this is patch tuesday- so?

G

Guest

I just got them:

Windows XP Security Update for Windows XP (KB932168) Tuesday, April 10,
2007 Windows Update

Windows XP Security Update for Windows XP (KB931261) Tuesday, April 10,
2007 Windows Update

Windows XP Security Update for Windows XP (KB930178) Tuesday, April 10,
2007 Windows Update

Windows XP Security Update for Windows XP (KB931784) Tuesday, April 10, 2007
****************************************************

Requires reboot. Have a good day!!
 
G

Guest

Didn't seem to have any problems. They downloaded, then I rebooted and so
far, so good.
 
G

Guest

Robinb said:
any problems with them?

I'm still nursing my bruises from the last one! I shall let this new bunch
sit undownloaded for a while yet.

I still haven't been able to decide whether to keep, or uninstall, the
925902 patch (or the updated audio driver). Could someone tell me please -
are all these patches independent? If I install this new lot, do I compromise
my ability to uninstall (or reinstall) 925902 in any way?

In other words, can I install the new updates, and still fiddle about with
925902 if I decide to?
 
B

Bill Sanderson MVP

Independent--you can uncheck and not install a patch at any time, and you
can also tell the update mechanisms to ignore a patch and not keep offering
it to you. (You will be told regularly that you've done this and that it is
a Bad Thing.)

--
 
G

Guest

Bill Sanderson MVP said:
you
can also tell the update mechanisms to ignore a patch and not keep offering
it to you. (You will be told regularly that you've done this and that it is
a Bad Thing.)

I see this morning that the deadly hotfix for 952902 is now being offered to
me as a high priority update! That's certainly one to be buried - I won't be
treading that particular road again!
 
G

Guest

Alan D said:
I shall let this new bunch
sit undownloaded for a while yet.

I decided not to be a wimp. I hid the poisonous hotfix for 925902, installed
the 4 security updates at one gulp, restarted (holding my breath), and here I
am to tell the tale.

It's a much scarier business once you've been bitten by a bad one.
 
G

Guest

Robinb said:
even installing the mshotfix did not fix the problem?

The hotfix was a major part of the problem. It crashed my computer, which
then wouldn't reboot in normal mode. So I had to use system restore to
recover.

The patch itself has disabled the RealTek audio panel and (AVG now inform
me) has corrupted my AVG installation. They tell me I need to reinstall AVG
and clear out the mess. Then there's still the basic problem of the patch and
the Realtek driver to sort out.

It's a terrible mess, I'm afraid.
 
B

Bill Sanderson MVP

I would encourage you to tread that road again.

Remember that in a number of cases, a Microsoft Security fix will be
reverse-engineered to determine the root vulnerability, and then exploit
code is published, and use of the exploit widens.

In the case of this fix, the exploit was being used in public for weeks
before the patch was made available.

You need not go to a disreputable site to be exploited: a reputable site
might be hacked, as one electronics vendor was in this case, or an
advertising networks servers might be hacked, in which case any page serving
up ads might pose a risk.

Now--I know that your antivirus has signatures for this exploit and for the
malware which has been found in the past to be distributed via the exploit.
Depending on signatures is not without risk, however. The bad guys can
figure out how to mask their code from the signatures, or can distribute a
package not already known.

So--in my view, you want this patch on your system.

What's the safest way to get it there?

In your case, the conflict is with the sound driver which you've already
identified--so I'd start by getting the revised driver from that
vendor--once their server load settles down.

Then I'd put in the original security patch. You won't need the "patch to
the patch" because you'll have a sound driver which doesn't have the flaw
that makes that necessary.

Am I remembering correctly that the code that caused your problem was that
"patch to the patch?"


--
 
G

Guest

Bill Sanderson MVP said:
I would encourage you to tread that road again.

