MS August 2014 Patches you should NOT install

Couperin47

Well-Known Member
Silver Supporter
SoSH Member
Microsoft really screwed up some of their August 2014 security patches, there are 3 which can cause you endless problems currently:
 
KB2970228
KB2976897
KB2982791
 
What happens is the 1st or 2nd time you COLD boot after these are installed is you get a Page Fault BSOD Code 50 in win32k.sys before you can even finish booting. Confirmed for all versions of Win 7 x64 and many versions of Win 8 and 8.1 x64. Now it gets worse: when you try and boot into Safe Mode to correct... it also immediately BSOD.
 
Here's how to avoid drastic measures that may do more harm than good...assuming you can read this and now have access to a working machine:
 
1. Go here   http://www.hirensbootcd.org/download/
 and download Hiren's Boot XP CD. This is a zip file that contains an iso image, use any common burning software to burn this to a CD.  No CD or the machine you want to
recover has no CD ? Go here   http://www.hiren.info/pages/bootcd-on-usb-disk and follow instructions to create and load this onto a USB drive.
 
Finally here's a site that offers several other ways to get the ISO onto a USB drive...I'm going to add this reference to the original post. BTW I will warn you that I've tried using Rufus several times and have had a 50% success rate at producing a bootable drive. https://www.raymond.cc/blog/how-to-put-hirens-bootcd-on-flash-memory/
 
2. What you now have is a CD or USB drive that can boot into a fully functional mini version of Win XP with a ton of good free utilities. At the opening menu, select Mini XP and let it boot you into Windows. Now you can use the standard file manager or any of several better ones all in there. We are going to remove or just rename one file:
 
Find what was your boot drive (it won't be C, that's your CD or USB drive atm) :
 
The file we want: \windows\system32\fntcache.dat
 
Rename it to fntcachebad.bad, rename it to anything else, erase it... whatever.
 
That's right folks, MS managed to screw up a single lousy fontcache data file such that it completely crashes Windows before you can get into it, even in 'safe' mode. Unfucking real.
 
Reboot, and everything is fine again.
You'll want to save the Hiren disk it's gotten me out of more jams than I can count.
 

Section30

Member
SoSH Member
Aug 2, 2010
965
Portland OR
Thanks for the heads up!
 
Due to procrastination I was just going to run my updates and I was able to deselect the the three updates.
 
 
 
 
Thanks Again.
 

OttoC

Member
SoSH Member
Dec 2, 2003
7,353
My wife's Win7x64 computer had automatic install turned on (which I turned now off) and she got the three security patches you mentioned but no BSOD, yet.
 
A look at Microsoft's web forum showed that others had problems with KB2982791/FNTCACHE.DAT, so I renamed the .DAT file as .BAD and uninstalled that security update. The operating system wants to be rebooted to finalize the uninstall but I'm hoping for some reassurance that the steps I have taken are proper and sufficient. Yes? No?
 

vadertime

Member
SoSH Member
Jul 31, 2006
1,387
Rhode Island
OttoC said:
 The operating system wants to be rebooted to finalize the uninstall but I'm hoping for some reassurance that the steps I have taken are proper and sufficient. Yes? No?
 

I uninstalled the 3 updates referenced after seeing this and have since re-booted and everything is fine.  This was on my laptop.  My desktop for some reason didn't get those updates despite both being Windows 7 and having updates installed yesterday.
 

Couperin47

Well-Known Member
Silver Supporter
SoSH Member
OttoC said:
My wife's Win7x64 computer had automatic install turned on (which I turned now off) and she got the three security patches you mentioned but no BSOD, yet.
 
A look at Microsoft's web forum showed that others had problems with KB2982791/FNTCACHE.DAT, so I renamed the .DAT file as .BAD and uninstalled that security update. The operating system wants to be rebooted to finalize the uninstall but I'm hoping for some reassurance that the steps I have taken are proper and sufficient. Yes? No?
 
You should be OK. Nobody bluescreens after the install reboot (that's a warm boot). The disaster comes during the first COLD boot (from a machine fully turned off) after these are installed.  Let the warm reboot take place and, just in case, again rename that damn file before you turn the machine off. If you get thru your first cold boot you have survived.
 

Harry Hooper

Well-Known Member
Lifetime Member
SoSH Member
Jan 4, 2002
28,093
Apparently Microsoft has been lying to themselves about the size of the market share for 64-bit Windows 7: "Should we test it? Nah, there's only like 9 people using that version."
 

Couperin47

Well-Known Member
Silver Supporter
SoSH Member
Harry Hooper said:
Apparently Microsoft has been lying to themselves about the size of the market share for 64-bit Windows 7: "Should we test it? Nah, there's only like 9 people using that version."
 
At this point, in the US Win7 x64 is probably the single largest user base..(worldwide I'm sure it's still XP, and maybe 30% of them are legit copies...) apparently nobody at MS ever does a cold boot, so they never noticed...sheesh
 

Boston Brawler

Member
SoSH Member
Jan 17, 2011
9,109
I was able to find these two on my Installed updates list and successfully uninstalled them.
KB2976897
KB2982791
 
 
This one (KB2970228) shows up on my update history as successfully installed, yet does not show up on my installed updates list, so I can't uninstall it... Any suggestions? It was a "recommended" update, not an "important" one, if that information matters.
 
Edit: I'm using windows 7 x64.  These updates installed on the 13th for me, I think I have rebooted at least twice since then and have had no issues, but better safe than sorry.
 

Couperin47

Well-Known Member
Silver Supporter
SoSH Member
To clarify, having recovered all my puters here which were afflicted because I had installed these updates, by removing the offending .dat file (which recreates itself every time you cold boot). I have tested all machines by cold booting repeatedly WITHOUT UNINSTALLING THESE UPDATES.  They are all fine so it seems to be a 'one time during initial install" bug. It can't hurt to uninstall these updates...assuming that MS gets it's head out of it's ass and fixes these...otoh I'm not going to have to worry if they don't since my machines are not going to try and reinstall any 'fixed' updates.
 
YMMV
 

InsideTheParker

Member
SoSH Member
Jul 15, 2005
29,073
Pioneer Valley
I of course understood only about 1% of the posts about these security updates. I checked my installed updates, and  I got all three of these guys yesterday. I had no trouble starting my computer today (it was completely off since last night). Does that mean I am out of the woods? I hope so, because I feel way too stupid to go through all the steps you outlined. I have a Dell Inspiron l764, running Win7, so I suppose I am in the endangered category? (Oops, now I see that you say the first or second time you boot up. Are you suggesting, above, that the best step is to uninstall these three updates and expect that MS will come up with other security updates that don't cause the problem? Is there anywhere to read about this on MS forums, etc., to see if it's a widespread problem?)
 
Another edit: My husband found this http://www.infoworld.com/t/microsoft-windows/users-find-fix-botched-kb-2982791-and-kb-2970228-windows-update-248476 identifying two of the updates you mention. We are very grateful to you for drawing this to our attention.
 

Couperin47

Well-Known Member
Silver Supporter
SoSH Member
InsideTheParker said:
I of course understood only about 1% of the posts about these security updates. I checked my installed updates, and  I got all three of these guys yesterday. I had no trouble starting my computer today (it was completely off since last night). Does that mean I am out of the woods? I hope so, because I feel way too stupid to go through all the steps you outlined. I have a Dell Inspiron l764, running Win7, so I suppose I am in the endangered category? (Oops, now I see that you say the first or second time you boot up. Are you suggesting, above, that the best step is to uninstall these three updates and expect that MS will come up with other security updates that don't cause the problem? Is there anywhere to read about this on MS forums, etc., to see if it's a widespread problem?)
 
