News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Heads up — Bug fix for IE coming out through Win10 cumulative updates, Win7 and 8.1

    Home Forums AskWoody blog Heads up — Bug fix for IE coming out through Win10 cumulative updates, Win7 and 8.1

    Tagged: 

    This topic contains 88 replies, has 27 voices, and was last updated by  anonymous 8 months ago.

    • Author
      Posts
    • #241184 Reply

      woody
      Da Boss

      Microsoft just posted CVE-2018-8653: Scripting Engine Memory Corruption Vulnerability A remote code execution vulnerability exists in the way that the
      [See the full post at: Heads up — Bug fix for IE coming out through Win10 cumulative updates, Win7 and 8.1]

      7 users thanked author for this post.
    • #241185 Reply

      anonymous

      I can’t remember the last time I’ve used IE. It’s been that long.

    • #241186 Reply

      anonymous

      What Should I be using if not IE? Firefox, WaterFox, Chrome, GTbroswers, or IE.

      • #241213 Reply

        woody
        Da Boss

        Any of the above. All of the above.

        I use Chrome and Firefox side-by-side, all day, every day, with an occasional run through Edge.

      • #241291 Reply

        anonymous

        Since most noobs stick with Chrome, there’s hardly any attack against IE these days — making IE the most secure Web browser. If you like IE, keep using it.

        1 user thanked author for this post.
        • #241305 Reply

          anonymous

          Informed comment there probably from a noob.

          • #241325 Reply

            anonymous

            I’d just like to point out that .. in some cases, IE is activated by Windows. Case being mine. I don’t even consider using Chrome. Who would? Google has more data than the NSA and the CIA combined, just from users inputs in their search engine lol .. imagine what Chrome is allowing/preventing. Anyways. Is it possible that, just maybe, this update is critical to some people, or was. Before they were hacked. Every device on the network except the Xbox One. And I’ve not once opened IE. True enough, that just means I already had something in there from one of these other exploits we’re hearing about (Intel vulnerability, ASUS router exploit)  which are fixed after the damage is done to some people. I’m all for the update but Microsoft needs to tighten up. I needed it a month ago. I needed the ASUS fw patch back before I got infected.

            Edit to remove HTML

      • #241401 Reply

        radosuaf
        AskWoody Lounger

        Firefox is cool. I use it :).

        MSI H110 PC MATE * Intel Core i5-6402P * 2 x 8 GB Corsair Vengeance LPX DDR4 2133 MHz * Aorus Radeon RX 570 4GB * Samsung 840 EVO 250GB SSD * Western Digital Blue 1TB HDD * Seagate Barracuda 1TB HDD * DVD RW Lite-ON iHAS 124 * Creative X-Fi XtremeGamer PCI * Windows 10 Pro 1809 64-bit
    • #241200 Reply

      OscarCP
      AskWoody Plus

      Thanks. Now, this is probably a very naive question, as I do not use Windows 10, but can one run IE on Windows 10? I’ve understood (for no particular reason) that it was Edge the only MS browser that can be run there. And if one can, is it the same IE11 version as for Windows 8.1?

      • #241204 Reply

        PKCano
        Da Boss

        I think the title of the blog post give you the answer.

        2 users thanked author for this post.
      • #241214 Reply

        Mr. Natural
        AskWoody Plus

        IE is in Windows Accessories on the start menu in Windows 10.

        I only use IE at work for a few legacy apps. Unfortunately we do have users in the office still using IE. Chrome is on all installs and I tell folks to use it when they call me with IE issues.

        Not disclosed yet so I’ll wait and see what happens with this one.

        Red Ruffnsore reporting from the front lines.

        • #241397 Reply

          mn–
          AskWoody Lounger

          Legacy apps unfortunately including such as, some Sharepoint Online integration features … and local-only tools like RAID, NAS and even network device management for certain hardware (honestly, couldn’t they just write either a browser-agnostic tool or a proper application?)…

          Really, with the odds being that IE is the only browser left on most systems that can run integrated Java applets and Java applets also being the only way to configure some of those…  even on this year’s hardware models occasionally.

          Or I suppose you could rig the Hyper-V host server to multiboot Linux on the bare hardware and use the custom drivers and unofficial opensource command line tool every time you need to rearrange RAID volumes for a guest VM… because even the cold-boot firmware RAID setup UI doesn’t have access to some of the settings.

          (Why yes, I do have a copy of the last ESR 52.x Firefox stashed away too…)

    • #241224 Reply

      anonymous

      Is this the type of update that you have to click “Check for updates” to get? Or will it come rolling down unless you have updates blocked in some way (metered connection, wushowhide, etc.)?

      • #241284 Reply

        bhen
        AskWoody Lounger

        it arrived automatically for me and it’s listed in the catalog as a Security Update instead of just an “Update” (like other non-patch day updates)

      • #241285 Reply

        anonymous

        It’s a security update so it should come down either way.

        One can also download it from the catalog site and manually install it but, as always, those using this method must make sure to first install the latest Servicing Stack Update (SSU). There is no new SSU with this Latest Cumulative Update (LCU) but if this is the first time you’re updating this month and you choose the manual method, be sure to first apply the associated SSU released earlier in the month. The KB article for each version of the Win10 LCU has the details.

    • #241250 Reply

      anonymous

      I never use IE but some programs use it even if you have set another browser as default.

      I wish there was a way to block IE being accidentally accessed through those programs. Sometimes it is as simple as clicking on “about” or “help” in the program interface and IE starts up and must be closed.

      This is annoying.
      firemind

    • #241262 Reply

      bhen
      AskWoody Lounger

      If you’re at risk of being tricked into using IE, you should probably let this download and install.

      As someone on 1803, when I saw a folder with files show up in SoftwareDistribution on a Wednesday, I was expecting “automatic 1809 update”, not “security update for 1803”. (Yeah yeah, the 1809 update files probably land somewhere else when they arrive, right?)

    • #241267 Reply

      abbodi86
      AskWoody_MVP

      Waiting Win 7/8.1 Preview Rollups 🙂

    • #241274 Reply

      DrBonzo
      AskWoody Plus

      I wonder if this effectively makes the WIN 7 December Rollup a new patch? I was just at the support page for the Rollup and it was last updated Dec 11. That would imply that even Group A folks would need the new IE Patch. But at some point every Win 7 (and maybe Win 8.1 and 10 as well) user will need the IE 11 patch whether they browse with IE 11 or not since IE 11 is part of the OS.

      • #241280 Reply

        StoopidMonkey
        AskWoody Lounger

        According to my WSUS server Win7/8/2008R2 machines got a new Cumulative IE patch (leaving the OS rollups intact) but all newer OS’s had to get a whole new Cumulative OS rollup since IE updates are now bundled with them.

    • #241286 Reply

      anonymous

      I am seeing the patches show up on our WSUS servers, but NOT seeing the patches offered when running a WindowsUpdate client check connecting to Microsoft.

      And FWIW the patches are listed as available in the Update Catalog.

      I’m not sure why they are not showing up via WindowsUpdate client 3+ hours after they showed up on the WSUS servers.  That is not the usual behavior.

      However it does make me wonder if they have already been pulled from Windows/Microsoft Update web site.

      Jim

    • #241293 Reply

      anonymous

      Does theis new IE cumulative SEC Patch(KB4483187) negate having to install KB4470199 the regular Dcember IE cumulative SEC Patch I have one of my 4 laptops already updated for the Dec 2018 patches and the other 3 are still waiting to be patched for Dec 2018. I’d like to have to install as little as possible from Microsoft if possible.

      1 user thanked author for this post.
      • #241624 Reply

        AJNorth
        AskWoody Plus

        Does the new IE cumulative SEC Patch (KB4483187) negate having to install KB4470199 the regular December IE cumulative SEC Patch

         

        Hello,

        The answer is yes; KB4471328 supersedes KB4470199 (please see https://support.microsoft.com/en-us/help/20181219/security-update-deployment-information ).

