Newsletter Archives

• A solution – I think – to the KB 2518864, KB 2572073, KB 2633880 persistent patching problems

  Posted on May 23, 2012 at 13:09 CDT by woody • Comment in the Forums

  I think there’s a solution to the problem. (Thanks again, SB!)

  To recap:

  If you’re running XP (or Server 2003) and .NET Framework 2.0 SP2 or 3.5 SP1, and Automatic Updates is turned on, then after these three patches are pushed onto your machine, you get the notification (with a yellow alert icon) that “Some updates could not be installed”. If you then go to Automatic Updates, it tells you that KB 2572073, 2633880, and 2518864 could not be installed.
  

  Here are the solutions I’ve heard about. I’ll list them in increasing order of difficulty.
  

  Alternative 1: Some people report that simply re-booting the computer may make the problem go away
  

  Alternative 2: Some people report that they can manually install the updates. The installation fails, but the yellow alert icon goes away. Then everything is OK.
  

  Alternative 3: One commenter says he was able to get the yellow update notification to go away by using the FixIt in KB 910339 under the heading “Reset Windows Update components and then try updating your computer.” It isn’t clear if he used the Default or Aggressive mode.
  

  Alternative 4: Susan Bradley offers this scorched-earth approach:
  

  1.    On XP, click Start, click Run, type services.msc, and then click OK.
  

      On Vista or Win7, click Start, type services.msc in the Start Search box, right-click services.msc, and then click Run as administrator.
  

  2.    In the Services (Local) pane, right-click Automatic Updates, and then click Stop.
  

  3.    Minimize the Services (local) window.
  

  4.    Select all of the contents of the c:\Windows\SoftwareDistribution folder, and then delete them. (Note that at least one Microsoft MVP hates deleting the SoftwareDistribution folder, so if you have a better idea, I’m all ears.)
  

  5.    Maximize the Services (Local) window.
  

  6.    In the Services (Local) pane, right-click Automatic Updates, and then click Start.
  

  7.    Restart the computer, and then run Windows Update again.
  

  Alternative 5: Commenter Amar offers this approach, which came from Microsoft just a few hours ago:
  

  Follow the below steps to rename Catroot2 and SoftwareDistribution folders
  

  1. Click Start, Run, on the Run box type services.msc and then click on OK.
  

  2. Double click on Background Intelligence Transfer Service. On the Service status click on Stop button and then click on Apply and then OK. Do the same steps with Cryptographic Services and Automatic Updates Services.
  

  3. Open C:\windows folder, and then rename the SoftwareDistribution folder as SoftwareDistribution.old. (See the note in Step 4 above about the MVP who really has a fit if you blast away the SoftwareDistribution folder.)
  

  4. Go to C:\windows\System32\ and rename Catroot2 to Catroot2.old.
  

  5. After renaming the folders, go to the services console again and restart the services that were stopped
  

  6. Restart the computer and check for updates
  

  If you’re having problems with these patches, I suggest you try those alternatives in order.
  

  It looks like the problems stem from three patches that were re-pushed down the Automatic Update chute on or about May 22.
  

  As best I can tell, Microsoft, in its inimitable way, hasn’t acknowledged the problem or offered a solution. Yet I’ll bet there are hundreds of thousands of XP users who have had that “Some updates could not be installed” icon on their desktops for the past 12 hours or longer.

  .NET patches are a massive pain in the neck. Microsoft keeps blowing them, over and over again. In this case, we have three re-issued .NET patches (MS11-100, MS12-034, MS12-035) that cause problems the second time around. Each of them is a “critical” security patch that arrived on the second patch Tuesday of the month.

  Folks, there’s a reason why I recommend you turn off Automatic Updates! Let’s see how long it takes Microsoft to (1) acknowledge and then (2) fix this very widespread problem.

  Windows Patches/Security .NET patch, botched patches, KB 2518864, KB 2572073, KB 2633880

• Why did Microsoft re-offer the old .NET patches?

  Posted on May 23, 2012 at 07:21 CDT by woody • Comment in the Forums

  Right now it loks like you can work around the .NET patch installation problems by installing them (manually if you need to), then going into Windows Update and unchecking all of the patches so they aren’t offered again.

  Microsoft should be drawn and quartered, but you’ve heard me say that before, eh?

  When I get a definitive solution, I’ll let you know. In the meantime, I’ve been wondering why in the world MS is offering these old patches again. Ends up that Microsoft has issued “Minor Revisions” to the security bulletins. Usually, “Minor” means that you don’t have to re-apply the patch. This month, though, Auto Update is pushing the patches. Here’s what MS says:

  ********************************************************************
  Title: Microsoft Security Bulletin Minor Revisions
  Issued: May 22, 2012
  ********************************************************************

  Summary
  =======

  The following bulletins have undergone a minor revision increment.

  Please see the appropriate bulletin for more details.

  * MS11-100 – Critical
  * MS12-034 – Critical
  * MS12-035 – Critical
  * MS12-MAY

  Bulletin Information:
  =====================

  * MS11-100 – Critical

  Reason for Revision: V1.5 (May 22, 2012): Added entry to the update FAQ to announce a detection change for KB2656352 for Microsoft .NET Framework 2.0 Service Pack 2 to correct an installation issue. This is a detection change only. There were no changes to the security update files. Customers who have already successfully updated their systems do not need to take any action.

  – Originally posted: December 29, 2011
  – Updated: May 22, 2012
  – Bulletin Severity Rating: Critical
  – Version: 1.5

  * MS12-034 – Critical

  Reason for Revision: V1.2 (May 22, 2012): Added an entry to the Frequently Asked Questions (FAQ) Related to This Security Update section to explain this revision.

  – Originally posted: May 8, 2012
  – Updated: May 22, 2012
  – Bulletin Severity Rating: Critical
  – Version: 1.2

  * MS12-035 – Critical

  Reason for Revision: V2.1 (May 22, 2012): Added entry to the update FAQ to announce a detection change for KB2604092 for Microsoft .NET Framework 2.0 Service Pack 2 and KB2604110 for Microsoft .NET Framework 3.0 Service Pack 2 to correct an installation issue. This is a detection change only. There were no changes to the security update files. Customers who have already successfully updated their systems do not need to take any action.

  – Originally posted: May 8, 2012
  – Updated: May 22, 2012
  – Bulletin Severity Rating: Critical
  – Version: 2.1

  Let me repeat, for emphasis: these patches were re-released on May 22. I have no idea why. The notification from Microsoft says that they are updates to the KB articles only. It sounds to me like somebody accidentally ran these down the automatic update chute when they shouldn’t have.

  Windows Patches/Security KB 2518864, KB 2572073, KB 2633880

• Problems with KB 2633880, 2518864, 2572073

  Posted on May 22, 2012 at 14:53 CDT by woody • Comment in the Forums

  I’m seeing reports all over the place about a lousy bunch of .NET patches that went out in the past few hours. People complain that they’re being offered repeatedly, or they won’t install. They seem to be causing problems on XP and Server 2003 boxes.

  Susan Bradley advizes that the problematic patches are these:

  MS12-016: Description of the security update for the .NET Framework 2.0 Service Pack 2 on Windows XP and Windows Server 2003: February 14, 2012: KB 2633880

  MS11-044: Description of the security update for the .NET Framework 3.5 Service Pack 1 and .NET Framework 2.0 Service Pack 2 on Windows XP Service Pack 3 and on Windows Server 2003 Service Pack 2: June 14, 2011: KB 2518864.

  MS11-078: Description of the security update for the .NET Framework 2.0 SP2 for Windows XP and Windows Server 2003: October 11, 2011: KB 2572073

   Don’t even try to install them. Wait.

  I sure hope you’re following along here, and you’ve noticed the MS-DEFCON 1 warning. This has been a horrendous month for patches. Turn OFF Automatic Update and wait for Microsoft to sort out the mess.

  Windows Patches/Security KB 2518864, KB 2572073, KB 2633880