Understand, we have no official word for MS on this fuckup, so the user forums have been doping this out. It appears this only affects 64 bit versions of Win 7, 8 and 8.1. So if you're running 32 bit versions you probably are safe. Some people I know who run 64 bit versions have also not had issues...hard to tell why... I have a theory:
 
The problem appears to be: Every time Windows starts (cold boot) it creates a data file of the installed fonts on your machine: fntcache.dat. IF THAT FILE DOESN'T EXIST. The win32k.sys file in the kernal accesses this data early in any cold boot and it seems if that data file is corrupted, instead of dealing gracefully with this issue, it bluescreens and crashes. These bad updates, during the install change the code, obviously. During install, you are forced to a warm boot which does not force a recreation of that data file. The first time you do a cold boot, the file gets recreated by the patch and is malformed. For whatever reason, the file only gets incorrectly created the first time after the patch, which is why forcing it to be created again (by renaming or just erasing the malformed version) solves the problem.
 
In some cases it appears you avoid the problem if you have very few fonts in your install (as a default install would have). In my case I have hundreds of extra fonts installed on all my puters.
 
I have 7 Ultimate x64 and 8.1 Pro x64 running here. 8.1 only tried to install 2 of the 3 updates and had no issues, I suspect because it's a laptop and does NOT have any extra fonts installed. All my 7 Ultimate puters installed all 3 updates and had issues.
 
Summary: Probably only an issue if you run 64 bit versions of Win 7, 8 or 8.1. May still not be an issue if you have only the minimal fonts installed by the OS. Probably only an issue on your first COLD boot after the updates, if you get into Windows that time, you have dodged the bullet, but do a 2nd cold reboot ...just to be sure.
 
In your case I think you dodged the bullet, and you don't need to uninstall anything. I still have all 3 patches installed and they are doing no further damage.
 

InsideTheParker

Member
SoSH Member
Jul 15, 2005
29,073
Pioneer Valley
Unfortunately, I added a second edit to my post before checking to see if you had an answering post. I will repeat the link here (http://www.infoworld.com/t/microsoft-windows/users-find-fix-botched-kb-2982791-and-kb-2970228-windows-update-248476) because it seems to identify problems with two of these updates, one of which is important, one very unimportant. Since my husband and I both have Win 7, 64 bit, we are inclined to uninstall at least those two before rebooting. The only qualm I have is that we will then not be getting the supposed security protection provided by 2791. BSOD is one of the reasons I fear computers, as in my case it seems to have preceded real death of the computer on more than one occasion. 
 

Joe Sixpack

Well-Known Member
Lifetime Member
SoSH Member
Sep 9, 2002
4,894
Canton, MA
So if I just uninstall the 3 updates, then I shouldn't have to do all the stuff with the boot disk and removing files - is that right?
 

Couperin47

Well-Known Member
Silver Supporter
SoSH Member
Joe Sixpack said:
So if I just uninstall the 3 updates, then I shouldn't have to do all the stuff with the boot disk and removing files - is that right?
 
If you have all 3 installed and have managed to cold boot since then, you probably have to do nothing. I need to reinforce my summary from above...apparently the whole issue, if it's going to occur, does so on the first cold boot after these patches. I repeat, I have not uninstalled the patches and have had no further problems from them. If they didn't cause you the problem immediately after install, you don't have to worry...until and unless MS finally tells us something. Relax.
 

Couperin47

Well-Known Member
Silver Supporter
SoSH Member
InsideTheParker said:
At least one report here: http://answers.microsoft.com/en-us/windows/forum/windows_7-windows_update/blue-screen-stop-0x50-after-applying-update/6da4d264-02d8-458e-89e2-a78fe68766fd?page=1&tm=1408074004742 that the first reboot worked fine, the second caused the BSOD. I'm uninstalling all three. I reckon I can re-install them later if the problem's been fixed.
 
I'll bet any amount that 'first reboot' was the one you're told to do after you install the patches ..and it's a warm boot.  No harm in uninstalling the patches however, except if you have your system set to automatically download and install updates (and many/most do) then you may just actually increase the chance of getting bitten by this bug as they get reinstalled.
 

crystalline

Member
SoSH Member
Oct 12, 2009
5,713
JP
Couperin47 said:
 
It does, see MS's own technical explanation here: http://support.microsoft.com/kb/102228
That says that the hardware and adapters can differentiate between a warm and cold boot, not how Windows does during the boot sequence. By the time a font cache is written to the filesystem, the OS has gotten a good way through booting and is well and fully in control.

I'll be interested to see an explanation of the cause of this. Meanwhile I've disabled updates.
 

Couperin47

Well-Known Member
Silver Supporter
SoSH Member
crystalline said:
That says that the hardware and adapters can differentiate between a warm and cold boot, not how Windows does during the boot sequence. By the time a font cache is written to the filesystem, the OS has gotten a good way through booting and is well and fully in control.

I'll be interested to see an explanation of the cause of this. Meanwhile I've disabled updates.
 
If you're waiting for an official explanation before you ever install any more updates, good luck.
 

crystalline

Member
SoSH Member
Oct 12, 2009
5,713
JP
To understand whether you have a problem, you'd want a plausible tech explanation of how a font cache file on the filesystem is written differently during warm/cold boot.  Official is not required.
 

mabrowndog

Ask me about total zone...or paint
Lifetime Member
SoSH Member
Dec 23, 2003
39,676
Falmouth, MA
Windows updated yesterday/last night (I have it set up to prompt me before installation so I can custom select & de-select certain crap, like MS Office and IE). I did the warm re-boot with my notebook PC to finish installations without incident (as I would expect, based on the above).
 
About an hour ago I shut down & cold-booted, which I'll do occasionally when my system seems to be running hot. It re-started & loaded Windows without incident.
 
I just saw this thread for the first time about 10 minutes ago. I've gone ahead and uninstalled the 3 updates anyway, but I'll be really hesitant to re-boot again until I get more of a comfort level over this shit.
 

mabrowndog

Ask me about total zone...or paint
Lifetime Member
SoSH Member
Dec 23, 2003
39,676
Falmouth, MA
Just got a "New Updates Are Available" alert from MS, with one important file and another listed as optional. The former is one of those from the opening post (KB2976897), while the latter is a Security Essentials Definition Update (KB2310138).
 
No chance in hell I'm installing the "important" one again.
 
As for the definition file, MS SE has used that KB code for prior updates, as a number of them pop up in Google from years past. Any ideas on how to vet the safety of that one? I'm skittish as all fuck about this shit right now.
 
EDIT - And huge thanks to Couperin47 for the heads up and detailed explanations.
 

Couperin47

Well-Known Member
Silver Supporter
SoSH Member
mabrowndog said:
Just got a "New Updates Are Available" alert from MS, with one important file and another listed as optional. The former is one of those from the opening post (KB2976897), while the latter is a Security Essentials Definition Update (KB2310138).
 
No chance in hell I'm installing the "important" one again.
 
As for the definition file, MS SE has used that KB code for prior updates, as a number of them pop up in Google from years past. Any ideas on how to vet the safety of that one? I'm skittish as all fuck about this shit right now.
 
EDIT - And huge thanks to Couperin47 for the heads up and detailed explanations.
 
Don't get paranoid. The AV definition updates are as benign as anything can be... hell their whole Security Essentials AV is pretty impotent: I have it running along with ESET NOD32 and Webroot on all my Win 7 boxes, it NEVER detects anything, mainly because one of the other 2 always block stuff first. Win 8  detects any other AV program and  their own app is shut off, no loss.
 
The real takeaway from this debacle is not that these minor security updates had bugs, it's that screwing up the contents of something as simple and tangential as the listing of installed fonts data completely crashes a fundamental portion of the kernel, even in safe mode. The worst that should happen is the OS is slow or unable to list/utilize some fonts.
 

Joe Sixpack

Well-Known Member
Lifetime Member
SoSH Member
Sep 9, 2002
4,894
Canton, MA
Couperin47 said:
 
If you have all 3 installed and have managed to cold boot since then, you probably have to do nothing. I need to reinforce my summary from above...apparently the whole issue, if it's going to occur, does so on the first cold boot after these patches. I repeat, I have not uninstalled the patches and have had no further problems from them. If they didn't cause you the problem immediately after install, you don't have to worry...until and unless MS finally tells us something. Relax.
 
I never cold boot...it has probably been 6 months since I cold booted my machine.
 

attydave

Member
SoSH Member
My wife's laptop was bitten by this bug - had no idea what happened until I read this thread.

The way I found to restore her machine was to let windows run the startup repair utility. It told me it could not repair, but gave me a link to additional repair options, one of which was system restore. I picked a restore point well in advance of the windows update and the turned off automatic updates.

I found the 3 bad files on all of my office computers, but got rid of them before they could wreak havoc. Thanks Microsoft!
 

edoug

Well-Known Member
Silver Supporter
SoSH Member
Jul 15, 2005
3,641
A big thanks to Couper, I wouldn't even had a clue  about this and who  I hadn't received the updates and I forced a search. KB2976897 and KB2982791 were on the list and I hid them. I can't imagine what I would've done if I hadn't read this. 
 

OttoC

Member
SoSH Member
Dec 2, 2003
7,353
Okay, I uninstalled those three security patches from my wife's computer and renamed the FNTCACHE.DAT file to FNTCACHE.BAD. Should I now rename the FNTCACHE file back to its original .DAT file type or just leave it as is? It has rebooted coldly several times without problem.
 
As for my computer, I did the same thing. The only difference is that Microsoft is telling me that I have an important security update waiting to be installed, namely KB2976897. Since I don't know what these three security patches were for, I don't know if I'm leaving my computers more vulnerable by not installing them. I also don't know if the absence of the FNTCACHE.DAT file will have any impact on other programs on my system as I have a lot of fonts thanks to Adobe. Consequently, I'm holding off on the cold reboot until I learn more. Thanks for your help, Couperin47.
 

leftfieldlegacy

Member
SoSH Member
Jul 31, 2005
721
North Jersey
Couperin47 said:
 
If you have all 3 installed and have managed to cold boot since then, you probably have to do nothing. I need to reinforce my summary from above...apparently the whole issue, if it's going to occur, does so on the first cold boot after these patches. I repeat, I have not uninstalled the patches and have had no further problems from them. If they didn't cause you the problem immediately after install, you don't have to worry...until and unless MS finally tells us something. Relax.
Thanks for this info Coup.(and also for your ESET NOD32 / Webroot recommendations which I installed for incredibly cheap $ several weeks ago)
 
I searched and found that all 3 of the security patches had been installed on my computer during the last round of Windows updates. I had already done 1 cold reboot without incident, before I read this thread. Fortunately, I have been able to cold boot my computer several times since then, without uninstalling any of the updates. So I guess I dodged that bullet. 
 

Couperin47

Well-Known Member
Silver Supporter
SoSH Member
attydave said:
My wife's laptop was bitten by this bug - had no idea what happened until I read this thread.

The way I found to restore her machine was to let windows run the startup repair utility. It told me it could not repair, but gave me a link to additional repair options, one of which was system restore. I picked a restore point well in advance of the windows update and the turned off automatic updates.

I found the 3 bad files on all of my office computers, but got rid of them before they could wreak havoc. Thanks Microsoft!
 
That's an option which is not available to most power users who have the restore feature turned off.
 

Couperin47

Well-Known Member
Silver Supporter
SoSH Member
OttoC said:
Okay, I uninstalled those three security patches from my wife's computer and renamed the FNTCACHE.DAT file to FNTCACHE.BAD. Should I now rename the FNTCACHE file back to its original .DAT file type or just leave it as is? It has rebooted coldly several times without problem.
 
As for my computer, I did the same thing. The only difference is that Microsoft is telling me that I have an important security update waiting to be installed, namely KB2976897. Since I don't know what these three security patches were for, I don't know if I'm leaving my computers more vulnerable by not installing them. I also don't know if the absence of the FNTCACHE.DAT file will have any impact on other programs on my system as I have a lot of fonts thanks to Adobe. Consequently, I'm holding off on the cold reboot until I learn more. Thanks for your help, Couperin47.
 
