IE11 Patches Blocked Until Windows 7 Users Install KB 2929437

The situation is not as bad as it was (and is) the forced march of the users of Windows 8.1 Update 1, but as Gregg Keizer Computerworld revealed for the first time on Sunday, no patch Microsoft IE11 users to get specific, patch installed before.

Monster Black Tuesday last week patched IE, MS 14-035, appears even Windows machines using Windows Update 8.1 unless users have successfully installed Windows 8.1 Update 1, the infamous KB 2919355. SP1 on Windows 7 machines IE11 In patch this month will not appear until users have installed Windows 7 patch IE11 MS 14-018/KB 2929437.

(Note that Internet Explorer 11 will not run on Windows 8. IE11 If you and / or your review, you must upgrade to Windows 8.1 Update 1. IE11 Also note that patches are available for organizations that use Windows Server Update Services / WSUS Intune or System Center Configuration Manager - see KB 2963950 Only those of us who rely on Windows Update or Microsoft Update to get snubbed) ..

Microsoft has had a patch dependencies first: You will not get until you install Patch Patch B A. In many cases, the attempt to install patches automatically install Patch first BA - no luck here. If you are running Windows 7 SP 1 (or Windows Server 2008 R2) and have not installed MS 14-018/KB 2,929,437, Windows Update does not show MS 14-035/KB Rollup Patch 2957689 this month; . the same for people running Windows 8.1 Update 1 without a large package is then also - designed to fix 59 security flaws identified separately.

Here's what KB 2957689 says:

This update applies only to computers that are running Internet Explorer 11 and that do have update 2919355 (for Windows 8.1 or Windows Server 2012 R2) or update 2929437 (for Windows 7 SP1 or Windows Server 2008 R2 SP1) installed. All future security and nonsecurity updates for Internet Explorer 11 require you to have update 2919355 or update 2929437 nstalled in order to receive updates. We recommend that you install update 2919355 or update 2929437 in order to continue to receive updates.

But wait. It gets more convoluted:

For Internet Explorer 11, the security update 2957689 update is for systems with updated or installed update 2929437 2919355. Internet Explorer 11 guests have to make sure that the update 2929437 or update 2919355 is installed before the security update 2957689 can be offered to them or installed.
Note for customers of Internet Explorer 11 does not have the update 2929437 or update 2919355 installed the security update 2963950 can be installed in place of the security update 2957689. However, the security update 2963950 is available only for customers who manage updates using Windows Server Update Services (WSUS), Microsoft Windows Intune or System Center Configuration Manager.

Got your scorecard handy?

This time around, I don't expect to hear the same hue and cry that accompanied the Windows 8.1 Update 1 straitjacket restrictions, for three reasons

1. Very few people have reported problems installing MS14-018/KB 2929437. Looking around the Internet, I don't see many intractable problems with the patch. (If you have a counterexample, please post it in the comments!) By contrast, the Microsoft Answers forum erupted with problems installing Windows 8.1 Update 1/KB 2919355 -- and they haven't all been solved yet.
2. If you have problems with KB 2929437, Internet Explorer 11 is relatively easy to uninstall on Windows 7 systems. For months, I've been waffling about recommending IE11 for Windows 7 users. Now I have a good reason to recommend that Microsoft customers not switch from IE10.
3. Don't fight, switch. There are lots of good alternatives to IE.

While the forced Windows 8.1 Update 1 restriction hit lots of Windows customers in the solar plexus, this restriction smacks of hubris. Why isn't Windows Update smart enough to line up the installation of prerequisites? Good question.