Microsoft Patch Alert: The Windows patching heavens buzz with silver bullets

June was one of the buggiest patching months in recent memory – and we still don’t have a straight answer on Win10 1903’s bizarre Update advanced options behavior.

How many bugs could a WinPatcher patch, if a WinPatcher could patch bugs?

Ends up that June’s one of the buggiest patching months in recent memory – lots of pesky little critters, and the ones acknowledged by Microsoft led to even more patches later in the month.

In June, we saw eight single-purpose Windows patches whose sole mission is to fix bugs introduced in earlier Windows patches. I call them silver bullets – all they do is fix earlier screw-ups. If you install security patches only, these eight have to be installed manually to fix the bugs introduced earlier. It’s a congenital defect in the patching regimen – bugs introduced by security patches get fixed by non-security “optional” patches, while waiting for the next month’s cumulative updates to roll around.

The Win10 Silver Bullets

Every modern version of Win10 except 1903 – which is to say, versions 1607, 1703, 1709, 1803, 1809, Server 2016 and Server 2019 – all got three cumulative updates this month. The third cumulative update for June resolves this one issue:

Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4497934. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

In other words, it’s a silver bullet – an optional patch that fixes a bug introduced in an earlier patch that you’ll only get if you download and install it manually, or if you click on “Check for updates.”

What’s strange about this bevvy of patches is the timing. Apparently, the bug arrived with the third May cumulative updates on May 21. I first saw mention of it on a Dell support forum, on June 11 and posted about it on June 19. Microsoft hadn’t acknowledged the bug at the time. (The first official  announcement I saw was on June 26, the date all four silver bullets appeared.)

That’s more than a little disconcerting because Microsoft should be warning us about these problems quickly on the Release Information Status page.

The Win7 and 8.1 silver bullets

On June 20, Microsoft released silver bullet patches for Win7, 8.1, Server 2008 R2 SP1, 2012, 2012 R2, and Internet Explorer 11 to fix bugs introduced in the June 11 Monthly Rollups and Security-only patches.

The update for 7 SP1 and Server 2008 R2 SP1 KB 4508772, for Windows 8.1 and Server 2012 R2 KB 4508773 and for Server 2012:

“Addresses an issue that may display the error, ‘MMC has detected an error in a snap-in and will unload it.’ when you try to expand, view, or create Custom Views in Event Viewer. Additionally, the application may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs.”

Cumulative Update for Internet Explorer 11 KB 4508646

“Addresses an issue that causes Internet Explorer 11 to stop working when it opens or interacts with Scalable Vector Graphics (SVG) markers, including Power BI line charts with markers.”

The bug fixes are not included in the June Monthly Rollups or Security-only patches (June 11, 2019), but are included in the Preview Monthly Rollups released on June 20.

Once again, bugs introduced by security patches are getting the latest fixes in non-security patches.

More Win10 1903 bugs

The second monthly cumulative update for Win10 1903 appeared late, as usual, on June 27. KB 4501375 includes fixes for several acknowledged bugs, including the MMC error with Custom Views described in the preceding section.

Many people are complaining that this particular patch was downloaded without their consent – which is to say, without clicking “Check for updates.” @abbodi86 looked into it and discovered:

Based on my tests… KB4501375 (18362.207) behaves exactly the same way that Feature Updates behave on 1809 and 1803 – the “download and install now” behavior. In other words, KC 4501375 will be bundled and offered as [a] secondary update with any available update even if you don’t “Check for updates.” It’s possible that the latest .NET cumulative update will trigger this behavior.

That said, deferring Feature Updates (version updates) for just 1 day makes KB4501375 go away.

Win10 1903’s disappearing Update advanced Options

We’re still in a quandary about the behavior of Win10 1903’s update deferrals.

In Win10 1903 Pro, if you go into Windows Update, advanced options, you get a pane that looks like this.