After you erase or rename the fntcache.dat file, in your next cold boot Windows will recreate the file. Erase the renamed bad file. For whatever reason, the bad update only creates a bad version of the file during the first cold boot after the updates are installed. I repeat I haven't bothered uninstalling these updates and they are causing no further issues, and I don't have to worry about the OS suggesting I need to install these again.
 

Couperin47

Well-Known Member
Silver Supporter
SoSH Member
BTW, even if you have avoided this issue, following the directions in the initial post and having a copy of the Hiren Disk sitting around will take you maybe 5 mins to obtain. I know that many of us are driving around these days without a jack or a spare tire...but if you're as old as me, having them gives you a warm fuzzy feeling. It's really nice to know that even if the OS screws up or your boot drive decides it's time to be scrap, you have a way to easily and immediately get access to all your files on all your other drives and even run a ton of useful basic applications on the recalcitrant computer.
 
Let me suggest one other scenario where it's handy: For whatever reason you want to rename, edit or erase a file and Win 7 or even more often Win 8 refuses to give you permission. You're already an Admin, you have struggled with the ownership labyrinth and Microsoft is still telling you NO. Booting into Hiren puts you in a version of XP, before MS decided you need to be protected from yourself at all costs, and suddenly you control the vertical, you control the horizontal and it's the Inner Limits.
 

InsideTheParker

Member
SoSH Member
Jul 15, 2005
29,073
Pioneer Valley
I am also getting the update kb2986897 again. I believe that it has been declared "innocent" whereas 2982791 and 2970228 have been identified as the culprits. Microsoft has advised removing 82791, as far as I have gotten reading this forum.
 

Couperin47

Well-Known Member
Silver Supporter
SoSH Member
InsideTheParker said:
I am also getting the update kb2986897 again. I believe that it has been declared "innocent" whereas 2982791 and 2970228 have been identified as the culprits. Microsoft has advised removing 82791, as far as I have gotten reading this forum.
 
The user forums are both good and bad: they respond quickly, but you get a lot of noise and sometimes misinformation. MS is now admitting KB2982791 and KB2970228 were culprits. We also have speculation that the issue relates to whether or not you have a quantity of OpenType fonts on your machine. Others insisting KB2976897 caused their issue, some claiming they had the issue on 32 bit versions of Win 7. One member claims that on examining their listing of fonts (in these cases we have people who have been able to boot into windows, but are having other issues related to these updates) they are finding their font listing (you can see this in Control Panel under Fonts) includes shortcuts to fonts, not just listings of actual font files...such shortcuts should NOT be in there.
 
As to those who are concerned they are vulnerable because they don't have 1 or 2 security patches installed: MS averages 12-15 such patches a month and will be issuing at least that many every month  til the day they cease support of whatever OS you are running. Your OS has been, currently is and always will be vulnerable. The bulk of these patches are not in response to specific attacks they have become aware of, the truth is your OS is not measurably more secure after each update, installing decent quality aftermarket AV applications and showing some sense in where you go and what email you even bother reading is how you remain safe. If you still believe your Bank, ebay, Paypal or others actually sent you email telling you to login to solve a problem, avoid being terminated or require your personal information to be updated... then nothing anyone here can say or do is going to protect you.
 
As for updates, a prudent strategy (which I didn't follow myself this month...) is to change your settings to avoid automatic update install, instead use notify me of updates. Then wait at least 5 days after each month's releases to see if anything has created this sort of shitstorm...
 

Rice4HOF

Member
SoSH Member
Jan 21, 2002
1,731
Calgary, Canada
Thanks for the heads up. My laptop is fine, my daughter's not so much. I'm trying to follow the instructions to create a boot CD on a USB stick and I'm stuck. On this page http://www.hiren.info/pages/bootcd-on-usb-disk , I've followed the first 3 steps, but step 4 says to copy the contents from a CD to the USB.  I don't have a CD drive... I did download the Hiren's Boot CD v 15.2 zip file.  It has an ISO file and a few executables, including a "BurnToCD.exe" which unsurprisingly gives me an error because I don't have a CD drive.   Any idea what files I need to copy to the USB stick? 
 

