Windows – Born's Tech and Windows World

Microsoft has just released a new Windows 10 Insider Preview. The build 18234 has appeared in the skip ahead ring, so it is only offered to insiders who are in this ring. This is the development branch, which will lead to Windows 10 19H1 in spring 2019. Details about the new build can be found within the Windows Blog.

[German]Microsoft is currently preparing to release the final version of Windows Server 2019. Windows Server 2019 Essentials will also be included. But this will probably be the last of its kind, as the company writes.

Windows Server 2016 Essentials is the current version of Windows Server, designed for small businesses and available to businesses with up to 25 users. In the coming months, this version is expected to be replaced by Windows Server 2019 Essentials. But Microsoft has plans, to end further Windows Server Essentials editions.

Even small businesses want Cloud computing?

Microsoft just has published the article Windows Server 2019 Essentials update, dealing with Windows Server 2019 Essentials and future plans. Microsoft says, they observed that cloud computing is also impacting how small companies are planning their IT services. Redmond offers Microsoft 365 Business, and says it’s easier to buy, easier to integrate with other cloud services, and more effective in environments without full-time IT staff. In particular, the features small businesses need, such as file sharing and collaboration, are best realized with a cloud service like Microsoft 365.

But there is still Windows Server 2019 Essentials

The MVP community was also asked about their assessments, before MS started developing Windows Server 2019 Essentials. At the end of the day, this led to the decision to offer another version of the local server for small businesses – Windows Server 2019 Essentials. This edition will be released this year together with the other editions of Windows Server 2019. Windows Server 2019 Essentials will have the same features as version 2016:

ingle license that includes Client Access Licenses (CAL) for up to 25 users/50 devices
Lower price point
Ability to run traditional applications and other features, such as file and print sharing

Windows Server 2019 Essentials has the same licensing and technical characteristics as its predecessor, Windows Server 2016 Essentials. But Microsoft writes:

If configured as a Domain Controller, Windows Server 2019 Essentials must be the only Domain Controller, must run all Flexible Single Master Operations (FSMO) roles, and cannot have two-way trusts with other Active Directory domains.

Windows Server 2019 Essentials includes the new hardware support and features and improvements like Windows Server 2019 Standard, including Storage Migration Services, System Insights, and many more.

Windows Server 2019 Essentials will not include the Essentials Experience role. The Essentials Experience primarily simplified file sharing and device management. For a better management experience, we now have Windows Admin Center.

Recommending the Cloud

Microsoft recommends that small business customers consider Microsoft 365 as an option for their file sharing and collaboration needs. According to the article, Microsoft 365 provides a complete, intelligent solution that includes Office 365, Windows 10, and Enterprise Mobility + Security. Microsoft 365 Business includes a richer feature set, including Office, email and calendar, cloud file storage, data protection, and more, so our small customers can grow their businesses and reach new levels of productivity.

And then Microsoft writes: There is a strong possibility that this could be the last edition of Windows Server Essentials. Therefore my question to IT professionals engaged in small business area: Is Windows Server Essentials no longer needed and are the small companies heading for the cloud? (via)

[German]Two more brief informations about Windows 10 and WSUS. Apparently Microsoft has released a flash update for the Windows 10 Insider Preview [RS5]. And the WSUS synchronizes these updates, but seems to have more issues.

Windows 10 1809 KB4460093 Flash Player uUpdate

I noticed at German site deskmodder.de a report about Microsoft delivered the update KB4460093 for Windows 10 Insider Previews. This is a Flash Player security update for all Windows 10 V1803 machines in Fast Ring [Redstone 5 branch].

WSUS also sync Flash updates

German blog reader Markus K. points out – in the context of the WSUS synchronization issues (see Office 2016 September 3, 2018 updates breaks WSUS sync) – that his WSUS is synchronizing ‘strange updates’ and sent me the following screenshot.

WSUS Insider Preview-Updates

So the security updates from August 2018 for the Adobe Flash Player for the upcoming Windows 10 version 1809 (October 2018 update) are already offered there. Other WSUS users has confirmed this behavior within my German blog.

More WSUS issues

Another German blog reader commented here, that his WSUS has synchronization issues since this night (September 6, 2018). He got confirmation from another consultant, that observed this behavior on 2 randomly selected custom machines with WSUS.

WSUS error messages:
WebException: Timeout für Vorgang überschritten
bei System.Web.Services.Protocols.WebClientProtocol.GetWebResponse
(WebRequest request) bei Microsoft.UpdateServices.ServerSync.ServerSyncCompressionProxy.
GetWebResponse(WebRequest webRequest)
bei System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke
(String methodName, Object[] parameters) bei Microsoft.UpdateServices.ServerSyncWebServices.ServerSync.ServerSyncProxy.
GetRevisionIdList(Cookie cookie, ServerSyncFilter filter)
bei Microsoft.UpdateServices.ServerSync.CatalogSyncAgentCore.
WebserviceGetRevisionIdList(ServerSyncFilter filter, Boolean isConfigData)
bei Microsoft.UpdateServices.ServerSync.CatalogSyncAgentCore.
ExecuteSyncProtocol(Boolean allowRedirect)

So it’s not a SOAP exception as described here, instead it’s WebExeption error. Addendum: I’ve outlined this error a bit more within my German blog post Windows 10: Flash-Update für Insider – und neue WSUS-Probleme.

