|
MS-DEFCON 1:
Current Microsoft patches are causing havoc. Don't patch.
|
-
MS-DEFCON 3: The .NET patches are broken again, but others look OK
Posted on August 20th, 2011 at 12:25 27 commentsNow it gets ugly.
Usually, I try to give a blanket up-or-down, yes-or-no signal on each crop of monthly patches. The August Black Tuesday patches aren’t so neat.
The only really interesting patch this month is MS11-057/KB 2559049. It’s another big rollup patch for every version of Internet Explorer, from 6 to 9. If you use IE to surf the web, you should seriously consider installing it. I haven’t heard of any killer problems – and it does plug a number of gaping holes.
The other patches this month are either boring or ugly. There are many reports of the .NET patches, MS11-066 and MS11-069, breaking things. So what else is new – Microsoft’s never been able to deliver sound .NET patches the first time around.
So I’m going to run us down to MS-DEFCON 3: Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems.
Specifically, if you use IE, you need to get patched up. If you don’t use IE, I don’t see any reason at all to sacrifice your system to the .NET patch inanities; don’t bother patching just yet.
27 responses to “MS-DEFCON 3: The .NET patches are broken again, but others look OK”
-
Herb Rubin August 20th, 2011 at 21:25
Sorry for me being a bit dense, but having trouble interpreting your message.
Clearly we should install most of the patches.
Should we install the .net patches or not?
thanks
-
Herb Rubin August 20th, 2011 at 22:49
Sorry didn’t complete my thoughts.
I of course don’t use IE on your advice.
But i do clean my computer frequently with CC cleaner and it always finds IE files on it. I assume some programs, or web sites, or ghosts, are periodically activating IE.
Hence even though i don’t use IE it does get used.
-
@Herb -
Yes, IE gets used in the strangest ways. In the case of this month’s patches, though, it doesn’t look like the IE holes can be hooked through weird secondary programs…
-
@Herb -
If you use IE, swallow hard and install all of the patches. Even the .NET patches. You probably won’t get bit by a bad .NET patch.
If you don’t use IE, don’t install anything. Ain’t worth the bother.
-
rc primak August 21st, 2011 at 21:13
IE is used by updaters and such programs as Secunia PSI, whose windows are actually IE windows.
And Firefox is one of several third-party programs which leverage some vulnerable components of IE to do their work. Especially if, like me, you use any form of the Firefox IETab Extension.
As for .NET Framework, I use Paint.NET, so I need it. And all versions of Windows 7 have at least one .NET version installed right out of the box. Still, this month’s .NET Framework patches on my 32-bit Windows XP Pro laptop went so badly that I would not recommend applying them unless you do use a program with direct dependencies on .NET.
No BSOD or anything fatal, but both the downloads and the installers hung badly, at one point freezing completely until I red-X-ed one persistent “Verify Extracted Files” popup box. Definitely not worth the two-hour hassle to finally wrangle the little monsters into submission on that laptop.
On my Toshiba Satellite (64-bit Windows 7 Home Premium) the same batch of .NET patches hung badly during download, and again twice during installation. And that computer NEVER hangs up on normal MS Updates.
Why doesn’t Microsoft just take that sick horse of .NET Framework out back of the barn and shoot it already? The old grey mare ain’t what she used to be! And .NET never was a thoroughbred.
-
Woody: 8-21-11 (WinXP SP3)Since Firefox 5.0 (now updated to 6.0) have been unable to view or download PDF files @ web sites. (Actually, before those Firefox upgrades, Foxit PDF Reader went berserk and had to get rid of it and went back to Adobe Reader 10.) Went through all the Firefox troubleshooting and FAQ suggestions but nothing works. Anyway, whenever I go to those sites I have to open and use IE8 in order to view and d’load the PDFs. I will d’load the August IE update KB2559049 but should I also d’load the .NET framework 2.0 update KB2539631, too?
Another question, is it safe to d’load the Roll-up of ActiveX KillBits for WinXP update, KB2562937?
Do you (or anyone else)have any thoughts about the Firefox PDF problem?
Thanks, Woody -
Woody,
The punch line (last line) should be at top and/or in title. And I was taking notes. Happy end of summer and I am smiling. -
@Ann -
No idea about the Firefox/Foxit/Adobe Reader problem. Might try using Chrome.
Yes, the ActiveX Killbits for XP are as baked as they’re going to get. Go ahead and install.
-
Herb Rubin August 23rd, 2011 at 05:21
More advice
Before double checking with Woody I did try to install all patches on my laptop. All except the .net went up. The net failed to install and then referred to some microsoft fixit programs. Simple one failed. I brought same machine into my university’s help shop (they still help retirees like me). They hooked up the machine and pushed the same install buttons I did and slowly and painfully the .net installed. Go figure.Now following Woody I have not installed the .net on my desktop. But what do you do when they fail to install. (University won’t play with desktops) Do you just wait for ever?
thanks
-
@Herb -
Usually you have to wait until Microsoft patches the patch.
Failure to install is a minor problem, in the grand scheme of .NET things.
-
Gindy53 August 23rd, 2011 at 18:18
Quick question in regards to setting up a brand new computer. According to the MS updates, I have about 199MB of updates to do. I have singled out the August .Net stuff and am wondering if I should install all the other 53 updates.
Thank you for this site, you have saved me countless hours and dollars. I check here first thing nearly every day and always when that Tuesday comes around. -
Herb Rubin August 23rd, 2011 at 18:57
No need to post
but thank you for your guidance
Herb -
flavet August 23rd, 2011 at 21:49
@Woody – Okay, your 8-23 comment seems logical, wait for a patch for the patch. BUT how do you know you are receiving a patch for the patch for the patch?
-
rc primak August 23rd, 2011 at 22:49
Regarding Ann’s post:
I use Firefox on my Win XP Pro 32-bit lapto. When Firefox upgraded to 5 and 6, I had to get new Foxit Reader browser plug-ins in addition to upgrading to the latest Foxit Reader program version. The Firefox plug-in is a separate download, which can be obtained through Foxit’s own updater, or as a Firefox Add-on through Mozilla’s Firefox Add-ons catalog pages. Don’t know if the Foxit add-on is yet current with FF 6.
I use Nitro’s Firefox Add-on and Nitro PDF (free edition) to download and open and edit PDF files on both of my laptops (the other one is 64-bit and runs Windows 7 Home Premium). Never had a problem.
The trouble with Chrome is that it has a built-in PDF display plug-in which can neither download nor edit PDF files. To get the PDF to open in Foxit or Nitro readers, you have to go inside the Chrome configuration settings pages and disable the Chrome PDF plug-in, thus enabling your default P}DF reader. This is a bit technical, and making a mistake means reinstalling Chrome. Not pretty.
-
rc primak August 23rd, 2011 at 22:54
On the .NET front, I got some long hesitations on both of my laptops during downloading and installation of each of the current patches. It was a major pain in the neck getting the 32-bit, single-core laptop to install the patches. At one point the whole process froze, awaiting my input to close a “Verify Extracted Files” popup window. The whole process of installation on that laptop took over two hours, not counting the other boatload of MS Updates for August 2011.
You have to REALLY like programs like Paint .NET to put up with this nonsense!
-
Downloading IE v9.0.2 KB2559049, changed the name of a cookie from bob@harvard.com to a ramdom number in a txt file. I liked to see a cookie’s name so I can delete only the cookies I want to delete. Any ideas?
-
“Why doesn’t Microsoft just take that sick horse of .NET Framework out back of the barn and shoot it already? The old grey mare ain’t what she used to be! And .NET never was a thoroughbred.”
@rc primak: unfortunately, MS can’t. more third party apps released nowadays (like this CPU Thermometer app) are starting to depend on .NET framework. w/out .NET, those kinds of programs won’t work.
and I’m still waiting for MS to release new service packs for their .NET Framework software, which I prefer than to install a bunch of .NET patches.
-
@Flavet -
HA! All the more reason to wait for a green flag, eh?
-
@Gindy53 -
When you’re just setting up a new computer, apply ALL Microsoft updates. Even if I’ve raised an MS-DEFCON 1 flag. Get the big backlog out of the way, so you can start following along here month-to-month.
The downside of missing a key patch is far greater than the upside of bypassing something that’ll go bump in the night.
-
rc primak August 26th, 2011 at 00:29
And just when you thought it was safe to go back into the waters, I just got an end-of-month MS Update for Windows 7 64-bit. No problems, but it was a bit of a surprise.
-
rc primak August 26th, 2011 at 03:06
My stray MS Updates patch was explained by Susan Bradley in this week’s Windows Secrets Patch Watch. It was the Time Zone Update, which comes around every year just before Labor Day. No big deal for me, as I don’t use Microsoft Outlook or Outlook Express on either of my computers. Others should be aware of possible Outlook or Outlook Express side-effects of this patch. (KB2570791)
-
Barnnie August 27th, 2011 at 06:05
I received an update notice, it says:
For Windows7 x64 Based System KB2570791
Came out of nowhere from MS, OK to install?
thanks -
rc primak August 30th, 2011 at 12:21
@Barnnie —
That’s the Time Zone Update I got. Susan Bradley (Windows Secrets Patch Watch) has concerns about possible side-effects in Outlook. But other than that, all this one does is update Daylight Savings Time for a few countries, none of them involving the USA, East Asia or Europe. In other words, definitely not a necessary update.
-
Gindy53 August 30th, 2011 at 16:28
Thank you, Woddy. I have followed your advice with the other computers and will do so now.
-
Allen McDonald September 10th, 2011 at 04:02
Read it and weep. :- (
From Microsoft Anawers -
KB2310138 – Definition update causes windows to hang
-
Dorothy M. September 14th, 2011 at 22:35
After patching our enterprise (Desktops with Windows XP SP3) with MS11-057 KB2559049 Cumulative Security Update for Internet Explorer, non-privileged users receive a red x where images should be in IE7. Administrators see images normally and do not have this issue. Any one else see this? Firefox of course displays all images for all users.
-
@Dorothy -
I don’t know, but you might want to go over to the Lounge and see if anyone else has the same problem. Click the link in the upper right corner to “Ask a Windows or Office question.”
Leave a reply
-
Support AskWoody.com
Click on this list to get
Woody ’s books at Amazon.com
- Windows 7 All-In-One For Dummies
- Green Home Computing For Dummies
- Windows Vista All-In-One Desk Reference For Dummies
- Windows Vista Timesaving Techniques For Dummies
- Windows XP All-In-One Desk Reference For Dummies
- Windows XP Timesaving Techniques For Dummies
- Windows XP Hacks & Mods For Dummies
- Windows Home Server For Dummies
- Special Edition Using MS Office 2007
- Special Edition Using MS Office Home & Student 2007
- Special Edition Using MS Office 2003
- Office 2003 Timesaving Techniques For Dummies
- Special Edition Using MS Office 2003, Student-Teacher Edition)