Over the past six weeks, Windows watchers have tracked and pondered occasional but vexing issues for some Windows 8.1 users when it comes to applying a key update — namely KB 2919355, originally issued on April 10, then reissued on April 21 or 22 — to their systems. The reason why this particular update matters more than most is that its application is required for Windows 8.1 users to remain able to apply future updates to their systems. To give enterprises time to get ready, MS has also extended the deadline by which time that update MUST be applied to Windows 8 systems until August 12 (that month’s Patch Tuesday) for those who get their updates through Windows Assurance or the Windows Server Update Services (WSUS). Ordinary Windows users were originally given until May 13 to do likewise, but that deadline has now been extended until next month’s Patch Tuesday (June 10).
I’ve already blogged repeatedly on this subject, most recently on May 7 in a post entitled “Continuing Saga of KB2919355 Win81 Update.” In those posts, I’ve also referred to numerous articles from Windows (and MS Office) wizard Woody Leonhard who has himself written repeatedly on this topic for InfoWorld online. Woody’s latest opus on this topic appeared yesterday (May 15), is entitled “Microsoft posts tips for overcoming Windows 8.1 Update KB 2929355 errors,” and goes into considerable detail (with supporting links to a considerable number of resources and details, including MS advice on the topic, along with the most common Windows error codes that affected users are likely to encounter should they experience trouble in getting KB 2919355 to install properly (or at all).
What’s currently missing from the analysis and controversy is a sense of how many Windows users are afflicted with KB 2919355 problems, and what portion of the overall user population they represent. I’ve got 8 Windows 8.1 machines that I maintain (4 desktops, and an equal number of laptops, including three touch-enabled systems) and I haven’t hit serious snags with any of them. Only one of those machines required a reinstallation of KB 2919355 (which concluded successfully following the 4/21 or 22 re-release of that update), and all of them have now made it through the update process without further (or any) difficulties.
Reading through a post on the Microsoft Community forums at answers.Microsoft.com, it’s readily apparent that plenty of people have encountered issues with KB 2919355 (and other, related Windows 8.1 Update components including KB2919422, KB2932046, KB2937592, and KB2938439). In addition, MS has created separate discussion threads for six different error codes, plus the generic error message “We couldn’t complete the updates. Undoing changes. Don’t turn off your computer” as shown here:
If you are receiving the error ‘We couldn’t complete the updates, Undoing changes. Don’t turn off your computer’ please post to this thread found here
If you are receiving Error 0x800F0922 when installing KB 2919355 please post here
If you are receiving Error 0x800F0923 when installing KB 2919355 please post here
If you are receiving Error 0x80070003 when installing KB 2919355 please post here
If you are receiving Error 0x80070005 when installing KB 2919355 please post here
If you are receiving Error 0x80070490 when installing KB 2919355 please post here
If you are receiving Error 0x80073712 when installing KB 2919355 please post here
Preceding italic text comes from Paul Sey’s 5/14/14 post to the MS support forums thread at answers.Microsoft.com.
Some readers of this blog and other coverage of this topic have suggested that the KB 2919355 issues reported here and elsewhere are simply “a tempest in a teapot” and don’t really represent anything serious. I have to disagree, especially for enterprise IT departments faced with deploying the update into carefully managed organizational computing environments. This is just the kind of thing that gives IT pros the heebie-jeebies. The original KB 2919355 forum thread was locked at 103 pages, and another thread on that topic (“KB2919355 (Windows 8.1 Update) Fails…” was likewise capped at 116 pages, so these issues are neither completely out of the ordinary nor easy to solve, either.
I’m going to echo and amplify on Woody’s closing exhortation from his latest article for those who may be encountering issues with KB2919355. First, if you have experienced difficulty that falls into any of the seven categories listed above, follow the respective link to the designated Windows Error code thread provided in the text lifted from Paul Sey’s 5/14/14 forum post above. Second, if your error code isn’t listed there, visit answers.microsoft.com, and search for your error code there. If you can find a thread, post to it; if not, start a new one. Only if the community comes together and chases problems down can they be fixed, and will Microsoft get a complete accounting of unresolved issues still in the wild. This will be necessary to get them to revisit the deadline for applying KB 2919355, both for ordinary users on Windows Update and Microsoft Update, and for enterprise/organization users who get their updates through Software Assurance or WSUS.
[For more news on KB 2919355 from Woody dated 5/16/2014 please visit “Microsoft acknowledges more error, 800700371 and 80071A91, when installing … KB 2919355.” Apparently, the woes continue, and there are still no proven fixes or workarounds available for those suffering from any of the aforecited error codes.]
