Update 1608 for Cloud Platform System (CPS) Premium

Summary

Update 1608 for Cloud Platform System (CPS) Premium includes updates for Windows Server, Microsoft System Center, and hardware components. This update includes the contents of updates 1605, 1606, and 1607. It also contains the following components:

  • 1608-0 Update - This includes two updates required for Windows servicing. These updates were previously released in updates 1605, 1606, and 1607.
  • 1608-1 Update - This is the main package. It contains 11 new Windows updates and the updates previously released in updates 1605, 1606, and 1607.
  • An update for Dell Active Fabric Manager (AFM) and corresponding switch firmware updates.
Note Update 1603 is a prerequisite for installing Update 1608. This is a rollup update that also contains the payload from updates 1605, 1606, and 1607. You do not need to have update 1605, 1606, or 1607 installed to install Update 1608.
More information
To install Update 1608 for CPS Premium, follow these steps. For Any references to the CPS Premium Administrators Guide, refer to the Update 1608 version that was provided by your account team.

Note This update procedure assumes that you've already installed Update 1603.

Step 1: Update network switch firmware

Note This is a new firmware update that's being released for 1608.

Follow the steps in the "Update network switch firmware" section of the 1608 version of the CPS Premium Administrators Guide that was provided by your account team. Do not use instructions from a previous version of the Administrators Guide.

To download the AFM files for Update 1608 go to http://poweredgec.dell.com/cps/CPS_P_1608/Tools/AFM.

Third-party information disclaimer

Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.


These are the recommended firmware versions that switches should run after update.

DeviceRecommended firmware versionCPS Premium hardware version
S40489.10(0.1)P82016
S30489.10(0.1)P82016
S48109.10(0.1)P82014
S558.3.5.62014

Step 2: Update serial port concentrator firmware

Note This is the same update as originally released as part of Update 1607. If this update was performed during application of Update 1607, it does not have to be applied again.

Follow the steps in the "Update serial port concentrator firmware" section of the CPS Premium Administrators Guide that was provided by your account team.

Download locations are as follows.

These are the recommended firmware versions that the serial port concentrator should run after the update.

DeviceRecommended firmware versionCPS Premium hardware version
Avocent ACS 6000 Series3.3.0.102016
Digi CM 481.9.5.32014

Step 3: Install the VMM hotfixes for VM placement

Notes

  • If you've already installed the VMM hotfix for virtual machine placement that was included in Update 1606, you do not have to install it again, and you can skip this step.
  • The highly available VMM clustered role (<Prefix>-HA-VMM) has two nodes, <Prefix>-VMM-01 and<Prefix>-VMM-02. In the instructions, we refer to these as Node1 and Node2.
To install the VMM hotfixes, follow these steps:

  1. For the new VMM placement hotfix, follow these steps:

    1. From the update file drop location, copy the “Placement_HF_UR9.exe” file to a folder on a Console VM, such as C:\VMMHotfix. (You can use the same folder as for the previous hotfix.)
    2. Double-click the “Placement_HF_UR9.EXE” file, review the Microsoft Software License Terms, and then click Yes to accept the terms.
    3. Select a folder in which to store the extracted files. For example, select C:\VMMHotfix. Then, click OK.
  2. Determine the passive VMM node. To do this, open a Windows PowerShell ISE session, and then run the following script:
    $prefix = $ENV:COMPUTERNAME.split('-')[0]$VmmServerName = "$prefix-HA-VMM" $vmmServer = Get-SCVMMServer -ComputerName $VmmServerName $activeNode = $vmmServer.ActiveVMMNode $passiveNodes = @() $vmmServer.FailoverVMMNodes | ForEach-Object { if($_.ToLower() -ne $activeNode.ToLower()){ $passiveNodes += $_ } } Write-Host "Active Node: $activeNode" -ForegroundColor GreenWrite-Host "Passive Node: $passiveNodes" -ForegroundColor Green
    This script returns the server name of the passive VMM node. (In our example, we assume that Node2 is the default passive node.)
  3. In File Explorer, browse to the following folder on the passive node:
    \\<Prefix>-VMM-0#>\c$\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin
  4. Make a backup copy of the following file in the \bin folder:
    Engine.Placement.ResourceModel.dll
  5. In the VMM console, determine which host (in the management cluster) the passive VMM node is running on.
  6. Open Hyper-V Manager, connect to the management cluster host that you identified in the previous step, and then connect to the passive VMM node.
  7. On the VMM node, type powershellto open an elevated Windows PowerShell session, and then run the following commands:

    Stop-Service SCVMMService
    Stop-Service SCVMMAgent
  8. Verify that the services have stopped. To do this, run the following commands:

    Get-Service SCVMMService
    Get-Service SCVMMAgent
    Note If you're prompted to close the System Center Management Service Host process, click Ignore.
  9. On the Console VM, browse to the following folder on the passive node:
    \\<Prefix>-VMM-0#\c$\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin
  10. In the \bin folder, replace the following file with the new version of the file that you extracted from the hotfix package:

    Engine.Placement.ResourceModel.dll
  11. On the passive VMM node, run the following command to start the VMM Agent service:

    Start-Service SCVMMAgent
    Note The SCVMMService service does not start if the passive VMM server node is not active. SCVMMService starts only when the node becomes the Active node. This behavior is by design.
  12. In Failover Cluster Manager, initiate a failover. This will set Node1 as the new passive node and set Node2 (which has already been updated) as the active node.
  13. Open Failover Cluster Manager, and then connect to the <Prefix>-CL-VMM cluster.
  14. Click Roles.

    Note The Roles pane displays the active node in the Owner Node column.
  15. Right-click the active node, point to Move, and then click Select Node.
  16. Select the other node, and make sure that the status changes to Running for the new active node.

    Note The change may take a few seconds to occur.
  17. Follow steps 5–11 to update the VMM file on the new passive node (in this example, Node1).

To revert the update (if necessary)

If you must revert the update, follow these steps:

  1. On the passive VMM node, stop the SCVMMAgent service.
  2. Replace the files under your Virtual Machine Manager Install directory with your backup files.
  3. Start the SCVMMAgent service.
  4. In Failover Cluster Manager, initiate a failover of the <Prefix>-HA-VMM clustered role.
  5. Repeat steps 1-4 on the new passive node.

Step 4: Prepare the package

Follow the steps in the "Prepare the patching environment" section of the CPS Premium Administrators Guide that was provided by your account team.

Extract both the 1608-0 and 1608-1 updates, and then put them into different folders on the Infrastructure share.

Important Do not start the update process. Instead, run the Health Check that is described in "Step 6: Run the Patch & Update Health Check."

Step 5: Clean up the WSUS server

To clean up the WSUS server, follow these steps:

  1. On the Console VM, open the Windows Server Update Services console.
  2. Right-click Update Services, click Connect to Server, and connect to WSUS VM (<Prefix>-SUS-01).
  3. In the navigation pane, expand Update Services > [WSUS Server] > Updates, and then click All Updates.
  4. In the All Updates pane, click Any except declined in the Approval list.
  5. In the Status list, click Any, and then click Refresh.
  6. Select all updates.
  7. Right-click the selection, and then click Decline.
  8. In the navigation pane, expand the server name, and then click Options.
  9. In the Options pane, click Server Cleanup Wizard.
  10. Select all check boxes except the Computers not contacting the server check box.
  11. Click Next.

Step 6: Run the Patch & Update Health Check and fix discovered issues

In the "Update the computers" section of the CPS Premium Administrators Guide, complete "Step 1: Run a health check and fix any discovered issues." This includes functionality to check for and disable any running backup jobs.

Important Do not start the update process. Instead, run the Health Check, fix any discovered issues, and stop any running backup jobs.

Step 7: Run P&U update package 1608-0

In the "Update the computers" section of the CPS Administrators Guide, follow "Step 2: Apply the P&U update package" to apply Update 1608-0.

Note Starting in Update 1603, the Patch and Update (P&U) engine automatically runs a health check as part of the update process. You can control what happens if critical Operations Manager alerts are discovered. To do this, change the value of the –ScomAlertAction parameter. For more information, see the Administrators Guide.

Because of the size of this package, estimates for deployment are 12–18 hours.

If you don't intend to apply 1608-1 immediately, remember to enable DPM agents if you disabled them earlier (as described in the Administrators Guide).

Also, if you don't intend to apply 1608-1 immediately, follow the steps in "Step 3: Post-update clean up" of the Administrators Guide after the updating is completed.

Step 8: Run P&U update package 1608-1

Follow the same steps for installing the 1608-1 package. This can be scheduled right after the 1608-0 package or at a later time, depending on your maintenance timeframe requirements.

Because of the size of this package, estimates for deployment are 36-48 hours (per rack).

After the patching process is completed, remember to enable DPM agents if you disabled them earlier (as described in the Administrators Guide). Also, follow the steps in "Step 3: Post-update clean up" of the Administrators Guide after the updating is completed.

Step 9: Run an optional compliance scan

To run a compliance scan, pass the following flag:
\\SU1_InfrastructureShare1<CPSPU Folder Name>\Framework\PatchingUpgrade\Invoke-PURun.ps1 -PUCredential $cred -ComplianceScanOnly
The compliance scan output is written to the following location to which the update package was extracted. For example, the following output is written:
"PURoot"\MissingUpdates.json

Payload Information

Payload for Update 1608-0

Configuration changes (from previous updates)

ComputersUpdate
AllSet-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client" -Name DisabledByDefault -Type DWord -Value 1
AllSet-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client" -Name Enabled -Type DWord -Value 0
AllSet-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server" -Name DisabledByDefault -Type DWord -Value 1
AllSet-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server" -Name Enabled -Type DWord -Value 0
AllSet-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client" -Name DisabledByDefault -Type DWord -Value 1
AllSet-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client" -Name Enabled -Type DWord -Value 0
AllSet-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server" -Name DisabledByDefault -Type DWord -Value 1
AllSet-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server" -Name Enabled -Type DWord -Value 0


Updates for Windows Server 2012 R2 (from previous updates)

KB articleDescription
3138615Update for Windows Server 2012 R2 (KB3138615)
3173424Servicing stack update for Windows 8.1 and Windows Server 2012 R2: July 12, 2016

Payload for Update 1608-1

Updates for Windows Server 2012 R2

KB articleDescription
3167679MS16-101: Description of the security update for Windows authentication methods: August 9, 2016
3172614July 2016 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2
3172729MS16-100: Description of the security update for Secure Boot: August 9, 2016
3175443MS16-095: Security update for Internet Explorer: August 9, 2016
3175887MS16-102: Description of the security update for Microsoft Windows PDF library: August 9, 2016
3177108MS16-101: Description of the security update for Windows authentication methods: August 9, 2016
3177725MS16-098: Description of the security update for Windows kernel-mode drivers: August 9, 2016
3178034MS16-097: Description of the security update for Microsoft Graphics Component: August 9, 2016


System Center and Windows Azure Pack updates (from previous updates)

KB articleDescription
3147172This update fixes the problems described in KB article 3147172
3147191This update fixes the problems described in KB article 3147167
3147167This update fixes the problems described in KB article 3147167
3158609This update fixes the problems described in KB article 3158609


Hardware (driver/firmware) updates (from previous updates)

ComponentCategory1606 Version
C6320 BIOS2.1.5
R620BIOS2.5.4
R620 v2BIOS2.5.4
R630BIOS2.1.6
R630SAS HBA - Internal6.603.07.00
C6320Chipset10.1.2.19
R630Chipset10.1.2.19


Updates for Windows Server 2012 R2 (from previous updates)

