Were you among those sysadmins who devotedly installed all the updates from this Patch Tuesday? Well, buckle up! You may have to undo a few.
February 11, 2020 was one of the biggest Patch Tuesday update rollouts, with fixes for 99 vulnerabilities. This means a month of patching and related activities for system and IT admins across the globe. But what is more frustrating is that a few updates, namely KB4524244, KB4502496, and KB4532693, caused systems to misbehave when installed. In response, Microsoft removed these updates altogether; they will no longer be available or re-offered from Windows Update, Windows Server Update Services (WSUS), or the Microsoft Update Catalog. If you already installed these updates in your endpoints, get ready to uninstall them.
KB4524244 goes haywire
The security update KB4524244 was released to address an issue in which a third-party Unified Extensible Firmware Interface (UEFI) boot manager could expose UEFI-enabled computers to a security vulnerability. It was released for all versions of Windows 10.
Micosoft has confirmed at least two known issues with this update:
You might encounter issues trying to install KB4524244.
After installing KB4524244, the Reset this PC feature, also called Push Button Reset or PBR, might fail. According to Microsoft, “You might restart into recovery with ‘Choose an option’ at the top of the screen with various options or you might restart to desktop and receive the error ‘There was a problem resetting your PC.’”
KB4502496 joins the faulty update train
Problems have been reported for KB4502496, related to the update described above, that was released for Windows 10 version 1507, Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, and Windows Server 2012.
This update has been removed from the Windows Update servers and enterprise update channels. Rumor has it that Microsoft is working on an improved version of this update that will be released with future updates.
Work-arounds for KB4524244 and KB4502496
Since Microsoft has revoked these updates and stopped distributing them, they will no longer be available to install. But if you have already installed them, they need to be uninstalled. Luckily this is simple. You just have to navigate to the Control Panel, go to Installed Updates, search for these updates, and uninstall them.
Even though this sounds simple, when a ton of endpoints are involved, this becomes time-consuming. However, with Patch Manager Plus, this takes just a few minutes. Since the updates have been revoked, they won’t appear under the Missing Patches view and are prevented from being automatically pushed to your endpoints. If you have already installed them, all you have to do is navigate to the Installed Patches tab, select these updates and uninstall them. Voilà!
KB4532693 also bug-ridden
Another bug was discovered in the KB4532693 update. It was reported that this faulty update hid user profiles and their respective data on some Windows 10 systems. After installation, users could no longer view or access their original Windows 10 profile. Instead, they were logged in to a default Windows 10 profile where all their previous data was missing. However, no data is lost because of this bug, it’s just hidden due to a faulty KB4532693 installation procedure. More precisely, the bug occurs because the Windows Update service creates a temporary profile to handle the installation procedure, but fails to remove it after installing KB4532693.
Work-around for the KB4532693 bug
If you’re facing issues with the update above, you can uninstall it and restore your old profiles. Search for KB4532693 in Installed Patches view in Patch Manager Plus, and uninstall it from all affected systems.
Thankfully, the removal of these standalone security updates does not affect the successful installation of any other February 11, 2020 security updates, including the Latest Cumulative Update (LCU), Monthly Rollup, or Security Only updates. Removing the three problematic updates addressed in this blog should fix the issues you might have been facing since this Patch Tuesday update rollout.