2018-02 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4074598)

**No_Name** · #1 March 2nd 18, 09:39 PM posted to alt.windows7.general

**Paul[_32_]** · #2 March 3rd 18, 09:01 AM posted to alt.windows7.general

lid wrote:
On Mon, 26 Feb 2018 14:34:58 -0500, Paul
wrote:

If you want to study "what is missing from my system",
you'd use MBSA 2.3 for that. It only handles "security"
patches, not "Optional" patches.

The following is from MSBA 3.2. It claims "No security updates are
missing."

Searching for "4074598", this update is not listed in the "Windows
Security Updates", "Current Update Compliance"

I downloaded and tried to install each of the following six packages.
They all failed with message "The update is not applicable to your
computer".

2018-02 Security Monthly Quality Rollup for
Windows 7 for x64-based Systems (KB4074598)

snip

I have a theory as to what the "independent variable" is in this mess.

I did an install of Win7 SP1 on the laptop, and patched it up,
stopping along the way and checking stuff.

I eventually got '598 installed, from WindowsUpdate (didn't need a
copy from catalog.update.microsoft.com).

https://s10.postimg.org/dmpt6ebbt/Wi...pdate_test.gif

So I'm sailing along, installing stuff, and I get 2017-12 done,
and then Windows Update simply won't offer me anything moer.

I actually had to install 2017-12 twice. Once from Windows Update, where
it looked like it worked, but the update history said it failed. I used
the .msu from catalog.update.microsoft.com (204MB or so), and it installed
and passed. The install took less time, as I think it noticed all the
packages were already there in the package folder. Now, the only weird
thing I did, was try to install the "Security Only" version of '598 first,
and it still insisted that I needed to install the "Security Quality"
(which contains "plums" as well as "security updates").

I was looking for MSE Definition files, on the off chance that
I could toss those in and bring MSE definitions up to date.
And instead, I happened to find this in a search. It's a
new version of MSE code, and it happens to set the
QualityCompat registry setting.

https://support.microsoft.com/en-us/...tials-download

Note that, it's an evil EXE, in that it will switch your Windows
Update settings from "Never check..." to "Full Auto". I caught it
before it could rush my controlled experiment. I was doing the
updates in "Never check..." mode so I could control which ones
were getting done. And the mseinstall thing changed the setting.

Once I could find a QualityCompat in Regedit, after mseinstall,
then I knew I would be seeing 2018-02 offered in Windows Update.
I installed from Windows Update and it worked. It says success
and there were no errors.

So the only potential difference between what you did and
what I did, is I used mseinstall. There are many language
links on that page, and I used the English x64 version.

https://download.microsoft.com/downl...mseinstall.exe

And it has the capability to change the Windows Update setting
so watch it.

*******

And the weirdness of it all, is why is "mseinstall.exe" being
delivered outside of Windows Update ? Windows Update didn't
offer that to me, to break the logjam. I had to stumble on
it myself, purely by accident.

Paul

**No_Name** · #3 March 3rd 18, 02:43 PM posted to alt.windows7.general

On Sat, 03 Mar 2018 04:01:46 -0500, Paul
wrote:

I downloaded and tried to install each of the following six packages.
They all failed with message "The update is not applicable to your
computer".

2018-02 Security Monthly Quality Rollup for
Windows 7 for x64-based Systems (KB4074598)

snip

I have a theory as to what the "independent variable" is in this mess.

I did an install of Win7 SP1 on the laptop, and patched it up,
stopping along the way and checking stuff.

I eventually got '598 installed, from WindowsUpdate (didn't need a
copy from catalog.update.microsoft.com).

https://s10.postimg.org/dmpt6ebbt/Wi...pdate_test.gif

So I'm sailing along, installing stuff, and I get 2017-12 done,
and then Windows Update simply won't offer me anything moer.

How do I remove 4074598 from Windows Update history, so I can install
it again?

Regarding;

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc

I give it a value of 0. Is that the correct value for QualityCompat ?

I installed MS security essentials, no difference.

Is it possible to get help from Microsoft in this issue? I'd consider
paying a fee for competent tech support.

**Paul[_32_]** · #4 March 3rd 18, 08:31 PM posted to alt.windows7.general

lid wrote:
On Sat, 03 Mar 2018 04:01:46 -0500, Paul
wrote:

I downloaded and tried to install each of the following six packages.
They all failed with message "The update is not applicable to your
computer".

2018-02 Security Monthly Quality Rollup for
Windows 7 for x64-based Systems (KB4074598)
snip

I have a theory as to what the "independent variable" is in this mess.

