypass vulnerability exists when Microsoft WordPad improperly handles embedded OLE objects.

KB4339503 -- Security Update for Windows Server 2008

  • An elevation of privilege vulnerability exists when Windows fails a check, allowing a sandbox escape.

KB4339854 -- Security Update for WES09 and POSReady 2009

  • An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory.

KB4340004 -- Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4340005 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4340006 -- Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4340007 -- Security Only Update for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008

KB4340556 -- Security and Quality Rollup for .NET Framework 3.5.1 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4340557 -- Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4340558 -- Security and Quality Rollup for .NET Framework 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4340559 -- Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008

KB4340583 -- Security Update for Windows Server 2008

  • A denial of service vulnerability exists when Windows improperly handles objects in memory.

Notes

The release notes list CVEs with FAQs that offer additional information:

Known Issues

Windows 7 SP1

There is an issue with Windows and third-party software related to a missing file (oem<number>.inf). Because of this issue, after you apply this update, the network interface controller will stop working.

Workaround:

  1. Launch devmgmt.msc, device may appear under Other Devices.
  2. Select Scan for hardware changes from the Action menu.
  3. Alternatively: Right-click on the device and select update. Activate search automatically for updated driver software, or browse my computer for driver software.

Windows 10 version 1709

Localization issues for select strings. The strings may be displayed in English instead of then localized language.

Update: new issue affects  also Windows 10 version 1607

After installing this update on a DHCP Failover Server, Enterprise clients may receive an invalid configuration when requesting a new IP address. This may result in loss of connectivity as systems fail to renew their leases.

Microsoft expects to have a working solution available mid-July.

KB4340558

Users receive a "0x80092004" error when they try to install the July 2018 Security and Quality Rollup update KB4340557 or KB4340558 on Windows 8.1, Windows Server 2012 R2, or Windows Server 2012 after they install the June 2018 .NET Framework Preview of Quality Rollup updates KB4291497 or KB4291495 on systems that are running on .NET Framework 4.7.2, 4.7.1, 4.7, 4.62, 4.6.1, or 4.6.

Security advisories and updates

ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities (update)

ADV180012 | Microsoft Guidance for Speculative Store Bypass (update)

ADV180015 | Microsoft Office Defense in Depth Update

ADV180016 | Microsoft Guidance for Lazy FP State Restore

ADV170017 | Microsoft Office Defense in Depth Update (updated)

Non-security related updates

KB2952664 -- Update for Windows 7

  • Compatibility update for keeping Windows up-to-date in Windows 7

KB2976978 -- Update for Windows 8.1

  • Compatibility update for keeping Windows up-to-date in Windows 8.1 and Windows 8

KB4054529 -- Microsoft .NET Framework 4.7.2 Language Packs for Windows 7 and Windows Server 2008 R2

KB4054530 -- Microsoft .NET Framework 4.7.2 for Windows 7 and Windows Server 2008 R2

KB4054533 -- Microsoft .NET Framework 4.7.2 Language Packs for Windows Embedded 8 Standard and Windows Server 2012

KB4054534 -- Microsoft .NET Framework 4.7.2 Language Packs for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4054535 -- Microsoft .NET Framework 4.7.2 Language Packs for Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, and Windows 10

KB4054542 -- Microsoft .NET Framework 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4054566 -- Microsoft .NET Framework 4.7.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4054590 -- Microsoft .NET Framework 4.7.2 for Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, and Windows 10

KB4073120 -- Microsoft .NET Framework 4.7.2 for Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, and Windows 10

KB4073705 -- Microsoft .NET Framework 4.7.2 Language Packs for Windows Server 2016, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, and Windows 10

KB4338852 -- Dynamic Update for Windows 10 Version 1709

  • This update makes improvements to ease the upgrade experience to Windows 10, Version 1709.

KB4339277 -- Dynamic Update for Windows 10 Version 1803

  • This update makes improvements to ease the upgrade experience to Windows 10, version 1803.

