Results 1 to 11 of 11
  1. #1
    5 Star Lounger
    Join Date
    Jan 2011
    Location
    Seattle, WA
    Posts
    1,070
    Thanks
    42
    Thanked 132 Times in 86 Posts

    A Windows-patching December to remember




    PATCH WATCH

    A Windows-patching December to remember


    By Susan Bradley

    Despite how it might seem at times, flawed security updates are relatively rare. When there's a problem, Microsoft typically releases an update for the update.

    The full text of this column is posted at windowssecrets.com/patch-watch/a-windows-patching-december-to-remember/ (opens in a new window/tab).

    Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.

  2. #2
    Star Lounger MRCS's Avatar
    Join Date
    May 2011
    Posts
    52
    Thanks
    0
    Thanked 2 Times in 2 Posts
    Security Advisory 2794220
    This is a bit confusing. I was not offered the patch for my system running IE8 on XP. The link to the Advisory within your link ( http://technet.microsoft.com/en-us/s...visory/2794220 ) says, "Microsoft is investigating public reports of a vulnerability in Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8. Internet Explorer 9 and Internet Explorer 10 are not affected by the vulnerability." Notice it says, "are NOT affected." Also, it seems only the fix is available and not a patch. Note that the Advisory was updated 12/31/12.

  3. #3
    New Lounger
    Join Date
    Dec 2009
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Susan, you are the sole reason I'm a member of Windows Secrets. Excellent articles!

  4. #4
    New Lounger
    Join Date
    Sep 2012
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Interestingly enough, your column does not list KB2779768. I installed this update twice from Windows Update and it broke the O/S each time (apparently with a BSOD). I searched for the standalone update package and initially was directed to an X64 version. Continued search led to a standalone X86 package which I downloaded and installed. It also broke the O/S. I now have this item (listed as important) hidden in Windows Update. Further searching fails to find any other reference to this issue.

  5. #5
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,746
    Thanks
    171
    Thanked 649 Times in 572 Posts
    Quote Originally Posted by MRCS View Post
    Security Advisory 2794220
    This is a bit confusing. I was not offered the patch for my system running IE8 on XP. The link to the Advisory within your link ( http://technet.microsoft.com/en-us/s...visory/2794220 ) says, "Microsoft is investigating public reports of a vulnerability in Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8. Internet Explorer 9 and Internet Explorer 10 are not affected by the vulnerability." Notice it says, "are NOT affected." Also, it seems only the fix is available and not a patch. Note that the Advisory was updated 12/31/12.
    What's confusing? Did you apply the fix?

    Bruce

  6. #6
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,746
    Thanks
    171
    Thanked 649 Times in 572 Posts
    Quote Originally Posted by geezer82 View Post
    Interestingly enough, your column does not list KB2779768. I installed this update twice from Windows Update and it broke the O/S each time (apparently with a BSOD). I searched for the standalone update package and initially was directed to an X64 version. Continued search led to a standalone X86 package which I downloaded and installed. It also broke the O/S. I now have this item (listed as important) hidden in Windows Update. Further searching fails to find any other reference to this issue.
    That was covered a couple of weeks ago: Special Windows 8/RT Patch Watch edition

    Bruce

  7. #7
    Star Lounger
    Join Date
    Apr 2002
    Posts
    57
    Thanks
    0
    Thanked 4 Times in 4 Posts

    KB2685811 and KB2685813 - Kernel Mode Driver Framewor

    On 11/15/12, you said you would comment on these later - but you never have and they are still hanging out there. You said:

    Nonsecurity Driver Framework updates get a pass
    While the Windows Secrets staff is taking a break for the Thanksgiving holiday, I'll post any new information on several optional updates in the Windows Secret Lounge. Microsoft is releasing several updates to Kernel-Mode Driver Framework– (more info) and User-Mode Driver Framework– (more info) based drivers. Neither KB 2685811 (kernel-mode) nor KB 2685813 (user-mode) is a security update. So we can take some time to review them.

  8. #8
    3 Star Lounger
    Join Date
    Dec 2009
    Location
    Fresno, California, USA
    Posts
    259
    Thanks
    0
    Thanked 71 Times in 45 Posts
    I was hoping more would be posted about those kernel updates. I'll be posting next week.

    Meanwhile look for http://support.microsoft.com/kb/2798897 offered up on XP/server 2003. I'll be discussing it next week.

  9. #9
    Lounger
    Join Date
    May 2010
    Location
    Boston, MA, USA
    Posts
    32
    Thanks
    7
    Thanked 0 Times in 0 Posts
    None of my computers (running XP, SP3 and windows 7, SP1) were offered 2778930, although this discussed as an important patch. Should I wait til it's offered?

  10. #10
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,746
    Thanks
    171
    Thanked 649 Times in 572 Posts
    Quote Originally Posted by user ht View Post
    None of my computers (running XP, SP3 and windows 7, SP1) were offered 2778930, although this discussed as an important patch. Should I wait til it's offered?
    It doesn't apply to XP, so you won't get it there.

    Bruce

  11. #11
    Star Lounger MRCS's Avatar
    Join Date
    May 2011
    Posts
    52
    Thanks
    0
    Thanked 2 Times in 2 Posts
    Article ID: 2794220 - View products that this article applies to.
    Notice
    Microsoft has completed the investigation into this issue. We have released security bulletin MS13-008 to address this issue. For more information about this issue and the available security update, click the following article number to view the article in the KS Knowledge Base:
    2799329 MS13-008: Critical security update for Internet Explorer: January 14, 2013

    http://support.microsoft.com/kb/2794220?wa=wsignin1.0

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •