Jump to content
Piriform Community Forums
hazelnut

Windows changes how it updates on Win 7 and 8

Recommended Posts

There will be no more individual updates like there are now, instead there will be 'Monthly Rollups' as there are on Win 10

 

So the ability to pick and choose updates will go it seems.

 

Latest info here...

 

 

https://blogs.technet.microsoft.com/windowsitpro/2016/08/15/further-simplifying-servicing-model-for-windows-7-and-windows-8-1/

Share this post


Link to post
Share on other sites

July 2016 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2

 

--> 103 MB

 

 

optional update includes following kbs

 

Update für Windows 8.1 für x64-Systeme (KB2908816)
Update für Windows 8.1 für x64-Systeme (KB2966870)
Update für Windows 8.1 für x64-Systeme (KB2989542)
Update für Windows 8.1 für x64-Systeme (KB3000988)
Update für Windows 8.1 für x64-Systeme (KB3004394)
Update für Windows 8.1 für x64-Systeme (KB3008188)
Update für Windows 8.1 für x64-Systeme (KB3008627)
Update für Windows 8.1 für x64-Systeme (KB3016074)
Update für Windows 8.1 für x64-Systeme (KB3035553)
Update für Windows 8.1 für x64-Systeme (KB3037313)
Update für Windows 8.1 für x64-Systeme (KB3038701)
Update für Windows 8.1 für x64-Systeme (KB3047641)
Update für Windows 8.1 für x64-Systeme (KB3049989)
Update für Windows 8.1 für x64-Systeme (KB3050267)
Update für Windows 8.1 für x64-Systeme (KB3058168)
Update für Windows 8.1 für x64-Systeme (KB3065988)
Update für Windows 8.1 für x64-Systeme (KB3071663)
Update für Windows 8.1 für x64-Systeme (KB3075249)
Update für Windows 8.1 für x64-Systeme (KB3075853)
Update für Windows 8.1 für x64-Systeme (KB3083325)
Update für Windows 8.1 für x64-Systeme (KB3083711)
Update für Windows 8.1 für x64-Systeme (KB3083800)
Update für Windows 8.1 für x64-Systeme (KB3102812)
Update für Windows 8.1 für x64-Systeme (KB3112336)
Update für Windows 8.1 für x64-Systeme (KB3125210)
Update für Windows 8.1 für x64-Systeme (KB3134785)
Update für Windows 8.1 für x64-Systeme (KB3135449)
Update für Windows 8.1 für x64-Systeme (KB3138615)
Update für Windows 8.1 für x64-Systeme (KB3139165)
Update für Windows 8.1 für x64-Systeme (KB3139219)
Update für Windows 8.1 für x64-Systeme (KB3139921)
Update für Windows 8.1 für x64-Systeme (KB3139923)
Update für Windows 8.1 für x64-Systeme (KB3141074)
Update für Windows 8.1 für x64-Systeme (KB3144474)
Update für Windows 8.1 für x64-Systeme (KB3146627)

Share this post


Link to post
Share on other sites

August 2016 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2

 

--> 29 MB

 

optional update

Share this post


Link to post
Share on other sites

- My personal opinion is that MS should release a new Service Pack for both Win 7 & Win 8 BEFORE it starts releasing those "Monthly Roll Up" updates. That would provide a clean solid foundation for those new monthly rollups. Especially because e.g. Win 7 is still supported until 2020 (???).

Share this post


Link to post
Share on other sites

- Agree. A new Service Pack for both Win 7 & Win 8 is indeed long overdue. But I fear we won´t get it.

Share this post


Link to post
Share on other sites

Remove software related to the Windows 10 free upgrade offer (kb3184143 for w8.1) --> 23.6 MB

 

This update replaces the following previously-released software:

KB 3035583 -- Update installs Get Windows 10 app in Windows 8.1 and Windows 7 SP1
KB 3064683 -- Windows 8.1 OOBE modifications to reserve Windows 10
KB 3072318 -- Update for Windows 8.1 OOBE to upgrade to Windows 10
KB 3090045 -- Windows Update for reserved devices in Windows 8.1 or Windows 7 SP1
KB 3123862 -- Updated capabilities to upgrade Windows 8.1 and Windows 7
KB 3173040 -- Windows 8.1 and Windows 7 SP1 end of free upgrade offer notification
KB 3146449 -- Updated Internet Explorer 11 capabilities to upgrade Windows 8.1 and Windows 7

Share this post


Link to post
Share on other sites
July 2016 update rollup for Windows 8.1 and Windows Server 2012 R2 (kb3172614)

 

 

Key changes include:

 
  • Added support for multiple account authentication using Active Directory Federation Services (ADFS) through "prompt" query parameter.
  • Addressed issue in Host Bus Adapters (HBA) that was including non-Fibre Channel HBA devices in the Fibre Channel HBA list.
  • Added support to set the idle timeout value of a TCP connection used by WinHTTP.

    Note

    Using this setting is not recommended because it may cause problems for your applications.


    The default value for the timeout is two minutes. To change the timeout use the WinHttpSetOption function with dwOption set to 135. This option can only be set on a session handle before any connection handles or requests are created for the session. Once connection handles or requests are created, this value can't be modified. For more info, see WinHttpSetOption function.
  • Addressed issue where print jobs are no longer working when v4 printer drivers are configured to use Enhanced Driver Configuration.
  • Remote Desktop service may hang when IP Virtualization is configured and there are a high number of remote desktop sessions.
  • Improved support in Microsoft Cryptographic Application Programming Interface (CryptoAPI) to help identify websites that use Secure Hash Algorithm 1 (SHA-1).
  • Running the GPRESULT command with the verbose option results in a crash and customers are unable to audit user or machine policies.
  • The system reports a string corruption problem for AccessReason in the Audit logs for Event ID 4656. These events are reported in a Security audit log, similar to this:

    Log Name           : Security
    Source                 : Microsoft-Windows-Security-Auditing
    Date                    : date time
    Event ID              : 4656
    Task Category     : task category
    Level                   : Information
    Keywords            : keywords
    User                    : N/A
    Computer           : computername
  • This update extends support of the Key Management Service (KMS) for Windows 8 and Windows Server 2012, in order to enable the activation of clients running Windows 10 Anniversary Update-based long-term servicing branch (LTSB) and Windows Server 2016 clients, when they become available.

    In addition to installing this update on the KMS Host, a KMS generic volume license key (GVLK) that is designed to support the Windows 10 Anniversary Update-based LTSB or Windows Server 2016 clients also needs to be installed. Information about the associated KMS GVLKs for these products will be listed in Appendix A: KMS Client Setup Keys, when they become available.

    The KMS GVLKs that support the new versions of Windows will also support previous volume licensing editions of Windows that are acting as KMS clients. For more info about using a Customer Support Volume License Key (CSLVK) for installation, see this article.
  • When you deploy Windows Server 2008 R2 Service Pack 1 (SP1) through Windows Deployment Services (WDS), if clients are Unified Extensible Firmware Interface (UEFI) and in a routed environment, they don't receive the Dynamic Host Configuration Protocol (DHCP) packets correctly. This results in WDS deployment failing on these clients.
  • When you enable BitLocker on the volume and then expand the volume on Windows Server 2012 R2, there cache manager errors are shown and the commands fail. These are logged in the System log with error 141 - STATUS_MEDIA_WRITE_PROTECTED.
  • When a non-administrator user opens an Access file in a WebDav folder, they might not be able save the file because of a Delete Pending error.
  • When an application is writing data using the VirtualChannelWrite API closes the virtual channel right after it gets write completion event, it could result in data being discarded. 
  • When you use the NVM Express (NVMe) driver to retrieve the firmware and model numbers of the solid-state drive (SSD), the NVMe driver will truncate the firmware and model numbers returned from the NVMe devices.
  • When you try to configure connecting a SCSI storage device to a Windows Hyper-V Host, the Host will not recognize the SCSI storage device when Logical Unit (LUN) 0 is not present.
  • When there is more logging session churn on the system because of workloads that are being run, Event Tracking (ETW) will crash.
  • When you change application settings using Set-ADFSRelyingPartyTrust, without explicitly setting AlwaysRequireAuthentication, it will reset AlwaysRequireAuthentication bit to the default (false) and users won't be prompted for Multi Factor Authentication (MFA).
  • When you configure Windows Server 2012 R2 for cloud based authentication, there is a high latency on the tenants for authentication and provisioning which causes the CPU usage to drop to less than 10%.
  • When you try to import a certificate into a Virtual Smart Card (VSC) on a Windows based tablet (into the TPM), it might fail. This may cause the certificate to be suspended and prevent enrollment of additional certificates.
  • Addressed issue in Microsoft Secure Channel (SChannel) that sometimes causes Transport Layer Security (TLS) 1.2 connections to fail depending on whether the root certificate is configured as part of the certificate chain for server authentication.
  • When an Exchange server attempts to reestablish the Kerberos client session during a cluster failover it may cause the system to become unresponsive.
  • Updated the inbox component in Windows Server 2012 R2 Essentials to use the new client connector, so that the inbox component won't get uninstalled during Windows 10 upgrades.
  • Improved reliability of Hyper-V Replica (HVR) by increasing the timeout value and the free disk space threshold. For more info, see KB3184854
  • If you installed the May 2016 update rollup for Windows 8.1 and Windows Server 2012 R2 (KB3156418), the DFSRS.exe process may consume a high percentage of CPU processing power (up to 100 percent). This may cause the DFSR service to become unresponsive and you may be unable to stop the service. You must hard-boot affected computers to restart them.