KB4339420 -- Update for Windows 10 Version 1709

  • Servicing stack update for Windows 10, version 1709: July 10, 2018

KB890830 -- Windows Malicious Software Removal Tool - July 2018

Microsoft Office Updates

Microsoft released non-security updates for Office last week. Check out the article in case you missed it.  You find security releases that Microsoft published today below:

Office 2016

KB4022172 -- Patches a remote code execution vulnerability in Microsoft Office.

KB4022176 -- Same as KB4022172.

KB4018338 -- Security update for Access that resolves vulnerabilities that could allow remote code execution attacks.

KB4022221 -- Skype for Business 2016 update. Fixes remote code execution vulnerabilities.

KB4022218 -- Word 2016 update that patches remote code execution vulnerabilities.

Office 2013

KB4022188 -- Same as KB4022172.

KB4022189 -- Same as KB4022172.

KB4018351 -- Same as KB4018338

KB4022225 -- Skype for Business 2015 update that fixes remote code execution vulnerabilities.

KB4022224 -- Same as KB4022218 (but for Word 2013)

Office 2010

KB4022200 -- Fixes issues that could lead to remote code execution.

KB4022208 -- Same as KB4022172.

KB4022206 -- Same as KB4022172.

KB4022202 -- Same as KB4022218 (but for Word 2010)

Other Office products

How to download and install the July 2018 security updates

microsoft windows security updates july 2018

Security updates for client versions of Windows are provided via the built-in updating system Windows Update. Organizations can make use of Enterprise-specific update tools to download and deploy updates.

Updates are also provided as direct downloads on Microsoft's Update Catalog website.

Windows Update, if enabled, checks for new updates regularly but not in real-time. If you want to download and install the new batch of updates directly, do the following to run a manual check for updates (which should pick up the updates).

Note: It is highly recommended that you create a backup before you install new updates so that you may restore the system if things go wrong.

Do the following to run a manual update check:

  1. Tap on the Windows-key to open the Start Menu.
  2. Type Windows Updates and select the result.
  3. Click on the "check for updates" button if the update check is not run automatically.

Direct update downloads

Microsoft publishes downloads of all updates that it releases on the company's Microsoft Download Center website.

Just click on the direct links below to do so.

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4338818 -- 2018-07 Security Monthly Quality Rollup for Windows 7
  • KB4338823 — 2018-07 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4338815 — 2018-07 Security Monthly Quality Rollup for Windows 8.1
  • KB4338824 — 2018-07 Security Only Quality Update for Windows 8.1

Windows 10 and Windows Server 2016 (version 1607)

  • KB4338814 — 2018-07 Cumulative Update for Windows 10 Version 1607

Windows 10 (version 1703)

  •  KB4338826 — 2018-07 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

  • KB4338825 — 2018-07 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

  • KB4338819 — 2018-07 Cumulative Update for Windows 10 Version 1709

Additional resources

Summary
Microsoft Windows Security Updates July 2018 release overview
Article Name
Microsoft Windows Security Updates July 2018 release overview
Description
Microsoft released security and non-security updates for client and server versions of Windows and other products on the July 2018 Patch Day.
Author
Publisher
Ghacks Technology News
Logo

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

  1. Sylvio Haas said on July 10, 2018 at 9:06 pm
    Reply

    Hello – To donate a fix amount every month what is the correct procedure – do I have to become a patron or is there also a monthly donation option? Thank you.

    1. Martin Brinkmann said on July 11, 2018 at 6:23 am
      Reply

      Hi Sylvio, Patreon is the only option right now for monthly support donations. I’m still looking at alternatives, have added cryptocurrencies to the support page yesterday.

      Still working on getting a bank account set up for Ghacks so that direct bank transfers become an option as well (it should be free within the Euro-zone then).

  2. Paul(us) said on July 10, 2018 at 10:12 pm
    Reply

    Thanks, Martin, For this ferry helpfull monthly post.

    Did you or anyone else have the same problem with upgrading your Windows 10 professional version 1803 build 17112.137, to version 1803 build 17112.165?

    Main one system rejected the updated twice before sticking finally!
    Has that maybe something to do that I earlier today already installed the Adobe Flash Player 30.0.0.134 64-bit, Firefox update?

