Windows 8.1/Server 2012: Updates and AMD boot issue fix

[German]Microsoft has released a Fix for non bootable AMD system (after installing Updates KB4056898 or KB4056895). And Update KB4057401 (Preview of Monthly Rollup) for Windows 8.1, and Update KB4057402 (Preview of Monthly Rollup) for Windows Server 2012 has been released.


Advertising

Update KB4057401 for Windows 8.1/Server 2012 R2

Update KB4057401 (Preview of Monthly Rollup) for Windows 8.1 and Windows Server 2012 R2 Standard is a non-security update. It contains improvements and corrections that were part of KB4056896 (published on January 4, 2018) and also includes the fnew quality improvements below as a preview of the next monthly rollup update.

  • Addresses issue where every smart card logon to a Windows Terminal Server/Remote Desktop Server may result in a handle leak in the certprop service. Token leaks result in session leaks on computers that have installed MS16-111/KB3175024 and superseding fixes.

  • Addresses issue where servers running AppLocker stop working.
  • Addresses issue where an unexpected system restart occurs because of exception code 0xc0000005 (Access Violation) in LSASS.exe, where the faulting module is cryptnet.dll.
  • Addresses issue where, if the Online Certificate Status Protocol (OCSP) renewal date comes after the certificate expiration date, the OCSP-stapled response is used until the renewal date even though the certificate has expired.
  • Addresses multiple symptoms that occur during power transitions including a stop error 0x9F (0000009F) when a device tries to enter sleep mode or restart. USB PnP devices may also be unusable after waking from sleep.
  • Addresses issue where the iSCSI Initiator Properties Devices list doesn't display certain targets.
  • Addresses issue where Event ID 1511 appears when you start a task that is created in Task Scheduler.
  • Addresses issue where a race condition in memory management may lead to Error 0x50 or 0x149 when trimming sparse files.
  • Addresses issue where AD FS incorrectly processed the wct parameter in a ws-federation request as a local time instead of a UTC value. This affects customers that federate AD FS with other third-party identity providers. Authentication failed because incorrect wct values implied bad or old requests.
  • Addresses issue where attempts to view the previous versions of a file on a file share fail. This occurs after a disk that hosts file shares goes offline and comes back online.
  • Addresses the following issues with the WinRM service:
    • A threading issue that may cause the WinRM service to crash under load. This is a client-side solution, so you must apply it to the affected computers(s) and the computers that communicate with the WinRM service.
    • A system performance issue that may cause logon to stop responding with the message, "Please wait for the Remote Desktop Configuration". This was caused by a deadlock in the WinRM service.
  • Addresses issue originally called out in KB4056895 where calling CoInitializeSecurity with the authentication parameter set to RPC_C_AUTHN_LEVEL_NONE resulted in the error STATUS_BAD_IMPERSONATION_LEVEL.

It should be noted that this update is only available via Windows Update if the installed antivirus software on the system flags via a registry entry that it is compatible. The topic has been mentioned within my blog post Windows 10: Updates KB4057144 and KB4057142 and within kb article KB4057401.

The update is distributed via Windows Update, but can also be downloaded via Microsoft Update Catalog. Since it is a preview rollup, it doesn't really need to be installed – it will be offered next month.

Update KB4057402 for Windows Server 2012 Standard

Update KB4057402 (Preview of Monthly Rollup) for Windows Server 2012 Standard is a non security update. It contains improvements and fixes shipped with KB4056896 (released January 4, 2018). And there are the improvements listed below as a preview for next month's rollup update:


Advertising

  • Addresses issue where every smart card logon to a Windows Terminal Server/Remote Desktop Server may result in a handle leak in the certprop service. Token leaks result in session leaks on computers that have installed MS16-111/KB3175024 and superseding fixes.
  • Addresses the following issues with the WinRM service:
    • A threading issue that may cause the WinRM service to crash under load. This is a client-side solution, so you must apply it to the affected computers(s) and the computers that communicate with the WinRM service.
    • A system performance issue that may cause logon to stop responding with the message, "Please wait for the Remote Desktop Configuration". This was caused by a deadlock in the WinRM service.
  • Addresses issue originally called out in KB4056896 where calling CoInitializeSecurity with the authentication parameter set to RPC_C_AUTHN_LEVEL_NONE resulted in the error STATUS_BAD_IMPERSONATION_LEVEL.

The update is distributed via Windows Update, but can also be downloaded via Microsoft Update Catalog. There is no registry key added from antivirus solution mentioned, and also the AMD boot issues aren addressed. Since it is a preview rollup, it doesn't really need to be installed – it will be offered next month.

KB article helps with AMD boot issue

At the beginning of the year, Microsoft quickly released security updates to harden Windows against Meltdown/Spectre attacks. However, the January 3, 2018 update January 3, 2018—KB4056898 (Security-only update) and January 8, 2018 update January 8, 2018—KB4056895 (Monthly Rollup) for Windows 8.1 and Windows Server 2012 R2 caused problems. On AMD systems there were Blue Screens and many systems could not boot anymore.

Under the KB number4073576 you will find a document which deals with the boot problem. The new update is available as a stand-alone package via Microsoft Update Catalog. However, I wonder how Windows 8.1 users should install the fix when the operating system doesn't boot anymore.

Similar articles
Windows 10: Updates KB4057144 and KB4057142
Microsoft Security Update Summary for January 9, 2018
Windows 7/8.1: Updates KB4056894, KB4056895 released
Critical Security Updates for Windows 7/8.1/Server (01/03/2018)
Windows 10: Critical Updates (01/03/2018)


Cookies helps to fund this blog: Cookie settings
Advertising


##1

This entry was posted in issue, Security, Update, Windows and tagged , , , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *