11/10/15 Patch Tuesday

Topic

New Reply

I’ve never had an issue with MS updates (save for the squashing the Windows 10 upgrade notification fiasco) until last night. I have three Windows 7 Ultimate x64 machines that had 20+ updates for patch Tuesday. After installing, and rebooting, I had several programs that no longer worked: Object Dock – notification of a crash after loading, Search Everything – frozen when used, Outlook 2010 – frozen when used, Sidebar – would not load gadgets. This affected all three PC’s. I immediately did a system restore and everything returned to normal.

Has anyone else had this problem? If so, has anyone identified the patch, or patches, responsible?

Thanks,

Mort

Reply | Quote

Replies

I haven’t looked specifically for bugs with the latest patches yet but I did just see this comment on a Brian Krebs article:

Just a heads up. Don’t install KB3097877 if you run Outlook. This patch is causing Outlook to crash. I realize the patch is listed as Critical, but we’ll just wait until Microsoft revokes and releases an update to it to fix the crashing issue.

EDIT: it applies to this article, which really is a Critical patch, standby for a rapid patch re-release from MS…

Reply | Quote

Thanks for the info. I’ll wait until, say, Monday before frustrating myself :>)

Reply | Quote

I can confirm that KB3097877 is the cause. It seems to affect all versions – 2010 through Outlook 2016.

Uninstalling that update fixes the crashing issue.

Reply | Quote

I can confirm that KB3097877 is the cause. It seems to affect all versions – 2010 through Outlook 2016.

Uninstalling that update fixes the crashing issue.

Same problem posted at http://windowssecrets.com/forums/showthread//172766-Today-s-updates-crash-Outlook-2010?p=1030603#post1030603. I don’t have the problem as mentioned in my reply to that post.

Before you wonder "Am I doing things right," ask "Am I doing the right things?"

Reply | Quote

The Stardock issue might be related to a report I saw earlier on Desktop Widgets failing to load, I didn’t see mention of which KB was at fault, hopefully the same one!

Reply | Quote

It could be that Outlook x64 versions aren’t affected but yours is the only comment that specifies x64 Outlook that I’ve noticed.

It’s looking like it only happens when viewing some html emails, maybe the variability is down to email content (downloadable font? – 3rd party plugin? – Flash?) or some specific Outlook setting.

https://social.technet.microsoft.com/Forums/en-US/482486ba-a378-4dcd-bd21-08ae19760b93/crashes-since-111115-updates-in-both-outlook-2010-and-2013-when-viewing-html-emails?forum=officeitproprevious

Reply | Quote

It could be that Outlook x64 versions aren’t affected but yours is the only comment that specifies x64 Outlook that I’ve noticed.

I also hadn’t seen the ‘bitness’ mentioned which is why I did. I’ve seen some other updates that affected the 64-bit of things differently from 32-bit things and vice versa. And Office 2010 is the first to be available as either 32-bit or 64-bit.

Before you wonder "Am I doing things right," ask "Am I doing the right things?"

Reply | Quote

I reinstalled the patches with the exception of KB3097877 and everything is back to normal on all 3 PC’s.

My Outlook 2010 is 32 bit.

I appreciate the quick diagnosis.

Reply | Quote

I just updated my win 7 32 bit computer this afternoon and I noticed that KB3097877 wasn’t listed so MS must have pulled it. It was listed yesterday when I updated and installed it on my Win 7 64 bit but since I don’t use Outlook I haven’t noticed any problems with it.

Don't take yourself so seriously, no one else does 🙂
All W10 Pro at 22H2,(2 Desktops, 1 Laptop).

Reply | Quote

I have just been notified about the updates after doing the system restore, KB3097877 is still there, but not checked, I have hidden it just to make sure.

Reply | Quote

After learning that it was causing Outlook 2013 to crash, I uninstalled KB3097877, rebooted my PC, and ran Windows Update again. KB3097877 once again showed up as an “Important” update. I can report that uninstalling that update stopped Outlook from crashing when trying to open messages with HTML.

You’d think Microsoft would have pulled this update by now.

–Larry

Reply | Quote

Interesting. It didn’t show up for me this afternoon. Maybe they pulled it long enough to tweak it?? Either that or everybody has a different WU experience. Hmmm, maybe I’m special.:o:

Don't take yourself so seriously, no one else does 🙂
All W10 Pro at 22H2,(2 Desktops, 1 Laptop).

Reply | Quote

I just checked Microsoft’s page for this update, and found the following:

“Known issues in this security update

* We are aware of reports of crashes in all supported versions of Microsoft Outlook that occur when users are reading certain emails after this update is installed.

We are investigating this issue and will update this article when further information is available.”

At least they’re acknowledging the problem, but I don’t see any indication that the update has been updated at this point.

–Larry

Reply | Quote

Ensure that you all have the latest versions of Flash and other plugins, this KB was mostly to block active drive by exploits (browsers downloading attacks specific to known vulnerabilities, probably malformed fonts and images etc.) from what I can see.

Reply | Quote

Since I do not use Outlook, I was not affected that way. But my Asus audio Center would not load for my Asus Xonar Essence PCI Sound Card. I have uninstalled KB3097977 and everything works fine again. However, Microsoft still says KB3097977 needs to be installed which I am postponing for the moment. Thank goodness for the setting Notify but let me choose to download and install updates.

Reply | Quote

Ensure that you all have the latest versions of Flash and other plugins,

I think these flaws are all Windows, and totally independent of Flash or any plugin.

Reply | Quote

Microsoft released an update to the bad KB3097877. However, on my machine, with an Nvidia GTX570 video card once again, released an “optional update” for the video card driver. I believe most of Microsoft’s problems with fonts occur with a conflict between Nvidia and Microsoft. For people w/o Nvidia video cards, it would not surprise me that the update went thru reasonably smoothly.

This has happened several times in the past with Microsoft and font fixing updates. So be warned on your next machine, if you decide on Microsoft Windows, if you do not want your machine bricked, occasionally on updates, think long and hard about that Nvidia card. There will probably be conflicts that Nvidia will have to correct.

Reply | Quote

Why have MS not pulled this update, today they are still trying to get me to download it. Imagine if this happened with Windows 10 where one has no control over what updates get downloaded, that would be a catastrophe. Given MS history this will happen and the excreta should well and truly hit the air circulating device.

Reply | Quote

Yes, so I saw, nothing much new there to me or here.

A couple of interesting topics on reddit.

I’ve seen claims of TeamViewer, OneNote, Powerpoint and touchscreen/tablet/network login issues being fixed by removing the KB (and a few I don’t recall now).

MS changing the KB and unchecking the download but not pulling it – only listing Outlook as being impacted – reminds me of the Devil’s Update prerequisite for IE10 – that was also a font/graphics subsection ‘fix’ that affected a lot more than MS wanted to admit to. Took some of us a wipe/reload to fix it and upgrade IE without borking various programs with intermittent weird graphic glitches and fonts… ah, but we were happier back then 😉

Reply | Quote

I guess that the audio cpl/front end has some font or image that the ‘fix’ found suspicious :o:

About the only thing I can think of in MS’s defence is that the actively exploited vulnerability was so serious that they didn’t have time to ‘fully’ test it – but not loading it onto some W7/8 machines/VMs to test their own flagship Office products is close to inexcusable.

Reply | Quote

Actually, satrow:

There is no defense for Microsoft. I remember 2013 was a bad year for Windows 7 patches. There were many times I sat there loading and rebooting each separate update seeing which update would cause my home built system to crash. One wonders what would cause Microsoft to change the update policy in Windows 10 from what is “working” in Windows 7 and Windows 8. I hate the Patch Tuesdays every month.

Reply | Quote

There was a patched version of KB3097877 released ~24 hours ago.

Reply | Quote

There was a patched version of KB3097877 released ~24 hours ago.

