May’s Patch Tuesday brings us an exceptional bloom of Windows updates.
One bulletin alone has eight patches to combat the Duqu malware — plan some time to work through this crop.
Okay, I must confess I’m a “Star Wars” fan. This month we’re going to need The Force to fight our way through the numerous patches listed in MS12-034. This is a massive, multipart update for Windows, Silverlight, .NET, and Office to defend ourselves from the Duku malware. (This threat is not named after Count Dooku, the archvillain in “Star Wars Episode II.” The name is derived from related files with a .dq file extension.) Still, I’m ready to call on Obi Wan Kenobi as my one hope of getting all these updates installed without issues.
The Duqu threat was first patched five months ago, according to a detailed history in a May 8 Microsoft Security Research & Defense blog. At that time, the patch was focused on malicious Office documents. Since then, Microsoft has found other applications that use the faulty code (gdiplus and ogl.dll).
The bulletin states that updating the Duqu defenses caused a cascade of related fixes — and a potential update failure. MS Support article 2686509 details what to do if KB 2686509 (for Windows XP and Server 2003) fails to install, as shown in Figure 1. But the instructions can be confusing, telling you to remove a faulty keyboard-layout log file. I couldn’t find that file, so I hope Microsoft comes out with a Fixit before the next Patch Tuesday. (The patch backports a keyboard-layout fix from Vista. If you’ve lived without it this long, a few more days probably won’t hurt.)
What to do: Pass on the .NET updates included in MS12-034. And delay installing KB 2686509 until the installation issue is clarified. Install the rest.
Here’s a summary of the numerous patches included in this massive update, plus my recommendations: