What’s happened with Microsoft’s February patchday?

Windows Update[German]Microsoft has stopped the release of all updates on February 2017 patchday (02/14/2017). There are now speculations, about the reason for that decision. Was a compromised Windows Update severs the reason for that?


The facts

Microsoft has surprisingly announced on February 14, 2017, the the monthly patches are delayed, due to a "last minute issue". This has been announced within this Technet article, published by the MSRC team.

Our top priority is to provide the best possible experience for customers in maintaining and protecting their systems. This month, we discovered a last minute issue that could impact some customers and was not resolved in time for our planned updates today.

After considering all options, we made the decision to delay this month's updates. We apologize for any inconvenience caused by this change to the existing plan.

No word, how long the delay will be. I've had another look at the article and found now an addendum, saying:

UPDATE: 2/15/17: We will deliver updates as part of the planned March Update Tuesday, March 14, 2017.

They delayed updates for a month? A long time for a "last minute issue", that has been stated as a bug in several Internet articles. And I should point out, that at least two issues are not resolved: The SMB-vulnerability, see SMB Zero-Day vulnerability in Windows 8.1/10/Server, that's within the network. And Adobe has closed Flash vulnerabilities (see Adobe Patchday: Flash, Digital Editions (February 2017)).

What was the reason?

There might be strange things happened at Microsoft to postpone Updates a whole month. A single bug seems not the reason. Some people believe that broken Windows Update server could be the case. But it seems, that WU works, and it's unlikely, because WSUS and Microsoft Update Catalog are working (see screen below).

Microsoft Update Catalog


But updates KB2952664 / KB2976978 just released before patch day (see Windows 7/8.1: Update KB2952664 / KB2976978 re-released) has been pulled from Windows Update and also Microsoft Update Catalog.

I've checked it, Update KB2952664 has been pulled (see screen above), and KB2976978 for Windows 8.x will be offered with revision date 7/11/2016, for Windows 8, although this KB article has a revision date 9 Feb 2017. Also a reader within my German blog told me, that the update has been pulled from WU.

Then I recognized, that the Technet article mentioned above was posted from MSRC (stands for Microsoft Security Response Center) who is responsible for:

The MSRC works with partners and security researchers around the world to help prevent security incidents and to advance Microsoft product security.

Now we can speculate: Was Microsoft Update compromised, as Woody Leonhard speculates here? Also computerworld.com has an article, dealing with the delayed update. What's your opinion?

Addendum: My internal sources mentioned, that the two pulled Updates KB2952664 and KB2976978 has something to do with changes in Telemetry. I mentioned within my German blog post Windows 7/8.1: Updates KB2952664/KB2976978 zurückgezogen the feature DoScheduledTelemetryRun that causes a high CPU load on some systems (the issue has been observed since since February 2015). Maybe this is also the cause for the postponed February patch day to March 2017.

Cookies helps to fund this blog: Cookie settings


This entry was posted in Security, Update, Windows and tagged , , , . Bookmark the permalink.

One Response to What’s happened with Microsoft’s February patchday?

  1. Pingback: February’s Patch Tuesday will be in March @ AskWoody

Leave a Reply

Your email address will not be published. Required fields are marked *