KB2835361 install problems

Topic

New Reply

A massive Windows 7 update from Microsoft this month. All updates installed correctly except for KB2835361. If I install that fix, I can no longer access the internet either thru Firefox or IE9. Any idea out there on how to get this update to install correctly?

RJH

Reply | Quote

Replies

Usually I ignore an update which causes me problems.

This update fixes a vulnerability with True Type fonts on shared documents. Since True Type fonts are in pretty much every document (other than plain text files), it is worth trying to install this update.

First, do a complete malware scan on your computer. Perhaps there is some malware which is causing the problem.

After doing that, try again to install it, to see if that solved the problem.

If the problem still exists, I would uninstall the update, and I would then be careful about creating or accessing shared documents.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

Reply | Quote

Ran a malwarebytes Pro full scan, also spybot and Kaspersky’s TDSS antirootkit. Found nothing. Reinstalled the update and the problem persists. Did a system restore to roll back the update and everything is fine. Thanks for your responses but I guess I will have to wait until Microsoft fixes the update.

Reply | Quote

uninstalling does not fix the problem. I had to do a system restore.

Reply | Quote

I called Microsoft on the problem. The solution was to hide the update.

Reply | Quote

uninstalling does not fix the problem. I had to do a system restore.

Yes, sounds like your experience was similar to mine! MS Community still has not responded to my Bug Report that I filed, so they have no solution yet. I have also uninstalled the other 2 KBs in MS13-054 as well and Restored! I still have another problem that popped up after my earlier post, an intermittent problem with explorer.exe that causes the 2nd instance of explorer to crash when it is trying to start. This is my first time ever that I have had a problem with explorer. I solved the problem the first time it occurred but it is still a work in progress for the second time. July was sure a raunchy Patch Tuesday……

Crysta

--------------------------------------

1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
Graphics Radeon RX 580, RX 580 ONLY Over Clocked
More perishable

2xMonitors Asus DVI, Sony 55" UHD TV HDMI

1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
1xOS W8.1 Pro, NAS Dependent, Same Sony above.

-----------------

Reply | Quote

Right click on the network icon in the system tray and select troubleshoot.

If that doesn’t help, try running in a clean boot environment and see if you have internet access.
http://support.microsoft.com/kb/929135/en-us

Jerry

Reply | Quote

TT fonts are a target for malware, have been for a long time now. You really need to try to work out why this update doesn’t install for you. I would begin by running SFC /SCANNOW – at least 3x times, then work though the WU logs and then the resulting C:WindowsLogsCBSCBS.log for clues.

Reply | Quote

I would begin by running SFC /SCANNOW – at least 3x times, then work though the WU logs and then the resulting C:WindowsLogsCBSCBS.log for clues.

I have often recommended use of SFC to others (and myself) when trouble-shooting but never thought about running it more than once. Please comment on the efficacy of running it multiple times.

Rich

Reply | Quote

Hi Folks,

I know some have had problems with one autherized(by the Patch Lady in this column) Patch, KB 2835361, so I would like to share my experience from Friday. I spent most of the day trying to put it in, in different combinations and removing it, as well as doing malware scans to no avail.

One important note:

Just uninstalling the/or all Patch Tuesdays Patches does NOT rectify the problems it cause with MS APIs and/or Services. One must actually do a Restore to remove any settings that it corrupts. Restoring on just this Patch, providing it is the Last one does, however.

What does it Break for me:

From what I discovered there are three MS APIs; Sidebar, Microsoft Management Console (MMC), Internet Explorer(IE).
In my experience, one just had try to open them and they would crash and send numerous Bug Reports to Microsoft. Hopefully they will come up with their notorious Patch Fix of a Patch.

From what I understand, this Patch is supposed to be about True Fonts and Document Sharing concerns but it must be affecting things farely deep to have the cause and effects that I am having. We have seen these types of Patches to be problematic in the past but this is my first time of having crashes of other APIs around Font Patches.

I am putting KB 2835361 on long term HOLD, until I hear from the Patch Lady(said with HUGE Respect)to put it in, with another Patch that fixes the problem.

Regards,

Crysta

--------------------------------------

1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
Graphics Radeon RX 580, RX 580 ONLY Over Clocked
More perishable

2xMonitors Asus DVI, Sony 55" UHD TV HDMI

1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
1xOS W8.1 Pro, NAS Dependent, Same Sony above.

-----------------

Reply | Quote

Hi Folks,

We got the following today: (Added to Windows Community Submission)

Microsoft Security Bulletin MS13-054 – Critical
Vulnerability in GDI+ Could Allow Remote Code Execution (2848295)

Published: Tuesday, July 09, 2013 | Updated: Thursday, August 01, 2013

Version: 1.1

First of all I am not sure what was revised OR how the problems are solved??? Is the Patch ReReleased???