KB articleDescription
3108381MS15-132: Description of the security update for Windows: December 8, 2015
3126593MS16-014: Description of the security update for Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2: February 9, 2016
3163247MS16-091: Description of the security update for the .NET Framework 3.5 in Windows 8.1 and Windows Server 2012 R2: July 12, 2016
3164024MS16-091: Description of the security update for the .NET Framework 4.6 and 4.6.1 in Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: July 12, 2016
3168965MS16-090: Description of the security update for Windows kernel-mode drivers: July 12, 2016
3169704MS16-092: Description of the security update for Windows Kernel: July 12, 2016
3170106MS16-084: Security update for Internet Explorer: July 12, 2016
3170377MS16-092: Description of the security update for Windows Kernel: July 12, 2016
3170455MS16-087: Description of the security update for Windows print spooler components: July 12, 2016
3172727MS16-094: Description of the security update for Secure Boot: July 12, 2016
3164294MS16-073: Description of the security update for kernel mode drivers: June 14, 2016
3164035MS16-074: Description of the security update for Microsoft Graphics Component: June 14, 2016
3164033MS16-074: Description of the security update for Microsoft Graphics Component: June 14, 2016
3162835June 2016 DST and time zone update for Windows
3162343MS16-076: Description of the security update for Netlogon: June 14, 2016
3161958MS16-082: Description of the security update for Windows Structured Query: June 14, 2016
3161951MS16-071: Description of the security update for DNS Server: June 14, 2016
3161949MS16-077: Description of the security update for WPAD: June 14, 2016
3161664MS16-073: Description of the security update for kernel mode drivers: June 14, 2016
3161561MS16-075 and MS16-076: Description of the security update for Windows Netlogon and SMB Server: June 14, 2016
3160352MS16-081: Security Update for Active Directory: June 14, 2016
3160005MS16-063: Security update for Internet Explorer: June 14, 2016
3159398MS16-072: Description of the security update for Group Policy: June 14, 2016
3157569MS16-080: Description of the security update for Windows PDF: June 14, 2016
3156418May 2016 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2
3149157Reliability and scalability improvements in TCP/IP for Windows 8.1 and Windows Server 2012 R2
3147071Connection to Oracle database fails when you use Microsoft ODBC or OLE DB Driver for Oracle or Microsoft DTC in Windows
3146978RDS redirected resources showing degraded performance in Windows 8.1 or Windows Server 2012 R2
3146751"Logon is not possible" error or a temporary file is created when you log on App-V in Windows Server 2012 R2
3146604WMI service crashes randomly in Windows Server 2012 R2 or Windows Server 2012
3145432Cluster nodes or VMs go offline when they are using VMQ capable NICs on a Windows Server 2012 R2 host
3145384MinDiffAreaFileSize registry value limit is increased from 3 GB to 50 GB in Windows 8.1 or Windows Server 2012 R2
3144850Update enables downgrade rights between Windows 10 IoT and Windows Embedded 8.1 Industry
3141074"0x00000001" Stop error when a shared VHDX file is accessed in Windows Server 2012 R2-based Hyper-V guest
3140234"0x0000009F" Stop error when a Windows VPN client computer is shutdown with an active L2TP VPN connection
3140219"0x00000133" Stop error after you install hotfix 3061460 in Windows Server 2012 R2
3139923Windows installer (MSI) repair doesn't work when MSI package is installed on an HTTP share in Windows
3139921"No computer account for trust" error when you change domain account password in Windows
3139896Hyper-V guest may freeze when it is running failover cluster service together with shared VHDX in Windows Server 2012 R2
3139649Print job fails if Creator Owner is removed from Windows Server 2012 R2 or Windows Server 2012
31392190x1E Stop error when you restart or shut down a computer running Windows 8.1 or Windows Server 2012 R2
3139165High CPU load on a Windows Server 2012 R2-based server because NAT keep-alive timer isn't cleaned up
3139164Tracert command doesn't receive responses when you trace resources on Internet through Windows Server 2012 R2 HNV GW
3139162DirectAccess client receives incorrect response to reverse lookup query from a Windows Server 2012 R2-based DNS64 server
3138602"File contents" option is always selectable, Start screen becomes blank, or computer freezes when startup in Windows 8.1
3137728VSS restore fails when you use ResyncLuns VSS API in Windows Server 2012 R2-based failover cluster
3137725Get-StorageReliabilityCounter doesn't report correct values of temperature in Windows Server 2012 R2
3137061Windows Azure VMs don't recover from a network outage and data corruption issues occur
3134815CryptDuplicateKey function doesn't save state for an RC2 40-Bit key in Windows 8.1 or Windows Server 2012 R2
3134785Memory leak in RPCSS and DcomLaunch services in Windows 8.1 or Windows Serer 2012 R2
3134242DNS client API call fails and could lead to service restart freeze in Windows Server 2012 R2 or Windows Server 2012
3134179Update adds performance counters for Remote Desktop Connection Broker in Windows Server 2012 R2
3133924"Code 10 Device Cannot Start" error for EHCI USB Controller devices in Device Manager in Windows Server 2012 R2
3133690Update to add Discrete Device Assignment support for Azure that runs on Windows Server 2012 R2-based guest VMs
3132080The logon process hangs at the "Welcome" screen or the "Please wait for the User Profile Service" error message window
3130939Nonpaged pool memory leak occurs in a Windows Server 2012 R2-based failover cluster
3128650Access to COM+ role-based security is denied in Windows Server 2012 R2
3126041MS16-014: Description of the security update for Windows: February 9, 2016
3126033Error occurs when you use Remote Desktop in Restricted Admin mode in Windows 8.1 or Windows Server 2012 R2
3125424LSASS deadlocks cause Windows Server 2012 R2 or Windows Server 2012 not to respond
3125210Badpwdcount on PDC isn't reset when you use NTLM authentication to log on to Windows Server 2012 R2
3123245Update improves port exhaustion identification in Windows Server 2012 R2
3123242Reassociated WFP context in same flow doesn't work in Windows
3121255"0x00000024" Stop error in FsRtlNotifyFilterReportChange and copy file may fail in Windows
3118401Update for Universal C Runtime in Windows
3115224Reliability improvements for VMs that are running on a Windows Server 2012 R2 or Windows Server 2012 host
3109976Texas Instruments xHCI USB controllers may encounter a hardware issue on large data transfers in Windows 8.1
3103709Windows Server 2012 R2-based or Windows Server 2012-based domain controller update, April 2016
