The security-update KB5046705 includes 1425 updated files. If I replace just 1 of those files then +1424 updated files remain active in the system, which is better than 0 updated files. This first solution is just a proof-of-concept to show that only this one file win32k.sys is the culprit. From now on we can focus on this one file, which makes it a lot easier to write fixes for Firefox and Supermium, which in turn will make it unnecessary to overwrite the new patched win32k.sys with an older unpatched version. Some of the mitigations that are included in the win32k.sys can be made with other harmless hacks. For example we can disable NTLM via GPO or registry.
Just a reminder, since it may have gotten lost in all the new posts, but Firefox Portable 132.0 x 64 Supermium and Pale Moon 33.4.0.1 x 64 both still worked fine for me after the installation of KB5046687 with no modification to the update itself.
No the BCDEDIT-commands were NOT reverted, because they are needed to avoid the BSOD at boot. to revert the BCDEDIT-commands you can do this: BCDEDIT /set nointegritychecks OFF BCDEDIT /set LoadOptions ENABLE_INTEGRITY_CHECKS BCDEDIT /set TESTSIGNING OFF and then you will get a BSOD. If we replace or hack the manifests, mum and cat files which are associated with the win32k.sys then maybe we can replace it without a BSOD. The solution was only to proof that it is only this one file (win32k.sys) which creates the browser-error, so the work can be focused there and need not be spread across all 1425 files in the security-update. The work for the better real solution #2 can now begin. One step after another.
No, it is not better. If a file is updated, it does not mean that it had security updates. In addition, one vulnerability can be fixed by updating several files at once and we cannot say for sure without a detailed analysis. By replacing one file with an older one, you are playing roulette and do not know what else will break and how it will affect the stability and security of the system. A simple example - if you leave an older kernel in the system (just one file), then in one case you will not see any visible problems, in another you will get a BSOD, and in a third, programs will stop starting with the error 0xC0000005.
Update 1: While waiting in anxiety I did multiple searches on my own, and found some similar yet dated questions at the official Microsoft Support forums regarding the same topic, and the technical agenrs advised to just wait between 2 to 20 hours. Of course I initially scoffed at the idea (refer back to my dilemma), but surprisingly the "Checking for updates..." did eventually finish, and lo and behold I had 10 updates total for both Windows Server 2008 R2 & Windows 7: -of course hiding IE 11 because even though I grew up in IE it's already obsolete even for a regular 7 stan -as per @abbodi's advice (post #8209) ignoring the Windows Server 2008 updates -and as @everyone kept pointing out, also ignoring KB5046687 in the meantime -which just leaves me with KB890830 for now Update 2: Looks like everything is fine for now Other than ignoring KB5046687, the Windows Server 2008 updates, & a NVIDIA Display update (which resolutely refuses to be updated); plus a diminished "View update history" list, everything appears to be back the way it's supposed to look
A simple question from a simple guy....I installed KB5046705 on Tuesday and of course my Firefox 115.17.0esr (x64) tabs crash intermittently.......can I.....should I..... uninstall KB5046705 ?? I'm not skilled enough to undertake some of the other suggestions posted on MDL. Thanks in advance guys.
Does the browser crash with Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5046687) only happen on Windows 7 or also on the original Windows Server 2008 R2 x64?
The problem is the sandbox of the browsers. If you start Supermium with parameter --no-sandbox then it works even with the updated win32k.sys. Without this parameter it results in error STATUS_NO_MEMORY. Some older ungoogled chromium browsers (v109) work also, because they use other sandboxing-method.
Confirmed, thx Paradroid666 for this tip ! Checked with Win7 and november patch / Win2008R2 (same) : Edge : adding "--no-sandbox" to the start link or argument, start browser and run ok Firefox esr 115.17.x (and other mozilla like) : change link with : C:\Windows\System32\cmd.exe /c "set MOZ_DISABLE_CONTENT_SANDBOX=1 && start firefox" but also same with Discord : \pathtoyourbin\Discord.exe --no-sandbox etc. That temporarily fixes the problem; let's say it's less bad. ;-)
Alternative: In the Firefox profile folder, open the prefs.js file and add a line at the end of it user_pref("security.sandbox.content.level", 1);
Installed requirements updates KB4575903 and KB5016892? Installed latest SSU? Rebooted after? Resetted DataStore.edb ? Code: net stop wuauserv 2>nul net stop TrustedInstaller 2>nul del /f /q %SystemRoot%\SoftwareDistribution\DataStore\DataStore.edb 1>nul 2>nul net start wuauserv 2>nul
Does BypassESU v12 support WEPOSReady 7/WS2K8R2 (after January 2023) updates on Windows 7 client counterpart (aka professional, ultimate, enterprise,...)? P/S: Sorry for my bad English
Moin Paradroid666! Just played around a bit with this Firefox workarount after installing KB5046705: The browser issue with the tabs crashing only appears from security sandbox content level 5 onwards... Postscript: After the installation of KB504670 the workaround does not work 100% correctly on my Windows 7 test system. If I call up a website with an embedded video, I can start the loading process, but it gets lost in an endless loop and the video is not played. So there seem to be more mismatches between Firefox 115.17.0esr (64-Bit) and KB5046705 / KB5046687. Therefore, I will not install KB5046705 / KB5046687 on my work systems and will wait and see what updates Microsoft will offer us on this topic in December. The other November updates have worked without any problems so far.