I sure hope we get a response from Microsoft??? Until then MS13-054 in it’s entirety stays on hold(hidden)

Crysta

Hi Folks,

I know some have had problems with one autherized(by the Patch Lady in this column) Patch, KB 2835361, so I would like to share my experience from Friday. I spent most of the day trying to put it in, in different combinations and removing it, as well as doing malware scans to no avail.

One important note:

Just uninstalling the/or all Patch Tuesdays Patches does NOT rectify the problems it cause with MS APIs and/or Services. One must actually do a Restore to remove any settings that it corrupts. Restoring on just this Patch, providing it is the Last one does, however.

What does it Break for me:

From what I discovered there are three MS APIs; Sidebar, Microsoft Management Console (MMC), Internet Explorer(IE).
In my experience, one just had try to open them and they would crash and send numerous Bug Reports to Microsoft. Hopefully they will come up with their notorious Patch Fix of a Patch.

From what I understand, this Patch is supposed to be about True Fonts and Document Sharing concerns but it must be affecting things farely deep to have the cause and effects that I am having. We have seen these types of Patches to be problematic in the past but this is my first time of having crashes of other APIs around Font Patches.

I am putting KB 2835361 on long term HOLD, until I hear from the Patch Lady(said with HUGE Respect)to put it in, with another Patch that fixes the problem.

Regards,

Crysta

--------------------------------------

1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
Graphics Radeon RX 580, RX 580 ONLY Over Clocked
More perishable

2xMonitors Asus DVI, Sony 55" UHD TV HDMI

1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
1xOS W8.1 Pro, NAS Dependent, Same Sony above.

-----------------

Reply | Quote

Hi Folks,

We got the following today: (Added to Windows Community Submission)

Microsoft Security Bulletin MS13-054 – Critical
Vulnerability in GDI+ Could Allow Remote Code Execution (2848295)

Published: Tuesday, July 09, 2013 | Updated: Thursday, August 01, 2013

Version: 1.1

First of all I am not sure what was revised OR how the problems are solved??? Is the Patch ReReleased???

I sure hope we get a response from Microsoft??? Until then MS13-054 in it’s entirety stays on hold(hidden)

Crysta

The last paragraph of the bulletin explains how and why it was revised.

Bruce

Reply | Quote

Thanks Bruce,

That is the same as what I got in the Revision Email. I admit I never went to the very bottom of this page BUT I am still left looking for more to solve my problems. The only MS Office components I have are 2003 and 2007 for MS Apps that require them. I personally use OpenOffice which also uses True Type Fonts. I usually Share PDFs but I would still like this hole plugged it you know what I mean.

Best Regards,

Crysta

--------------------------------------

1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
Graphics Radeon RX 580, RX 580 ONLY Over Clocked
More perishable

2xMonitors Asus DVI, Sony 55" UHD TV HDMI

1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
1xOS W8.1 Pro, NAS Dependent, Same Sony above.

-----------------

Reply | Quote

Tried installing KB2835361 again. Same thing happened. Crashed Firefox and IE9. Had to do a System Restore to get internet functionality. Do not have Microsoft Office apps on computer. Use (gasp) Word Perfect X6 and Quattro Pro X6. Have had no complaints. KB 2835361 will be hidden until fixed.

Reply | Quote

Saw this at another website: Copied down below. Wondering if this is a fix to an update from a couple of months ago. One that was first said to be critical by Microsoft and moved off the list. I had installed the update (do not remember the KB #) and then uninstalled the update. Wondering now if KB2835361 was there to fix that update and not seeing the update because I had uninstalled it, made crashing adjustments to my computer.

In testing,

I have several computers here that are failing on patch Windows6.1-KB2835361-x64.msu. This is indeed a Win7 X64 SP1 computer. Installs works on most computer – just failing on a few… See pertinent log entry below.

Command Interpreter running

Executing C:windowssystem32wusa.exe “C:Program Files (x86)LANDeskLDClientsdmcacheWindows6.1-KB2835361-x64.msu” /quiet /norestart

ERROR: C:windowssystem32wusa.exe “C:Program Files (x86)LANDeskLDClientsdmcacheWindows6.1-KB2835361-x64.msu” /quiet /norestart returned a bad exit code (2149842967)

ERROR(EXECUTEFILE) Failed to run command – 80004005

DownloadPatch ERROR: Failed to run commands (80004005).

Last status: Failed

SendPatchStatus: patch ‘Windows6.1-KB2835361-x64.msu’ status Failed at core. Result: 80004005. Adding to action history

Family Windows6.1-KB2835361-x64.msu, action 1, status Failed

Failed

RunPatches completed. 1 processed. 0 installed. 1 failures.

Reboot and rescan. Rescan set to false, so doing nothing.