3103696Update for USB Type-C billboard support and Kingston thumb drive is enumerated incorrectly in Windows
3103616WMI query doesn't work in Windows Server 2012 R2 or Windows Server 2012
3102467The .NET Framework 4.6.1 for Windows Server 2012 R2 on Windows Update
3100956You may experience slow logon when services are in start-pending state in Windows Server 2012 R2
3100919Virtual memory size of Explorer increases when you open programs continuously in Windows 8.1 or Windows Server 2012 R2
3100473DNS records get deleted when you delete the scope on a Windows Server 2012 R2-based DHCP server
3099834"Access violation" error and application that uses private keys crashes in Windows 8.1 or Windows Server 2012 R2
3096433Chkdsk command freezes when it's running in Windows
3095701TPM 2.0 device can't be recognized in Windows Server 2012 R2
3094486KDS doesn't start or KDS root key isn't created in Windows Server 2012 R2
3092627September 2015 update to fix Windows or application freezes after you install security update 3076895
3091297You can't logon to an AD FS server from a Windows Store app on a Windows 8.1 or Windows RT 8.1 device
3088195MS15-111: Description of the security update for Windows Kernel: October 13, 2015
3087137Gradient rendering issue when an application has nested transformed geometries in Windows 8.1
3087041You can't select the first item in a list by touching in Windows 8.1
3086255MS15-097: Description of the security update for the graphics component in Windows: September 8, 2015
3084135MS15-102: Description of the security update for Windows Task Management: September 8, 2015
3083992Microsoft security advisory: Update to improve AppLocker certificate handling: September 8, 2015
3082089MS15-102: Description of the security update for Windows Task Management: September 8, 2015
3080149Update for customer experience and diagnostic telemetry
3080042CHM file freezes when you enter characters in Search box on the Index tab in Windows 8.1 or Windows Server 2012 R2
3078676Event 1530 is logged and ProfSvc leaks paged pool memory and handles in Windows 8.1 or Windows Server 2012 R2
3078405"0x0000004A" or "0x0000009F" Stop error occurs in Windows 8.1
3077715August 2015 cumulative time zone update for Windows operating systems
3071663Microsoft applications might crash in Windows
3067505MS15-076: Vulnerability in Windows Remote Procedure Call could allow elevation of privilege: July 14, 2015
3063843Registry bloat causes slow logons or insufficient system resources error 0x800705AA in Windows 8.1
3061512MS15-069: Description of the security update for Windows: July 14, 2015
3060793"0x0000001E" or "0x00000133" Stop error when you transfer data through a USB-based RNDIS device on Windows
3060383Decimal symbol and digit grouping symbol are incorrect for the Swiss language locale in Windows
3059316You cannot move the scrollbar on Windows by dragging the mouse
3055343Stop error code 0xD1, 0x139, or 0x3B and cluster nodes go down in Windows Server 2012 R2 or Windows Server 2012
3055323Update to enable a security feature in Windows 8.1 or Windows Server 2012 R2
3054464Applications that use the AddEntry method may crash in Windows
3054256Reliability improvements for Windows 8.1: June 2015
3054203Update for SIP to enable WinVerifyTrust function in Windows Server 2012 R2 to work with a later version of Windows
3054169Update to add more information to minidump files that helps OCA servers categorize failures correctly in Windows
3052480Unexpected ASP.Net application shutdown after many App_Data file changes occur on a server that is running Windows Server 2012 R2
3048043Screen flickers or becomes blank when you drag tiles on the Start screen in Windows
3047234MS15-042: Vulnerability in Windows Hyper-V could allow denial of service: April 14, 2015
3046737"Paired" text is not translated correctly in Korean when you disconnect a paired Bluetooth device in Windows
3046359MS15-068: Description of the security update for Windows Hyper-V: July 14, 2015
3046339MS15-068: Description of the security update for Windows Hyper-V: July 14, 2015
3045999MS15-038: Description of the security update for Windows: April 14, 2015
3045992"Description cannot be found" error in event logs in Event Viewer in Windows Server 2012 R2 or Windows Server 2012
3045746Single string is drawn by multiple fonts in the TextBox control of Windows Store application in Windows
3045719Microsoft Project Siena crashes when you use galleries in the application in Windows
3045717Narrator does not stop reading when you press Ctrl key in Windows
3045634You cannot make a PPP connection after you reconnect a PLC device in Windows 8.1 or Windows 8
3044673Photos taken by certain Android devices show blank value in Date taken field in Windows Explorer
3044374Update that enables you to upgrade from Windows 8.1 to Windows 10
3043812Layout of Cambria font is different in Word documents when the text metric changes in Windows 8.1 or Windows 8
3042085Device does not respond during shutdown after you have installed November 2014 update in Windows
3042058Microsoft security advisory: Update to default cipher suite priority order: May 12, 2015
3041857"Code 0x80070057 The parameter is incorrect" error when you try to display a user's "effective access" to a file
3038002UHS-3 cards cannot be detected in Windows on Surface devices
3037924You cannot do System Image Backup to Blu-ray media in Windows
3037579MS15-041: Description of the security update for the .NET Framework 4.5.1 and 4.5.2 on Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: April 14, 2015
3036612Windows Store apps may crash in Windows 8.1 or Windows RT 8.1
3034348"Access denied" error when you use a Windows Store app to configure printer property settings in Windows
3033446Wi-Fi connectivity issues or poor performance on CHT platform computers in Windows 8.1
3031044Embedded Lockdown Manager is installed unexpectedly in Windows 8.1 or Windows Server 2012 R2
3030947Compatibility issues for applications that rely on a certain code layout for memory in Windows
3029603xHCI driver crashes after you resume computer from sleep mode in Windows 8.1 or Windows Server 2012 R2
3027209Reliability improvements for Windows 8.1: March 2015
3024755Multi-touch gesture does not work after you exit the Calculator in Windows
3024751The TAB key does not switch the cursor to the next input box when you enter Wi-Fi credentials on a Surface Pro 3
3021910April 2015 servicing stack update for Windows 8.1 and Windows Server 2012 R2
3016074Windows activation does not work when the sppsvc.exe process is not started automatically for a long time
3013791"DPC_WATCHDOG_VIOLATION (0x133)" Stop error when there's faulty hardware in Windows 8.1 or Windows Server 2012 R2
3013538Automatic brightness option is disabled unexpectedly after you switch between PC settings pages in Windows
3013410December 2014 cumulative time zone update for Windows operating systems
3013172Individual memory devices cannot be ejected through the Safely Remove Hardware UI in Windows 8.1
3012702Some default program associations for a roamed user may be lost when you log on to an RDS server in Windows
3006137Update changes the currency symbol of Lithuania from the Lithuanian litas (Lt) to the euro (€) in Windows
3004394Support for urgent Trusted Root updates for Windows Root Certificate Program in Windows
2989930"Not Connected" status for a paired Surface Pen in Bluetooth settings on Surface Pro 3
2894852Description of the security update for the .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2: December 10, 2013
890830The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running supported versions of Windows
3156059MS16-057: Description of the security update for Windows shell: May 10, 2016
3156019MS16-055: Description of the security update for Microsoft graphics component: May 10, 2016
3156017MS16-062: Description of the security update for Windows Kernel-Mode Drivers: May 10, 2016
3156016MS16-055: Description of the security update for Microsoft graphics component: May 10, 2016
3156013MS16-055: Description of the security update for Microsoft graphics component: May 10, 2016
3155784MS16-067: Security update for volume manager driver: May 10, 2016
3154070MS16-051: Security update for Internet Explorer: May 10, 2016
3153704MS16-061: Description of the security update for RPC: May 10, 2016
3153199MS16-062: Description of the security update for Windows Kernel-Mode Drivers: May 10, 2016
3153171MS16-060 and MS16-061: Description of the security update for RPC and for Windows kernel: May 10, 2016
3151058MS16-064: Description of the security update for Schannel: May 10, 2016
3149090MS16-047: Description of the security update for SAM and LSAD remote protocols: April 12, 2016
3146963MS16-040: Description of the security update for Microsoft XML core services: April 12, 2016
3146723MS16-048: Description of the security update for CSRSS: April 12, 2016
3146706MS16-044: Security update for Windows OLE: April 12, 2016
3142045MS16-039: Description of the security update for the .NET Framework 3.5 in Windows 8.1 and Windows Server 2012 R2: April 12, 2016
3142036MS16-065: Description of the security update for the .NET Framework 4.6 and 4.6.1 in Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: May 10, 2016
3142030MS16-065: Description of the security update for the .NET Framework 4.5.2 in Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: May 10, 2016
3142026MS16-065: Description of the security update for the .NET Framework 3.5 in Windows 8.1 and Windows Server 2012 R2: May 10, 2016
3135998MS16-035: Description of the security update for the .NET Framework 4.6 and 4.6.1 in Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: March 8, 2016
3135994MS16-035: Description of the security update for the .NET Framework 4.5.2 in Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: March 8, 2016
3135991MS16-035: Description of the security update for the .NET Framework 3.5 in Windows 8.1 and Windows Server 2012 R2: March 8, 2016
3135985MS16-035: Description of the security update for the .NET Framework 3.5 in Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: March 8, 2016
3135456MS16-045: Description of the security update for Windows Hyper-V: April 12, 2016
3130944March 2016 update for Windows Server 2012 R2 clusters to fix several issues
3127231MS16-019: Description of the security update for the .NET Framework 4.6 and 4.6.1 in Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: February 9, 2016
3127226MS16-019: Description of the security update for the .NET Framework 4.5.2 in Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: February 9, 2016
3127222MS16-019: Description of the security update for the .NET Framework 3.5 in Windows 8.1 and Windows Server 2012 R2: February 9, 2016
3123479Microsoft security advisory: Deprecation of SHA-1 hashing algorithm for Microsoft root certificate program: January 12, 2016
3122660MS16-019: Description of the security update for the .NET Framework 4.6 and 4.6.1 in Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: February 9, 2016
3122654MS16-019: Description of the security update for the .NET Framework 4.5.2 in Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: February 9, 2016
3122651MS16-019: Description of the security update for the .NET Framework 3.5 in Windows 8.1 and Windows Server 2012 R2: February 9, 2016
3121918MS16-007: Description of the security update for Windows: January 12, 2016
3121461MS16-007: Description of the security update for Windows: January 12, 2016
3110329MS16-007: Description of the security update for Windows: January 12, 2016
3109560MS16-007: Description of the security update for Windows: January 12, 2016
3109094MS15-128 and MS15-135: Description of the security update for Windows kernel-mode drivers: December 8, 2015
3108604Microsoft security advisory: Description of the security update for Windows Hyper-V: November 10, 2015
3102939MS15-120: Security update for IPsec to address denial of service: November 10, 2015
3101246MS15-122: Description of the security update for Windows Kerberos: November 10, 2015
3098785MS15-118: Description of the security update for the .NET Framework 4.6 and 4.6.1 on Windows 8.1 and Windows Server 2012 R2: November 10, 2015
3098779MS15-118: Description of the security update for the .NET Framework 4.5.1 and 4.5.2 on Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: November 10, 2015
3098000MS15-118: Description of the security update for the .NET Framework 4.6 and 4.6 RC on Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: November 10, 2015
3097997MS15-118: Description of the security update for the .NET Framework 4.5.1 and 4.5.2 on Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: November 10, 2015
3097992MS15-118: Description of the security update for the .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2: November 10, 2015
3097966Microsoft security advisory: Inadvertently disclosed digital certificates could allow spoofing: October 13, 2015
3092601MS15-119: Description of the security update for Windows Winsock: November 10, 2015
3081320MS15-121: Security update for Schannel to address spoofing: November 10, 2015
3080446MS15-109: Description of the security update for Windows Shell: October 13, 2015
3078601MS15-080: Description of the security update for Windows: August 11, 2015
3076895MS15-084: Description of the security update for Windows XML core services: August 11, 2015
3075220MS15-082: Description of the security update for RDP in Windows: August 11, 2015
3074553MS15-101: Description of the security update for the .NET Framework 4.6 and 4.6 RC on Windows 8.1 and Windows Server 2012 R2: September 8, 2015
3074548MS15-101: Description of the security update for the .NET Framework 4.5.1 and 4.5.2 on Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: September 8, 2015
3074545MS15-101: Description of the security update for the .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2: September 8, 2015
3074232MS15-101: Description of the security update for the .NET Framework 4.6 and 4.6 RC on Windows 8.1 and Windows Server 2012 R2: September 8, 2015
3074228MS15-101: Description of the security update for the .NET Framework 4.5.1 and 4.5.2 on Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: September 8, 2015
3072630MS15-074: Vulnerability in Windows Installer service could allow elevation of privilege: July 14, 2015
3072307MS15-080: Description of the security update for the .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2: August 11, 2015
3071756MS15-085: Description of the security update for Windows Mount Manager: August 11, 2015
3068457MS15-071: Vulnerability in Netlogon could allow elevation of privilege: July 14, 2015
3060716MS15-090: Vulnerabilities in Windows could allow elevation of privilege: August 11, 2015
3059317MS15-060: Vulnerability in Microsoft common controls could allow remote code execution: June 9, 2015
3055642MS15-050: Vulnerability in Service Control Manager could allow elevation of privilege: May 12, 2015
3048072MS15-044: Description of the security update for the .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2: May 12, 2015
3046017MS15-088 Description of the security update for Windows, Internet Explorer, and Office: August 11, 2015
3045755Microsoft Security Advisory 3045755: Update to improve PKU2U authentication
3045685MS15-038: Description of the security update for Windows: April 14, 2015
3042553MS15-034: Vulnerability in HTTP.sys could allow remote code execution: April 14, 2015
3037576MS15-041: Description of the security update for the .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2: April 14, 2015
3035126MS15-029: Vulnerability in Windows Photo Decoder component could allow information disclosure: March 10, 2015
3033889MS15-020: Description of the security update for Windows text services: March 10, 2015
3030377MS15-028: Vulnerability in Windows Task Scheduler could allow security feature bypass: March 10, 2015
3023266MS15-001: Vulnerability in Windows Application Compatibility cache could allow elevation of privilege: January 13, 2015
3023222MS15-048: Description of the security update for the .NET Framework 4.5.1 and 4.5.2 on Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: May 12, 2015
3023219MS15-048: Description of the security update for the .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2: May 12, 2015
3022777MS15-005: Vulnerability in Network Location Awareness service could allow security feature bypass: January 13, 2015
3021674MS15-003: Vulnerability in Windows User Profile service could allow elevation of privilege: January 13, 2015
3019978MS15-004: Description of the security update for Windows: January 13, 2015
3010788MS14-064: Description of the security update for Windows OLE: November 11, 2014
3006226MS14-064: Description of the security update for Windows OLE: November 11, 2014
3004365MS15-006: Vulnerability in Windows Error Reporting could allow security feature bypass: January 13, 2015
3004361MS15-014: Vulnerability in Group Policy could allow security feature bypass: February 10, 2015
3000483MS15-011: Vulnerability in Group Policy could allow remote code execution: February 10, 2015
2994397MS14-059: Description of the security update for ASP.NET MVC 5.1: October 14, 2014
2993939MS14-059: Description of the security update for ASP.NET MVC 2.0: October 14, 2014
2993937MS14-059: Description of the security update for ASP.NET MVC 3.0: October 14, 2014
2993928MS14-059: Description of the security update for ASP.NET MVC 4.0: October 14, 2014
2992080MS14-059: Description of the security update for ASP.NET MVC 5.0: October 14, 2014
2979576MS14-057: Description of the security update for the .NET Framework 4.5.1 and the .NET Framework 4.5.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: October 14, 2014
2979573MS14-057: Description of the security update for the .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2: October 14, 2014
2978126MS14-072: Description of the security update for the .NET Framework 4.5.1 and 4.5.2 on Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: November 11, 2014
2978122MS14-072: Description of the security update for the .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2: November 11, 2014
2977765MS14-053: Description of the security update for the .NET Framework 4.5.1 and the .NET Framework 4.5.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: September 9, 2014
2977292Microsoft security advisory: Update for Microsoft EAP implementation that enables the use of TLS: October 14, 2014
2973114MS14-053: Description of the security update for the .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2: September 9, 2014
2972213MS14-053: Description of the security update for the .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2: September 9, 2014
2972103MS14-057: Description of the security update for the .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2: October 14, 2014
2968296MS14-057: Description of the security update for the .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2: October 14, 2014
2966828MS14-046: Description of the security update for the .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2: August 12, 2014
2966826MS14-046: Description of the security update for the .NET Framework 3.5 in Windows 8.1 and Windows Server 2012 R2: August 12, 2014
2934520The Microsoft .NET Framework 4.5.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2
2898850Description of the security update for the .NET Framework 4.5.1 and the .NET Framework 4.5.2 on Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: May 13, 2014
2898847Description of the security update for the .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2: May 13, 2014
2565063MS11-025: Description of the security update for Visual C++ 2010 Service Pack 1: August 9, 2011
2565057MS11-025: Description of the security update for Visual Studio 2010 Service Pack 1: August 9, 2011
2542054MS11-025: Description of the security update for Visual Studio 2010: June 14, 2011
2538243MS11-025: Description of the security update for Visual C++ 2008 SP1 Redistributable Package: June 14, 2011
2538241MS11-025: Description of the security update for Visual Studio 2008 SP1: June 14, 2011
2467173MS11-025: Description of the security update for Visual C++ 2010 Redistributable Package: April 12, 2011