It’s not a single incident – I would say, that some users commenting at askwoody.com within the thread Born: September non-security Office updates blamed for WSUS synchronization failures probably have the same error (although they don’t posted the error logs). Also some postes within this Technet forum thread indicates, that a new WSUS sync error, that isn’t related to the Office 2016 sync category, has been observed since September 6, 2018.

I searched the internet for the error string given above and found several hits, also from 2018. Within this Technet thread there is a hint that firewall settings can be the cause of the timeout. Another starting point would be to check whether Windows 10 clients are involved in the WSUS servers that are affected. A Microsoft partner suggested something like this on one of my Facebook posts.

[German]A curious story that German blog reader Paul B. just told me about. Windows Defender triggers a false alarm on a Windows native file reporting a Trojan Win32.AccessibilityEscalation.

Paul wrote within a private e-mail that he observed a strange behavior of Windows Defender since the last signature update. I’ve translated the text below:

After today’s update of the virus signatures for the Defender KB2267602 it detects the “osk.exe” from Microsoft, found in the \system32 directory, as Trojan infected.

This is the “On Screen Keyboard” the Windows own on-screen keyboard.

Fun with Microsoft!

Defender-Fehlalarm

The above screenshot is proof, it shows the Windows Defender notification. Searching the internet doesn’t revealed other people affected. Microsoft included the detection for the malware Win32/AccessibilityEscalation.A in Defender:

This generic detection for suspicious behaviors is designed to catch potentially malicious files. If you downloaded a file or received it through email, ensure that it is from a reliable source before opening it.

My German blog readers could not confirm that – but shortly after publishing the German edition of this article, another reader left this comment. He observed a similar behavior of his Defender.

Microsoft has just released a new Windows 10 Insider Preview. Build 17755 has appeared in the fast ring. This is the Redstone 5 development branch, which will lead to Windows 10 V1809 (October 2018 Update). Details about the new build can be found within the Windows Blog.

[German]A short tip for Windows insiders who have Windows 10 Build 17744 installed. A few hours ago, Microsoft released the KB4462775 update for this version of Windows to fix issues.

The announcement has been made within the Windows Blog on September 7, 2018. Cumulative update KB4462775 for Windows 10 Insider Preview Build 17744 raises the build number to 17744.1004. This update includes the following fixes:

A reliability issue that does not display restart warnings for restarting a custom update.
The MMC Security Configuration and Analysis snap-in does not list system services.

The update is delivered out via Windows Update for Windows Insiders whose machines are joining the Slow Ring.

[German]Important note for users of VMware virtualization products. The vender has pulled its VMware tools version 10.3.0 due to a serious bug. Here are a few details.

Background: VMware Tools 10.3.0 security update

Within my German blog post VMware: Sicherheitsupdate und Player-Sicherheitsmängel I’ve informed at the beginning of August 2018, that VMware had released an update of VMware Tools to version 10.3.0 on July 23, 2018. Installation of VMware Tools 10.3.0 was recommended for the following products:

Windows Server 2016
Windows 10
Windows Server 2012 R2
Windows 8.1
Windows Server 2012
Windows 8
Windows Server 2008 R2 Service Pack 1 (SP1)
Windows 7 SP1
Windows Server 2008 Service Pack 2 (SP2)
Windows Vista SP2
Windows Server 2012 R2 with Microsoft update KB2919355
Windows 8.1 with Microsoft update KB2919355

Already on July 12, 2018, a Security Advisory VMSA-2018-0017 was released, which addressed a closed vulnerability CVE-2018-6969 in HGFS through VMware Tools 10.3.0. VMware Tools must be updated for each Windows VM to address the CVE-2018-6969 vulnerability. For installation instructions, see General VMware Tools installation instructions (1014294). The release notes describe the changes , while the fixed bugs are documented in the resolved issues.

VMware tools 10.3.0 pulled

On September 7, 2018, VMware sent an important mail to users of VMware Tools 10.3.0 informing them of a major issue with VMware Tools 10.3.0.

Important notice regarding your VMware …

The VMware Tools product team has recently identified an issue where the VMXNET3 virtual network adapter driver included in VMware Tools 10.3.0 can cause a host panic (PSOD) or VM network connectivity loss in some configurations. In response to this issue, VMware has recalled the VMware Tools 10.3.0 release. This release is no longer available for download.

A serious bug in the VMXNET3 Virtual Network Adapter driver included in VMware Tools 10.3.0 can cause a ‘Host Panic’ error (Purple Diagnostic Screen (PSOD)) in special configurations on the host. As a result, the VM network configuration may be lost. Therefore, VMware has withdrawn VMware Tools 10.3.0 and strongly recommends a downgrade to VMware Tools 10.2.5. This applies to:

vSphere ESXi 6.5 Hosts
VM Hardware Version 13
Gast-Betriebssysteme mit Windows 8/Windows Server 2012 and above

More details may be obtained from VMware’s article KB57796.

[German]Microsoft has released on September 6, 2018 update KB4023057 again to (almost) all Windows 10 builds. The aim of this update is, to prepare the machine for upcoming feature upgrade to Windows 10 V1809.

I read about this update at askwoody.com, where the update for Windows 10 Version 1703 (an older Windows 10 build) has been offered. It is an update that Microsoft periodically releases (see link list at end of article). The last version was released on August 9, 2018 on Windows 10 machines.

Update KB4023057 has the title ‘Update to Windows 10, versions 1507, 1511, 1607, 1703, and 1709 for update reliability’. This update is available from the RTM version of Windows 10 version 1507 to version 1709 (but not for the current version 1803). Microsoft writes in the KB article about the update that it improves the reliability of the Windows Update service:

This update includes reliability improvements to Windows update service components in Windows 10, versions 1507, 1511, 1607, 1703, and 1709. It may also take steps to free up disk space on your device if you do not have enough disk space to install Windows updates.

This update includes files and resources that address issues that affect the update processes in Windows 10 that may prevent important Windows updates from being installed. These improvements help make sure that updates are installed seamlessly on your device, and they help improve the reliability and security of devices that are running Windows 10.

By the way, this is the identical text that Microsoft has already published for August 2018. Also the following items has been mentioned within the August 2018 version of this update.

This update may request your device to stay awake longer to enable installation of updates.
Microsoft promises: The installation will respect any user-configured sleep configurations and also your “active hours” when you use your device the most.

This update may try to reset network settings if problems are detected, and it will clean up registry keys that may be preventing updates from being installed successfully.
This update may repair disabled or corrupted Windows operating system components that determine the applicability of updates to your version of Windows 10.
This update may compress files in your user profile directory to help free up enough disk space to install important updates.
This update may reset the Windows Update database to repair the problems that could prevent updates from installing successfully. Therefore, you may see that your Windows Update history was cleared.

In August I wrote: It seems that more serious issues have been found in the Windows update process, which prevented the installation of important updates. But now it seems, that Microsoft re-released this updates to fix blocked update components, a user intentional has been established in Windows 10 (for instance using tools like Windows Update MiniTool (WUMT)).

It is also interesting to note that the update may start compressing files in the user profile directory when space becomes limited. This is especially true for upcoming feature updates and is a tribute (imho) to the large footprint of Windows 10 on cheap machines with 64 GB eMMC. These interventions also explain why the update installation can take an exceptionally long time.

The KB article contains hints to systems where the memory on the system drive becomes low and compression of files is also mentioned. If files are compressed, it looks like this in the Explorer folder display:

Windows 10: compressed folders/files
(Source: Microsoft)

The update is only offered exclusive via Windows Update on machines that require it. It is also applied to machines that have not installed the latest updates. The following files will be replaced from this update:

Luadgmgt.dll: To my knowledge part of a Windows Compatibility DLL – the ‘Lua’ should stand for Lumia (see also).
Sedlauncher.exe: Located at C:\Program Files\rempl\sedlauncher.exe, it belongs to REMSH (see Windows 10: What is REMSH.exe for?). The file repaces the old Rempl.exe (see) and is responsible for improved update reliability (‘Windows Remedation).
Sedplugins.dll: A plugins DLL for Sedlauncher, I guess.
Sedsvc.exe: Stands for ‘Windows Remedation Service’ (see image below). For further details see also my blog post Windows 10: What is REMSH.exe for? and this reddit thread.

(Source)

The replaced files are responsible for ensuring that a user-blocked feature update to the next Windows 10 build (currently V1809) is still performed. See the KB article for more information.

[German]Some users of Windows 10 suddenly receiving the error 0x800706F7 when starting programs and/or the message ‘The stub received bad data’ is shown.

The error description

I confess, I ‘ve never seen error 0x800706F7 on my systems. But I stumbled upon this error a few day ago within the following tweet.

The stub received bad data. pic.twitter.com/xagrWgZvvZ

— Tero Alhonen (@teroalhonen) September 1, 2018

The error message ‘The stub received bad data’ was caused by Windows explorer. But this error may occur with other programs. Searching the internet using the error message, reveal a lot hits. The MS Answers forum thread here has been published in 2015 and has now 10 pages and received nearly 700 user marks ‘I have the same question’.

Some background

The error code 0x800706F7 (RPC_X_BAD_STUB_DATA) and the text ‘The stub received bad data.’ isn’t that helpful. The error says, that a remote procedure call failed, due to wrong data. An explanation may be found here.

Microsoft has already published kb article 975415 Error message when you pass a variant between a COM client and a COM server in Windows: “0x800706F7 (The stub received bad data)” for Windows 7. The kb article refers specifically to an error in the file Oleaut32.dll that has been fixed with a hotfix. However, this does not help with Windows 10. In the Microsoft Answers fortum thread here from 2015, a user reported that some updates would have fixed the issue. Also in October 2016 such an error was fixed with update KB3193494.

Steps you can try to repair

At tenforums.com, this article locates the whole thing as an upgrade error from Windows 7 to Windows 10 and provides for a new installation. However, this case is unlikely to occur any more, so it can be neglected.

Check Windows for corrupted files

One reason for the error message could be corrupted Windows 10 system files or a corrupted Component Store. It is therefore recommended to check the system using the commands scf /scannow and dism as a precaution. I described the procedure within the blog post Check and repair Windows system files and component store.

The commands also attempt to repair damaged components. If this fails, you need to re-install Windows. After a successful repair attempt check, whether the error has disappeared.

Test under a newly created user account

Broken registry entries could be the cause for the error message. If the error is user-specific, the error should not occur under another user account. I am sceptical whether this will help, but there are indications of this cause. So I would try to create a new user account and test if the error is gone.

