MS-DEFCON 2: Get patched, then shut down Auto updates – fix for the Help 0day coming @ AskWoody.com

MS-DEFCON 2: Get patched, then shut down Auto updates – fix for the Help 0day coming

Posted on July 12th, 2010 at 07:48 woody 14 comments

Microsoft has announced that it will deliver four security bulletins on Tuesday July 13.

Three of them don’t appear to be terribly interesting, but one of them must be. Quoth Microsoft:

We are also closing Security Advisory 2219475 (Vulnerability in Windows Help and Support Center Could Allow Remote Code Execution) with a comprehensive update that addresses the issue currently under attack.

Looks like MS is finally going to plug the security hole I talked about a week ago. I’m still not convinced it’s a Big Deal, but it’ll be nice to get it fixed.

Get all of the MS patches applied, except the .NET patches, then make sure you have Automatic Updates turned off. Let’s see what Tuesday will bring.

Windows Patches/Security 2219475, July 2010 Black Tuesday
14 responses to “MS-DEFCON 2: Get patched, then shut down Auto updates – fix for the Help 0day coming”
1. EP July 12th, 2010 at 22:40
  
  Another IMPORTANT REMINDER that Microsoft is ending support for Win2000 & WinXP SP2 on 7/13/2010.
  
  Quote from that announcement of delivering 4 security bulletins-
  
  “Also, July marks the end of Microsoft support for the Windows 2000 and Windows XP SP2 platforms. Customers should actively seek out either a supported operating system or the latest service pack in order to keep receiving necessary security updates.”
  
  The upcoming XP Help Center security patch will be the very last one to support XP SP2. Any future XP security updates created or released after July 13 will require only XP SP3. And of course, Microsoft is no longer producing any new security updates for Win2000 after 7/13.
  
  And about that XP Help Center security flaw, woody; a guy on this ZDNet blog wrote a comment claiming that Microsoft knew about this Help Center security flaw for more than 6 years and did nothing to fix it.
2. woody July 13th, 2010 at 10:37
  
  @EP -
  
  Good overview on InfoWorld here.
  
  I should post this, and a link to my 64-bit Windows 7 article, but I’m under the gun at the moment. My wife and I had our first baby on Saturday, and I’m getting sleep in very short bursts…
3. rc primak July 14th, 2010 at 09:34
  
  Woody —
  
  Congratulations on your baby! I wish you and yur family all the happiness in the world.
4. Sandy July 14th, 2010 at 23:24
  
  (Congratulations, Woody!)
5. Gideon July 15th, 2010 at 08:28
  
  Re:”fix for the Help 0day coming” —
  I hope that, when the fix does come, it will be clear (for those of us who have used the original MS “fixit”) whether we need to first apply the “fixit” that restores the original settings, before applying the coming fix.
6. Bill July 15th, 2010 at 21:52
  
  Woody — Do we need to undo the “fixit” for the Windows Help issue (if we applied it) before installing the new update for it? (There was an “undo” fixit also available to revert back.)
  
  I won’t do anything with the new update until you give the MS-Defcon all clear, of course!
  
  Thanks!
7. woody July 15th, 2010 at 22:00
  
  @Bill -
  
  Nope, apparently the patch is smart enough to ignore the Fixit changes.
8. woody July 15th, 2010 at 22:01
  
  @Gideon -
  
  You won’t need to apply the Fixit first.
9. rc primak July 16th, 2010 at 04:08
  
  Thanks, Woody for the info on not having to undo the Fixit to get the patch to install. I remember a few other patches where if you did not undo a few Fixits, the patches would not insstall correctly. Microsoft seems to be learning (sloooooowly!) how to make these Fixits play nicely with MS Updates.
10. Bill July 19th, 2010 at 23:06
  
  Woody,
  
  We should still wait to apply the 0 Day Windows Help patch until you give the all clear, right? (I’ve got the fixit applied right now.)
  
  Thanks! And congratulations!
11. woody July 20th, 2010 at 17:36
  
  @Bill -
  
  Right. The Help hole isn’t really glaring. Not like the LNK hole…
12. john July 22nd, 2010 at 00:40
  
  hello every one this question is for any one that can answer it i reinstalled windows 7 and updated it with the updates it installed microsoft.net framework 4 client profile is this the .net that you are talking about and if it is can i uninstall it when i click uninstall it says uninstalling microsoft.net framework may cause some applications to cease to function.Now i made a system image right after i did microsoft updates would what applications would microsoft.net be using could i recover the image to right after the updates and uninstall .net or should i just leave it there i noticed in event viewer there was .net errors as well any help on this would be nice ty
13. EP July 24th, 2010 at 03:46
  
  ah, I don’t see Bill mentioning that he uses XP SP2 anymore. so I assume he already updated to SP3 level. good.
  
  the XP Help & Support security patch can be applied without removing the FixIt solution. should be safe to install by the end of July or the start of August as I’ve found no problems with it.
14. Marty August 1st, 2010 at 09:25
  
  Woody,
  
  Are you now recommending that the Help and Support Center patch be applied? KB2229593 (a/k/a MS10-042). Thanks.
Leave a reply

Name (required)

Mail (will not be published) (required)

Website