Updates for SQL Server 2012 (from previous updates)

KB articleDescription
3072779SQL Server 2012 Service Pack 3 release information

Troubleshooting

Issue 1

Symptoms

The "SQLProductUpdates" subsystem fails and returns the following error message:
The WS-Management service cannot complete the operation within the time specified in OperationTimeout.

Description

There seems to be a timing issue in the service. Microsoft is currently researching this issue. This can cause SQLProductUpdates to fail and return an error message that resembles the following:
The Microsoft.HotfixPlugin plug-in reported a failure while attempting to install updates on node "". Additional information reported by the plug-in: (ClusterUpdateException) There was a failure in a Common Information Model (CIM) operation, that is, an operation performed by software that Cluster-Aware Updating depends on. The computer was "", and the operation was "RunUpdateInstaller[,CauNodeWCD[]]". The failure was: (CimException) The WS-Management service cannot complete the operation within the time specified in OperationTimeout. HRESULT 0x80338029 ==> (CimException) The WS-Management service cannot complete the operation within the time specified in OperationTimeout. HRESULT 0x80338029
Although the P&U process fails while waiting for the action to finish, the underlying Cluster- Aware Updating (CAU) process succeeds.

Detection

Verify that CAU succeeded. To do this, follow these steps:

  1. On the Console VM, open Cluster-Aware Updating.
  2. In the Connect to a failover cluster list, click the SQL Server cluster (<Prefix>-HA-SQL), and then click Connect.
Verify the SQL Server version. To do this, follow these steps:
  1. Open SQL Server Management Studio.
  2. Connect to the <Prefix>-SH-SQL\SCSHAREDDB instance.
  3. Click New Query.
  4. Run the following command:
    SELECT @@VERSION
  5. The result should begin as follows:
    Microsoft SQL Server 2012 (SP3-CU2) (KB3137746) - 11.0.6523.0 (X64)
  6. Repeat steps 2–5 for the following SQL Server instances:

    • <Prefix>-OM-SQL\SCOMDB
    • <Prefix>-KT-SQL\KATALDB
    • <Prefix>-DW-SQL\CPSDW
    • <Prefix>-AS-SQL\CPSSSAS

Resolution

If the CAU status shows a Succeeded value for all nodes and if version information for all instances is correct, restart the P&U process, and add "SQLProductUpdates" to the -ExcludeSubsystems parameter array.

If the CAU status does not show as Succeeded for all nodes or if version information for all instances is correct, restart the P&U process, and make no change in parameters.

If the process fails again, escalate the case through your usual support channels.
属性

文章 ID:3187323 - 上次审阅时间:08/31/2016 17:57:00 - 修订版本: 2.0

  • kbsurveynew kbexpertiseadvanced KB3187323
反馈