I did an install of Win7 SP1 on the laptop, and patched it up,
stopping along the way and checking stuff.

I eventually got '598 installed, from WindowsUpdate (didn't need a
copy from catalog.update.microsoft.com).

https://s10.postimg.org/dmpt6ebbt/Wi...pdate_test.gif

So I'm sailing along, installing stuff, and I get 2017-12 done,
and then Windows Update simply won't offer me anything moer.

How do I remove 4074598 from Windows Update history, so I can install
it again?

Regarding;

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc

I give it a value of 0. Is that the correct value for QualityCompat ?

I installed MS security essentials, no difference.

Is it possible to get help from Microsoft in this issue? I'd consider
paying a fee for competent tech support.

They are supposed to help with Windows Update problems.

They will ask for a credit card for "non-Windows" related
issues. Only certain topics are covered by support. Back in
the old Service Pack days, they would help you install
SP1 on Windows 7, for a period of one year after its release.

But in this case, you have a Windows Update problem and
they should be able to help with that.

The "dism" program has some capabilities, but they
differ between Windows 7 and Windows 10. The first
of these, for example, can cause Windows 10 to back
out a "half-installed" package. In the first command,
the package doesn't have a name, and it's merely
"revert whatever one is broken at the current time".

DISM /image:c:\ /cleanup-image /revertpendingactions

DISM /image:c:\ /remove-package /packagename: etc.

I don't really know with certainty, what works
on Windows 7. The DISM on Windows 7 has some features
missing.

Even one-way packages (Servicing Stack updates), which
are marked "not removable", actually are removable. You
edit the manifest file, and you can change their status
so they can be backed out.

There are all sorts of tricks out there. But I wouldn't
try any of those, until I could determine what is
wrong first. I've not seen a tool yet, that can tell
you in plain English, what is going on.

If you look in the package folder, you'll see (by naming
convention), that one Cumulative contains hundreds or
thousands of individual packages. Somehow, the successes
of each little package are combined to give a status
for the KB. And the true success isn't known until the
reboot, when the system comes back up. Only then can
the installation process conclude "Success".

If this was my system, I'd be looking for the install log
next. And no, the log format isn't all that nice.

https://support.microsoft.com/en-ca/...pdate-log-file

Paul

**No_Name** · #5 March 3rd 18, 09:04 PM posted to alt.windows7.general

On Sat, 03 Mar 2018 15:31:44 -0500, Paul
wrote:

Is it possible to get help from Microsoft in this issue? I'd consider
paying a fee for competent tech support.

They are supposed to help with Windows Update problems.

I spoke to MS's Indian tech support today. They basically said there
was a fault in the files for that update, and I shouldn't worry about
it, even without installing KB4074598 my computer would continue to
work and "you're good to go".

When I manually download and try to install each of the six install
packages for KB4074598, each time it tells me it's not suitable for my
computer. Hence, when the automatic Windows Update process tries to
install the appropriate package, it fails.

I'm tempted to simply give up trying to install this update KB4074598.
It's just too much effort trying to get it to work.

The "dism" program has some capabilities, but they
differ between Windows 7 and Windows 10. The first
of these, for example, can cause Windows 10 to back
out a "half-installed" package. In the first command,
the package doesn't have a name, and it's merely
"revert whatever one is broken at the current time".

DISM /image:c:\ /cleanup-image /revertpendingactions

DISM /image:c:\ /remove-package /packagename: etc.

I don't really know with certainty, what works
on Windows 7. The DISM on Windows 7 has some features
missing.

When I try; DISM /image:c:\ /cleanup-image /revertpendingactions

it says;

C:\Windows\system32DISM /image:c:\ /cleanup-image /revertpendingactions

Deployment Image Servicing and Management tool
Version: 6.1.7600.16385

Error: 87

The /Image option that is specified points to a running Windows installation.
To service the running operating system, use the /Online option. For more inform
ation, refer to the help by running DISM.exe /Online /?.

The DISM log file can be found at C:\Windows\Logs\DISM\dism.log

C:\Windows\system32

When I try; DISM /online /cleanup-image /revertpendingactions

C:\Windows\system32DISM /online /cleanup-image /revertpendingactions

Deployment Image Servicing and Management tool
Version: 6.1.7600.16385

Image Version: 6.1.7601.18489

Reverting pending actions from the image...

Error: 50

This operation is only supported against an offline image.

The DISM log file can be found at C:\Windows\Logs\DISM\dism.log

C:\Windows\system32

When I try; DISM /image:c:\ /remove-package KB4074598

C:\Windows\system32DISM /image:c:\ /remove-package KB4074598

Error: 87

DISM doesn't recognize the command-line option "KB4074598".
For more information, refer to the help by running DISM.exe /?.

