Trouble with KB4535680 since Sept 2021 on Win 8.1 64 Bit
I currently don't know if I'm correct here or if the culprit is named Microsoft (again)
Issue
since last patchday (sept 2021) I got an issue with WSUS Offline.
I'm running wsusofflineCE1251 since month without any trouble.
Now it tries to install ~24 Updates and when it reboots it reverts the updates cause of an error.
I narrowed it down to (at least I hope so): KB4535680: Security update for Secure Boot DBX
Windows log file shows: Updates ist mit Fehler 0x800F0922 fehlgeschlagen: 2021-01 Sicherheitsupdate für Windows 8.1 für x64-basierte Systeme (KB4535680)
what make me wonder is
- this a non-secure-boot box
- I'm not running UEFI
- it seems this update hadn't made any trouble since month, even it seems to be from June, 24 2020 and therefore lays under w63-x64/glb since some month (assuming it was downloaded in 2020 too)
- it seems that on a remote box (non-uefi, non secure boot) I admin the above trouble didn't occur.
What I have done so far
- checking file system (chdsk c: /F)
- checking DISM (Dism /Online /Cleanup-Image /ScanHealth)
- start with an fresh last released wsusofflineCE1251 and an complete clean download of all security updates => error
- start with a new installation of windows 8.1 on an secure erased SSD and tried to the updates again via wsusoffline => error
- tried to do the update via Windows Updater (all only security updates at once) => error
- reset the box again (new win install) and do the updates again via Windows Updater (only security updates) ; this time step by step, until I saw it's KB4535680 only
- I love to watch windows progress bars for h-o-u-r-s -
:-P
other Experiences while at it
box is on most all sept 2021 security updates (fresh window 8.1 and update via Win Updater without KB4535680), see 6. above
when I then install updates via Win Updater only KB4535680 and KB5005613 is missing versus when I then install updates via wsusoffline 24 security updates are left and all updates got reverted with Fehler 0x800F0922 during next boot.
Questions
why is there a so huge difference in the numbers of missing update ? why I'm able to install KB5005613 via windows updater but not via wsusoffline ? is it sort of: "only one commit to DISM for 24 updates at once", so one update fails leads to all fail and revert all ?
fgrep-ing through the exclude list on my box shows that for w100 (Win 10 ?) KB4535680 is excluded, but not for w63 (Win 8.1)
More Questions
- is there request in wsusoffline regarding applying update to an UEFI/Secure boot box ?
- why does a so old update (KB4535680) now causes trouble, while it didn't over month (assuming it was on my box since month ? (alas not comparable by me, cause old wsusoffline dir was deleted)
- why does the update apply or is left out on another box I remote admin. also a non-Secure boot/non-UEFI box. though, I could only investigate the log's there, but a revert should be logged.
- has microsoft borked the KB4535680 and left the file date the same (Jun 24, 2020), cause:
find . -iname 'KB4535680' -ls gives
9630302 92 -rw-r--r-- 1 ron ron 92258 Jun 24 2020 ./w63-x64/glb/windows8.1-kb4535680-x64_b483b5927339e38e041277709c956afc50b5c752.cab
WSUS install log file wsusofflineupdate.log
RFC's regarding wsusofflineCE1251
- display dim during run occurs too early
- fresh installed wsusofflineCE1251 asks several times to update to wsusofflineCE1251 (same version)