  3. Franck said on July 10, 2018 at 10:28 pm
    Reply

    Awesome sum-up, thanks a lot !!!

  4. GoneToPlaid said on July 10, 2018 at 10:42 pm
    Reply

    KB2952664 and KB2976978 have nothing to do with keeping Windows up-to-date, and neither of these KBs are for compatibility. You should call both KBs for what they are — updates which install deep telemetry into Windows 7 and Windows 8x computers.

    1. jan said on July 12, 2018 at 4:11 pm
      Reply

      You are right.

      KB2952664 — Update for Windows 7. Compatibility update for keeping Windows up-to-date in Windows 7 is just a load of BS.

      This KB is “offered” a few times per year in case you did not install it, in the hope that you install it by accident.
      NEVER INSTALL IT!!

      1. AJ North said on July 12, 2018 at 6:03 pm
        Reply

        From Woody Leonhard in Computerworld (2018.07.12):

        Old snoops will out

        This month marked a re-re-re…-appearance of the snooping patches KB 2952664 for Win7 and KB 2976978 for Win8.1. You remember the Microsoft Party Line:

        This update performs diagnostics on the Windows systems that participate in the Windows Customer Experience Improvement Program. The diagnostics evaluate the compatibility status of the Windows ecosystem, and help Microsoft to ensure application and device compatibility for all updates to Windows. There is no GWX or upgrade functionality contained in this update.

        Poster Bill C has a good take on the claim:

        They say they will not do GWX again, OK, but the real question is what WILL they do?

        We’ve seen, over and over again, that the Customer Experience Improvement Program settings have no bearing on these patches’ increased telemetry. If you’re even remotely tempted to install either of these “important,” checked patches, see @PKCano’s AskWoody KB article on the subject, AKB 2952664.

        ProTip: Microsoft has no incentive to improve Win7. None. Unless you’re offered a clearly identified security patch, you don’t want it, checked or not.

        https://www.computerworld.com/article/3289506/microsoft-windows/patch-tuesday-problems-abound-server-2016-crashes-and-a-net-patch-goes-down-in-flames.html

  5. AJ North said on July 11, 2018 at 12:11 am
    Reply

    Thank you as always, Martin!

  6. gef50 said on July 11, 2018 at 2:15 am
    Reply

    Hi Martin,

    Windows update shows both cumulative update for win 1709 build 16299.547 (KB4338825) and feature update windows ver 1803.

    Is it okay to install these two in a single session? Or should I defer feature update for a day or two, after I install KB4338825?

    Thanks in advance

    1. Martin Brinkmann said on July 11, 2018 at 6:25 am
      Reply

      You don’t really need KB4338825 if you plan to upgrade to Win 10 1803. You could install the new version of Windows 10 and see how it goes. Make sure you create a system backup before you do though.

  7. pHROZEN gHOST said on July 11, 2018 at 3:13 am
    Reply

    As always, this is a great summary.

    This updte brought about the v1803 update to my PC. When the smoke cleared, there were 3 WAN Mimport devices with an error. Aparently this is a common issue. Lots o people are mentioning it. But nobody has a real solution. MS claims it’s becaus of 3rd party VPN software installed on the PC. But, I don’t have this. So, I merely disabled all of the WAN Miniport devices because for now I don’t use VPN.

  8. Anonymous said on July 11, 2018 at 5:54 am
    Reply

    We have an issue on Windows 8.1, error:Code 80092004 “Windows Update ran into a problem” while trying to install the update KB4340558 (51.1MB). Anyone encountered this too?

    1. Martin Brinkmann said on July 11, 2018 at 6:50 am
      Reply

      That’s an error that was thrown last month already. I read about an unofficial workaround. You need to disable Internet Explorer 11 under Features in the Control Panel, restart, and then search for updates. It should work now if that is the same issue.

      1. macauln said on July 11, 2018 at 12:06 pm
        Reply

        the disabling IE doesn’t work, well not on server 2012 r2 where this update has failed on all our test server group hosts.

    2. Anonymous said on July 11, 2018 at 8:31 am
      Reply

      @anonymous : yes, same error here. Code 80092004 when trying to install KB4340558 on Windows Server 2012 R2
      No idea how to fix this…

      1. Luka said on July 11, 2018 at 9:53 am
        Reply

        Same error for my server…

    3. Martin Brinkmann said on July 11, 2018 at 2:31 pm
      Reply

      Just read over on Günter Born’s website that it seems likely that the update is broken. See https://www.borncity.com/blog/2018/07/11/net-framework-update-kb4340558-fehlerhaft-error-0x80092004/

  9. Microfix said on July 11, 2018 at 8:23 am
    Reply

    Many thanks Martin for your astute summary.

  10. Thesegotoeleven said on July 11, 2018 at 11:04 am
    Reply

    So after the cumulative update for win 1803 AGAIN failed to install on my 3 computers, I have now spent the morning installing the much better cumulative update KDE Neon on 2 of them. The installs were very fast and the laptops have never ever been faster, around 300MB RAM on idle compared to 1,5GB with Windows 10. The fans are quiet now too, with Windows 10 I could use them to heat my room. Thank you Microsoft for showing me the way. Laptop number 3 will join the other two this afternoon.

  11. chesscanoe said on July 11, 2018 at 1:08 pm
    Reply

    Fantastic monthly summary. Small point – you say
    “Do the following to run a manual update check:

    Tap on the Windows-key to open the Start Menu.
    ****Type Windows Updates and select the result.”
    ______________________________________________

    ****Type UPD or Windows Update and select the result is faster.

  12. Ruan said on July 11, 2018 at 4:06 pm
    Reply

    Hi Martin,

    “KB4339291 — Security Update for WES09 and POSReady 2009”

    “KB4339854 — Security Update for WES09 and POSReady 2009”

    Both updates are also listed for Windows Server 2008.

  13. Dave said on July 11, 2018 at 5:07 pm
    Reply

    Today I got this,

    https://support.microsoft.com/en-us/help/4023057/update-to-windows-10-versions-1507-1511-1607-and-1703-for-update-relia

    It installs a program in c:\program files\rempl and runs it. This program then attempts to connect to the internet.

    It says…

    “This update includes files and resources that address issues that affect the update processes in Windows 10. These improvements ensure that quality updates are installed seamlessly on your device and help to improve the reliability and security of devices running Windows 10.”

    I’m wondering if the translation to human is “We’re trying another tactic to force 1803 on to your PC even though you don’t want it”?

    1. gef950 said on July 12, 2018 at 3:26 am
      Reply

      Probably, because 1803 is now on semi annual channel too.

      https://www.microsoft.com/en-us/itpro/windows-10/release-information

  14. Anonymous said on July 11, 2018 at 5:41 pm
    Reply

    Thanks for the download links.

    https://support.microsoft.com/en-gb/help/4054530/microsoft-net-framework-4-7-2-offline-installer-for-windows

    “Note The package installer (NDP472-KB4054530-x86-x64-AllOS-ENU.exe) was updated on July 10, 2018. If you downloaded the installer before July 10, 2018, we recommend that you download the latest version (4.7.3081.0) of the installer to get the additional fixes included in the update.”

    Then you click on the download link and you get NDP472-KB4054530-x86-x64-AllOS-ENU.exe. No link for the update 4.7.3081.0.

    I hate Microsoft.

    1. Martin P. said on July 12, 2018 at 12:01 am
      Reply
      1. Anonymous said on July 12, 2018 at 8:30 am
        Reply

        Thank you. Until next time :)

      2. Luka said on July 12, 2018 at 8:58 am
        Reply

        Martin, this is still not OK for my Win 2012 R2 server, even with offline instalation I can’t install Fremework ver 4.7.2.
        and same is for KB4340558, I have tried on few different servers and on all I have same error: Code 80092004 “Windows Update ran into a problem”

        Any other idea how to solve this?