The DISM log file can be found at C:\Windows\Logs\DISM\dism.log

C:\Windows\system32

Advice? ty

**No_Name** · #6 March 3rd 18, 09:19 PM posted to alt.windows7.general

and the following;

C:\Windows\system32DISM /online /remove-package:KB4074598

Deployment Image Servicing and Management tool
Version: 6.1.7600.16385

Image Version: 6.1.7601.18489

An error occurred trying to open - KB4074598 Error: 0x80070003

Error: 3

The system cannot find the path specified.

The DISM log file can be found at C:\Windows\Logs\DISM\dism.log

C:\Windows\system32

**Paul[_32_]** · #7 March 3rd 18, 09:37 PM posted to alt.windows7.general

lid wrote:

When I try; DISM /image:c:\ /cleanup-image /revertpendingactions

it says;

C:\Windows\system32DISM /image:c:\ /cleanup-image /revertpendingactions

Deployment Image Servicing and Management tool
Version: 6.1.7600.16385

Error: 87

The /Image option that is specified points to a running Windows installation.
To service the running operating system, use the /Online option. For more inform
ation, refer to the help by running DISM.exe /Online /?.

The DISM log file can be found at C:\Windows\Logs\DISM\dism.log

C:\Windows\system32

When I try; DISM /online /cleanup-image /revertpendingactions

C:\Windows\system32DISM /online /cleanup-image /revertpendingactions

Deployment Image Servicing and Management tool
Version: 6.1.7600.16385

Image Version: 6.1.7601.18489

Reverting pending actions from the image...

Error: 50

This operation is only supported against an offline image.

The DISM log file can be found at C:\Windows\Logs\DISM\dism.log

C:\Windows\system32

When I try; DISM /image:c:\ /remove-package KB4074598

C:\Windows\system32DISM /image:c:\ /remove-package KB4074598

Error: 87

DISM doesn't recognize the command-line option "KB4074598".
For more information, refer to the help by running DISM.exe /?.

The DISM log file can be found at C:\Windows\Logs\DISM\dism.log

C:\Windows\system32

Advice? ty

To start with, I'm not recommending you try it that way.

I would only do it that way if I backed up C: and was willing
to restore after it failed in some way.

To do it offline, you:

1) Boot the installer DVD or the emergency boot CD that Windows 7 Backup
makes for you. There is a repair option that opens a Command Prompt
for you.

2) Then use the offline format.

DISM /image:c:\ /remove-package KB4074598

Then you boot from optical media, and ask for the Command Prompt option,
the "OS" it boots from is X:\ . The drive letters don't always have to
be in the order you think. You need to use the "dir" command and check
each drive letter, until you've assured yourself the letter is actual
C: that you want and not D: . I have at least one setup here, where
that DISM command uses D: .

Offline operations like that are normally used for "bricked"
systems, where you're trying to repair the OS while it's not in usage.
That's why I'm not placing a lot of weight on that option.
Sure, it's available. If you want to experiment, take precautions
and try it out for fun. I'm not convinced though, that it'll
fix everything up for you. With computers though, you never
know what will happen. That's part of the "fun" I guess.

One of the reasons I keep my C: partition small, is to make it
easy to back up. As an experimenter, I do temp backups *a lot*.

Even while I was running my Windows 7 test on the laptop,
I did two backups so I could revert quickly part way along
the way. I think the backup size (stored on another machine)
was only 9GB compressed each. That's what makes experiments
like this possible. A good safety net. With Macrium, I can
restore from a file share, so the backup doesn't even have
to be stored locally.

Paul

**No_Name** · #8 March 3rd 18, 09:49 PM posted to alt.windows7.general

On Sat, 03 Mar 2018 16:37:50 -0500, Paul
wrote:

To do it offline, you:

1) Boot the installer DVD or the emergency boot CD that Windows 7 Backup
makes for you. There is a repair option that opens a Command Prompt
for you.

2) Then use the offline format.

DISM /image:c:\ /remove-package KB4074598

Then you boot from optical media, and ask for the Command Prompt option,
the "OS" it boots from is X:\ . The drive letters don't always have to
be in the order you think. You need to use the "dir" command and check
each drive letter, until you've assured yourself the letter is actual
C: that you want and not D: . I have at least one setup here, where
that DISM command uses D: .

Offline operations like that are normally used for "bricked"
systems, where you're trying to repair the OS while it's not in usage.
That's why I'm not placing a lot of weight on that option.
Sure, it's available. If you want to experiment, take precautions
and try it out for fun. I'm not convinced though, that it'll
fix everything up for you. With computers though, you never
know what will happen. That's part of the "fun" I guess.

I think I'm going to follow MS's advice and give up trying to install
the package. It's just too much trouble.

Thank you for your advice.

**Paul[_32_]** · #9 March 3rd 18, 10:24 PM posted to alt.windows7.general

lid wrote:
and the following;

C:\Windows\system32DISM /online /remove-package:KB4074598

Deployment Image Servicing and Management tool
Version: 6.1.7600.16385

Image Version: 6.1.7601.18489

An error occurred trying to open - KB4074598 Error: 0x80070003

Error: 3

The system cannot find the path specified.

The DISM log file can be found at C:\Windows\Logs\DISM\dism.log

C:\Windows\system32

OK, get a copy of Process Monitor, and collect a trace while
DISM is doing the operation. Then, go to the file menu of
Process Monitor, and untick the little tick mark, to stop
the trace. Then use the filter menu, and select "Operation" "Is"
and there are operation types such as "CreateFile", "ReadFile",
and "WriteFile". You may be able to figure out what file it
attempted to access, and did not find.

https://docs.microsoft.com/en-us/sys...nloads/procmon

Currently works on Vista or higher. You need an older version
to be able to work with WinXP.

Paul

**Paul[_32_]** · #10 March 6th 18, 06:54 AM posted to alt.windows7.general

lid wrote:
On Sat, 03 Mar 2018 16:37:50 -0500, Paul
wrote:

To do it offline, you:

1) Boot the installer DVD or the emergency boot CD that Windows 7 Backup
makes for you. There is a repair option that opens a Command Prompt
for you.

2) Then use the offline format.

DISM /image:c:\ /remove-package KB4074598

Then you boot from optical media, and ask for the Command Prompt option,
the "OS" it boots from is X:\ . The drive letters don't always have to
be in the order you think. You need to use the "dir" command and check
each drive letter, until you've assured yourself the letter is actual
C: that you want and not D: . I have at least one setup here, where
that DISM command uses D: .

Offline operations like that are normally used for "bricked"
systems, where you're trying to repair the OS while it's not in usage.
That's why I'm not placing a lot of weight on that option.
Sure, it's available. If you want to experiment, take precautions
and try it out for fun. I'm not convinced though, that it'll
fix everything up for you. With computers though, you never
know what will happen. That's part of the "fun" I guess.

I think I'm going to follow MS's advice and give up trying to install
the package. It's just too much trouble.

Thank you for your advice.

Just for fun, I was wondering whether it was possible to record
an entire Windows Update. And I discovered that Sysinternals Process
Monitor can do it. ProcMon has a Boot Trace option, which I've used before
while tinkering. And it records what happens when the system boots.

But it turns out, you can also leave Procmon running at shutdown
time too. I changed the recording mode from "RAM backing store"
the default, to ProcMon using a file for backing. Then, when you reach for
the controls and reboot the system, Procmon nicely closes the
current trace file. Then, when the system reboots, Procmon is
recording the Boot Trace. And it won't stop recording the Boot Trace
until you run Process Monitor again, when it will harvest the Boot
Trace it's been running on.

This gave me around 6GB of files, in two sets. The shutdown set. The startup set.

I won't go into the details of carving that mess. I carved a file log
for myself (what files are being touched). And a registry log (boring,
too much data!).

One thing I found, was a rather large...

C:\Windows\Logs\CBS\CBS.log

file. That one rolls over and starts a new file when it
gets big enough. There must be 10MB of new logs in that file
or so, related to 4074598.

I took one of the interesting identifiers from the CBS log, and
Googled it. And found this article, where a security catalog
made all the downloaded files look like they were corrupted.

http://www.tweaking.com/forums/index.php?topic=3310.0

So rather than bore you with more theories, I'd suggest a
look in that file as a start.

*******

Another curious aspect, is some "Fix" is applied, before the main
..cab is unpacked (after the download). I think BITS builds the .cab
from parts, and the download is not monolithic. It's built of a thousand
tiny pieces.

