[German]After April 2019 patchday, some Windows 7 users are confronted with a curiosity. Windows Update or WSUS suddenly provide the security update KB3185319 for Internet Explorer from 2016.
In recent months, blog readers have been contacting me from time to time and pointing out a curiosity. Suddenly, updates from the past are offered via Windows Update. This usually happens after Microsoft has removed updates from the servers or withdrawn an update.
Two users reporting update KB3185319
A few hours ago, German blog reader chriscrosser contacted me via e-mail titled ‘chaos at MS’ and wrote:
the chaos at Microsoft doesn’t end at the moment! I still don’t get a preview of the may updates, but receive this now:
(Internet Explorer 11 Update KB3185319, Click to zoom)
Windows Update offered a cumulative security update KB3185319 for Internet Explorer 11 on Windows 7. What makes you suspicious is the date for the update, which refers to Sept. 13, 2016. Chriscrosser wrote:
I updated the system manually with the April 9, 2019 security update, because Windows Update won’t offer the patch (despite I installed the update from AV (avira))
IE 11, which is still on my computer as an “alternative browser”, is set to install updates automatically:
..I’m really not know, what they’re doing!
I took note of it – it could be an individual case. However, hours late, German blog reader wincrash has left this comment:
April updates KB4493448 and KB 4493472 installed, no problems so far.
Restart, then this message appears in WSUS:
‘Cumulative security update for Internet Explorer 11 für Windows 7 for x64 systems (KB3185319) download size : 52,1 MB – Update type: important’ (09/13/2016)
Shall I install KB3185319?
That was when I decided to write another German blog post – and this translated edition. Question: Has anyone else been offered this update KB3185319 for Internet Explorer 11 from 2016?
This update closes a vulnerability CVE-2016-3298 discovered in IE 11 that is also exploited by malware.
Not the first case: The Zombie from the past
In June 2018 I received the following comment on my blog post Issues with cumulative update KB4230450 for IE:
this is also happening with the KB4103718 and KB4284826 monthly updates for Win7 SP1 as well where Windows Update offers old IE11 updates like KB3185319. it happens with mostly clean/fresh installs of Win7 SP1 done almost recently.
Also German from blog reader Hans Thölen left a feedback that he has been offered old updates from 2016 for IE 11. I’ve mentioned it within the blog post Issues with cumulative update KB4230450 for IE. But other users couldn’t confirm this. Also this forum post from 2017 and this post from November 2018 describe the same scenario.
My guess is that the update server gets somewhat confused from the meta data send by the client. Then the update search will find some old update packages that have been installed on the machines for a long time. It’s the ordinary mess with the broken Windows update architecture, in my view. My advice is to check if the update is not already installed on the machine. If this is the case, you can block the update.
If the update is missing, I would create a backup of the system and try to install the old update. In case of doubt, however, it is better to block such old updates until more details are available, or until it is certain that the update can be installed without collateral damage. For the update KB3185319 I refer to my old German blog post Bugs in Windows- und Office-Updates (Sept./Okt. 2016) – Teil 1, , which deals with problems with this update.
Addendum: There is now also an ongoing discussion about the topic at askwoody.com.