Windows Update Hall of Shame

The Windows Update Hall of Shame


Occasionally, Windows updates can be really bad and really screw up your computers. Here's my list of the worst offenders.  These are only bad because they really screw up when Sophos Antivirus is installed.  Some of these are showstoppers for Microsoft Exchange.

KB4493472

This update can really interfere with Sophos antivirus. See the related story.  https://community.sophos.com/products/endpoint-security-control/f/sophos-endpoint-software/112101/sav-service-hangs-after-installing-kb4493472  If you have Windows 7, or Windows Server 2008, expect real trouble if you allow this one.

KB4499164

Once again, more issues caused by an update rollup. Causes Sophos Antivirus protected machines to hang and freeze.   It appears that once again there are conflicts with Sophos and the most recent (MAY) patch Tuesday from Microsoft. www.theregister.co.uk/.../ "Its advice on what to do is pretty blunt: uninstall the Windows update. Specifically, revert KB4499164 (May's full-fat Patch Tuesday) and KB4499165, the security-only update. As regular readers know, the latest Patch Tuesday is intended to mitigate a pretty nasty vuln (CVE-2019-0708) which permits unauthenticated remote code execution through the medium of Remote Desktop Services. Sophos itself opined that it was "so serious that Microsoft has even released patches for its long-unsupported operating systems, Windows 2003 and XP"."  Unfortunately, the new RDP worm bug needs this patch. See this:  https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708

KB5007192

When applied to a Exchange Server 2016 with CU22 on Windows Server 2016, you will often find the IMAP service has failed frequently, and cannot be restarted. You have to reboot the entire server. Best to remove this update immediately.

KB4499175

A security only patch to fix the BlueKeep vulnerability. Get it from here: http://www.catalog.update.microsoft.com/Search.aspx?q=KB4499175

FIPS Error on Exchange 2016 Due to Jan 1 2022 Update

Just as 2021 rolled over to 2022, we started seeing this on our Exchange 2016 servers.  Read Peter Morrison's blog:  this:  https://petermorrissey.blogspot.com/2021/12/exchange-server-fips-fs-error.html and you will find out about "FIPS-FS Error 0x800706BE, 0x80010105" which causes the Anti-Malware module to fail and then messages get backed in the queue.  While looking thru the Windows Application log, I found this on December 31, 2021 17:21 PST UTC-08 from source: FIPFS "The FIP-FS "Microsoft" Scan Engine failed to load. PID: 42960, Error Code: 0x80004005. Error Description: Can't convert "2201010001" to long." which appears to indicate an issue with the year 2022. As a result, the "Microsoft Exchange Transport" service failed.   The temporary solution is to disable the AntiMalwareScanning service using the powershell script.
1) cd "C:\Program Files\Microsoft\Exchange Server\V15\Scripts"
2) .\Disable-AntiMalwareScanning.ps
3) open services.msc, then restart the "Microsoft Exchange Transport"

BlueKeep

Read about it:  https://www.scmagazineuk.com/devastating-exploit-using-ticking-bomb-bluekeep-only-weeks-away/article/1587473

Windows 7 for x64-based Systems Service Pack 14499164Monthly RollupRemote Code ExecutionCritical
4493472
4499175Security Only

Comments

  1. Daisy JonesJanuary 14, 2021 at 11:08 PM

    bb

    ReplyDelete
  2. Daisy JonesJanuary 15, 2021 at 2:28 AM

    Looking for Comodo support, visit on sophos antivirus support

    ReplyDelete
  3. AntiVirus Technical Support USAApril 3, 2022 at 10:06 PM

    This comment has been removed by the author.

    ReplyDelete
  4. AntiVirus Technical Support USAApril 3, 2022 at 10:14 PM

    This is a great post that you have shared with us. I appreciate you sharing such valuable information with us. If you use Sophos antivirus, and you are facing any kind of issue with it, then you should contact our Sophos Antivirus Support team.

    ReplyDelete

Post a Comment

Popular posts from this blog

Microsoft Visio 2010 Premium Product Keys

Image
Visio KMS client key from Microsoft You can use these with AutoKMS tool such as Office Toolkit 2.4.9 (office 2010/2013) which will re-arm them once every 180 days. So you are always in the grace period.  At the bottom of this page are keys for Visio 2019.  If you are here to figure out how to get a free copy of Visio activated on your computer, without paying Microsoft for it, then God or Allah will judge you later for your sins. Your soul will be sent to the underworld to be tormented by Satan for these sins. Please pay for your software! Visio Standard 2010 767HD-QGMWX-8QTDB-9G3R2-KHFGJ Visio Professional 2010 7MCW8-VRQVK-G677T-PDJCM-Q8TCP Visio Premium 2010 D9DWC-HPYVV-JGF4P-BTWQB-WX8BJ Keys from our Russian friends. you can only install with these keys, you cannot activate. ========================================================================= Visio Premium 2010: ========================================================================= C383V-HPHM...
Read more

Mercedes Benz Diesel CDI EGR Emulator Circuit Diagrams

Image
Mercedes EGR Emulator Circuits for Electric Wahler EGR on Diesel Engine For any car fitted with a MAF you can't just block the  EGR valve  as the MAF detects the reduced airflow when the valve operates. If it fails to report this reduction the ECU throws a code, turns on the MIL light and engages Limp Home mode. The  EGR valve  is operated in varying degrees whenever the engine is in cruise mode. A circuit has to be designed that reduces the MAF output voltage whenever the  EGR valve  is called to actuate. Having seen a mod on another forum I decided to give it a go and installed it last night. The circuit is really simple. The  EGR valve  transducer is fed with constant 12v which is proportionately shunted to Gnd to create the potential to activate the transducer, to engage the EGR solenoid and allow hot gasses into the intage via the  EGR valve  in varying degrees. The MAF is in the cold air intake. the EGR gasses enter furt...
Read more

Fix: The Diagnostic Service Host service failed to start due to the following error. [ solved, no kidding ]

Image
Lots of these Messages about the Diagnostic Service Host in the System Log On Windows 7/10 Machines Attached to A Domain The Diagnostic Service Host service failed to start due to the following error: A privilege that the service requires to function properly does not exist in the service account configuration. You may use the Services Microsoft Management Console (MMC) snap-in (services.msc) and the Local Security Settings MMC snap-in (secpol.msc) to view the service configuration and the account configuration.  The good news is that you can fix it using active directory group policy or the Local Security Policy and just adding a few things to the Local Policies.  Same fix applies to both Windows 7 and Windows 10.  To Fix this using any Policy, you must be running a Professional or Enterprise version of Windows. If you have Home Edition, sorry. Here's How to Fix It You see this in your system logs repeatedly, and its dragging down your computer and making it ...
Read more