For many years, the term "Microsoft Out-of-Band Update" meant that Microsoft released a special patch for a security issue identified as an active attack. The patch was urgent enough to be released outside of the normal "Patch Tuesday" security updates that are released on the second Tuesday of every month.

But recently, Microsoft released out-of-band updates that address issues with monthly security updates. Often, people install monthly security updates without realizing that there are other ways that Microsoft fixes the problems introduced by its patches.

Since Windows 10 and 11 updates are cumulative, when you install an update, it's an all-or-nothing rollout. There is no way to install some components of the update without installing everything. Depending on where the underlying problem is in a patch, Microsoft may use an out-of-band update or a rollback of a known issue to push a fix into the system. Let's explore these two methods.

Out-of-band Windows Updates

We've recently seen a large number of out-of-band updates that address issues introduced in previous patch releases. For example, the October 5020853 update KB28 for Windows 10 22H2 is an out-of-band release that addresses issues introduced by previous updates. “Specifically fixes an issue that causes Microsoft OneDrive to stop working. This happens after you unpair your device, stop syncing, or sign out of your account.

Unfortunately, these out-of-band updates are not delivered through Windows Update or Windows Software Update Services (WSUS). You have to manually download and install them on all your systems.

For more information on known issues with updates, I always start with the Windows Build Health Dashboard. There, Microsoft lists issues with Windows Updates that it has documented or is investigating, along with instructions to mitigate the issues, if any.

For example, the November 8 security patches introduced changes to Kerberos handling that caused authentication problems. Microsoft then had to release patches to Windows servers to fix these issues. As noted on the Windows Release Status Dashboard, these hotfixes should be applied to affected domain controllers to fix the authentication side effects introduced by the November updates.

Adding to the confusion, Microsoft often pushes changes in out-of-band "Preview" updates that are then included in the following month's security updates. Unfortunately, sometimes preview updates cause problems. Example: A recent change that was introduced in the September 20 update for Windows 10 21H2, called KB5017380 Preview. Buried in the documentation, Microsoft noted that the update “disables Transport Layer Security (TLS) 1.0 and 1.1 by default in Microsoft browsers and applications. For more information, see KB5017811.

This change triggered side effects on old line-of-business applications and on mail clients connecting to old mail servers. Without the update, the mail client would connect just fine; with the update, the connection would fail.

This KB5017380 preview update was later incorporated into the October 11 security update, KB5018410. So if you experienced side effects that manifested as TLS or SSL errors after installing the October security update, you can uninstall this update, check the update footnotes, and find yourself scratching your head that no TLS issues were listed. or SSL. Instead, you should know that TLS/SSL issues were introduced in the previous preview.

Reversions of known issues

Occasionally, however, side effects can be fixed using a process called Known Issue Rollback (KIR), a methodology developed by Microsoft to roll back offending parts of a patch without requiring you to uninstall the entire patch. updating. When the código that desencadenó el efecto secundario se puede eliminar del sistema sin volver a presentar a problema de seguridad, Microsoft emite a KIR.

As noted in the Windows 10 Release Status panel, for example, a recent side effect introduced with the August KB5016688 update that caused a desktop or taskbar to become unresponsive or missing was resolved with Microsoft initiating a restore. Similarly, the October 25 update introduced problems with Direct Access, a Microsoft technology that enables secure remote access to a network. Microsoft has also addressed this issue by rolling back known issues.

First stop: Windows version status panel

Understanding how to manage update side effects while keeping security updates installed can often lead to digging into the Windows Build Status Dashboard to see if a side effect you are experiencing has been observed and documented. . When problems are widespread, they will be documented on this site. For problems that are outliers, you often have to dig a little deeper.

One thing to keep in mind with the problems you are having is that there are many other programs that get updated on your computers, often around the same time that Windows security updates are installed. So if you suddenly notice problems with your computers, don't assume the problem is due to an update from Microsoft; There may be additional updates to other software that trigger problems.

Bottom line: Changes to your OS happen not only with OS updates, but also with browser, extension, and antivirus updates. Regularly, your system undergoes changes. Be sure to check out the various resources and look for out-of-band solutions that Microsoft may release. Bugs introduced by monthly security updates may be fixed by another update. Before uninstalling an update, check the Windows Version Status Dashboard to see if an out-of-band update or restore has already fixed it.

Copyright © 2022 IDG Communications, Inc.

Share This