2018-03-04 17:31:41, Info CBS Disabling LKG boot option
2018-03-04 17:31:41, Info CBS Client specifies CbsMovePayload, or client is Windows Update, will move payload to system.
2018-03-04 17:31:41, Info CBS Appl: detect Parent, Package: Package_for_RollupFix~31bf3856ad364e35~amd64~~7601 .24055.1.3,
Parent: Microsoft-Hyper-V-WinPE-Drivers-Package~31bf3856ad364e35~amd64~~6.1.7601.17514,
Disposition = Detect, VersionComp: EQ, ServiceComp: GE, BuildComp: EQ, DistributionComp: GE, RevisionComp: GE, Exist: present
2018-03-04 17:31:41, Info CBS Appl: detectParent: package: Package_for_RollupFix~31bf3856ad364e35~amd64~~7601 .24055.1.3,
no parent found, go absent
2018-03-04 17:31:41, Info CBS Appl: detect Parent, Package: Package_for_RollupFix~31bf3856ad364e35~amd64~~7601 .24055.1.3,
Parent: Microsoft-Windows-Common-Drivers-Package~31bf3856ad364e35~amd64~ar-SA~6.1.7601.17514,
Disposition = Detect, VersionComp: EQ, ServiceComp: GE, BuildComp: EQ, DistributionComp: GE, RevisionComp: GE, Exist: present
2018-03-04 17:31:41, Info CBS Appl: detectParent: package: Package_for_RollupFix~31bf3856ad364e35~amd64~~7601 .24055.1.3,
no parent found, go absent
2018-03-04 17:31:41, Info CBS Appl: detect Parent, Package: Package_for_RollupFix~31bf3856ad364e35~amd64~~7601 .24055.1.3,
Parent: Microsoft-Windows-Common-Drivers-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514,
Disposition = Detect, VersionComp: EQ, ServiceComp: GE, BuildComp: EQ, DistributionComp: GE, RevisionComp: GE, Exist: present
2018-03-04 17:31:41, Info CBS Appl: detectParent: package: Package_for_RollupFix~31bf3856ad364e35~amd64~~7601 .24055.1.3,
parent found: Microsoft-Windows-Common-Drivers-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514, state: Installed
2018-03-04 17:31:41, Info CBS Appl: detect Parent, Package: Package_for_RollupFix~31bf3856ad364e35~amd64~~7601 .24055.1.3,
disposition state from detectParent: Installed
2018-03-04 17:31:41, Info CBS Appl: Evaluating package applicability for package Package_for_RollupFix~31bf3856ad364e35~amd64~~7601 .24055.1.3,
applicable state: Installed
2018-03-04 17:31:42, Info DPX Started DPX phase: Resume and Download Job
2018-03-04 17:31:42, Info DPX Started DPX phase: Apply Deltas Provided In File
2018-03-04 17:32:20, Info DPX Ended DPX phase: Apply Deltas Provided In File
2018-03-04 17:32:20, Info DPX Ended DPX phase: Resume and Download Job

2018-03-04 17:32:20, Info CBS Extracting all files from cabinet \\?\C:\Windows\SoftwareDistribution\Download\7e79b c8b7d53185e7a729c71075a872c\Windows6.1-KB4074598-x64-EXPRESS.cab

*******

From this file:

C:\Windows\WindowsUpdate.log

I get a short log. These are the highlights.

Process kicks off (it still has to do the ~200MB download). This is when
I started my Windows Update session to install 4074598.

2018-03-04 17:31:00:978 252 a98 AU AU received approval from Ux for 1 updates

Last entry before reboot. (All files loaded, PendMoves all set up.)

2018-03-04 17:39:44:936 252 918 Report REPORT EVENT: {BBA17C99-97EE-4207-A5E2-49B47CA1AB42}
2018-03-04 17:39:39:929-0500 1 181 101 {73D175EA-2483-46D4-A8E3-1832178EB474}
200 0 AutomaticUpdates Success Content Install
Installation Started: Windows successfully started the following update:
2018-02 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4074598)

After reboot. That gives me a timestamp to look for in my 6GB trace.

2018-03-04 17:43:35:193 492 b28 Handler Requesting post-reboot reporting for package
Package_for_RollupFix~31bf3856ad364e35~amd64~~7601 .24055.1.3.
2018-03-04 17:43:35:193 492 b28 Handler Completed install of CBS update with
type=3, requiresReboot=1, nstallerError=0, hr=0x0

2018-03-04 17:43:35:224 252 8a8 AU ## RESUMED ## AU: Installing update
[UpdateId = {73D175EA-2483-46D4-A8E3-1832178EB474}, succeeded]

Now, that means the C:\Windows\WindowsUpdate.log is written *one minute*
before ProcMon starts logging the BootUp :-/ Which means my damn
trace didn't catch the "good stuff". It's what you'd expect, as
some file moving that happens during the "spinning balls" phase,
you wouldn't want the OS to actually be running at the time.

Anyway, the summary of this post, is to check those two files for interesting stuff.

HTH,
Paul

Thread Tools
Show Printable Version Email this Page
Display Modes	Rate This Thread
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode	Rate This Thread: