Microsoft Reissues Flawed Windows Security Update With New Flaws

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
Yo dog, I heard you liked security updates with flaws so we put more flaws in our reissued security update. :cool:

The security bulletin says that "Microsoft strongly recommends that customers who have not uninstalled the 2982791 update [i.e., the old version, released on Patch Tuesday] do so prior to applying the 2993651 update [the new version]." This recommendation applies to users whether they are having problems with the old update or not. Note that Windows Update and Automatic Updates do not remove the old version.
 
I think I'll wait this time to see if people start reporting systems being bricked before installing it.. Which, of course, could leave me open to attack. Great, Microsoft! lol
 
For what it's worth, I did not update Win7 64-bit until 8/16 (the Saturday after the 8/12 Patch Tuesday) and as of now I do not see KB2970228, KB2975719, KB2975331, KB2982791 or KB2993651 on my system.
 
I had the offending update installed on win 7 x64 with no problems. I just uninstalled it, rebooted and I'm still here :D
 
And now KB2993651 has been pushed to Windows Update on my system. I have declined to install it because I don't understand this known issue from the article in the OP:

"With the update installed, the z-order (depth) of some windows is changed. This means they can be hidden and therefore invisible."

Anyone have any idea what it means?
 
Running 8.1 here. I uninstalled the offending updates, and now Windows update is broken. Trying to fix it... GRRRRR :mad:
 
Running 8.1 here. I uninstalled the offending updates, and now Windows update is broken. Trying to fix it... GRRRRR :mad:

Well.. after trying everything else, I ended up doing a system restore. It is working again and I uninstalled the single update that is recommended to uninstall.

Not installing the latest update until MS gets their act together.

This is almost as bad as the drivers available from MS update.
 
And now KB2993651 has been pushed to Windows Update on my system. I have declined to install it because I don't understand this known issue from the article in the OP:

"With the update installed, the z-order (depth) of some windows is changed. This means they can be hidden and therefore invisible."

Anyone have any idea what it means?

It means that some windows can appear behind other windows instead of in front of them.
 
And now KB2993651 has been pushed to Windows Update on my system. I have declined to install it because I don't understand this known issue from the article in the OP:

"With the update installed, the z-order (depth) of some windows is changed. This means they can be hidden and therefore invisible."

Anyone have any idea what it means?
The worst interpretation is someone could put an overlay over your screen and capture all you input. They would have to pass it on to windows underneath, but not super hard... They could offer one big invisible button tricking you into authorizing their program as admin authority.
 
The worst interpretation is someone could put an overlay over your screen and capture all you input. They would have to pass it on to windows underneath, but not super hard... They could offer one big invisible button tricking you into authorizing their program as admin authority.

I think the issue with the update is more of a practical concern:

Normally an active window waiting for user input pops on top of others. It seems that through this update it's possible that the active window gets the wrong Z-level and is hidden under existing windows, creating a lockup since the user can't see (and in some cases can't even access if tried) the new window waiting for user input.
 
Wish I had seen this thread before spending 2 hours trying to fix my bricked machine this morning. Had no issues with the previous update on patch Tuesday, this update bsod'ed (0x7B) as soon as restarting after the update. I'm on Win 7 pro 64 btw.

Repair/restore wouldn't work. Booting from the dvd and deleting fontcache.dat from the command line didn't work (found this fix when searching for a solution). Finally as a last ditch "can't hurt to try" fix, I chose to boot from last known good configuration and it booted right up. Probably should have done that first but, I was stressing thinking one or both of my F3's decided to shit the bed.
 
Just installed on top of the previous update which I also had no problems with. Did not uninstall previous patch as recommended. System seem fine. Win 7 32 bit. I guess I'll see what happens with all the other pc's. None had a problem with the previous patch.
 
Answers to Frequently Asked QUestions



Q: I already successfully installed the original 2982791 security update and am not experiencing any difficulties. Should I apply the replacement update 2993651, released on August 27, 2014?



A: Yes. All customers should apply the 2993651 update, which replaces the expired 2982791 update.



Q: Is it necessary to uninstall the expired 2982791 update before applying the replacement 2993651 update?



A: Technically, it is not necessary to uninstall the expired 2982791 update before applying the replacement 2993651 update; however, Microsoft strongly recommends it. Customers who do not remove the expired 2982791 update at some point will retain a listing for 2982791 under installed updates in Control Panel.



Q: I uninstalled the original 2982791 security update. Should I apply the replacement update 2993651, released on August 27, 2014?



A: Yes. To be protected from CVE-2014-0318 and CVE-2014-1819, all customers should apply the rereleased update (2993651), which replaces the expired 2982791 update.



Q: What if I experienced difficulties restarting my system after installing the original security update 2982791?



A: Customers who experienced difficulties restarting their systems after installing the original security update 2982791 should no longer experience this problem after installing the replacement update 2993651.
 
I'm on 8.1 and I have no issues.
I do find myself having to use sfc /scannow before installing any major updates, though. I think some of my registry edits and deleted program folders don't jive with certain Windows updates.
 
Just installed on top of the previous update which I also had no problems with. Did not uninstall previous patch as recommended. System seem fine. Win 7 32 bit. I guess I'll see what happens with all the other pc's. None had a problem with the previous patch.

Disregard that.

Looks like my WSUS system did not pull the original patch. Microsoft must have pulled the patch before my system did a sync. Installed on my 32 bit win 7 pc, no issues. I guess we'll see how the rest goes
 
A: Customers who experienced difficulties restarting their systems after installing the original security update 2982791 should no longer experience this problem after installing the replacement update 2993651.

So if someone cannot start their computer, all they need to do is install an update ... to a computer that won't start? :p Gotta love that answer. Marie Antoinette would be proud of such a daft answer.
 
I know 90+% of my fellow [H]ard players will not need this info, but just in case...

How to remove a patch.
Open Control Panel go to Programs and Features, Open it.
Top Left there is a mini-menu, click on "View installed updates." You should now see the updates installed on your computer... (Yikes, so many of them!)
Scroll down to "Microsoft Windows." Look for the update by its number (in this case 2982791 - Look at the numbers in parenthesis with KB in front of them.)
Click on the offending patch. When highlighted, "Uninstall" pops up in the grey menu line beside the term "Organize." Click on the "Uninstall" to remove the update.
 
:) I haven't ran into the issue myself. But I am guessing it might be installable in safe mode, or at the least, the bad update can be uninstalled in safe mode.
 
Well.. after trying everything else, I ended up doing a system restore. It is working again and I uninstalled the single update that is recommended to uninstall.

Not installing the latest update until MS gets their act together.

This is almost as bad as the drivers available from MS update.

I had this exact issue on Windows 7. I had the old patch installed without issues, but Microsoft recommended that it be uninstalled. I uninstalled it...and it broke Windows Update. A system restore wouldn't even fix it. I ended up going back to a very old version of the Windows Update DLL and that fixed it.

Such fail by Microsoft.
 
It means that some windows can appear behind other windows instead of in front of them.

I've had issues where an app is always on top. I'm pretty sure that started prior to this month (though it's uncommon). Had no BSOD, but I'll probably uninstall all the recommended patches eventually.
 
Firefox and Gimp both have z-order issues. I wonder if this actually *fixes* them.
 
From the fine article:

And so on. Can't believe there isn't a gui search.

There is.
  1. Open Control Panel
  2. Click on Uninstall Programs link
  3. click on view installed updates (top left side of screen in blue panel)
  4. type KB2982791 (or whatever you're searching for).

Alternatively after step 3, you could just sort by date and see which ones are installed.
 
  1. Open Control Panel
  2. Click on Uninstall Programs link
  3. click on view installed updates (top left side of screen in blue panel)
  4. type KB2982791 (or whatever you're searching for).

There it is, cleverly hidden. I was on the list all updates gui page within windows update, which has no search.
 
KB2982791 installs for me, takes a long time for windows to complete the update during a shutdown.. afterwards, i check windows update and it says it failed.

do not have the previous version installed.

even tried a manual install from here, didn't work.

going to ignore this update till Microsoft figures it out.
 
There it is, cleverly hidden. I was on the list all updates gui page within windows update, which has no search.

Not exactly hidden. If you want to uninstall something, you go to the uninstall link/app. It's always been like that. The only thing really new is the search function, which makes life much easier :D

That command line call I'd never heard of before this thread. I'm sure it's useful for scripting, but not so much for the typical user.
 
Back
Top