Microsoft has released 12 optional patches for Win7 and 8.1. No, this isn’t the regular Patch Tuesday, nor the designated nonsecurity precursor First Week Patch Tuesday. It’s a messy Third Week Tuesday, which we used to call Out of Band. Bah, humbug.
We’re expecting big changes in patching come this October, and this mess -- non-security rollups, arbitrary .Net patches, servicing stack update, lots of miscellany -- looks like a dystopian preview of the Ghost of Windows Patching Yet to Come.
Yet, there is some good news.
Most Win 7 and 8.1 customers will be delighted to see the most intriguing patch:
- KB 3184143 -- Win 7, 8.1 -- Removes the much-reviled GWX system (defined as KB 3035583, KB 3064683, KB 3072318, KB 3090045, KB 3123862, KB 3173040, KB 3146449).
There are three big nonsecurity rollup patches (presumably similar to what we’re going to see in October):
- KB 3185278 -- Win 7 and Server 2008 R2 -- Nonsecurity update rollup, which includes the EMET bug in MS16-111/KB 3175024. There’s a lengthy manual workaround and a Group Policy change to fix the bug described in KB 3175024.
Yes, you read that correctly: Microsoft’s Sept. 20 Win7 nonsecurity rollup includes a known bug in an earlier security patch. It also includes a patch for a bug in the convenience rollup (“Win7 SP 2”) KB 3125574. Looks like you can’t get one without the other.
- KB 3185279 -- Win 8.1 and Server 2012 R2 -- similarly, a nonsecurity rollup patch for Win 8.1.
- KB 3185280 -- Server 2012 -- similarly, a nonsecurity rollup patch for Server 2012.
Then there’s a mass of .Net patches. Apparently we’re going to continue to get these here and there, even in October:
- KB 3179930 -- Vista, Win 7 -- .Net Framework 4.5.2 reliability rollup
- KB 3179949 -- Vista, Win 7 -- .Net Framework 4.6 and 4.6.1 reliability rollup
- KB 3184951 -- Win 8 and Server 2012 only -- .Net Framework 4.6, 4.6.1, and 4.5.2 reliability rollup
- KB 3186208 -- Win 8.1 and Server 2012 R2 -- similar .Net Framework 4.6, 4.6.1, and 4.5.2 reliability rollup
The obligatory update to Windows Update:
- KB 3177467 -- Win 7 -- Servicing stack update
Another fix to a Microsoft-created bug:
- KB 3181988 -- Win 7 -- Fixed bug in SFC scans caused by the convenience rollup (“Win 7 SP2”) KB 3125574
And a couple of, uh, miscellaneous patches:
- KB 3063109 -- Win 10 -- “Hyper-V integration components update for Windows virtual machines that are running on a Windows 10-based host.” Revision 7. The official Windows Update list shows this as a patch for Win 7 and 8.1. It doesn’t appear to be part of a Win10 cumulative update.
- KB 3182203 -- Win 7, 8.1 (and POSReady/XP) -- Time zone change for Novosibirsk
All of the patches are optional and will thus appear in Windows Update as unchecked -- except the time zone change. It still amazes me that Microsoft hasn’t implemented a more elegant way to change time zones. Guess they’ve been too busy with GWX.
There’s a pattern emerging ... a harbinger, if you will. KB 3185278 and KB 3185279 -- the two September update rollups -- follow the pattern that I expect we’ll see starting in October. Microsoft has released the September update rollups this month as Optional/unchecked, so they won’t be automatically installed. My guess is we’ll see those patches changed to Recommended in October.
For Win7, we saw a similar pattern with KB 3172605 (July rollup) released as Optional on July 21, then changed to Recommended on Sept 20. KB 3179573 (August rollup) was released as Optional on Aug. 16, then changed to Recommended on Sept. 20. I’m guessing that 3172605 was held back a month because of documented problems with Bluetooth (the KB article is now up to Revision 10, never a good sign).
If that experience proves exemplary, the general pattern is to have a cumulative update (er, patch rollup) released as Optional, wait a month to see if anything explodes, and if not, then change it to Recommended the next month.
We’re still going to see all sorts of flotsam and jetsam in the patching cycle. Nathan Mercer’s description of the new post-October patchopalypse leaves an enormous number of details hanging, but we know that IE patches won’t fall into the monthly rollup, .Net patches will be consolidated in an as-yet-undefined manner, and time zone changes aren’t going away anytime soon.
Hope y’all enjoy the trip to Novosibirsk.