Page 1 of 2 12 LastLast
Results 1 to 15 of 24
  1. #1
    iNET Interactive
    Join Date
    Jan 2010
    Location
    Seattle, WA, USA
    Posts
    376
    Thanks
    1
    Thanked 29 Times in 24 Posts

    Don't send roses, send the gift of patches




    PATCH WATCH

    Don't send roses, send the gift of patches

    By Susan Bradley

    Internet Explorer brings us a digital Valentine in the form of a security update.

    Install it on all the PCs you love. An unusual non-security patch might mean we can kiss off malware automatically running off flash drives, too.

    The full text of this column is posted at WindowsSecrets.com/2011/02/10/07 (opens in a new window/tab).

    Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.
    Last edited by Tracey Capen; 2011-02-09 at 16:18.

  2. The Following User Says Thank You to Tracey Capen For This Useful Post:

    ggrinton (2011-02-10)

  3. #2
    New Lounger rogueleader's Avatar
    Join Date
    Feb 2010
    Location
    Peterborough, Ontario, Canada
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Question What about KB2425227?

    I didn't see KB2425227 addressed. Am I the only one seeing it being offered?Strangely, when I click on More Information it takes me to the this update entitled:

    Microsoft Security Bulletin MS11-013 - Important
    Vulnerabilities in Kerberos Could Allow Elevation of Privilege (2496930)

    Notice the KB# is different. Anybody know what is going on? Did Microsoft mess up on the support information by giving the info for another patch (again)?
    Attached Images Attached Images

  4. #3
    New Lounger
    Join Date
    Dec 2009
    Location
    Florida Panhandle, USA
    Posts
    8
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Red face KB vs MS numbers.......

    I appreciate Patch Watch, and I usually wait for your take before installing patches. I wonder if it would be easy and practical for you to list the KB number in the discussion of individual patches instead of just listing the MS numbers. The patches are always identified by their KB number in my download/install dialog box.......
    Thanks.

  5. #4
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,572
    Thanks
    5
    Thanked 1,057 Times in 926 Posts
    Quote Originally Posted by rogueleader View Post
    I didn't see KB2425227 addressed. Am I the only one seeing it being offered?Strangely, when I click on More Information it takes me to the this update entitled:

    Microsoft Security Bulletin MS11-013 - Important
    Vulnerabilities in Kerberos Could Allow Elevation of Privilege (2496930)

    Notice the KB# is different. Anybody know what is going on? Did Microsoft mess up on the support information by giving the info for another patch (again)?
    MS11-013: Vulnerabilities in Kerberos could allow elevation of privilege (which is KB2496930) is for the security bulletin. Two more KB articles are referenced in that article. KB242522 is for Win7 & Windows server 2008 R2. KB2468971 is for XP & Windows server 2003.

    Joe

  6. #5
    New Lounger
    Join Date
    Jan 2010
    Location
    Newcastle WA
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Windows 7 SP1 Release Date

    Windows Server 2008 R2 and Windows 7 SP1 Releases to Manufacturing Today

    WindowsServer1
    9 Feb 2011 10:00 AM
    Comments 0

    I saw this posted on the Microsoft Server Forum yesterday about the Windows 7 SP1 release date...dates are at the bottom.


    Hi I’m Michael Kleef, Senior Technical Product Manager with the Windows Server and Cloud division. Today, on behalf of the team, I’m pleased to announce the Release to Manufacturing (RTM) of Windows Server 2008 R2 Service Pack 1 (SP1), along with Windows 7 SP1. SP1 will be made generally available for download on February 22.
    Two new features in Windows Server SP1, Dynamic Memory and RemoteFX, enable sophisticated desktop virtualization capabilities. These features build on the comprehensive virtualization functionality already included in the Windows Server operating system.
    Our first new feature, Dynamic Memory, takes Windows Server’s Hyper-V feature to a whole new level. Dynamic Memory lets you increase virtual machine density with the resources you already have—without sacrificing performance or scalability. In our lab testing, with Windows 7 SP1 as the guest operating system in a Virtual Desktop Infrastructure (VDI) scenario, we have seen a 40% increase in density from Windows Server 2008 R2 RTM to SP1. We achieved this increase simply by enabling Dynamic Memory.
    This increased density does not come at the expense of security, as is the case with other offerings in the industry. Dynamic Memory preserves Windows 7 security without compromising density. My colleague Jeff Woolsey goes into detail in a recent post on this topic at the virtualization blog.
    In addition, you get immediate benefit from the moment you turn on the virtual machine. There’s no waiting for memory management algorithms to work. Nor do you have to tweak the hypervisor with custom settings for specific workloads to maximize density. It’s an awesome out-of-box experience for all your virtualization workloads.
    The second new feature, RemoteFX, is a first-to-market technology that we have demonstrated at multiple events. In fact, I was honored to be the first to show it publically at the Desktop Virtualization Hour last March.
    RemoteFX is an exciting technology that lets you virtualize the Graphical Processing Unit (GPU) on the server side and deliver next-generation rich media and 3D user experiences for VDI. RemoteFX is also enabling new low cost ultra-thin client devices to enter the market. Together, these technologies will drive down the end-point cost and reduce endpoint power consumption to as little as a few watts.
    Customers have already been successful with Dynamic Memory and RemoteFX, in early adopter deployments. Case studies, like the one we partnered with Sporton International on, show how using both RemoteFX and Dynamic Memory delivers real business value.
    Windows Server 2008 R2 and Windows 7 SP1 will Release to Manufacturing (RTM) today. On February 16, both will be available to current customers of the Windows Volume Licensing program, as well as subscribers to Microsoft Developer Network (MSDN) and TechNet. On February 22, both will be available to all customers through Windows Update and will also come preinstalled on new servers ordered.
    I encourage you to check it out for yourself and see how it adds value to your business.
    Thanks
    Last edited by dab617; 2011-02-10 at 13:24.