Ah, Bill - I know that's good advice, and I DO have the patch in place. It
was indeed the 'fix' that messed me up, and I did a system restore to a point
AFTER the patch but BEFORE the fix. So 925902 is in place, and I've tested it
with the Zert test. What I meant in my post (but didn't express clearly) is
that Windows update is offering me the deadly fix (the patch for the patch)
once again.

I'm thinking I may just stay with this situation as it is and see how it
goes. I have:
1. The 925902 patch - which I've Zert-tested and which works - but not the
fix for it.
2. A damaged RealTek audio panel - which I never use, don't need, and which
I'd already disabled at startup a year ago.
3. A possibly slightly corrupted AVG installation which works fine in every
respect except that it interferes with the operation of my image scanner.
(Although there were a heap of AVG errors in Event Viewer around hotfix time,
there aren't any now.) Practical solution: switch off AVG when I scan images.
[Sudden thought: I wonder if it's the scanner software that's corrupted, and
not AVG?]

This Windows installation is over 18 months old, and is getting a bit slow,
but it works, is secure, and now has a few bruises. I'll probably have to do
a fresh re-install of Windows anyway before the end of the year, but I'd
rather do it at a time of my choosing, rather than because a new installation
of a new, untried audio driver (that I don't actually need), or trying to
follow AVG's complicated registry cleaning instructions, forces me into it.

Now the dust has settled, this seems like the simplest path, and it does
incorporate your advice (for which, thanks as ever) to the extent that I
haven't removed the patch.
 
B

Bill Sanderson MVP

I don't think that reinstalling Windows because of issues that creep up over
time should be needed for the NT-based versions--primarily Windows 2000 and
Windows XP. That said, I can't say that I always abide by my own advice....

OK--glad to know the patch is in place. I still think that grabbing the
revised HD audio driver from the vendor would be a good thing, even though
you aren't using it.

I believe that I read that the "deadly patch" as you call it is only offered
to systems that need it--i.e. Microsoft is able to detect that you have the
audio driver that requires it. It would be interesting to see whether
putting in the revised audio driver ended the offering up of that patch.
(my own odds are about 50-50, I think!)

--

Alan D said:
Bill Sanderson MVP said:
I would encourage you to tread that road again.

Ah, Bill - I know that's good advice, and I DO have the patch in place. It
was indeed the 'fix' that messed me up, and I did a system restore to a
point
AFTER the patch but BEFORE the fix. So 925902 is in place, and I've tested
it
with the Zert test. What I meant in my post (but didn't express clearly)
is
that Windows update is offering me the deadly fix (the patch for the
patch)
once again.

I'm thinking I may just stay with this situation as it is and see how it
goes. I have:
1. The 925902 patch - which I've Zert-tested and which works - but not the
fix for it.
2. A damaged RealTek audio panel - which I never use, don't need, and
which
I'd already disabled at startup a year ago.
3. A possibly slightly corrupted AVG installation which works fine in
every
respect except that it interferes with the operation of my image scanner.
(Although there were a heap of AVG errors in Event Viewer around hotfix
time,
there aren't any now.) Practical solution: switch off AVG when I scan
images.
[Sudden thought: I wonder if it's the scanner software that's corrupted,
and
not AVG?]

This Windows installation is over 18 months old, and is getting a bit
slow,
but it works, is secure, and now has a few bruises. I'll probably have to
do
a fresh re-install of Windows anyway before the end of the year, but I'd
rather do it at a time of my choosing, rather than because a new
installation
of a new, untried audio driver (that I don't actually need), or trying to
follow AVG's complicated registry cleaning instructions, forces me into
it.

Now the dust has settled, this seems like the simplest path, and it does
incorporate your advice (for which, thanks as ever) to the extent that I
haven't removed the patch.
 
A

Alan D

Bill Sanderson MVP said:
I still think that grabbing the revised HD audio driver from the vendor
would be a good thing, even though you aren't using it.

I believe you, and I may decide to do it in due course. But there's no hurry
(there's no security issue as things stand). I've got too many other things
for which I urgently need my computer just now, to risk upsetting the status
quo any further.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top