If the error is fixed, you can save the user files from the broken user account. Then the broken user account could be deleted under another administrator account and re-created again. This resets the user profile with all registration settings. The profile is then created again the next time the user logs on.

Cause: Too many or stopped services

Via a post in this thread I found an interesting cause for the error. Microsoft describes in KB article 2028588 Error 1783: The stub received bad data a possible cause:

When you open Services.msc you may get the following error:
The system encountered the following error while reading the list of services on:

Error 1783: The stub received bad data

Accessing Services remotely may yield the same error. You may be able to Start and Stop the services using sc start and sc stop commands.

The error only applies in a scenario, if Services.msc is used. In this case too many running services are the cause. The service buffer is limited to 256 KByte for data. The proposal from Microsoft is:

Uninstall unnecessary software,
and uninstall unnecessary services.

The goal is to reduce the number of services – because I see this as a problem with Windows 10. Microsoft is introducing more and more services there, and every software package also means that it has to set up some services.

I find this feedback on Tom’s hardware interesting. There, a user reports that he receive the message if they have manually stopped or deactivated services such as BITS.

Other things you can try

If the steps above don’t help, see, if an update of the NVidia graphics driver is successful. But this seems to have only been a problem in 2016 (see). Also the hotfix mentioned above is not available for Windows 10.

Make sure that updates are installed

It already mentioned in the above text: Microsoft may have released updates in the past to correct this error. Therefore you should make sure that all updates (also for graphics cards etc.) are installed. If necessary, download the updates and install them offline.

Reinstall Windows 10

If all attempts to repair fail, I think only the reinstallation of Windows 10 is left. If necessary, you can try a repair installation via inplace upgrade. To do this, run setup.exe from an installation medium while Windows 10 is running. Then upgrade to the Windows 10 version. This keeps the installed app and programs as well as existing files.

[German]Since the beginning of September 2018, users of store apps on Windows 10 have been running into the problem that the error 0x800B0100 is displayed during the app installation during the update. Microsoft has now admitted a problem and wants to correct the apps in the store.

The error code 0x800B0100 stands for TRUST_E_NOSIGNATURE, i.e. the program has no or no valid signature. The error seems to have occured during the installation of Store Apps under Windows 10 last week more often. This thread can be found at reddit.com.

I have two laptop and on one of them I got an error message that I couldn’t update the HP Smart app. My other laptop didn’t have this problem and was able to update the app without problems. The error code I got when the update problem started is: 0x800B0100

I tried to:

-log in and out of the Windows store

-wsreset

-use the windows update and windows store troubleshooter

-DISM tool

-SFC scan

-renamed SoftwareDistribution folder

I’m really lost and would be very grateful if anyone could give me any hints on how to solve this.

On a notebook, the app from the store returns error 0x800B0100 when updating (or installing) the notebook, while the other device does not return the error. Another user confirms a problem with the App Penbook. Here is a screenshot of this error dialog posted within a Microsoft developers forum).

Windows 10 App error 0x800B0100 (Source: MS developers forum)

Also on Twitter a search for this error code returns a lot of hits.

@donasarkar I PAID MONEY IN THIS APP AND WILL NOT INSTALL ERROR CODE 0x800B0100 pic.twitter.com/NJQGgOwYgb

— Darren Berube (@DARRENRBERUBE) 4. September 2018

In the above tweet, for example, a user complains to Dona Sarkar that an app he purchased is not installable. Last Thursday, developer Rudy Huyn (see following tweet) confirmed that Microsoft Store actually displays error 0x800B0100 when downloading certain applications.

A lot of apps have been having this issue since Friday. If you can’t download an app in the Store and receive the 0x800B0100 error code, it’s a bug related to the #MicrosoftStore app, close it and run WSRESET.exe, it will clean the Store local cache and fix your issue.

— Rudy Huyn (@RudyHuyn) 6. September 2018

He stated that a bug in the Windows Store was responsible for this. A short time later, he added that Microsoft had fixed the bug and automatically regenerated the store apps.

UWP developers, if your application was not downloadable (0x800b0100), good news, first, you did nothing wrong, it was a bug related to the Store. Microsoft fixed the issue and automatically generated a new package of your app (ending with .1000 or .1070). pic.twitter.com/qFnYRYNiHo

— Rudy Huyn (@RudyHuyn) 8. September 2018

Rafael Rivera write at Thurrott.com, dass that Microsoft has now admitted a general problem.

Microsoft’s Reprocessing Store Apps to Fix Error 0x800B0100 – https://t.co/YBwkdbtIr7 (via @WithinRafael) pic.twitter.com/j29awsHsHI

— Paul Thurrott (@thurrott) 9. September 2018

Palani Sundaramurthy, Principal Program Manager Lead on Developer & Partner Services at Microsoft wrote:

We are sorry about this failure and are actively working on mitigating it. We have tracked this issue to our submission workflow incorrectly signing certain apps. [We need] to re-process the impacted apps in order to alleviate the problem. While we have already re-processed a few apps, […] we’re working to ensure that every impacted app is fixed.

Microsoft has determined after investigation that certain apps were not signed correctly. Therefore, the company wants to re-sign the affected apps and post them in the store. This should fix the problem with the app installation.

Addendum: If you still get this error, maybe the tip for the tweet below will help: Close the store app and run wsreset.exe in console window.