Couperin47

Well-Known Member
Silver Supporter
SoSH Member
Rice4HOF said:
Thanks for the heads up. My laptop is fine, my daughter's not so much. I'm trying to follow the instructions to create a boot CD on a USB stick and I'm stuck. On this page http://www.hiren.info/pages/bootcd-on-usb-disk , I've followed the first 3 steps, but step 4 says to copy the contents from a CD to the USB.  I don't have a CD drive... I did download the Hiren's Boot CD v 15.2 zip file.  It has an ISO file and a few executables, including a "BurnToCD.exe" which unsurprisingly gives me an error because I don't have a CD drive.   Any idea what files I need to copy to the USB stick? 
 
This gets a bit complicated: an iso is an image to be directly burned to a cd, absent this you need a program that can open/decode an iso file ... these exist ..Isobuster is one that comes to mind. Some will even let you 'mount' the iso (create a virtual cd on your hard drive)... but it's much easier to just find someone who has a cd burner.
 
Finally here's a site that offers several other ways to use the ISO onto a USB drive...I'm going to add this reference to the original post. BTW I will warn you that I've tried using Rufus several times and have had a 50% success rate at producing a bootable drive. https://www.raymond.cc/blog/how-to-put-hirens-bootcd-on-flash-memory/
 

InsideTheParker

Member
SoSH Member
Jul 15, 2005
29,073
Pioneer Valley
I have done a cold re-boot after removing all three of the suspect patches and changing my updates to notify rather than automatically install, and am receiving again the update KB2976897, which I am not going to install for five days. Perhaps its reissue indicates that MS has officially declared it innocent, whereas the other suspects have been quarantined. But I have a question. How do those of us out of the loop know this stuff is going on unless you tell us? (Thanks again, by the way.)
 

Couperin47

Well-Known Member
Silver Supporter
SoSH Member
InsideTheParker said:
I have done a cold re-boot after removing all three of the suspect patches and changing my updates to notify rather than automatically install, and am receiving again the update KB2976897, which I am not going to install for five days. Perhaps its reissue indicates that MS has officially declared it innocent, whereas the other suspects have been quarantined. But I have a question. How do those of us out of the loop know this stuff is going on unless you tell us? (Thanks again, by the way.)
 
You need to obsessively follow all sorts of techie sites. You know how some in here follow baseball fantasy and sabre sites with a zeal that those of us who are not so invested find incomprehensible ? Some of us are lifelong techies and follow equally boring sites. This screwup has been special: just big enough and harmful enough to constitute real disaster for those afflicted, but not big enough to generate coverage by mainstream news.
 

Rice4HOF

Member
SoSH Member
Jan 21, 2002
1,731
Calgary, Canada
Thanks again Couperin47. I figured it out.  One of the files downloaded on that boot zip file was called HBCDCustomizer.exe.  I clicked on it, and it allowed you to pick a source ISO and a target drive and it put the files on there.  I should be able to fix daughter's laptop now.  And I'm going to update all the PCs to only download updates but not install them until I choose to.
 

SumnerH

Malt Liquor Picker
Dope
Jul 18, 2005
27,560
Alexandria, VA
Couperin47 said:
 In 6 months the power has never been cut at all ? Ever ? This a laptop you keep in sleep/hibernation all the time ?
 
It's easily been over a year since the power went out for more than a minute or two, which is no problem even for my crappy home UPS (it'll give me 5 minutes or so, basically just enough to deal with hiccups).  That's about the only time I cold-boot, I normally use kexec for kernel upgrades to avoid POST and boot loader delays.
 

Couperin47

Well-Known Member
Silver Supporter
SoSH Member
SumnerH said:
 
It's easily been over a year since the power went out for more than a minute or two, which is no problem even for my crappy home UPS (it'll give me 5 minutes or so, basically just enough to deal with hiccups).  That's about the only time I cold-boot, I normally use kexec for kernel upgrades to avoid POST and boot loader delays.
 