  7. #6
    New Lounger
    Join Date
    Jan 2010
    Location
    Denver, Colorado, USA
    Posts
    6
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I'm close to going online with a Win7 desktop for the first time. I rely on Susan Bradley's recommendations to install / avoid microsoft updates. Is there a list or database anywhere of updates to avoid, other than going back through 2 years' worth of Windows Secrets articles?

  8. #7
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,572
    Thanks
    5
    Thanked 1,057 Times in 926 Posts
    Quote Originally Posted by Frosty2 View Post
    I'm close to going online with a Win7 desktop for the first time. I rely on Susan Bradley's recommendations to install / avoid microsoft updates. Is there a list or database anywhere of updates to avoid, other than going back through 2 years' worth of Windows Secrets articles?
    I've not run into any that have caused a problem. If your timeframe is such that waiting a couple of weeks won't hurt, SP-1 is going to be available to the public on Feb. 22. If you have an MSDN or Technet subscription it will be available on Feb. 16.

    Joe

  9. #8
    3 Star Lounger
    Join Date
    Dec 2009
    Location
    Fresno, California, USA
    Posts
    259
    Thanks
    0
    Thanked 71 Times in 45 Posts

    Kerberos update

    Quote Originally Posted by rogueleader View Post
    I didn't see KB2425227 addressed. Am I the only one seeing it being offered?Strangely, when I click on More Information it takes me to the this update entitled:

    Microsoft Security Bulletin MS11-013 - Important
    Vulnerabilities in Kerberos Could Allow Elevation of Privilege (2496930)

    Notice the KB# is different. Anybody know what is going on? Did Microsoft mess up on the support information by giving the info for another patch (again)?
    It's down at the bottom in my article. It's a kerberos update. I've not seen any issues with it.

  10. #9
    Lounger
    Join Date
    Feb 2011
    Posts
    41
    Thanks
    17
    Thanked 1 Time in 1 Post
    Newbie question: I have successfully updated my Win7 machine and one winXP computer with the February patches, but have not been able to successfully install the critical graphics rendering update KB2483185 on my other XP machine, using windows update. It would try to install but then about halfway through on the progress bar, just stop and say unsuccessful. I tried it several times, restarting between tries. It did not say that it was downloading before it started installing, which I thought was unusual. All other updates on that machine went fine. So I tried downloading the update and then running it from my machine, but got an error message saying "Setup can not copy the file shimgvw.dll. Ensure that the location specified below is correct or change it and insert 'Windows XP system files' in the drive you specify." Box below that said "copy files from [c:\windows\system32]". I didnt want to try it and mess anything else up, so I cancelled and am seeking help. Also did a Zone Alarm disk scan in there somewhere also - nothing suspicious found.

    Any suggestions would be greatly appreciated. I also rely heavily on Susan Bradley's recommendations.

    Gary

  11. #10
    New Lounger
    Join Date
    Dec 2009
    Location
    Sydney, Australia
    Posts
    13
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Win Patches and the Wonderful Susan Bradley.

    Hi all,

    This is my first post on the shiny new Lounge so please be kind. I'm not an expert and that's one of the reasons I look forward so much to Windows Secrets every issue. I posted a request/question to the editors but, besides not answering my question they recommended I ask this on the Lounge. So, here goes . . .

    When Susan refers to the particular patches could she always include a reference to the KB number. The KB number is the only one I can see identifying them on the Microsoft Update site when the patches are offered. In the latest Windows Secrets, just for example, Susan refers to patches by the names of MS11-010, MS11-011, MS11-012 & MS11-014 – what the heck are these and how does anyone possibly work out which KB number it is on the update site?? I’m sure there’s a way but it would be so much easier and simpler with the KB number quoted each time. If you can cater to 'less tech head' people like me it would make life so much easier with the KB numbers.

    Thanks to anyone who could make any suggestions here, cheers, bdh.

  12. #11
    New Lounger
    Join Date
    Feb 2011
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Just became a member of The Lounge. I am not a computer geek by no stretch of the imagination. I've read warnings about not doing the automatic updates and understand why. However, I have an "important" update notice to download KB915597 and I am hesitating to do so. Please advise. I don't want to get the "black" or "blue" screen of deaths that I've read about. I have W7 64 bit that was on a new computer purchased late December 2010. THANKS!!!

  13. #12
    Super Moderator Deadeye81's Avatar
    Join Date
    Dec 2009
    Location
    North Carolina, USA
    Posts
    2,654
    Thanks
    7
    Thanked 113 Times in 97 Posts
    Hi Gary, and welcome to the Lounge!

    Temporarily disable your security software's active protection, even if that does not help in this specific issue, it is a good practice. Sometimes security software can interfere with the installation of some Windows Update patches.

    Check this Microsoft Answers thread to see if it helps, especially the post by Elanguescence. If you applied an earlier Microsoft Fix-it, then it will need to be removed before the update can proceed.

    Here is another link with more explicit instructions.

    To undo the workaround:

    Run the following command from a command prompt as an administrator:
    For 32-bit editions of Windows XP and Windows Server 2003:

    cacls %WINDIR%\SYSTEM32\shimgvw.dll /E /R everyone
    Last edited by Deadeye81; 2011-02-12 at 07:31.
    Deadeye81

    "We make a living by what we get, we make a life by what we give." Sir Winston Churchill

  14. The Following User Says Thank You to Deadeye81 For This Useful Post:

    gpeyton (2011-02-12)

  15. #13
    Super Moderator Deadeye81's Avatar
    Join Date
    Dec 2009
    Location
    North Carolina, USA
    Posts
    2,654
    Thanks
    7
    Thanked 113 Times in 97 Posts
    Quote Originally Posted by razboop View Post
    Just became a member of The Lounge. I am not a computer geek by no stretch of the imagination. I've read warnings about not doing the automatic updates and understand why. However, I have an "important" update notice to download KB915597 and I am hesitating to do so. Please advise. I don't want to get the "black" or "blue" screen of deaths that I've read about. I have W7 64 bit that was on a new computer purchased late December 2010. THANKS!!!
    Hi razboop, and welcome to the Lounge!

    KB915597 is a Windows Defender definition update. You will see the same KB number come up as an important update virtually everyday, but it is not the same Defender definition set each time. If you have not disabled Windows Defender, which comes as one of Windows 7 security programs, then you should allow it to update your system so it can do its job of protecting your computer.

    Check this link for more information on the Windows Defender update.
    Deadeye81

    "We make a living by what we get, we make a life by what we give." Sir Winston Churchill

  16. #14
    New Lounger
    Join Date
    Feb 2011
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thanks, Deadeye 81. I appreciate the help!

  17. #15
    Super Moderator Deadeye81's Avatar
    Join Date
    Dec 2009
    Location
    North Carolina, USA
    Posts
    2,654
    Thanks
    7
    Thanked 113 Times in 97 Posts
    Quote Originally Posted by BrianDH View Post
    Hi all,

    When Susan refers to the particular patches could she always include a reference to the KB number. The KB number is the only one I can see identifying them on the Microsoft Update site when the patches are offered. In the latest Windows Secrets, just for example, Susan refers to patches by the names of MS11-010, MS11-011, MS11-012 & MS11-014 – what the heck are these and how does anyone possibly work out which KB number it is on the update site?? I’m sure there’s a way but it would be so much easier and simpler with the KB number quoted each time. If you can cater to 'less tech head' people like me it would make life so much easier with the KB numbers.

    Thanks to anyone who could make any suggestions here, cheers, bdh.
    Hi Brian and welcome to the Lounge!

    If you check Susan's column, you will see that she references both the bulletin number, for example MS11-010, as well as the corresponding KB2476687. The MS number is the Security Bulletin number, and the KB number is the corresponding Knowledge Base number, which is the article ID# identifying it in the knowledge database. If you enter MS11-010 in your browser search box, you will be able to view the Security Bulletin and you will see the Knowledge Base number referenced on the Security Bulletin page as well. In the example we just referenced, you would see '2476687', so it will not have the 'KB' prefix on the number. Check it out and you will find this: Article ID: 2476687 printed on the upper left just above the MS11-010 title. This should hold true for any Security Bulletin. If you enter the KB number in your search box, you will see hits that identify the Security Bulletin number.

    Hope this helps.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •