Microsoft reissues flawed Windows security update with new flaws

Microsoft reissues flawed Windows security update with new flaws

Summary: UPDATED. A new version of MS14-045 has been pushed to Windows Update and the Download Center. Microsoft strongly recommends that users uninstall the old version first.

SHARE:
66

Microsoft today re-released the updates for security bulletin MS14-045. This update had been released on the August Patch Tuesday, August 12, but withdrawn later in the week after user reports of blue screen crashes and disabled systems.

Special Feature

Why business leaders must be security leaders

Why business leaders must be security leaders

Why do many boards leave IT security primarily to security technicians, and why can’t techies convince their boards to spend scarce cash on protecting stakeholder information? We offer guidance on how to close the IT security governance gap.

At the same time Microsoft withdrew MS14-045, it withdrew three non-security updates, KB2970228, KB2975719 and KB2975331. None of those have been reissued and we have no further information on them.

Updated on August 27: With respect to these remaining updates, Tracey Pretorius, Director, Microsoft Trustworthy Computing, told ZDNet "[w]e continue to work diligently to get the Windows August Update rereleased to customers."

A blog entry from Pretorius implies that the problem was related to a change in the release schedules for non-security updates.

The Knowledge Base article for the revised update (KB2993651) lists a confusing set of Known Issues remaining with the update.

  • With the update installed, fonts in the system that are not in the default fonts directory (%windir%\fonts\) cannot be changed when loaded in an active session. For more detail, see the KB article.
  • With the update installed, the z-order (depth) of some windows is changed. This means they can be hidden and therefore invisible. Four other earlier updates also cause this problem:
    • 2965768 Stop error 0x3B when an application changes the z-order of a window in Windows 7 SP1 and Windows Server 2008 R2 SP1
    • 2970228 Update to support the new currency symbol for the Russian ruble in Windows
    • 2973201 MS14-039: Description of the security update for Windows on-screen keyboard: July 8, 2014
    • 2975719 August 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2

Two of these (2970228 and 2975719) are among the updates withdrawn by Microsoft along with MS14-045. The other two have not been mentioned previously with respect to the recent problems. Those two now-problematic updates are also still available for download as of late afternoon on August 27.

The security bulletin says that "Microsoft strongly recommends that customers who have not uninstalled the 2982791 update [i.e., the old version, released on Patch Tuesday] do so prior to applying the 2993651 update [the new version]." This recommendation applies to users whether they are having problems with the old update or not. Note that Windows Update and Automatic Updates do not remove the old version.

To uninstall the update go to Control Panel, Programs and Features, Installed Updates, find the 2982791 update in the Microsoft Windows section, right click and uninstall. You can find the update by searching for "KB2982791" in the Control Panel for uninstalling updates. See the screen capture below. 

The update addresses three Windows kernel bugs, two of which could result in privilege elevation and the third in exposure of sensitive kernel information.

uninstall.update

Topics: Security, Microsoft, Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

66 comments
Log in or register to join the discussion
  • So,

    Windows Update doesn't remove the old one first. I wonder how they expect the average user, who doesn't go to sites like this to know this.
    roteague
    • no argument here

      (nt)
      larry@...
      • Issue this command

        wmic qfe list brief | find /i "KB2982791"
        JohnnyJammer
        • RE: Issue this command

          WHAT!!!!!??

          You expect the typical Windows user to use THE COMMAND LINE.

          According to such experts as "Loverock Davidson" that is so "old school", only befitting of such "backwards" operating systems like Linux. Definitely not something required of MODERN operating systems!
          fatman65535
          • A better way to deal with a flaky windows system

            >diskpart
            >select disk 0
            >clean
            The Central Scrutinizer
          • Speaking of 'Loverock'...

            Where is our resident comedian today??
            He's usually one of the first to post and tell us how he hasn't had a problem with his updates, and how it's probably the fault of the way other users are installing them..

            He even goes so far as to say that Windows updates are so reliable and well put together that they don't even require any testing!

            Curious then that he is conspicuous by his absence today - don't suppose it could be that his system has also got bricked by the update and he cant get on-line now......
            The Central Scrutinizer
          • Speaking of 'Loverock'...

            He can't boot his computer because of broken update :)
            Gogalthorp1
          • No point in stupid CLI

            When you can just go to programs and features and copypasta the KB number. yet again Windows proves the ancient CLI is only required for Lunix user ;-)
            PC builder
          • Its for SysAdmins

            I only posted it in case a server/sys administrator wanted to write a batch script to populate which machines have this installed and then use the command (wusa /uninstall /kb:KB2982791) at their next logon.

            And yes the command line is as relevant today as it has ever been. You take away your explorer.exe process and what will you do then? Cry thats what.

            Also who cars what loverdock says, he is a troll and incompetent at everything he does im sure!
            I thought this site was for more technical people not the mum or dad who just brought a new pc.
            JohnnyJammer
    • This would add many complications for Microsoft's software testers

      The revised patch would need code to check if the old patch had or had not been installed on one's system and then remove the old patch if it had previously been installed on one's system. All this before applying the revised patch.

      Best not to add any burden to a testing organization that is under great flux.
      Rabid Howler Monkey
      • Bad idea

        Yes, it would make it more complicated for the testers, but when you compare that to causing user's systems to BSOD, there's really no other choice. Microsoft can either dodge a bullet here or shoot themselves in the foot.
        spambox@...
        • spambox@...: "Bad idea"

          From the article's Summary:
          "Microsoft strongly recommends that users uninstall the old version first."

          Are you stating that Microsoft wants its users to cause the BSOD by manually removing the old version of the update, rebooting their system and then running Windows or Microsoft Update to install the new version of the update?
          Rabid Howler Monkey
          • Misread you?

            Maybe I misread what you meant by "Best not to add any burden to a testing organization that is under great flux." I read that as you saying that the new update should now uninstall the old update. I think that the new update should do everything it needs to do to fix the problem, and that would seem to include uninstalling the old update. Microsoft can't expect users to do that.
            spambox@...
      • Updates replace other updates all the time

        It's very common and documented in the advisories
        larry@...
        • That's not the point

          In this particular case, Microsoft is recommending that Windows users remove the older update prior to installing the new update (please reread your article Summary). I still fail to see why Microsoft can't automate this process in the new update and unburden the poor users ...
          Rabid Howler Monkey
          • I don't know why they're not doing it in this case

            I'm just saying that they do it in other cases.
            larry@...
    • It's called

      ..bloat mate
      Bladeforce
  • and the impact of not uninstalling it???

    Perhaps it breaks Windows Update???

    No wait I tried that on my system that was off and hand not installed August updates yet.

    Now it gets an error running check for updates and after using the MS fixit and doing a full reset on Windows update, its still broke... but good news ... it gets the error really fast now instead of mulling it over for a while then getting the error. :-)
    greywolf7
    • Update

      I had no problem until after I installed the new update.
      I read this e mail after it was done. I never had the "old" update, yet it still gave me the new one.
      Now I am also getting the error message when running Windows Update.
      Does anyone have a solution for this yet?
      SoozyQue
      • Fixed I think

        I think I have the error fixed. I ran the Windows Update Troubleshooter and
        it seems to have cleared the error message when checking for updates.
        SoozyQue