      3. Martin P. said on July 13, 2018 at 5:56 am
        Reply

        Mmmm you got me there. I got the download link for .NET Framework 4.7.2 from this URL:

        https://www.microsoft.com/net/download/windows

        1) Selected the download for “.NET Framework 4.7.2 offline installer” (further down on page)
        2) Step 1 got me to “https://www.microsoft.com/net/download/thank-you/net472-offline” which auto-started the download of the offline .NET Framework 4.7.2 installer.
        3) On the same page, the “Problem downloading? Try again.” link is “https://go.microsoft.com/fwlink/?LinkID=863265” which resolves to “https://download.microsoft.com/download/6/E/4/6E48E8AB-DC00-419E-9704-06DD46E5F81D/NDP472-KB4054530-x86-x64-AllOS-ENU.exe”

        I’ve downloaded the installer again from the above URLs and it produces the same hashes as the original file I used to install .NET Framework 4.7.2 on my Win 7 Pro x64 box.

        Wish I could be more help. Sorry.

  15. soda_popinsky said on July 11, 2018 at 6:24 pm
    Reply

    New update on KB4338825 page, there’s a new issue:

    “After installing this update on a DHCP Failover Server, Enterprise clients may receive an invalid configuration when requesting a new IP address. This may result in loss of connectivity as systems fail to renew their leases.”

    https://support.microsoft.com/en-in/help/4338825/windows-10-update-kb4338825

    1. gef950 said on July 12, 2018 at 2:13 am
      Reply

      “…Enterprise clients may receive an invalid configuration when requesting a new IP address…”

      Windows home & pro aren’t affected, right?

  16. Coriy said on July 11, 2018 at 8:36 pm
    Reply

    The only problem I’ve had is with KB4338818 (for Win7x64), all of the other updates for Windows 7 installed. I did the works though, resetting Windows Update, SFC, and even installing the offline version. None of that works. So I’m betting that there’s something wrong with KB4338818 itself.
    So I’ve hidden it, so I don’t get pestered again.

    1. AJ North said on July 12, 2018 at 5:31 am
      Reply

      Hello Coriy,

      Have you tried installing the two stand-alone security-only updates for Win7, the Security Only Quality Rollup (KB4338823), followed by the Cumulative Security Update for Internet Explorer (KB4339093)? (I ran into a similar problem with two Win7 x64 rigs a few months ago; fortunately for both, these security-only monthly updates have solved that problem.) Good luck.

      AJN

    2. Anonymous said on July 12, 2018 at 5:48 pm
      Reply

      Same problem with installing the 8.1 equivalent KB4338815 too, keeps failing. Even offline install doesn’t work. What to do?

      1. AJ North said on July 12, 2018 at 7:02 pm
        Reply

        Similarly to Win7, try installing the July Windows 8.1 Security Only Quality Rollup (KB4338824), followed by the Cumulative Security Update for Internet Explorer (KB4339093).

      2. Anonymous said on July 14, 2018 at 10:52 am
        Reply

        Thanks, your suggestion worked, those updates did install. But I am still getting notification to install KB4338815 and when I try to install it still fails. What could be the problem?

      3. AJ North said on July 14, 2018 at 1:03 pm
        Reply

        Glad to hear that you were successful.

        KB4338824 & KB339093 together supersede (replace) KB4338815, which is therefore no longer required. (That is why I suggested trying to install them in lieu of the single Monthly Quality and Security Rollup, which wasn’t installing.) You can now simply right-click on KB4228815, then left-click on Hide Update. (The same applies to the respective patches for Win 7.)

        (Remember, KB4338823 and KB4228824 are the Win 7 & 8.1 security patches, respectively; they not cumulative roll-ups. A quick web search will provide full details.)

        For a comprehensive free check to make sure that all security patches are present & properly installed, I recommend the free Belarc Advisor; see: https://www.lifewire.com/belarc-advisor-review-2625784 .

        Regards,

        AJN

      4. Anonymous said on July 14, 2018 at 6:07 pm
        Reply

        Thank you. This was the first month where the quality and security rollup patch fails to install. Previous rollup installations were all flawless. Will see what happens next month.

  17. John S said on July 12, 2018 at 1:04 pm
    Reply

    Thanks for the update summary, fingers crossed it doesn’t muck up anything.

  18. Cigologic said on July 13, 2018 at 12:21 am
    Reply

    @ Martin — Your summaries for the respective Win 7 & Win 8.1 “Security-Only update” indicate “Security updates to Internet Explorer, Windows apps, […]”.

    I understand that all along, Win 7/8.1’s Monthly Security-Only updates do NOT include any IE updates. It is only Win 7/8.1’s “Security Monthly Quality” Rollups that include IE updates — both security & quality (ie. non-security).

    As such, users of Win 7/8.1’s Monthly Security-Only updates also need to install the monthly-offered IE Cumulative Security-Only update, if they wish to keep IE (& Win OS components closely-integrated with IE) protected.

    It might be good to explicitly include the link to IE’s monthly Cumulative Security Update in your Windows Updates summaries, since the majority of Win OS users worldwide are still on Win 7, with a small minority on Win 8.x.

    Cumulative Security Update for Internet Explorer (10 July 2018):
    https://support.microsoft.com/en-us/help/4339093/cumulative-security-update-for-internet-explorer

  19. Ayahuasca Sage said on July 13, 2018 at 3:46 am
    Reply

    I am using XP on a VM hosted in a FOSS OS. I am OK.

  20. soda_popinski said on July 13, 2018 at 9:10 am
    Reply

    New update, another issue on 1709

    “After installing this update, some devices running network monitoring workloads may receive the 0xD1 Stop error because of a race condition.”

    https://support.microsoft.com/en-in/help/4338825/windows-10-update-kb4338825

  21. Paul H said on July 13, 2018 at 12:51 pm
    Reply

    Hi All,

    Just wondering if anyone has this problem. Event ID 4227 – TCP/IP failed to establish an outgoing connection because the selected local endpoint was recently used to connect to the same remote endpoint.

    This is on 2012R2 VCenter server and it has started dropping heartbeats to the remote hosts which in turn is causing disconnects.

    I came accross this thread whilst doing some research and cant help but this MS have done it again:

    https://www.reddit.com/r/windowsserver2012/comments/68vgss/april_2017_windows_patches_on_windows_server_2012/

    Yes I am using iSCSI.

    1. Paul H said on July 13, 2018 at 5:21 pm
      Reply

      Just as a FYI, I un-installed the patches and the symptoms went away. I have just logged a ticket with MS.

    2. a P said on July 14, 2018 at 5:04 pm
      Reply

      These entries also started to show up on two of our servers (2k16 and 2k8 R2) without iSCSI.

      We have a “lot” of outgoing connections mostly towards localhost. Increasing the limits (maxuserport / maxfreetcbs) to around 20k didn’t help either. On the 2k8 R2 server certain tcp using processes cannot exit / be killed.

  22. Maxim said on July 16, 2018 at 9:49 am
    Reply

    These M$ updates have messed up my entire infrastructure again! G-r-r-r–rrrrr! Using win 2k8 server as vCenter server and ESXi host randomly disappears and connect again in a few minutes. I got about 500 e-mails in this weekend!

  23. PamKoryn said on July 16, 2018 at 12:07 pm
    Reply

    I’ve got Windows 7 and noticed that somewhere around July 12th – 2 of the updates that had been showing had disappeared. Now missing are the monthly rollup (KB4338818) and the .NET Framework (KB4340556). One day they were there – the next gone. I hadn’t installed any updates yet – waiting to see how everything shakes out but I’m wondering if this has happened to anyone else? Another odd thing under the Optional Updates it’s showing what appears to be updates from last month – they’re both listed at 2018-06 KB4284842 (monthly rollup) and KB4291493 (.Net Framework). I never install optional updates – but these showed up when the above mentioned updates went missing. Any ideas?

  24. Anonymous said on July 16, 2018 at 12:08 pm
    Reply

    We’ve seen the issue with vCenter alerting that hosts have disconnected when in reality they are fine.
    We’ve also seen issues with NPS and our switches failing to authenticate using 802.1x – the RADIUS requests time out.

    vCenter settled down following removal of kb4338815
    Removing kb4338815 does not yet appear to have fixed NPS though :(

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.