Microsoft reissues flawed Windows security update with new flaws

Summary:UPDATED. A new version of MS14-045 has been pushed to Windows Update and the Download Center. Microsoft strongly recommends that users uninstall the old version first.

Microsoft today re-released the updates for security bulletin MS14-045. This update had been released on the August Patch Tuesday, August 12, but  withdrawn later in the week  after user reports of blue screen crashes and disabled systems.

Special Feature

Why business leaders must be security leaders

Why do many boards leave IT security primarily to security technicians, and why can’t techies convince their boards to spend scarce cash on protecting stakeholder information? We offer guidance on how to close the IT security governance gap.

At the same time Microsoft withdrew MS14-045, it withdrew three non-security updates, KB2970228, KB2975719 and KB2975331. None of those have been reissued and we have no further information on them.

Updated on August 27: With respect to these remaining updates, Tracey Pretorius, Director, Microsoft Trustworthy Computing, told ZDNet "[w]e continue to work diligently to get the Windows August Update rereleased to customers."

A blog entry from Pretorius implies that the problem was related to a change in the release schedules for non-security updates.

The Knowledge Base article for the revised update (KB2993651) lists a confusing set of Known Issues remaining with the update.

  • With the update installed, fonts in the system that are not in the default fonts directory (%windir%\fonts\) cannot be changed when loaded in an active session. For more detail, see the KB article.
  • With the update installed, the z-order (depth) of some windows is changed. This means they can be hidden and therefore invisible. Four other earlier updates also cause this problem:
    • 2965768 Stop error 0x3B when an application changes the z-order of a window in Windows 7 SP1 and Windows Server 2008 R2 SP1
    • 2970228 Update to support the new currency symbol for the Russian ruble in Windows
    • 2973201 MS14-039: Description of the security update for Windows on-screen keyboard: July 8, 2014
    • 2975719 August 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2

Two of these (2970228 and 2975719) are among the updates withdrawn by Microsoft along with MS14-045. The other two have not been mentioned previously with respect to the recent problems. Those two now-problematic updates are also still available for download as of late afternoon on August 27.

The security bulletin says that "Microsoft strongly recommends that customers who have not uninstalled the 2982791 update [i.e., the old version, released on Patch Tuesday] do so prior to applying the 2993651 update [the new version]." This recommendation applies to users whether they are having problems with the old update or not. Note that Windows Update and Automatic Updates do not remove the old version.

To uninstall the update go to Control Panel, Programs and Features, Installed Updates, find the 2982791 update in the Microsoft Windows section, right click and uninstall. You can find the update by searching for "KB2982791" in the Control Panel for uninstalling updates. See the screen capture below. 

The update addresses three Windows kernel bugs, two of which could result in privilege elevation and the third in exposure of sensitive kernel information.

uninstall.update

Topics: Security, Microsoft, Windows

About

Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years. He was most recently Editorial Director of BYTE, Dark Reading and Network Computing at UBM Tech. Prior to that he spent over a decade consulting and writing on technology subjects, primarily in the area of sec... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.