Microsoft's killer Windows 7 patch: Breaks networking, flags legit PCs as 'Not genuine'

Windows sysadmins wake up on Wednesday with an almighty Patch Tuesday headache.

Some Windows 7 admins are feeling the pain of Microsoft's latest updates in this week's Patch Tuesday releases. 

Thankfully for Microsoft, hardworking admins continue to spot bugs that it didn't detect during pre-release testing. 

This time they've found that its January security updates are bricking Windows 7 devices with an errant 'Not Genuine' Windows license error, and a bug that blocks administrator access to remote shares on Windows Server 2008 R2 and Windows 7.    

The issues stem from the Monthly Rollup update, KB4480970, and the security-only update, KB4480960, for Windows 7 SP1 and Windows Server 2008 R2 SP1.

Günter Born's Borncity was first to report the Windows 7 Genuine brick and the separate network share issues bundled in these updates. 

As Born notes, monthly rollup KB4480970 addresses a serious PowerShell flaw and adds extra mitigations for Meltdown and Spectre side-channel attacks. 

While it was prudent to patch quickly, admins discovered the update tripped up network shares over the SMBv2 file-sharing protocol. Born figured the security-only update might dodge the bugs, but he discovered that it caused the same issues. 

Born's and other reports commented that Microsoft hasn't listed the bugs as known issues on its support pages for KB4480960 and KB4480970. But Microsoft has now acknowledged the issues. 

Regarding the 'Not Genuine' Windows 7 error, Microsoft confirms that "some users are reporting the KMS Activation error, 'Not Genuine', 0xc004f200 on Windows 7 devices".

"We are aware of this incident and are presently investigating it. We will provide an update when available," writes Microsoft on both KB4480960 and KB4480970. 

SEE: Windows 10 April 2018 Update: An insider's guide (free PDF)

The source of the activation error is an eight-month-old update for Microsoft's anti-piracy Windows Activation Technologies, the same tech that recently caused panic after deactivating legitimate copies of Windows 10

As noted by AskWoody.com, Microsoft for some reason this week pushed the April update, KB971033, which was meant to help "confirm that the copy of Windows 7 that is running on your computer is genuine".

The problem, as one sleuthing sysadmin concluded on Reddit, is that KB971033 should never have been installed in a KMS environment. The sysadmin discovered the cause while fixing several thousand Windows 7 virtual desktops that suddenly and wrongly reported they were running non-genuine Windows. 

"Woke up this morning to find a few thousand Windows 7 VDI machines reporting that Windows 7 wasn't genuine. After much troubleshooting we found that KB971033 (should not have been installed in a KMS environment in the first place) was installed on these machines," the sysadmin wrote.

"Until today having this KB installed hasn't been an issue, it appears a change to how Microsoft's activation servers respond to a standard KMS key being sent to them may be to blame. Removing the update, deleting the KMS cache and activation data from the PCs and reactivating against KMS resolved the issue."

Microsoft has also posted a description of the conditions when users will see network share blocked, and a workaround until it releases a fix. 

"Local users who are part of the local 'Administrators' group may not be able to remotely access shares on Windows Server 2008 R2 and Windows 7 machines after installing the January 8th, 2019 security updates. This does not affect domain accounts in the local 'Administrators' group," explains Microsoft.  

"To work around this issue use either a local account that is not part of the local 'Administrators' group or any domain user (including domain administrators). We recommend this workaround until a fix is available in a future release."

Previous and related coverage

Microsoft: Windows 10 to grab 7GB of your storage so big updates don't fail

The 'reserved storage' coming with the next Windows 10 version is another reason to avoid PCs with little storage.

Windows 10 October 2018 Update: Dump your files to avoid crashes, warns Microsoft

Got a 32GB Windows 10 device? You probably shouldn't have bought it, but here's how to make sure it doesn't stumble during the next Windows 10 update.

Windows 10: Microsoft's plan to kill passwords moves on with new test build

Now Microsoft brings its password-less sign-in to all Windows Insider testers.

Windows 10 is now most popular PC OS as Windows 7 wanes

Windows 10 overtakes Windows 7 amid very slow adoption of the Windows 10 October 2018 Update.

Is Windows 10 still telling Microsoft what you're doing even if you don't want it to?

Microsoft baffles Windows 10 users by apparently collecting data about recently opened websites and apps when users have opted against sharing that information.

How to set up a Windows 10 computer: 5 essential steps TechRepublic

Getting a new PC is exciting, but you should follow these setup steps before using a Windows 10 machine.

Windows 10 October 2018 Update: The 7 best new features CNET

See the biggest changes coming to Windows 10.