Since Friday, apps have been having issues. If you can’t download an app in the Windows Store and receive the 0x800B0100 error code, it’s a bug related to the #MicrosoftStore app. Close it and run WSRESET.exe, and it will clean the Store local cache and fix your issue #TechTips

— Callum Smith (@callum311201) 7. September 2018

This will clear the store cache and the app downloaded again should contain a valid certificate. Were any of you affected?

Similar articles:
Windows 10 Wiki
Windows 10 Update error 0x800B0100

[German]In September 2018, Microsoft published new documents that describe in more detail the criteria according to which security updates for Windows are developed.

It hasn’t been the first time, that Microsoft revealed some criteria used to develop security updates.

Patch development guidelines (June 2018)

In a paper Microsoft Security Servicing Commitments (PDF document) that was still in draft stage, Microsoft revealed in June 2018 its decision chain for the development of security updates.

Does the vulnerability violate a security limit or feature that Microsoft is committed to defending against attacks?
Is the severity of the vulnerability so severe that it must be addressed immediately by releasing a security update?

If both questions are answered in the affirmative, Microsoft will start developing a security update and roll it out to the next patchday (Tuesday 2 of the month).

More Windows Security Servicing Criterias (Sept. 2018)

In new documents, Microsoft now provides insight into its security threat classification processes. A new article Microsoft Security Servicing Criteria for Windows seems to be the final version of the above draft Microsoft Security Servicing Commitments.

Windows Security/Update criterias

There Microsoft outlines the criteria according to which security measures are taken as soon as a vulnerability is discovered.

In a second PDF document Microsoft describes how they assigns severity to bug reports. The document reveals which bugs are classified as critical (e.g., a vulnerability allows unauthorized access to the file system), which are important, which bugs are ranked middle, and which are rated low risk. A denial of service error that only causes an application to restart is always considered low-risk. (via)

Windows Update [German]For the September patchday (09/11/2018) Microsoft has released a bucket of security updates for Windows clients and servers, for Office, .NET Framework etc..

Here is an overview of the individual updates. A list of the updates can be found on this Microsoft page. Details about the update packages for Windows, Office etc. will be available in the coming hours.

Critical Security Updates
============================

ChakraCore
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core
installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core
installation)
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core
installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1703 for 32-bit Systems
Windows 10 Version 1703 for x64-based Systems
Windows 10 version 1709 for 32-bit Systems
Windows 10 version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for x64-based Systems
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server, version 1709 (Server Core Installation)
Windows Server, version 1803 (Server Core Installation)
Microsoft Edge
Internet Explorer 11
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.5.2
Microsoft .NET Framework 4.6
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2
Microsoft .NET Framework 4.7.1/4.7.2
Microsoft .NET Framework 4.7.2
Microsoft .NET Framework 4.7/4.7.1/4.7.2
Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions
Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions
Microsoft Office 2016 for Mac

Important Security Updates
============================

.NET Core 2.1
ASP.NET Core 2.1
System.IO.Pipelines
C SDK for Azure IoT
Microsoft Excel 2010 Service Pack 2 (32-bit editions)
Microsoft Excel 2010 Service Pack 2 (64-bit editions)
Microsoft Excel 2013 RT Service Pack 1
Microsoft Excel 2013 Service Pack 1 (32-bit editions)
Microsoft Excel 2013 Service Pack 1 (64-bit editions)
Microsoft Excel 2016 (32-bit edition)
Microsoft Excel 2016 (64-bit edition)
Microsoft Excel Viewer 2007 Service Pack 3
Microsoft Office Compatibility Pack Service Pack 3
Microsoft Excel Viewer 2007 Service Pack 3
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Server 2010 Service Pack 2
Microsoft Word 2013 RT Service Pack 1
Microsoft Word 2013 Service Pack 1 (32-bit editions)
Microsoft Word 2013 Service Pack 1 (64-bit editions)
Microsoft Word 2016 (32-bit edition)
Microsoft Word 2016 (64-bit edition)
Microsoft.Data.OData

Moderate Security Updates
============================
Microsoft Lync for Mac 2011
Internet Explorer 9

Low Security Updates
============================
Internet Explorer 10

Patchday issues with updates & WSUS (September 11, 2018)

Microsoft has now released the Windows 10 Insider Preview Build 17754 in the Slow Ring. It is a Redstone 5 build, which should end in Windows 10 V1809. Details about this build can be found in the Windows Blog.

Windows Update [German]On September 11, 2018 Microsoft released several (security) updates (KB4457144, KB4457145 ) for Windows 7 SP1 and further updates (KB4457129, KB4457143) for Windows 8.1 as well as the corresponding server versions. Here is an overview of these updates.

Updates for Windows 7/Windows Server 2008 R2

For Windows 7 SP1 and Windows Server 2008 R2 SP1 a rollup and a security-only update have been released. The update history for Windows 7 can be found on this Microsoft page.

KB4457144 (Monthly Rollup) for Windows 7/Windows Server 2008 R2

Update KB4457144 (Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1) contains improvements and bug fixes that were already included in last month’s update. The update addresses the following:

Security updates to Windows media, Windows Shell, Windows Hyper-V, Windows kernel, Windows datacenter networking, Windows virtualization and kernel, Microsoft JET Database Engine, Windows MSXML, and Windows Server.

The update is automatically downloaded and installed by Windows Update. It can also be downloaded from the Microsoft Update Catalog.

Note: The KB article again contains the remark that the update causes network issues – the NIC (network interface controller) does not work anymore because of a missing .inf file from a third party manufacturer. A fix is to reinstall the NIC via the device manager.

There are reports (for instance at askwoody), that this update stalls with installation error 0x8000FFFF.

KB4457145 (Security Only) for Windows 7/Windows Server 2008 R2

Update KB4457145 (Security-only update) is available for Windows 7 SP1 and Windows Server 2008 R2 SP1. The update addresses the same items as update KB445714 (see above).

The update is available via WSUS or via the Microsoft Update Catalog. There are no known issues. When installing the Security Only Update, you must also install KB4457426 for IE.

Updates for Windows 8.1/Windows Server 2012 R2

For Windows 8.1 and Windows Server 2012 R2 a rollup and a security-only update have been released. The update history for Windows 8.1 can be found on this Microsoft page.

KB4457129 (Monthly Rollup) for Windows 8.1/Server 2012 R2

Update KB4457129 (Monthly Rollup for Windows 8.1 and Windows Server 2012 R2) contains improvements and fixes that were included in the rollup of the previous month. It also addresses the following issues.

Security updates to Windows media, Windows Shell, Windows Hyper-V, Windows datacenter networking, Windows kernel, Windows virtualization and kernel, Microsoft JET Database Engine, Windows MSXML, and Windows Server.

This update is automatically downloaded and installed by Windows Update, but is also available in the Microsoft Update Catalog. There are no known issues with this update.

KB4457143 (Security-only update) for Windows 8.1/Server 2012 R2

Update KB4457143 (Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2) addresses the same points as update KB4457129. The update is available via WSUS or in the Microsoft Update Catalog. There are no known problems. When installing the Security Only Update, KB4457426 need also be installed for IE.

Patchday issues with updates & WSUS (September 11, 2018)

Microsoft has also released the Windows 10 Insider Preview Build 17758 from the Redstone 5 branch in Fast Ring. The Storage Sense function should now be able to free up storage space on the hard disk by swapping out older, unused files online. This build contains several fixes. The details of this build can be found in Windows Blog.

[German]As of September 11, 2018 (second Tuesday of the month, Patchday at Microsoft), several cumulative updates have been released for the supported Windows 10 builds. Here are some details about each update.

A list of the updates can be found on this Microsoft Web page. In August 2018, Microsoft revised the display format to make it easier to get the information. I’ve pulled out the details below.

Updates for Windows 10 Version 1803

The following updates are available for Windows 10 April Update (version 1803).

Update KB4457128 for Windows 10 Version 1803

Cumulative update KB4457128 contains quality improvements but no new operating system functions and raises the OS build to 17134.285. The update also includes updates for Microsoft HoloLens (OS Build 17134.285). Here is the list of fixes:

Provides protection against a Spectre Variant 2 vulnerability (CVE-2017-5715) for ARM64 devices.
Addresses an issue that causes the Program Compatibility Assistant (PCA) service to have excessive CPU usage. This occurs when the concurrency of two simultaneous add and remove programs (ARP) monitoring threads is not handled correctly.
Security updates to Internet Explorer, Microsoft Edge, Microsoft scripting engine, Microsoft Graphics Component, Windows media, Windows Shell, Windows Hyper-V, Windows datacenter networking, Windows virtualization and kernel, Windows Linux, Windows kernel, Microsoft JET Database Engine, Windows MSXML, and Windows Server.

The update is distributed via Windows Update, but should also be available via WSUS or the Microsoft Update Catalog. Microsoft is (currently) not aware of any issues with the update.

Update KB4456655 (SSU) for Windows 10 Version 1803

Update KB4456655 is a Servicing Stack Update for Windows 10 Version 1803. This must be installed before updating KB4457128.

Updates for Windows 10 Version 1709

The following updates are available for Windows 10 Fall Creators Update (version 1709).

Update KB4457142 for Windows 10 Version 1709

Cumulative update KB4457142 for Windows 10 Version 1709 (Fall Creators Update) raises the OS build to 16299.665 and includes quality improvements and the following fixes:

Security updates to Internet Explorer, Microsoft Edge, Microsoft scripting engine, Windows graphics, Windows media, Windows Shell, Windows cryptography, Windows virtualization and kernel, Windows datacenter networking, Windows hyper-V, Windows Linux, Windows kernel, Microsoft JET Database Engine, Windows MSXML, and Windows Server.

The update is distributed via Windows Update, but can also be downloaded via Microsoft Update Catalog. Microsoft is (currently) not aware of any issues with the update.

For Windows 10 Mobile V1709 there is also the update KB4459082, which raises the build to 15254.530.

Updates for Windows 10 Version 1703

The following updates are available for Windows 10 Creators Update (version 1703).

Update KB4457138 for Windows 10 Version 1703

Cumulative Update KB4457138 for Windows 10 Version 1703 (Creators Update) raises the OS build to 15063.1324 and includes quality improvements. The update is also available for Windows 10 Mobile (OS Build 15063.1324). It addresses the following security vulnerabilities and issues:

Security updates to Internet Explorer, Microsoft Edge, Microsoft scripting engine, Microsoft Graphics Component, Windows media, Windows Shell, Device Guard, Windows datacenter networking, Windows kernel, Windows hyper-V, Windows virtualization and kernel, Microsoft JET Database Engine, Windows MSXM, and Windows Server.