After much upset and considerable hoopla about potential issues with items in the May 13 Patch Tuesday updates — a considerable collection of 9 separate Security Bulletin IDs in the May 2014 Security Bulletin, that resulted in anywhere from 32 to 35 items in Update History on my various Windows 8.* PCs, and 16-odd items in Update History on Windows 7 machines — installation and subsequent operation seem to be proceeding with nary a hiccup nor complaint from the 10 or so machines in my current stable.
For example, on my primary production machine (an i7-2700K Sandy Bridge build), of the 34 items showing in Update History for 5/13, 16 elements were not related to MS Office — and covered Windows 8.1 itself mostly, with elements for .NET, One Drive, Internet Explorer and Flash, and more — and 18 elements involved security and other updates to Office 2013 or various components thereof. Other machines (which ranged from 32 to 35 elements added in total) showed a similar distribution, with a nearly even split between Office and non-Office elements. Here’s a snapshot of the lengthy list of elements from the aforementioned PC from yesterday:
This time around, there’s a long list of items to ponder from Patch Tuesday (click image for full-size version).
Overall, download size averaged between 900 MB and 1 GB for the various elements involved. With one element optional, and the others all important (more on that next), I elected to download the important elements in a single go, and the optional element in a separate go, which required two reboots to get through the update process completely. On most of my machines, that took about 20 minutes to complete (but YMMV, depending on download speed and how quickly PCs reboot and start up). In fact, a colleague told me that one of her PCs took nearly an hour to chunk all the way through the update process from start to finish.
Interestingly, the item that appears as KB2953522 in the list equates with MS Security Bulletin MS14-029 shows up in the Update History as an “Important” update, but in the May 2014 Security Bulletin it’s listed as “Critical” (Remote Code Execution). I’m not sure what’s going on with this apparent discrepancy, but this is considered a key patching item to avoid known and potential exploits on Windows 8.* PCs (and other current versions of Windows, as it apparently extends to versions of IE from 6 through 11). There had been some speculation that Microsoft would provide an XP patch for this item as well to provide protection beyond the “end of life” date reached last month, but its receives no mention in MS14-029, nor do there seem to be any new “patch bits” available for the now-defunct and unsupported OS through normal channels. Presumably those parties who’ve paid for extended support for XP will have received something, but I’ve seen no news about this so far (MS14-021, which was severe enough to warrant an out-of-band patch released on May 1, 2014, did include XP coverage, however). Larry Seltzer offers some interesting ruminations on this topic late yesterday via ZDNet in a post entitled “Microsoft patches Office, SharePoint and Windows, leaves XP behind” (worth reading). He also covers all the key elements in the latest round of patches and updates.
Thanks to inveterate Windows wizard and toolsmith Sergey Tkachenko, I learned about a new cleanup method for Windows 8.1 Update installs to purge no-longer needed files in the wake of successful update installation (WARNING! If you follow this recipe, you will not be able to roll back from any updates previously installed). By now, almost everybody knows the technique of clicking the “Clean up system files” button in Windows’ Disk Cleanup utility to purge their systems of update files and info in the wake of a Service Pack or similar Windows Updates. This latest take on cleanup uses Microsoft’s Deployment Image Servicing and Management tool, implemented as dism.exe at the command line.
For those who’ve (a) successfully installed KB2919355 and its attendant patches and fixes and (b) are content to go forward under the new Update regime, here’s how to clean up after those updates are applied:
1. Launch an elevated command prompt (there are many ways to do this, but if you type Windows key-X and select Command Prompt (Admin) from the
resulting pop-up menu, that’s about as convenient as it gets in the Windows 8 world).
2. type the following line at the command prompt:
dism /Online /Cleanup-Image /StartComponentCleanup /ResetBase
This command will typically take a few minutes to complete (see following explanation for what it’s doing).
3. Exit command prompt
4. Using File Explorer, delete the contents of the C:\Windows\SoftwareDistribution\Download folder. Because you can’t roll back after the preceding DISM command, there’s no need to keep these files around any more.
What’s Going On in DISM?
According to the TechNet article “DISM Operating System Package Servicing Command-Line Option,” the /Cleanup-Image, /StartComponentCleanup, and /ResetBase options for DISM all fall in the category of switches designed to perform “cleanup or recovery operations on the [Windows] image,” where the /Online option tells DISM to work on the image of Windows 8 that’s currently running. In particular, here’s what’s up with the two final options in the list of DISM arguments:
- /StartComponentCleanup gets rid of any superseded components in the Windows component store (aka the often mysterious WinSXS folder), and thus also reduces the size of the component store itself.