Yes, I noticed that had been loaded upon my system and readied for install last night of course when I am tired and headed for bed and shutting down.

Thanks. I headed here first thing this morning after checking out what MS had loaded during shutdown and saw it was the same file as the prior day and wondered. Got my answer as to what’s up?

https://support.microsoft.com/en-us/kb/3097877

Reply | Quote

Thanks Satrow, I reckon I might sit on this for a while and see what happens.

Reply | Quote

Whoa, that KB page is now on Rev. #8!

Basically, the patch is to prevent malicious access to the Windows kernel by malformed fonts/images, probably via yet another drive by Flash exploit – so get Flash and all other plugins updated as well.

The first version of the patch affected html email for some users of Outlook, also Desktop Gadgets (MS + some like Stardock) and other 3rd party software like TeamViewer, an Asus sound card program/cpl, it prevented many touchpad/tablet users from being able to login and there were some cases of Publisher and OneNote isues (and others I don’t recall right now).

The current Revision of the KB article has been extended to include the login issue, the version that accompanied the original patched release only mentioned Outlook. MS still haven’t , to my knowledge, acknowledged any of the other problems that were fixed by removing the original KB3097877.

I’d expect the Rev# at https://support.microsoft.com/en-us/kb/3097877 to increase again over the next few weeks, but MS might just ignore the other issues, esp. if the newly patched version fixes them.

Reply | Quote

Basically, the patch is to prevent malicious access to the Windows kernel by malformed fonts/images, probably via yet another drive by Flash exploit – so get Flash and all other plugins updated as well.

Why do you think Flash or other plugins are implicated in these flaws? Do you imagine that Windows without Flash installed is not vulnerable?

The security bulletin specifies that the vulnerabilities reside in Windows, e.g.: “an attacker could exploit … by … an untrusted webpage that contains embedded fonts.”

Reply | Quote

Flash has been by far the greatest target of successful drive by attacks for a long time, the latest stats suggest ~80% of them, Adobe/MS have been synching their patches for some time now, users that are restoring/rolling back Windows to avoid any bug introduced by a patch day KB are also at risk of inadvertently rolling back to a vulnerable version of Flash.

Since MS have been reluctant in recent months to give details of the patches for Windows, but they have said that KB3097877 is a drive by risk, I think it’s advisable to warn people to take extra care and check that Flash, if they use it, is updated.

Reply | Quote

I was just questioning your use of “, probably via … “. It would be more accurate to say “, definitely not …”.

Reply | Quote

3097877 11-10 Kernel and Adobe Type Manager; also KB 3101746 Hold
3081320 11-10 Windows Schannel Wait
3101246 11-10 Windows Kerberos Wait

These were the 3 patches, Susan Bradley suggested to wait on applying. I have updated my systems except for these three. Now, when I go to Windows Update, the only one showing is 3097877! Does anyone have a update on the others?

Reply | Quote

3097877 11-10 Kernel and Adobe Type Manager; also KB 3101746 Hold
3081320 11-10 Windows Schannel Wait
3101246 11-10 Windows Kerberos Wait

These were the 3 patches, Susan Bradley suggested to wait on applying. I have updated my systems except for these three. Now, when I go to Windows Update, the only one showing is 3097877! Does anyone have a update on the others?[/QUOTE]

I figured this out.

I only unchecked 3097877, 3081320, & 3101246, and installed 3101746. I should not have install all 4!

After rereading Patch Watch on these, I decided to uninstall 3101746. After the reboot, I had Windows Update recheck and, once it completed, all 4 updates are now available there.

Reply | Quote

All 4 of the KB numbers you listed are still showing in my Windows update list. I am holding off installing them for now.

Are you sure you didn’t install or hide the missing updates? Look at “Update history” and “Restore hidden updates” in the left column of the main Windows Update screen to verify.

Reply | Quote

I copied from Susan’s table in Patch Watch.

I checked and, no, they aren’t showing as installed. I have not been able to find any news of them being pulled or anything like that. I unchecked, but did not hide them, either.

Reply | Quote