Windows 10 disaster (part 2)!

As if things couldn’t get any worse for those who took the plunge and upgraded to version 1809, apparently now there’s reports of issues with ZIP files that Microsoft seemed to have been made aware of back in May! (Ugh!)

As stated by Kurt Mackie who writes for Redmond Magazine:

The problem with the October Update’s .ZIP capability, an internal file compression and decompression capability that’s built into Windows 10, was noted in a Reddit forum last week, but it’s only now acknowledged in a Microsoft community forum post. The problem affects users who tried copying zipped archive files to another folder without first unzipping the files, according to an explanation by Microsoft forum agent/moderator M. Hamer. In such cases, the copy operation seems to succeed but it actually fails.

What a mess!

Heads up Server Admins…watch out for these updates!

After three years of using System Center Configuration Manager, we are finally leveraging it to manage the security updates for our server collection and a significant part of that task is to ensure that we research as to whether there are any known issues with the updates that may potentially cause issues with our servers.  While browsing online for any problems that may have been documented with the October release of updates, I came across this post from Microsoft regarding three updates to look out for…

Other than that…good luck and Happy Patching!

Security update for Microsoft Exchange Server 2013 and 2016: October 9, 2018
When you try to manually install this security update in “normal mode” (not running the update as an administrator) by double-clicking the update file (.msp), some files are not correctly updated. When this issue occurs, you do not receive an error message or any indication that the security update was not correctly installed. Also, Outlook Web Access (OWA) and the Exchange Control Panel (ECP) may stop working. This issue occurs on servers that are using user account control (UAC). The issue occurs because the security update does not correctly stop certain Exchange-related services.
To avoid this issue, run the security update in elevated mode, as an administrator. To do this, right-click the update file, and then click Run as administrator.
This issue does not occur when you install the update from Microsoft Update.

October 9, 2018—KB4462917 (OS Build 14393.2551) – Windows 10, version 1607; Windows Server 2016
After installing this update, installing Window Server 2019 Key Management Service (KMS) host keys (CSVLK) on Window Server 2016 KMS hosts does not work as expected. Microsoft is working on a resolution and will provide an update in an upcoming release.

October 9, 2018—KB4462923 (Monthly Rollup) – Windows 7 Service Pack 1; Windows Server 2008 R2 Service Pack 1
After you apply this update, the network interface controller may stop working on some client software configurations. This occurs because of an issue related to a missing file, oem<number>.inf. The exact problematic configurations are currently unknown.
[1] To locate the network device, launch devmgmt.msc. It may appear under Other Devices.
[2] To automatically rediscover the NIC and install drivers, select Scan for Hardware Changes from the Action menu.
Alternatively, install the drivers for the network device by right-clicking the device and choosing Update. Then choose Search automatically for updated driver software or Browse my computer for driver software.

Data Loss Problem with Windows 10 v1809

What caused the Data Loss problem for those who installed Windows 10 v1809

Windows 10 v1809 October 2018 Update was hit by the worst bug till now. A lot of users who upgraded to it reported a loss of files from their user folder. It turned out to be a bug in Windows 10 Upgrade deleted those files because of what is Microsoft calling Known Folder Redirection (KFR) redirection issue. Microsoft is now rolling out a fixed version with ISO and Media Creation offerings, while those who have already updated to v1809 are getting a Cumulative Update 17763.55 (KB4464330) as part of the fix. Now let’s deep dive into what caused the data loss problem for those who installed Windows 10 v1809.

What caused the Data Loss in Windows 10 v1809

Known Folder Redirection is a technique which allows one to change the default location of folders like Downloads, Music, Documents, OneDrive, etc. to somewhere else on the PC without changing where they appear on the Windows Explorer.

When v1809 was under testing, a couple of users reported that when this technique was used, they had an extra copy of empty folder at those default location. Microsoft added a new set of code in the October 2018 Update to remove these empty, duplicate known folders. This changed combined with another change to the update sequence, resulted in the deletion of the original “old” folder locations and their content, leaving only the new “active” folder intact.

Known Folder Redirection

What is even surprising to note is that this was a remote issue which was reported by a set of users while this version was with Insiders. Since Feedback Hub is based out of voting, this major issue was buried as it did not get many votes from all the users. Shared by @WithinRafael on Twitter, it’s pretty clear that Microsoft had it overlooked. IMO any issues which are around file deletion must be taken seriously.

Data Loss problem in Insiders

 

Windows Team adds further that the user files were deleted in the following situations:

  1. If the contents of c:\users\username\documents were not moved to D:\documents when the location was being changed,  then a user could also encounter this issue.
  2. When the user chose to redirect their folders to another folder on OneDrive but chose not to move existing files to new location. Since those files were not moved, October Update treated them as duplicate folders and deleted them.
  3. If Known Folder redirection was used using an early version of the OneDrive client with settings to turn on the Autosave feature. The client didn’t move the old files to the new location.

So if the files were left in the old location they where removed by the Update. Now here is what I am surprised at. Why did users choose to leave the files after migration to a new location? Secondly, why were they looking at these folders when they had already migrated to a new location?

On a related note – comments like these should cause concern to Microsoft:

The Win 10 updates are unpredictable. I’m scared to death each time the automatic updates (which I can not disable) happen. After an update one of more installed software stop working and need re-installing. I have no viruses or cracked software. The last Win 10 update corrupted the MBR (Master Boot Record) on my 2 laptops and 1 desktop. 3 computers done the same update at the same time and having corrupted MBRs is NOT a coincidence. Microsoft owes $900 just for this damage alone. i spent $300 for each computer to have the drives removed and put new drives in so I can keep my data that was not corrupted in the old hard drives. The “reset Win 10” without losing personal data function in the advanced settings was not working on all 3 computers. Thank God I had 3 spare SSDs as a backup, but it is such a hassle going through the old hard drives and saving all the data in different locations. I’m switching to MAC and ditching everything PC related – PERIOD!

If you lost your data files, you can try and recover those files.

Windows 10 v1809 October 2018 Update is now available for download again. If you wish to still play safe, you may defer the installation of this feature update.

Windows 10 disaster!

The latest version of Windows 10 has been a disaster thus far since it was released on October 2nd and it appears that the “file deletion” bug after upgrading to version 1809 appears to be the straw that broke the camels back as Microsoft finally decided to remove the latest update from their sites effective October 6th and have put version 1803 back in its place.  It’s situations like this as to why it does not pay to be an early adopter.  Since I’m in charge on creating / maintain our Windows 10 images, I have stood up a few virtual machines for testing purposes but no way would I ever deploy any new version of an OS so soon without having all the bugs getting worked out.  Even with version 1803, we did not start deploying it until August as it too had its fair share of issues.  Who knows when version 1809 will be fixed and made available again for the masses…stay tuned!

Breakdown of different types of WSUS Updates

Recently, I had to explain the difference between the types of updates showing in our SCCM update catalog and figured that it might be helpful to others looking for a detailed explanation.

The update categories are as follows:

 

A security-only quality update:

• A single update containing all new security fixes for that month
• This will be published only to Windows Server Update Services (WSUS), where it can be consumed by other tools like ConfigMgr, and the Windows Update Catalog, where it can be downloaded for use with other tools or processes. You won’t see this package offered to PCs that talk to Windows Update.
• This will be published to WSUS using the “Security Updates” classification, with the severity set to the highest level of any of the security fixes included in the update.
• This (like all updates) will have a unique KB number.
• This security-only update will be released on Update Tuesday (commonly referred to as “Patch Tuesday”), the second Tuesday of the month. (This is also referred to as a “B week” update.)

A security monthly quality rollup:

• A single update containing all new security fixes for that month (the same ones included in the security-only update released at the same time), as well as fixes from all previous monthly rollups. This can also be called the “monthly rollup.”
• This will be published to Windows Update (where all consumer PCs will install it), WSUS, and the Windows Update Catalog. The initial monthly rollup released in October will only have new security updates from October, as well as the non-security updates from September.
• This will be published to WSUS using the “Security Updates” classification. Since this monthly rollup will contain the same new security fixes as the security-only update, it will have the same severity as the security-only update for that month.
• With WSUS, you can enable support for “express installation files” to ensure that client PCs only download the pieces of a particular monthly rollup that they haven’t already installed, to minimize the network impact.
• This (like all updates) will have a unique KB number.
• This monthly rollup will be released on Update Tuesday (also known as “Patch Tuesday), the second Tuesday of the month. (This is also referred to as a “B week” update.)

A preview of the security monthly quality rollup:

• An additional monthly rollup containing a preview of new non-security fixes that will be included in the next monthly rollup, as well as fixes from all previous monthly rollup. This can also be called the “preview rollup.”
• This preview rollup will be released on the third Tuesday of the month (also referred to as the “C week”).
• This will be published to WSUS using the “Updates” classification as an optional update. It will also be available via Windows Update (where all consumer PCs will install it) and on the Windows Update Catalog.
• With WSUS, you can enable support for “express installation files” to ensure that client PCs only download the pieces of a particular monthly rollup that they haven’t already installed, to minimize the network impact.
• Starting in early 2017 and continuing for several months, older fixes will also be added to the preview rollup, so it will eventually become fully cumulative; installing the latest monthly rollup will then get your PC completely up to date.
• This (like all updates) will have a unique KB number.

Common SCCM Site System Roles

Recently I was asked to give a breakdown of the different site roles within SCCM.  Hopefully this serves as a good reference for those requesting it and/or needing it:

Software update point   A site system role that runs Microsoft Windows Server Update Services (WSUS) and allows Configuration Manager to use the WSUS catalog to scan Configuration Manager clients for software updates.

  • Application Catalog web service point: A site system role that serves as an Application Catalog web service point.
  • Component server: Any server requiring a Configuration Manager service to be installed.
  • Distribution point: A Configuration Manager server role that stages packages for distribution to clients.
  • Endpoint Protection point: A site system role that serves as a endpoint protection point.
  • Management point: A site system role that replies to Configuration Manager client requests and accepts management data from Configuration Manager clients.
  • Site server: The main site system role that hosts the Configuration Manager components and services.
  • Site system: A server or server share that hosts one or more site system roles for a Configuration Manager site.
  • Component server: Any server requiring a Configuration Manager service to be installed.
  • Reporting services point: A site system role that  provides integration with SQL Server Reporting Services to create and manage reports for Configuration Manager.