Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our ads are polite and keep AskWoody going!
Home icon Home icon Home icon RSS icon
  • MS12-034 / KB 2676562 / KB 2686509 mystery solved

    Posted on December 21st, 2013 at 22:09 woody Comment on the AskWoody Lounge

    Eighteen months ago, you might recall a pesky Black Tuesday patch that never installed, and wouldn’t go away.

    Yuhong Bao, whom many of you might recognize as a frequent commenter both here and on my InfoWorld blog posts, has cracked the problem.

    He found a bug in the way the installer interprets a specific Registry key. If you have an unexpected value in that key, the KB 2686509 installer fails, and your system remains vulnerable to the hole known as  CVE-2012-0181.

    The next time Windows Update comes up for air, it sees that the MS12-034 installation failed, and re-offers the same patch.

    Microsoft has a manual workaround, described in my May 9, 2012 AskWoody article. A FixIt that allows the installer to work was issued after much sturm und drang. But Microsoft never did fix the patch. After all, it’s only for XP/Server 2003.

    Yuhong concludes that MS didn’t fix the patch because a failed install doesn’t really screw up anything. Mostly, it’s just annoying.

    If that helped, take a second to support AskWoody on Patreon