Sending status to core

Thu, 25 Jul 2013 11:45:49 16784 18152 HTTP POST: http://OWGUSNY1LMS01.OWG.DS.CORP/incomingdata/postcgi.exe?prefix=ldlogonVulScanResults&name=idn2379_taskid3179.logz

Thu, 25 Jul 2013 11:45:49 16784 18152 Setting a proxy…

Thu, 25 Jul 2013 11:45:49 16784 18152 Setting socket timeout to 1000 * 60 * 4

Thu, 25 Jul 2013 11:45:50 16784 18152 Success

Freeing the compressed results.

In SendRequest: Action = SOAPAction: http://tempuri.org/SetTaskLogByFile

Manually running the patch returns this error: “The update is not applicable to your computer.”

Reply | Quote

You need to scan system files with SFC and check problems with them. Do the steps given below:

1. Insert Windows disc.
2. Click Start, type “CMD”
3. Press ENTER.
4. Type and execute the following command:
SFC /SCANNOW
5. Reboot.

Reply | Quote

Recommended use of SFC from another previous thread:
http://windowssecrets.com/forums/showthread//155489-KB2835361-install-problems?p=912742&viewfull=1#post912742

Rich

Reply | Quote

Hi Rich,

I’m pleased you’ve asked this, it may spur me to find out next time I have some ‘free’ time; I have to add that I should have suggested (I sometimes do) rebooting between each attempt, exploring this should remind me to do so in future.

I honestly don’t know the minutiae of it; here are the full instructions as given recently by someone I consider an expert:

Run a system file check to check Windows for corruption:

[*]Click Start Menu
[*]Click All Programs
[*]Click Accessories
[*]Right click Command Prompt
[*]Click Run as administrator
[*]Type
Code:

sfc /scannow

and press Enter
[*]Once it is complete, make note of the message. If it says Windows Resource Protection did not find any integrity violations., restart your computer and post back
[*]If the message does not say Windows Resource Protection did not find any integrity violations., restart your computer and do steps 1-6 again.
[*]You may need to do steps 1-6 up to three times with a restart in between each run to resolve all corrupted files.
[*]If you still have corrupted files after a fourth run, post back here with the following:
[*]Click Start Menu
[*]Click Computer
[*]Open your C: drive
[*]Open Windows
[*]Open Logs
[*]Open CBS
[*]Copy and paste CBS.log or CBS (it may not have the log extension) to a location you will remember.
[*]Compress (zip) the CBS file and attach the .zip file to your next post.

[/list]

(Sorry writhziden, I couldn’t quite get your formatting right.)

Reply | Quote

I finally isolated my update batch problem to KB2835361. Uninstalling it doesn’t help. A Restore got IE9 running properly again.
I will run malware scans, etc but they are run every week and I’ve never had a problem.
Suspect the update needs fixing.

Reply | Quote

October’s Patch Tuesday did a number on my machine. I will now only run updates from Microsoft (excluding Security Essentials) when I have a full complete image backup from my backup program ShadowProtect Desktop. I had hidden the update KB 2835361 from a few months ago. I tried installing all the 28 updates only to get up upon reboot the keyboard and computer going dead. I restored from Shadow Protect and got the computer working again. Installed the net framework with no problems. Tried to install the last 5 updates (non security) KB 2846960, KB 2852386, KB 2882822, KB 2888049 and KB 2888049 plus KB 890830. Installed with no problem? However, Microsoft took KB 2835361 and installed it or deleted that KB from the hidden updates tab. Anytime I try to install the remaining 10 security updates, the computer will not boot up. It goes thru the startup mode and then goes click and my Northgate keyboard shuts off. (Still have the keyboard plugged into the PS/2 port). Restored the C partition and am wondering what to do.

Roger

The remaining security updates are

KB 2874311
KB 2855844
KB 2862330
KB 2862335
KB 2864058
KB 2864202
KB 2868038
KB 2876284
KB 2883150
KB 2884256

Computer is a homebuilt job.

Supermicro C7P67
Windows 7 Professional 64 bit (is valid) checked by MGA Diag.exe
16 gigs mem Crucial
2 1 gig WD Black hard drives
GTX 570 video card

Have run sfc scannow and malware bytes pro scan and ran Kaspersky’s TDSS and Trend Micro Root kit buster. Was clean. Am stumped on what to do. I wonder if installing or clearing KB 2835361 has somehow made it impossible to run those security updates.

Reply | Quote

Tried installing each in sets of 3 and then individually. Each time upon reboot Windows goes thru a process and stops at 30% configured and then the computer goes dead. Rerun everything as did before (malwarebytes full scan Trend Micro rootkit and Kaspersky rootkiit and found nothing. Sometimes I spend more time blanking with the computer then getting work done with it. Also use Microsoft Security Essentials.

Strange thing is that the Windows XP updates went thru without a hitch with XP mode. 2013 has been a terrible year for Microsoft with these Patch Tuesdays.

Reply | Quote