The update is distributed via Windows Update, but is also available via Microsoft Update Catalog. Currently there are no known issues.

Windows Update Improvements

Microsoft has released an update directly to the Windows Update Client to increase its reliability. Any Windows 10 device that is configured to automatically update with Windows Update will receive the feature update (to V1803). Windows 10 Enterprise and the Pro Edition also receive the feature update (on V1803) based on device compatibility and the update delay (defer) set in Windows Update for Business Deferral Policy. This does not apply to LTSC versions.

Updates for Windows 10 Version 1507 bis 1607

Various updates are available for Windows 10 RTM to Windows 10 Anniversary Update (Version 1607). Here is a short overview.

Windows 10 Version 1607: Update KB4457131 is only available for Enterprise and Education and Windows Server 2016. This update raises the OS build to 14393.2485 and includes the fixes mentioned above for other updates. This update is automatically downloaded and installed by Windows Update, but can be downloaded from the Microsoft Update Catalog. Before manual installation, the Servicing Stack Update (SSU) (KB4132216) need to be installed. Details can be found in the KB article.
Windows 10 Version 1507: Update KB4457132 is available for the RTM version (LTSC). The update raises the OS build to 10240.17976, including the fixes mentioned above for other updates. This update is automatically downloaded and installed by Windows Update, but can be downloaded from the Microsoft Update Catalog. Similar to Windows 10 Version 1703 there are also improvements to Windows Update (see note above). Details can be found in the KB article.

For Windows 10 V1511 there was no update, that this version fell on the support. Details about the above updates can be found in the respective Microsoft KB articles in case of doubt.

Patchday issues with updates & WSUS (September 11, 2018)

Windows Update [German]As of September 11, 2018, Microsoft has released a new batch of updates for Windows and other products. Update KB4457144 for Windows 7 SP1 may issue error 0x8000FFFF. KB4457128 for Windows 10 version 1803 is installed twice if necessary, and WSUS has detection problems.

Here’s an overview of what I’ve seen so far. The article will be updated if necessary.

Error 0x8000FFFF (Update KB4457144; Windows 7 SP1)

Update KB4457144 (Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1) addresses some bugs and updates the shell, kernel, Hyper-V, network components and more.

Woody Leonhard reported at askwoody, that this update triggers the error 0x8000FFFF during installation. The error does not occur on all systems, but I found several confirmations at askwoody.com.

Error code 0x8000FFFF stands for E_UNEXPECTED, an unspecified but serious error, that leads to the installation abort. Within my old German blog post Windows 7 Service Pack 1 Troubleshooting-Tipps I had mentioned malware infections as a root cause. So my advice is, the system should be checked with external scanners as a precaution. But also damaged system files can be the cause for this error. Here I recommend to check the system for corrupted system files with sfc /scannow (see that part within my blog post Check and repair Windows system files and component store).

WSUS: .NET updates detection errors

Woody Leonhard pointed out to Twitter that he has received reports of detection problems for .NET framework updates in WSUS.

Detection logic problems on WSUS servers for .NET patches KB 4457914, 4457915, 4457916, 4457917 and 4457919. Showing as installed, when they are definitely not installed. https://t.co/vUEoUUvOKM

— Woody Leonhard (@woodyleonhard) 11. September 2018

Affected are probably several .NET framework updates KB4457914, KB4457915, KB4457916, KB4457917 and KB4457919. The source is this forum post at askwoody.com Someone else who has these issues?

Update KB4457128 installed twice

Update KB4457128 for Windows 10 version 1803 seems to be installed twice for some people – but only one installation is left. A German blog reader points this out in this comment. Also at reddit.com this behavior is discussed here.

Installed fine, but for some reason it shows up as installed twice when checked through the Update History or Reliability Monitor.

There is an explanation for this behavior. I pointed out within my blog post Patchday Windows 10-Updates (September 11, 2018), that the cumulative update (CU) KB4457128 requires the previous installation of the Servicing Stack Update (SSU) KB4456655 for Windows 10 Version 1803. This update is not part of KB4457128 this time. If the Servicing Stack Update (SSU) KB4456655 is missing, last cumulative update (LCU) KB4457128 can’t be installed. So KB4457128 is scheduled for installing, but fails – without an error, and Servicing Stack Update (SSU) KB4456655 is installed first. The KB4457128 is installing again – so users can see two installs in Update History or Reliability Monitor.

This has also been pointed out within a comment within my German blog. And also this post at reddit.com confirmed, that SSU install drops an install error 0x800f0816 and tried another install attempt. The odd thing is, that Windows Update probably doesn’t manage to keep the correct order of the SSU and LCU update installation (and is then forced to install the LCU twice).

Microsoft has published the Windows 10 Insider Preview Build 18237 in the Skip Ahead branch. This is the next but one Windows 10 development branch, which is supposed to lead into Windows 10 19H1 in spring 2019.

The announcement of the new build, which will only be distributed to insiders who have opted for the Skip Ahead ring, was made on the Windows Blog. The Windows login screen in a blurry acrylic design is celebrated as a ‘big innovation’.

Showing the login screen, where the background image now has an acrylic effect applied to it so it’s blurred.
(Source: Microsoft)

Within the Windows Blog you can inform yourself about new features and known bugs.

Install error 0x8007000e

Shortly after the release of the new Insider Preview, users reported on Twitter that this build stalls with error 0x8007000e during installation.

Windows 10 #19H1 #WIP Build 18237 Install Error 0x8007000e: RAM useage-> https://t.co/QfKy5fMOiY
If you are seeing high RAM usage please let us know FBH: https://t.co/P6UTRXYcef
If your update failed with the 0x800700e error please upvote FBH: https://t.co/QOYHoKeDL4 pic.twitter.com/uRXn1dfhKn

— WZor (@WZorNET) 12. September 2018

Error 0x8007000e
(Source: Microsoft)

Error 0x8007000e stands for ERROR_OUTOFMEMORY ‘There is not enough memory available for this operation’, which may mean anything and nothing. MSPowerUser points to the MS Answers forum thread 18237 Error 0x8007000e: RAM useage, in which Microsoft confirms the issue. There is also a note on Twitter.

Skip Ahead 19H1 Insiders, if you are getting error 0x8007000e or seeing excessively high memory usage, please go here https://t.co/s2Rn9xbuMM to find more information and FBH links to upvote. Thanks!
^WH

— Windows Insider (@windowsinsider) 12. September 2018

Next bad behavior from Microsoft. Users of Windows 10 version 1809 Insider Builds experience a surprise when trying to install Firefox or Google Chrome. Windows 10 intercepts this install and shows a ‘Please use Edge box’.

Martin Brinkmann has pointed out the newest issue with Windows 10 version 1809 Insider Preview via Twitter.

Microsoft intercepting Firefox and Chrome installation on Windows 10 #windows10 #firefox #chrome #edge https://t.co/Xvzf7ACUO3 pic.twitter.com/QtKWue1kix

— ghacksnews (@ghacksnews) 12. September 2018

If you try to install Firefox or Chrome browser on a recent Windows 10 version 1809 Insider build, this install gets intercepted. The user will see the message shown within the above tweet with a note to use Edge. So it’s the next Mega fail from Microsoft, as several Tweets indicates:

@MicrosoftEdge What kind of slimy marketing cesspool crap is this Microsoft? I proceed to launch the Firefox installer and Windows 10 pops this up? If I wanted to use your browser, I would. pic.twitter.com/f7jk9sGvYA

— Sean Hoffman (@SeanKHoffman) 11. September 2018

The tweet below expresses exactly my thoughts – what do you think about such actions from Microsoft? The decline of the company – and time for the EU Competition Commission to take the next step against Microsoft=

This is some ol’ bullshit, Microsoft. I thought you’d gotten cool. https://t.co/bYCvwjNWiF

— Mike Conley @mconley@mastodon.social (@mike_conley) 11. September 2018

[German]Does Windows 10 throw error code 0x80246010 during update installation and aborts this step? This article tries to give hints on how to fix the update error 0x80246010.

The error 0x80246010

Under Windows 10, when trying to install one of the cumulative updates or feature updates, the installation is aborted with error code 0x80246010. A typical description can be found in this Microsoft Answers forum post.

updating windows 10 v.1709 fails – error 0x80246010

Hi,

I have the version 1607, my PC tries and tries to download the new version 1709 for weeks and fails every time to install it. The last error code I received is 0x80246010 but I had a few others.

I tried several things:

– emptying downloads

– windows troubleshooter (who fixed an update issue but no difference so far)

…

Has it sth to do with the fact that the version 1703 isn’t installed on my PC?

The user has already unsuccessfully cleaned the Update Store download folder and has performed the update troubleshooting. The answer of the Microsoft Forum moderator (Microsoft Agent) marked as a solution isn’t helpful at all. Also here the error as well as some (unsuccessful) repair attempts are brought up for discussion. In this thread, MVP colleague Andre da Costa recommends blocking the incorrect update.

What error code 0x80246010 stands for?

I did not find the error code 0x80246010 in the lists of error codes that are available to me. Within my blog post Windows 10: Update errors 0x8024xxxx detailed errors with the pattern 0x80246xxx are listed in the ‘Download Manager Errors’ group. So something went wrong with the communication between the download manager and the Microsoft update servers.

Plausible causes for this error

Within this German heise.de forum thread somebody wrote, that a root cause might be: Microsoft’s servers are simply overloaded and at some point the Download Manager does not get any data or incomplete data. In this case the error should be fixed if you try the update again after a few hours.

Also 3rd party software (VPN, antivirus etc.) maybe disturb the Windows Update Download Manager. Within this Technet forum thread there is a reference to Dell Data Protection Enterprise Edition Shield/Dell Encryption Enterprise Shield or Personal Edition/Encryption Personal that can cause problems. However, Dell has now deleted the KB articles in question.

What else you can do

To avoid an overloaded Microsoft update server, you can download the non-installable update from the Microsoft Update Catalog and have it installed manually.

A feature update to a new Windows 10 build, which fails with error 0x80246010, can be installed via an ISO installation medium via an in-place upgrade. To do this, download the ISO installation file of the function update from Microsoft. This can be done e.g. via the Media Creation Tool. Then mount the ISO file while Windows 10 is running and start the Setup.exe. Then the feature update should be installed over the running Windows 10.

Uninstalling ‘uninstallable’ Windows Updates
How to block Windows 10 updates
Stop Windows from installing updates over and over again
Windows 10: Update errors 0x8024xxxx detailed