Share this post


Link to post
Share on other sites

August 2016 update rollup for Windows 8.1 and Windows Server 2012 R2 (kb3179574)

 

 

Key changes include:

  • Addressed issue that causes Windows Gateway to remain disconnected instead of failing over when a failure occurs.
  • Addressed an issue that didn’t prevent other applications from using the desktop area used by application desktop toolbar (also called “appbar”) when run as a RemoteApp.
  • Addressed an issue with OLE drag and drop in SharePoint after installing KB3072633, that prevents the download of a file by dragging and dropping it from Internet Explorer to Windows Explorer.
  • Addressed issue in the Windows kernel that causes Skype for Business (previously known as Lync) to stop working.
  • Addressed issue that prevents the disabling of read or write access to removable storage media when the Audit Removable Storage Group Policy is enabled and prevents applying a Group Policy at the user level.
  • Addressed issue that causes the loss of available memory when running queries using the domain name service (DNS).
  • Improved performance by addressing an issue that was causing duplicate broadcast data packets to be received by each network interface card (NIC) and sent to applications, when NIC Teaming or Load Balancing/Failover (LBFO) is set-up in active/passive mode.
  • Addressed issue that prevents the automatic deletion of Extensible Storage Engine (ESE) transaction logs after reaching the threshold. The issue can occur if ESE transaction logs are being taken periodically such as Dynamic Host Configuration Protocol (DHCP).
  • Addressed issue that sometimes causes backups to fail or servers to hang with drivers that use the IoVolumeDeviceToDosName() routine.
  • Addressed issue that was resulting in a spike in DNS entries, when DNSSEC validation is enabled in an environment where there were queries for nonexistent DNS records in domains where the DNS servers have conditional forwarders.
  • Addressed issue with domain controllers that periodically reboot after a Local Security Authority Subsystem Service (LSASS) module fault, causing the interruption of application and services that are bound to the domain controller at that time.
  • Addressed issue with DNS servers that get stuck in a loop and stop responding to DNS queries.
  • Addressed issue with cluster services that stop working when network loss logging occurs. This occurs when a network connection is down and virtual machines (VM) are configured with one possible owner.
  • Addressed issue that allows users to change a password from an external network via Wireless Application Protocol (WAP) when Proxy Enabled is set to No. This happens in an environment that uses Active Directory Federation Services (ADFS) and Web Application proxy (WAP) for authentication.
  • Addressed issue with data loss if a failover occurs when a Network File System (NFS) client tries to write data to an NFS server.
  • Addressed issue in Server Message Block (SMB) server that causes the server to crash intermittently with error 0x50.
  • Certificate logon fails with error code 0xC000006D (error message: “The attempted logon is invalid. This is either due to a bad username or authentication information.”) or 1326 (error message: “Logon failure: unknown user name or bad password.”) This problem may occur if there are multiple certificate logon attempts being processed simultaneously by a Windows Server 2012 R2 Domain Controller.
  • Addressed issue that causes the server to bugcheck when mounting an NFS share after installing KB3025097.
  • Addressed issue with users seeing an “Access Denied” error message, when trying to access a domain DFS namespace (for example, \\contoso.com\SYSVOL) on a computer that is configured to require mutual authentication (by using the UNC Hardened Access feature).

    This problem may occur if the selected domain controller has security update KB3161561 installed, and if the SmbServerNameHardeningLevel registry entry is configured to a non-zero value on the domain controller.
  • Addressed issue that causes domain controllers (DC) to stop working when generating compounded tickets.

Share this post


Link to post
Share on other sites

September 2016 update rollup for Windows 8.1 and Windows Server 2012 R2 (kb3185279)

 

 

Key changes include:

  • Addressed issue that causes some USB storage devices to lose authorization when the device goes into the lowest power state, requiring user to re-authenticate using PIN when the device moves back to a working power state.
  • Addressed issue that causes Windows Explorer to become unresponsive when sharing a folder that is the child of at least two shared parent folders.
  • Addressed issue with Storage Spaces log truncation which resulted in data loss and errors when reading records.
  • Addressed issue that causes Wildcard CNAME queries with Domain Name System Security Extensions (DNSSEC) enabled to not return Next Secure (NSEC) records.
  • Addressed issue that occurs with any MPIO attached SAN disk when multiple paths fail over concurrently or in quick succession, the I/O operation may fail, and the computer may lose its connection to the storage device.
  • Addressed issue that causes wbengine.exe to fail while running Windows Backup on a GUID Partition Table (GPT) formatted disk.
  • Addressed issue that prevents intermittent User Account Control (UAC) consent failures if the "Require trusted path for credential entry" group policy is enabled.
  • Addressed issue that causes devices to lose connection to their virtual private network (VPN) a few seconds after connecting, if the connection is made using an integrated mobile broadband connection.
  • Addressed issue that causes a COM port to become unavailable after it is repeatedly opened and closed.
  • Removed the Copy Protection option when ripping CDs in Windows Media Audio (WMA) format from Windows Media Player.
  • Addressed issue with incorrect character mapping between the 932 code page (Japanese Shift-JIS) and Unicode.
  • Addressed issue (after installing KB3161606) where running data deduplication on a Cluster Shared Volume (CSV) on Windows Server 2012 R2 based Hyper-V cluster might impact live migration where resource hosting subsystem (RHS) may deadlock and become unresponsive with an 0x9E Stop error.
  • Updated Access Point Name (APN) database entries for several Mobile Operators (including Videotron and Vodafone).
  • Addressed issue that can cause Windows Gateway to remain disconnected instead of failing over when a failure occurs.

Share this post


Link to post
Share on other sites

July 2016 update rollup for Windows 7 and  Server 2008 R2 SP1 (kb 3172605)

 

Key changes include:

 
  • Improved support in Microsoft Cryptographic Application Programming Interface (CryptoAPI) to help identify websites that use Secure Hash Algorithm 1 (SHA-1).
  • Addressed issue in Microsoft Secure Channel (SChannel) that sometime causes Transport Layer Security (TLS) 1.2 connections to fail depending on whether the root certificate is configured as part of the certificate chain for server authentication.

Share this post


Link to post
Share on other sites

August 2016 update rollup for Windows 7 and  Server 2008 R2 SP1 (kb 3179573)

 

Key changes include:

  • Improved performance on specific networks that have a high-bandwidth and low latency.
  • Addressed issue with users encountering a bugcheck, when trying to access a domain DFS namespace (for example, \\contoso.com\SYSVOL) on a computer that is configured to require mutual authentication (by using the UNC Hardened Access feature).

    This problem may occur if the selected domain controller has security update KB3161561 installed, and if the SmbServerNameHardeningLevel registry entry is configured to a non-zero value on the domain controller.

Share this post


Link to post
Share on other sites

September 2016 update rollup for Windows 7 and  Server 2008 R2 SP1 (kb 3185278)

 

Key changes include:

  • Improved support for the Disk Cleanup tool to free up space by removing older Windows Updates after they are superseded by newer updates.
  • Improved compatibility of certain software applications.
  • Removed the Copy Protection option when ripping CDs in Windows Media Audio (WMA) format from Windows Media Player.
  • Addressed issue that causes mmc.exe to consume 100% of the CPU on one processor when trying to close the Exchange 2010 Exchange Management Console (EMC), after installing KB3125574.
  • Addressed issue that causes the Generic Commands (GC) to fail upon attempting to install KB2919469 or KB2970228 on a device that already has KB3125574 installed. 

Share this post


Link to post
Share on other sites

Windows 7 ,8 and 8.1 users really should read this to try and understand the big change that is coming tomorrow. It is big. It will affect you.

 

And, as it is Microsoft, it is a bit complicated so cup of coffee and start reading.... it could help you in the future.

 

http://www.infoworld.com/article/3128983/microsoft-windows/how-to-prepare-for-the-windows-781-patchocalypse.html

Share this post


Link to post
Share on other sites

- That article (See post #17) contains an interesting piece of text:

 

"Microsoft’s been working on the mechanics of the patching process for the past few months. You might not have noticed, but Microsoft already has support pages with the details for Win7 and for Win8.1.

 

Win7 and 8.1 patching has already started morphing. So far we’ve seen three Windows 7 nonsecurity update rollups -- KB 3172605 in July, KB 3179573 in August, and KB 3185278 in September -- that first appeared as Optional/unchecked patches, then were later updated to Recommended patches. As I explained a couple of weeks ago: “the general pattern is to have a cumulative update (er, patch rollup) released as Optional, wait a month to see if anything explodes, and if not, then change it to Recommended the next month.""

Share this post


Link to post
Share on other sites

- I was wondering why that one update was so large in size (~ 119 MB, see one of Corona's previous posts). But it turns out that it includes the latest "Cumulative Security Update" for Internet Explorer (the previous version was ~ 60 MB in size). I thought IE updates were kept separate from other updates.

Share this post


Link to post
Share on other sites
Oktober 2016 – monatliches Sicherheitsqualitätsrollup für Windows 8.1 für x64-basierte Systeme (KB3185331) in german version a size of 116 MB
 

includes following updates:

 

Kumulatives Sicherheitsupdate für Internet Explorer 11 für Windows 8.1 für x64-Systeme (KB3185319)
Sicherheitsupdate für Windows 8.1 für x64-basierte Systeme (KB3080446)
Sicherheitsupdate für Windows 8.1 für x64-basierte Systeme (KB3108347)
Sicherheitsupdate für Windows 8.1 für x64-basierte Systeme (KB3124280)
Sicherheitsupdate für Windows 8.1 für x64-basierte Systeme (KB3178034)
Update für Internet Explorer 11 unter Windows 8.1 für x64-basierte Systeme (KB3192665)
Update für Windows 8.1 für x64-Systeme (KB3095108)
Update für Windows 8.1 für x64-Systeme (KB3140786)
Update für Windows 8.1 für x64-Systeme (KB3146627)
Update für Windows 8.1 für x64-Systeme (KB3185279)
Update für Windows 8.1 für x64-Systeme (KB3187022)

Share this post


Link to post
Share on other sites
  • MS16-101 Security update for Windows authentication methods
  • MS16-118 Cumulative security update for Internet Explorer
  • MS16-120 Security update for Microsoft graphics component
  • MS16-122 Security update for Microsoft video control
  • MS16-123 Security update for kernel-mode drivers
  • MS16-124 Security update for Windows registry

 

The security fixes listed above that are included in this security update 3185331 are also included in this October 2016 month’s Security Only Quality Update 3192392, which only includes those fixes. Installing either update will include the security fixes listed above and the Security Monthly Quality Rollup also includes improvements and fixes from previous Monthly Rollups.

 

All future security and non-security updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update 2919355 to be installed. We recommend that you install update 2919355 on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive future updates.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×