Microsoft has removed the download links for several Windows updates that were released on August 12 for Patch Tuesday. Users have been reporting BSOD (Blue Screen Of Death) errors after installing the updates. Not all Windows computers received these updates, and not all computers where the updates were installed are affected negatively.
The updates in question are all related to the MS14-045 bulletin, which refers to a set of security updates for the Windows kernel. Microsoft is advising users to avoid installing the related updates and to uninstall them if already installed. The KB2982791 update notes have been amended to include information about the problem and how to remove the affected updates.
The affected updates are:
KB2982791 MS14-045: Description of the security update for kernel-mode drivers: August 12, 2014
KB2970228 Update to support the new currency symbol for the Russian ruble in Windows
KB2975719 August 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2
KB2975331 August 2014 update rollup for Windows RT, Windows 8, and Windows Server 2012
You can discover whether any of these updates exist on your Windows 7 or 8 computer by opening the Programs and Features item in the Control Panel, and clicking View installed updates. Enter a KB number in the search box at the top right to search for it.
Time once again to crank up Windows Update and patch your Windows computers. As expected, this month’s batch includes nine bulletins with associated updates for SQL Server, OneNote, SharePoint, .NET, Windows and Internet Explorer. Two Critical updates affect Windows and Internet Explorer.
Another month, another pile of patches from Microsoft. This month the updates will become available starting about 10am PST on August 12. According to the official advance notification, there will be nine security bulletins, with associated updates for Windows, Internet Explorer, .NET, SharePoint, OneNote and SQL Server. Two are rated critical.
Evidently Microsoft really does listen to users, even if it sometimes takes them a while to react. Aside from making the new/Metro user interface optional in Windows 9 and bringing back the Start menu, they have decided to remove the weird ‘Charms’ bar that appears on the right side of the screen Windows 8.x.
A useful feature that may appear in Windows 9 is virtual desktops. These allow users to set up multiple desktops, each with different desktop icons and application windows. You will be able to easily switch between the desktops, greatly simplifying life for anyone who wears different hats throughout their work day. In fact, however, this is not a new feature at all. Microsoft has offered a few virtual desktop solutions over the years, typically as extra downloads, including the one I’ve used most recently, Desktops.
There’s very little to talk about for the impending Windows 8.1 Service Pack 2Update 2 whatchamacallit, aside from Microsoft’s strange (and confusing) aversion to sticking with a naming convention. As previously mentioned, the Start menu won’t return to Windows until version 9. The Verge has the details, which really aren’t worth reading.
Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) is free software that improves the overall security of Windows computers. EMET isn’t a replacement for anti-malware software; rather, it provides additional protections that complement anti-malware software.
There’s little downside to using EMET, so we recommend installing it on all Windows computers. By default, it provides specific protections for Microsoft software, including Office and Internet Explorer.
Numerous versions of this library are available for Windows, and any or all of them can be installed at the same time on Windows PCs. Some versions are no longer supported by Microsoft, and updates for those older versions won’t appear in Windows Update.
Because of this, many Windows PCs contain versions of this library that have security vulnerabilities.
Microsoft’s documentation on the XML library is confusing and incomplete. For what it’s worth, here are a couple of links to said documentation:
We recommend installing and running Secunia’s PSI, which scans for out of date software, including Microsoft’s XML libraries. PSI also helpfully provides links to download any missing updates.
Update 2014Jul30: A reader pointed out that getting MSXML4 up to date is not a simple task. Here’s what you need to know:
The most up to date MSXML4 is a patched version of MSXML4 SP3, specifically 4.30.2117.0.
Windows Update won’t offer newer updates for MSXML4 if the version on your computer is SP2. This is the basic problem pointed out by Secunia.
To get the most recent MSXML4 on your computer, you have to manually download and install MSXML4 SP3, then run Windows Update, which should show this update: Security Update for Microsoft XML Core Services 4.0 Service Pack 3 (KB2758694). Once you install that update, you should be running MSXML4 SP3 version 4.30.2117.0.
Even after you’re running the most recent version of MSXML4, Secunia PSI will tell you it needs to be updated. That’s because Secunia has decided to report MSXML4 as ‘end-of-life’ (which it is) and direct users to MSXML6 instead. There are two problems with this: first, installing MSXML6 will not remove any earlier versions, including MSXML4; second, Microsoft recommends leaving MSXML4 in place as long as it’s up to date. The upshot is that unless you manually remove all remnants of MSXML4, PSI will keep telling you to install MSXML6, even if it’s already installed.
It looks like Microsoft really won’t be bringing the Start menu back to Windows 8, and will instead try to win users back with the next version of Windows. One wonders whether Microsoft should just skip every other Windows release, given their track record.
The Verge has leaked screenshots of Windows 9’s Start menu, and it appears to be an amalgamation of features from Windows 8 and Windows 7, with the right half of the menu showing pinned ‘Metro’ style apps.
A set of fraudulent security certificates was identified by security researchers at Google on July 8. The certificates were issued by an authority in India, and trusted by the Microsoft Root Store. That means the bogus certificates potentially impact anyone using certain Windows applications, and especially Internet Explorer.
These days ‘Patch Tuesday’ means Adobe updates as well as Microsoft updates. This month was no different: Adobe released a new version of Flash that addresses at least three vulnerabilities, including the JSONP callback API problem that made several popular sites potentially vulnerable.
The Flash runtime announcement for the new version outlines a few new features, most of which are likely only of interest to developers. The associated security bulletin gets into the details of the included security fixes.
As usual, Google Chrome will update itself, but this time via its internal ‘component updater’ rather than with a new version of the browser. Warning: the component updater sometimes takes a few days to do its work; unfortunately, there doesn’t seem to be any way to force the update.
Updates for the Flash component in Internet Explorer running on Windows 8.x will be made available through Windows Update.
Rants and musings on topics of interest. Sometimes about Windows, Linux, security and cool software.
Close
Ad-blocker not detected
Consider installing a browser extension that blocks ads and other malicious scripts in your browser to protect your privacy and security. Learn more.