I'm hardly surprised you have a UPS on every box, I do too...out here in the sticks I regularly get outages that last hours. These days I actually do turn off boxes now and then, though mostly I just kill power to the monitors.
 

EricFeczko

Member
SoSH Member
Apr 26, 2014
3,468
Thanks coup. I've been in Vietnam with limited access but made sure to avoid installing these updates after getting back.
 
For those with windows 8, you can mount disk images without additional software. Just right-click on the ISO file and select "mount".
Rice4HOF said:
Thanks for the heads up. My laptop is fine, my daughter's not so much. I'm trying to follow the instructions to create a boot CD on a USB stick and I'm stuck. On this page http://www.hiren.info/pages/bootcd-on-usb-disk , I've followed the first 3 steps, but step 4 says to copy the contents from a CD to the USB.  I don't have a CD drive... I did download the Hiren's Boot CD v 15.2 zip file.  It has an ISO file and a few executables, including a "BurnToCD.exe" which unsurprisingly gives me an error because I don't have a CD drive.   Any idea what files I need to copy to the USB stick? 
 

Couperin47

Well-Known Member
Silver Supporter
SoSH Member
EricFeczko said:
Thanks coup. I've been in Vietnam with limited access but made sure to avoid installing these updates after getting back.
 
For those with windows 8, you can mount disk images without additional software. Just right-click on the ISO file and select "mount".
 
LOL good to know, I only have one 'puter with Win 8.1, a laptop and admittedly never use it for any heavy lifting, it turns out the Hiren package now includes a utility for using the iso directly also. I'm so rooted in the past I can't imagine having any computer that doesn't include a DVD burner... then again to help friends and others I only retired my last box that included a combo 3.5 & 5 1/4 floppy drive 6 months ago...
 

Joe Sixpack

Well-Known Member
Lifetime Member
SoSH Member
Sep 9, 2002
4,894
Canton, MA
Couperin47 said:
 
This gets a bit complicated: an iso is an image to be directly burned to a cd, absent this you need a program that can open/decode an iso file ... these exist ..Isobuster is one that comes to mind. Some will even let you 'mount' the iso (create a virtual cd on your hard drive)... but it's much easier to just find someone who has a cd burner.
 
Finally here's a site that offers several other ways to use the ISO onto a USB drive...I'm going to add this reference to the original post. BTW I will warn you that I've tried using Rufus several times and have had a 50% success rate at producing a bootable drive. https://www.raymond.cc/blog/how-to-put-hirens-bootcd-on-flash-memory/
 
I've used the following to "burn" ISOs to USB drives and have had 100% success:
 
http://www.pendrivelinux.com/universal-usb-installer-easy-as-1-2-3/
 
It is advertised as being used for Linux ISOs, but it will work with any .iso file, including Windows DVDs, to create a bootable USB.
 
 
 In 6 months the power has never been cut at all ? Ever ? This a laptop you keep in sleep/hibernation all the time ?
 
That's correct. For the most part it runs actively 24/7, but I occasionally put it in sleep mode. I warm boot it periodically (usually after installing windows updates). It has not had a full power down/cold boot cycle in ages. Last time was probably when I moved into my new house earlier this year. It's a laptop, so on the rare occasions we've had power outages it runs off battery.
 

Joe Sixpack

Well-Known Member
Lifetime Member
SoSH Member
Sep 9, 2002
4,894
Canton, MA
Couperin47 said:
 
You need to obsessively follow all sorts of techie sites. You know how some in here follow baseball fantasy and sabre sites with a zeal that those of us who are not so invested find incomprehensible ? Some of us are lifelong techies and follow equally boring sites. This screwup has been special: just big enough and harmful enough to constitute real disaster for those afflicted, but not big enough to generate coverage by mainstream news.
 
After Blue Screen of Death reports, Microsoft says to uninstall recent patch
 
http://arstechnica.com/information-technology/2014/08/after-blue-screen-of-death-reports-microsoft-says-to-uninstall-recent-patch/