- /ResetBase resets and reorganizes the remaining components in that store, and also helps to reduce the overall size of that component store, essentially by defragmenting its contents and eliminating slack or unused space therein.
The net result can be savings of 1-2 GB in the Windows partition on a typical Windows 8.1 Update install (YMMV in terms of actual numbers). There’s lots more interesting stuff you can do with DISM under the /Cleanup-Image category, so you’ll want to read further in the afore-cited TechNet article to learn more about what’s available to you.
In case you didn’t already know, MS issued a security update in April, 2014 (KB 2919355) that *must* be installed on certain Windows 8.1 systems for them to continue to receive security updates that will be issued starting with next week’s set of “Patch Tuesday” updates (for more info, see my earlier blog posts from 4/8, 4/21, and 5/7). This applies primarily to those systems that receive updates from Windows Update or Microsoft Update, and won’t affect systems that use the Windows Server Update Services like those customarily managed in-house by most larger-scale customers with Microsoft Software Assurance. However, because ongoing issues with KB 2919355 are apparently not yet resolved (Woody Leonhard has written in some detail about what’s going on here for InfoWorld in stories on 5/5 and 5/8) even though enterprise customers have until August to “patch up” to KB 2919355, this situation bears watching.
First up for next Patch Tuesday: a critical IE fix for all supported Windows versions.
What happens to those with KB2919355 problems?
Next week, things are about to get more interesting, as the Advance Notification for Microsoft’s Security Bulletin for May 2014 includes an update rated “Critical” for Internet Explorer on all supported Windows versions (Vista through 8.1 Update 1 on the client side, Server 2003 through 2012 R2 on the server side). This security patch designation virtually mandates its immediate application and raises the interesting issue of what happens to those Windows 8.1 Update installations that experienced KB2919355 issues that stymied its successful application? MS has already said that a failure to install means that subsequent patches won’t be applied, so now it remains to be seen if MS will stick to its guns in light of reports of numerous and serious impediments to successful installation on some Windows 8.1 systems.
Longer term, this also poses the same potential sticking points for enterprise users not yet under the gun to apply KB2919355 immediately, but who must also toe the line by the time the August updates get released. More realistically, given typical enterprise deployment schedules, this “deadline” stretches into November. That’s because many large organizations schedule patches and updates only once-per-quarter update on some designated “update weekend,” often a 3-day weekend, to give IT teams an extra day to cope with potential problems that sometimes arise during such activities whenever possible.
This one’s going to be interesting all the way around, folks, both for those facing the immediate cut-off date next week, as well as for those organizations with Windows 8.1 deployments big enough to fall under the August deadline. Stay tuned for more results and discussion as the situation grinds its way to some kind of conclusion or another.
There’s been quite a bit of flap lately about the Windows 8.1 Update (as in the “quasi service pack”, KB2919355) released in April, 2014. It seems that many systems encounter problems with its installation, not all of which are easily overcome. The problem with the situation is that for those who get their updates from Windows Update or Microsoft Update, its installation is required to keep getting updates from those sources, starting with the upcoming patches for May. Right now, if you look at the update history in a multiply-patched Windows 8.1 machine, you might see something like this:
The 4/22 date indicates that KB2919355 was re-patched, as does history starting over following its re-installation.
On the other hand, a normally patched Windows 8.1 Update system will show an update history that looks like this:
The 4/10 date indicates that KB2919355 needed no fix-ups, as does evidence of history prior to installation.
Why am I telling you this? Because I read a troubling article from Windows-meister Woody Leonhard for InfoWorld this morning. Entitled “Microsoft reissues botched Windows 8.1 Update KB 2919355,” it explains some of the difficulties that the installer used for the update (not the update components themselves) have caused for various Windows users. Other interesting coverage is available from the Windows 8 Forums as well, to follow up on that article.
The upshot is that users who experience difficulties in installing upcoming Windows Updates should turn to Microsoft’s Deployment Image Services and Management command-line tool (dism.exe) to see if it encounters image cleanup problems it can’t fix. Here’s how: run this command at an admin-level command prompt: dism /Online /Cleanup-image /Restorehealth. If it completes correctly, you may have other problems to solve; if it fails with error codes 0X800F081F, 0X80073712, or 0X80071A91 (among others), you have issues with the KB2919355 installer itself. In that case, Windows Update should offer to (re)install 2919355, which fixes most such problems. Otherwise, it may be necessary to roll back to a pre-4/10/2014 backup so you can try again. Sheesh!
