In case you didn’t already know, MS issued a security update in April, 2014 (KB 2919355) that *must* be installed on certain Windows 8.1 systems for them to continue to receive security updates that will be issued starting with next week’s set of “Patch Tuesday” updates (for more info, see my earlier blog posts from 4/8, 4/21, and 5/7). This applies primarily to those systems that receive updates from Windows Update or Microsoft Update, and won’t affect systems that use the Windows Server Update Services like those customarily managed in-house by most larger-scale customers with Microsoft Software Assurance. However, because ongoing issues with KB 2919355 are apparently not yet resolved (Woody Leonhard has written in some detail about what’s going on here for InfoWorld in stories on 5/5 and 5/8) even though enterprise customers have until August to “patch up” to KB 2919355, this situation bears watching.
First up for next Patch Tuesday: a critical IE fix for all supported Windows versions.
What happens to those with KB2919355 problems?
Next week, things are about to get more interesting, as the Advance Notification for Microsoft’s Security Bulletin for May 2014 includes an update rated “Critical” for Internet Explorer on all supported Windows versions (Vista through 8.1 Update 1 on the client side, Server 2003 through 2012 R2 on the server side). This security patch designation virtually mandates its immediate application and raises the interesting issue of what happens to those Windows 8.1 Update installations that experienced KB2919355 issues that stymied its successful application? MS has already said that a failure to install means that subsequent patches won’t be applied, so now it remains to be seen if MS will stick to its guns in light of reports of numerous and serious impediments to successful installation on some Windows 8.1 systems.
Longer term, this also poses the same potential sticking points for enterprise users not yet under the gun to apply KB2919355 immediately, but who must also toe the line by the time the August updates get released. More realistically, given typical enterprise deployment schedules, this “deadline” stretches into November. That’s because many large organizations schedule patches and updates only once-per-quarter update on some designated “update weekend,” often a 3-day weekend, to give IT teams an extra day to cope with potential problems that sometimes arise during such activities whenever possible.
This one’s going to be interesting all the way around, folks, both for those facing the immediate cut-off date next week, as well as for those organizations with Windows 8.1 deployments big enough to fall under the August deadline. Stay tuned for more results and discussion as the situation grinds its way to some kind of conclusion or another.