Newsletter Archives
-
Update on Internet Explorer printing problems
@mrbrian reports these patches are available for printing problems in Internet Explorer.
NOTE: there is a caveat. This update removes the protection from CVE-2017-8529.From CVE-2017-8529 | Microsoft Browser Information Disclosure Vulnerability:
“Microsoft is announcing the release of the following updates to address a known issue customers may experience when printing from Internet Explorer or Microsoft Edge: 4032782 for Internet Explorer 11 on Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, Internet Explorer 10 on Windows Server 2012, Internet Explorer 9 on Windows Server 2012; 4032695 for Internet Explorer 11 and Microsoft Edge on Windows 10; 4032693 for Internet Explorer 11 and Microsoft Edge on Windows 10 1511; 4022723 for Internet Explorer 11 and Microsoft Edge on Windows 10 1607; 4022716 for Internet Explorer 11 and Microsoft Edge on Windows 10 1703; 4022720 which is the monthly rollup preview for Windows 8.1 and Windows Server 2012 R2; 4022721 which is the monthly rollup preview for Windows Server 2012; 4022168 which is the monthly rollup preview for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1. This update removes the protection from CVE-2017-8529. All updates are available only on the Microsoft Update Catalog, with the exceptions of 4022720, 4022721, 4022168, and 4022716, which are also available through Windows Update.”
See @mrbrian ‘s post
-
New cyber attack is a ransomware worm
Details are still sketchy as to the nature of today’s cyber attack, but it is a ransomware worm from details currently available.
However, what its actual nature of this threat is is still being discovered and debated, much like Wannacry’s was last month.
The latest from @kaspersky researchers on #Petya: it’s actually #NotPetya pic.twitter.com/uTVBUul8Yt
— Kaspersky Lab (@kaspersky) 27 June 2017
@MrBrian posted about this on Code Red – security alerts – information and discussion topic page:
Variant of Petya ransomware is spreading fast -
Report of new bogus Intel driver offered through Windows Update: “Intel Corporation driver update for Intel HD Graphics 3000”
A report from an anonymous poster:
On a Windows 8.1 PC which had not been powered-on for a few weeks, another in the series of broken Intel updates appeared, with the title being “Intel Corporation driver update for Intel HD Graphics 3000.” I selected it and clicked on “More information,” with a Microsoft webpage appearing with “Driver Information: Coming Soon.”
This PC has a Sandy Bridge processor, so it’s conceivable that a new graphics update was released by Intel, but it’s highly unlikely, as I downloaded the latest graphics driver from Intel’s website when I built the system not that many months ago. Also, Sandy Bridge is circa 2011. This was either another Microsoft auto-barf or the result of an incompetent Microsoft employee.
A couple of days ago, @AElMassry reported similar problems with Win10 version 1511.
Has anybody else hit a bogus Intel driver, offered through Windows Update, lately?
-
MS-DEFCON 1: Office security patches are all screwed up and IE patches aren’t much better. Don’t patch.
Kirsty caught the initial whiff, based on a Günter Born post about problems with Outlook. PKCano raised the alarm about Office patches in general on June 19. Now, it seems Outlook is under attack by Microsoft’s own security patches — and IE still doesn’t print properly.
The situation’s so bad, Microsoft itself has documented the problems with Outlook, after installing the June 2017 Office patches.
There are seven separately identified, potentially show-stopping bugs in Outlook that appear after you install this month’s Office security patches: Can’t open attachments, VBScript doesn’t run, Outlook search doesn’t work, and the previously described IE failure to print mis-fires from inside Outlook.
The workarounds? Forward the mail to yourself and then open the attachments in the forwarded email. Save the attachments to your computer and open them manually. Use something other than IE. Or, it would seem, anything but Outlook.
Microsoft really screwed up this month’s patches — both for Office and for Windows. Unless you want to use your machine as a Windows/Office beta test environment, I strongly suggest you refrain from applying any of this month’s updates.
Accordingly, I’m moving us to MS-DEFCON 1: Current Microsoft patches are causing havoc. Don’t patch.
I’m seeing “secret” reports all over the web that Microsoft will be fixing some or all of its malicious patches next Tuesday, June 27. You would be well advised to wait until we see the fallout from the fixes to the fixes before installing anything.
As MrBrian notes, Microsoft now has official acknowledgments posted for 16 known-bad June 2017 patches.
-
Microsoft admits IE printing problems after installing the June security patches KB 4021558, KB 4022719, KB 4021558
Remember the report about this month’s security patches and Monthly Rollups triggering problems in Internet Explorer? The behavior has been confirmed.
EP just sent me this message:
Microsoft has finally acknowledged/confirmed the printing problems with the IE11 KB4021558 security update for Windows 7 & 8.1 as well as the printing problems with the KB4022719 security monthly update for Win7 SP1 & the KB4022726 security monthly update for Win8.1:
https://support.microsoft.com/
en-us/help/4022719/windows-7- update-kb4022719 https://support.microsoft.com/
en-us/help/4022726/windows-8- update-kb4022726 These MS KB articles were revised today June 20.
There is no workaround for the problem other than to uninstall any of those updates.
All three of the articles say:
When you print a specific iframe or frame in a web page, the print output may be blank, or text is printed that resembles the following:
404 – Not Found(A frame is a part of a web page or browser window that displays content independent of its container. A frame can load content independently.)
This problem has also been observed in both Internet Explorer 11, and in applications that host the IE Web Browser Control.
There is currently no workaround for this issue. However, if you print the entire web page, it will print correctly.
Microsoft is researching this problem and will post more information in this article when the information becomes available.
Which is sure to make you feel warm and fuzzy. If you’re having problems printing in IE, you need to back out:
- KB 4021558 the “Cumulative security update for Internet Explorer: June 13, 2017”
- KB 4022719– the Win7 “June 13, 2017—KB4022719 (Monthly Rollup)”
- KB 4022726 – the Win 8.1 “June 13, 2017—KB4022726 (Monthly Rollup)”
-
WannaCry hits Honda car plant in Japan
A vulnerable machine WILL get infected. Only, if the block is accessible, the worm will exit immediately after infecting it…. and, according to Reuters, they shut the plant down.
The automaker shut production on Monday at its Sayama plant, northwest of Tokyo… Production at other plants operated by the automaker had not been affected, and regular operations had resumed at the Sayama plant on Tuesday, she said.
The story doesn’t sound right. Anybody know what really happened?
Interesting. Vess Bontchev just tweeted an explanation:
They probably just discovered the infection. They were not encrypted, because of the block. The block doesn’t prevent infection… A vulnerable machine WILL get infected. Only, if the block is accessible, the worm will exit immediately after infecting it… A vulnerable machine WILL get infected. Only, if the block is accessible, the worm will exit immediately after infecting it… they were running vulnerable, unpatched. They probably got infected repeatedly during the month. Just nobody noticed until now, because the encryption didn’t trigger, due to the block. A more interesting question is how did they discover the problem? The DoublePulsar backdoor remains, not sure if AV detects it.
There’s another good discussion kicked off by Mikko Hypponen here.
-
Sign up for the Windows Server beta program now
If you’re in to on-premises Windows Server you can now sign on to beta test the twice-a-year product updates.
Server’s going to a twice-a-year update schedule, just like Win10 and Office, and the process has the same familiar ring to it, “Semi-annual Channel releases.” Shortly Server will have its own Insider Program as well.
I can’t think of any better way to kill on-prem Server, than to force it into a twice-a-year upgrade cadence.
Sign up here.
-
XP SP3/Server 2003 Security Patches Released June 2017
In a most unusual Patch Tuesday (Full details in Woody on Windows blog, which has just moved from InfoWorld to Computerworld), Microsoft announced in a June 2017 security update release that it was releasing additional security patches for older platforms. Microsoft security advisory 4025685 was released in tabular form, with references to the security bulletins that each patch addressed for each of the non-supported older platforms. To make for easier downloads, here is the list or the patches needed for Windows XP/Server 2003.
NOTE: These links are set to open in additional tabs. After the download, remember to close the extra tab(s).
XP SP3
- KB958644 — you may already have this 2008 update installed.
- KB2347290 — you may already have this 2010 update installed.
- KB4012598
- KB4012583
- KB4022747
- KB4018271 for IE8
- KB4018466
- KB3197835
- KB4024323
- KB4025218
- KB4024402
- KB4019204
Server 2003 SP2 64-bit
- KB958644 — you may already have this 2008 update installed.
- KB2347290 — you may already have this 2010 update installed.
- KB3011780
- KB4012598
- KB4012583
- KB4022747
- KB4018466
- KB3197835
- KB4024323
- KB4025218
- KB4024402
- KB4019204
Server 2003 32-bit or Home Server 2003 original release
If you need additional patches for other older platforms, they can be downloaded from the Microsoft Update Catalog by entering the patch number in the search box.
-
Win7 Monthly Rollup KB 4022719 triggers printing problems in Internet Explorer
EverWilli, posting on the Microsoft Answers forum, describes a problem with the latest Win7 Monthly Rollup, KB 4022719:
After installing KB4022719 our users cannot print certain items from Internet Explorer 11. If a users opens a page in a *frame and attempts to print they only get a blank page.
We have tired all the basic fixes, resetting IE, cleaning temp files, printer files, checking for a low folder but the only solution at this time is to uninstall KB4022719. Thus far we have only uninstalled on 2 pc’s with the issue and that fixed the printing on both machines.
There are now reported sightings of the bug with the Win7 Monthly Rollup KB 4022719, as well as the standalone IE security patch KB 4021558.
Only solution so far is to roll back the security patch.
UPDATE: The problem now appears on the Edge Developer’s forum, marked by Microsoft as “Won’t Fix.” More than a few people are aghast. It’s not clear if that’s Microsoft response to a bug of its own creation – or if it’s an indicator that the Edge folks really don’t care much about IE 11.
-
June 2017 Adobe Flash Player & Shockwave Player security updates
EP advises:
New Adobe Flash Player and Shockwave Player security updates released on Tuesday June 13, 2017-
Adobe Flash Player security bulletin APSB17-17:
https://helpx.adobe.com/
security/products/flash- player/apsb17-17.html This updates Flash Player to version 26
Adobe Shockwave Player security bulletin APSB17-18:
https://helpx.adobe.com/
security/products/shockwave/ apsb17-18.html This updates Shockwave Player to version 12.2.9.
-
Yep, KB 4020732 and KB 4020733 were released early
Last week, there were reports that two Lync 2010 security patches had appeared on Windows Update servers. It wasn’t clear if they were intentional early arrivals, or if somebody just screwed up.
It looks like the latter’s the case. See the KB 4020732 article.
Security Update for Lync 2010 X86/X64 (KB4020732)
Security Update for Lync 2010 Attendee – Administrator level installation (KB4020733)
-
Finally, a fix for Microsoft’s draconian block on Win7 updates for recent processors
Remember Microsoft’s not-so-subtle hint that it won’t support Win7 on newer processors? Remember how the April security and Monthly Rollup patches knocked out Windows Update on systems that were running older processors?
Looks like MS is atoning for at least one of its sins.
Tucked away at the bottom of the Win7 update info for KB 4022719 is a note that goes like this:
Installation steps for systems using AMD Carrizo DDR4 processor:
- Download KB4022719 from Microsoft update catalog.
- Extract the CAB file from the downloaded .msu file from step 1. Note the path where you stored the CAB file for use in step 3.
- Run the DISM /Online /Add-Package command to install the update: DISM.exe /Online /Add-Package /PackagePath: CAB file path from step 2.
So if you don’t mind downloading the patch from the Update Catalog, and installing it with a DISM command, you can restore Windows Update functionality to computers with older Carrizo DDR4 chips.
I have no idea if this fix works on the other machines that Microsoft inadvertently clobbered, but at least it’s a start.