In MS-speak, MDOP stands for the Microsoft Desktop Optimization Pack. It’s a collection of tools and facilities that MS makes available to its Software Assurance customers (a category that includes many, if not most, enterprise-class Windows users). Here’s an iconic view of what’s in MDOP, which I’ll follow with some explanations about what’s new and potentially interested in the most recently released version for 2014:
The major elements of MDOP include various virtualization tools, management tools for GPOs and BitLocker, and a peachy Diagnostics and Recovery Toolkit (aka DaRT)
Some of the elements of MDOP have been around for some time now, including a variety of different virtualization and management tools. The latest release became available last week on May 1, and adds updates to its Application Virtualization components that include enhanced application publishing capabilities, improvements to launch and refresh elements, plus improvements intended to make it easier to test and deploy new versions of virtualized applications. BitLocker Management and Monitoring (MBAM) tools also come in for some interesting improvements too, including added support in Windows 8.1 for FIPS 140-2, improved compliance and enforcement tools, and better integration with load balancing for Web components, and deployment in SQL Server failover clusters. Myself, I’m particularly keen on the Diagnostics and Recovery Toolkit (aka DaRT), which includes tools designed to boot and repair unresponsive Windows systems, along with a variety of enhanced and advanced recovery tools designed for professional use in IT/tech support environments.
One more thing: MSDN subscribers can download and evaluate MDOP as well (as can TechNet subscribers as well), though the 2014 version isn’t yet available for download there at the moment. However, I imagine it should show up soon in both places.
You can call me “slow on the uptake” when it comes to figuring out how to take best advantage of advanced Windows 8 technologies if you like, but I’ve only recently realized that the best way to take advantage of SSDs and Intel’s Rapid Storage Technology and Rapid Start Technology requires building systems with disk architecture configured for RAID from the get-go. I’ve been using AHCI (the advanced host controller interface) as my default with SATA drives for years now, but have only recently learned how to use Rapid Start and a second SSD to boost Windows’ boot-up and shutdown behaviors (and times).
The default UEFI/GPT setting works fine for most smaller SSDs, but…
Having tried numerous proposed methods to switch an existing install from AHCI to RAID without success now, I’m reasonably convinced that selecting RAID in the BIOS for the motherboard’s (or system’s) SATA configuration setting prior to performing a Windows 8.* install (which means a UEFI install of Windows 8.1 on a GPT disk layout these days — at least, on most of my systems) is absolutely the right way to go. My desktops increasingly support two or more SSDs nowadays, and my Lenovo laptops accommodate mSATA SSDs as well as 2.5″ units of the same type, which means all of those systems can support both forms of Intel RST (Rapid Storage Technology and Rapid Start Technology as well). Even if you don’t use a RAID array of any kind, Rapid Start doesn’t work unless you configure the boot drive as RAID rather than AHCI (and with an SSD for the boot drive, there’s no real need to pair two drives together to boost performance for conventional hard disks).
There’s another potential wrinkle in this process that’s worth further reading and study — namely, the partitioning scheme when building a UEFI/GPT based boot/system drive for Windows 8.*. This is admirably documented in the TechNet article entitled “Configure UEFI/GPT-Based Hard Drive Partitions” but there is one proviso that may be worth considering — namely that default partition layouts may not always work exactly as expected. Let me explain: by default, Windows 8.* allocates 350 MB to the Windows Recovery Environment (WinRE) partition, 100 MB to the EFI System Partition (from whence Windows boots), and the rest of the space available on the drive to the OS partition where the visible file system will reside. On smaller SSDs, this allocation appears to work pretty well. But I’ve noticed on larger SSDs (256 GB or bigger) and conventional drives (most of which exceed 500 GB these days), some systems encounter problems when running Windows File History or when capturing a system image (using the System Image Backup option on the File History control panel element). That’s because they write such backups through the WinRE partition to the target drive, and may suffer when there’s insufficient free space in that partition to accommodate backup write activity. In such cases, you’ll want to override the default partition layout for your system, and allocate 500 GB of space (or more) to WinRE (please also follow the directives from the aforecited TechNet article about free space in that partition as well). A disk partition script (using DiskPart.exe) is available with the TechNet article, and worth both reading and using if you decide to depart from the defaults that Windows 8.* uses. An equivalent answer-file setup for SysPrep is also provided there as well.
There are many ways to clean up unwanted software on Windows PC using either built-in utilities such as the “Programs and Features” element in Control Panel (formerly known as “Add/Remove Programs”), or by using third-party tools such as the proverbial “PC Decrapifier.” But until the introduction of the Sourceforge project called the “Windows 8 App Remover,” there was no simple and straightforward way to remove so-called Metro (aka “Modern UI” or “Windows Store UI”) apps from the tiled desktop that is still featured in all currently available Windows 8 versions (Windows 8, Windows 8.1, and Windows 8.1 Update [Build 9600]). The download is an .exe file that you can run in any administrator level account, and produces a display like this one:
You must remember to match the version selector (upper left) to your installed or targeted
version of Windows 8 for this program to work.
