Newsletter Archives

• Problem with MS12-034 / KB 2676562 patch

  Posted on May 9, 2012 at 11:06 CDT by woody • Comment in the Forums

  Another interesting Black Tuesday.

  I’m getting word (thanks again, SB!) that a lot of Windows XP users are having problems installing the MS12-034 / KB 2676562 patch. That’s the “Critical” combined patch for (got your scorecard out?) Office, Windows, .NET and Silverlight.

  There are zillions (well, two dozen) additional KB articles that address specific parts of the patch described in KB 2681578.

  Ready to start drowning in MS security alphabet soup? In fact, this is a double update, involving not only the KB 2676562 patch but also the KB 2686509 patch. More than a hundred files are involved. It ends up that both patches have to be applied in order to shore up a problem with loading keyboard layout files in Windows XP and Server 2003. That problem’s identified as CVE-2012-0181.

  When you try to run the patch through Microsoft Update, you may hit an Error 0x8007F0F4 – Installation Failure on the KB 2686509 patch. The error message tells you to try to install the update again. When you do, it fails again.

  You may also see the message, “Setup cannot continue because one or more prerequisites required to install KB2686509 failed (0x8007F0F4)”

  Here’s Microsoft’s official response to the problem:

  The detection logic for the security update package identified as KB2686509 performs an eligibility check of the system in order to verify whether the system meets the requirements to activate the fix applied by KB2676562, which addresses CVE-2012-0181. If the system meets the requirements, both KB2686509 and KB2676562 will be successfully installed on the system and the vulnerability described in CVE-2012-0181 will be addressed. Otherwise, KB2686509 will be re-offered until the system does meet the requirements. Successful installation of both the KB2686509 and KB2676562 update packages are necessary to be protected against CVE-2012-0181 on Windows XP and Windows Server 2003 systems. If your system does not meet the requirements to install the update, please follow the guidance documented in Microsoft Knowledge Base Article 2686509
  

  If you look at KB 2686509, here’s Microsoft’s workaround:

  This update enumerates all the keyboard layout files that are registered on your computer, and then it verifies that they are all in the %Windir%\System32 folder.
  

  Why is this update re-offered multiple times?
  

  Windows updates are reoffered until the update is installed on your computer. If this update is reoffered, maybe an installation failure has occurred. Check the KB installation log files for error codes. For example, the KB installation log file for this security update would probably be “C:\Windows\ KB2686509.log”
  

  What should I do if the installation of this security update fails with the “0x8007F0F4” error?
  

  If you receive the “0x8007F0F4” error when you try to install this security update, follow these steps:
  

  1. Open the Faultykeyboard.log file that is in the %windir% folder. This log file contains information about registered keyboard layout files that are not in the %Windir%\System32 folder. The log file will resemble the following:
     

  3. Keyboard1.dll
     

  4. .\Layoutfiles\keyboard2.dll
     

  5. C:\Windows\System\Kbda1.dll
     

     Note In this example, the first entry is just a file name. The second entry includes a relative path with the file name. The third entry includes a full path of the file.
     

  6. Copy the files that are listed in the Faultykeyboard.log log file into the System32 folder.
     

  Note Contact Microsoft support if you cannot find the Faultykeyboard.log file.
  

  So there you have it. Aren’t you glad you followed the MS-DEFCON system, and didn’t let Windows Automatically Update your system?

  Windows Patches/Security 0x8007F0F4, KB 2676562, KB 2686509, MS12-034