[German]Microsoft has release update rollup KB3172605 for Windows 7 SP1 and Windows Server 2008 R2 SP1 at 07/21/2016. This update shall fix a few non security issues, but breaks (Intel) Bluetooth.
I’ve been noticed about this update by some a user comment within my German blog. And at my Googl+ accout Hanspeter wrote “The Windows 7 & Server 2008 R2 Patch disappeared and reappeared every few minutes today”. So I decided to check Windows Update and sort a few things out.
Update KB3172605 has been offered on my Windows 7 SP1 machine as optional and is also listed in Microsoft’s Update-History.
Details about Update KB3172605
Update KB3172605 is the July 2016 update rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1. It replaces the June update rollups, which I’ve addressed in June 2016 update rollup (KB3161608) for Windows 7 SP1, and Windows Server 2008 R2 SP1. The July update rollup includes quality improvements (no new operating system features are being introduced – because Windows 7 SP1 and Windows 7 SP1 are now in ‘Extended Support’). Also no new security updates are included. Key changes of this update rollup are:
- Improved support in Microsoft Cryptographic Application Programming Interface (CryptoAPI) to help identify websites that use Secure Hash Algorithm 1 (SHA-1).
- Addressed issue in Microsoft Secure Channel (SChannel) that sometime causes Transport Layer Security (TLS) 1.2 connections to fail depending on whether the root certificate is configured as part of the certificate chain for server authentication.
Both improvement are fixes to improve the outdated SHA-1 support (I’ve addressed this issue within my German blog post Abschied von SHA-1 in 2016 heißt reagieren …). SHA-1 support is fading out in 2016.
Should I install the update rollup?
The interesting question is whether to install this optional update rollup or not. My recommendation: It depends. If you’ve concerns about “new telemetry features” implemented in Windows 7 SP1 or fear an upgrade to “Windows 10”, there may be no warnings so far. Nothing related has been found within this update rollup so far.
Update Rollup KB3172605, the Bluetooth killer …
If you depend on Bluetooth, it’s strongly recommended to hide this update rollup and wait for a revision. The version released on July 21, 2016 causes a serious issue. According to Microsoft KB article:
After you install KB 3133977, the software for Intel Bluetooth devices may not be fully functional because of existing software issues in the Intel Bluetooth driver software. These issues may affect Bluetooth keyboards, mice, audio streaming devices, and voice headsets. You may also not be able to pair new Bluetooth devices. Intel is currently working on an update to address their software incompatibilities.
The problem occurs with Intel Bluetooth chips, but the devil is buried in the details. The problem comes with KB3161608 (see June 2016 update rollup (KB3161608) for Windows 7 SP1, and Windows Server 2008 R2 SP1). Update KB3133977 (Bitlocker update from June 2016) included in KB3161608 has been responsible for this issue. Also blog reader Rolf confirms within my German blog the bluetooth issue in a comment. There is a broad discussion at Intel communities here, here and here.
Microsoft recommends for users depending on a working bluetooth stack as a workout: block this update – and if it has been installed to uninstall this update rollup. Microsoft will release a revised update rollup.