Once you tell the program which version of Windows you’re using (a drop-down box pick from the upper left corner of its program window as shown in the preceding screen capture), it gives you the option of removing any of the apps installed on the version of Windows you target. By default the program picks the “Online” image, which means it targets the version of Windows that’s running on your PC. You can also target Windows Image (.wim) files elsewhere in your file system), but only after mounting them to a folder on some drive available to your PC (changes are saved only when you unmount the image you target following use of this program). And while you can uninstall anything you like using this tool, you can only restore these apps by downloading and installing them from the Windows Store thereafter (not as easy as turning Windows features on and off using “Programs and Features,” but not a serious hardship, either). Because the tool works by actually removing binary packages from a Windows 8 image (.wim) file, reinstallation is mandated because the program bits are gone, gone, gone from whatever version of Windows 8 you use it on.
On several of my test machines, I elected to remove some of the Bing apps (Finance and Sports, which I never use), along with Health and Fitness, Reading list, XBOX Games, and Zune Music. This does produce some modest disk space savings on the system drive, and it will result in the disappearance of app tiles from the Windows Store UI. Mostly, it helps to get rid of clutter on the Metro “home page” for Windows 8 versions, and keep you from dealing with apps that you might not want or never use. A nice utility, all in all, Win 8 App Remover is best understood as a GUI wrapper for the Windows Deployment Image Servicing and Management tool, which runs at the command line as DISM.
Anybody who’s been reading this blog for awhile knows I’m a great fan of master utility builder Nir Sofer, the Israeli software development dynamo who’s behind the terrific NirSoft.net website. Today’s blog pays homage to another of his little gems: this one is named WifiInfoView, which Sofer describes as a “Wi-Fi Scanner for Windows 7/8/Vista.”
The WifiInfoView Utility has lots of useful information to show about WiFi networks in your vicinity (click image to view full-size version).
I like to use this tool to observe what my wireless router (“Narbor”) is showing to the world at large, and to get a sense of what else is active my wireless neighborhood. I’m a little embarrassed to observe that somebody nearby (“Jorge54″) has already beat me to deploying 802.11ac. In fact, this spurred me on to order the highly-reviewed and -regarded ASUS AC1900 Dual Band Gigabit Router from Newegg. I also like to use this tool when traveling to scan my wireless environs to see what kinds (and speeds) of connections might be available to me (on more than one occasion, I’ve discovered a higher-speed wireless Guest network than the one my host of the moment advised me to login into).
The WifiInfoView program icon describes its function visually and concisely.
The utility occupies a mere 235 KB of disk space, with just under 300 KB for the entire collection (which includes configuration, help, and readme files, in addition to WifiInfoView.exe). This makes it well-suited for inclusion on any admin’s traveling utility USB flash drive (as is the case for most of Mr. Sofer’s utility offerings), or for routine installation for power users’ (or other interested parties) laptop, notebook, or tablet PCs. Please dash out and grab yourself a copy today, then spend a few minutes checking out the rest of the Nirsoft collection. You won’t be disappointed.
This interesting post last week on the Windows PowerShell Blog is entitled “A World of Scripts at your Fingertips — Introducing Script Browser,” and explains how you can download the aforementioned item to run inside the PowerShell ISE (Integrated Scripting Environment). This grabs a Microsoft Software Installer (.msi) file that’s 1,390 KB in size, and runs a search tool from inside the ISE to help users browse through over 10,000 PowerShell scripts available from TechNet, the PowerShell team at Microsoft, and the folks at “the Garage.”
Though the screen cap is too small to read in detail, you can consult the full-size original for easier deciphering.
Adding this tool to your PowerShell ISE environment produces two additional add-on tabs in the pane at the right-hand side of the UI, as shown above. The left-most tab is labeled “Script Browser” and provides entry to a search dialog like the one shown below:
The search box pane permits users to search and peruse elements from a huge collection of scripts; very handy.
You have the ability to filter searches by resource (PowerShell, Microsoft, Community), various ways to categorize listings, and easy access to summary info and download links for each search hit.
The script analyzer, which appears in the second tab from the left, labeled “Script Analyzer,” provides access to marked up script listing data in the left-hand pane, and error messages in the right hand pane, which makes it an excellent run-time debugging tool.
All in all this is a powerful, helpful, and free tool for script-heads to download and use. Highly recommended.