    • #241298 Reply

      ashfan212
      AskWoody Lounger

      The support page for the Windows 7 patch recommends verifying the jscript.dll version after installation of the patch. Does anyone know in which directory jscript.dll resides or whether there is a better way to verify the version of the file?

      • #241300 Reply

        DrBonzo
        AskWoody Plus

        It’s in Windows/system32. Just hover your cursor over the file name and you’ll see the version.

        2 users thanked author for this post.
      • #241346 Reply

        anonymous

        c:\windows\system32

        On a 64 bit system, there should be a new one in:

        c:\windows\syswow64

        1 user thanked author for this post.
    • #241301 Reply

      PKCano
      Da Boss

      AKB2000003 has been updated on 12/19/2018 to include the out-of-band KB 4483187 IE11 Cumulative Update for Group B and anyone else who needs to download it.

      This update replaces KB4470199 2018-12 Cumulative Security Update for IE11.

      (For those of you still running XP, you will need this patch as well. Thanks to @? says)

      11 users thanked author for this post.
    • #241297 Reply

      anonymous

      Per the MSRC blog post this has been seen by Google in targeted attacks.  Malware can pull a specific instance of a browser and thus even if you aren’t using IE, malware could target it.  So don’t blow this off if you (or your firm) think you might be in one of these targeted attacks.  I am seeing the IE patch on my 7 so they haven’t pulled them.

    • #241304 Reply

      PKCano
      Da Boss

      I am seeing the update now in Windows Update (4:00pm CDT US 12/19/2018)

      1 user thanked author for this post.
      • #241311 Reply

        Hopper15
        AskWoody Lounger

        I am seeing the update now in Windows Update (4:00pm CDT US 12/19/2018)

        Same here. I just hid it.

    • #241308 Reply

      warrenrumak
      AskWoody Plus

      Attacks like this are demonstrative of why it’s important to leave UAC turned on.  I know lots of smartypants-types turn UAC off because they don’t like being nagged to elevate privileges….. but the point is to ensure that processes like Internet Explorer that don’t need to be an Administrator, ever, are not running with the Administrator token by default.

       

      1 user thanked author for this post.
      • #241352 Reply

        GoneToPlaid
        AskWoody Plus

        While I totally agree that everyone should keep the annoying UAC enabled, it appears that in this case UAC won’t protect you if you are logged in with admin account privileges.

        1 user thanked author for this post.
    • #241315 Reply

      anonymous

      Updated IE11 on a Windows 7 machine and it required a reboot and seemed to install fine via Windows Update.

      Attempted to update a Windows 8.1 machine and it seemed to install, but strangely didn’t require a reboot.  Checked Windows history and it indicates being installed but when I open IE11 to check the most recent IE security update it’s still showing Dec 11 KB4470199 as being installed.  Uninstalled and tried again using Windows Update and still the same result.  Tried a manual installation via the catalog download and it still showing the same.

      Is there anyway of showing whether this update installed correctly?

    • #241322 Reply

      woody
      Da Boss

      There’s a workaround published in the CVE article:

      Workarounds

      Restrict access to JScript.dll For 32-bit systems, enter the following command at an administrative command prompt:

      	cacls %windir%\system32\jscript.dll /E /P everyone:N
      

      For 64-bit systems, enter the following command at an administrative command prompt:

      	cacls %windir%\syswow64\jscript.dll /E /P everyone:N
      

      Impact of Workaround. By default, IE11, IE10, and IE9 uses Jscript9.dll which is not impacted by this vulnerability. This vulnerability only affects certain websites that utilizes jscript as the scripting engine.

      How to undo the workaround. For 32-bit systems, enter the following command at an administrative command prompt:

      	cacls %windir%\system32\jscript.dll /E /R everyone
      

      For 64-bit systems, enter the following command at an administrative command prompt:

      	cacls %windir%\syswow64\jscript.dll /E /R everyone
      2 users thanked author for this post.
      • #241341 Reply

        deuce120
        AskWoody Plus

        Woody,

        You posted workarounds that were listed in a CVE article posted on a Mircosoft website. I get alerts from Microsoft when new articles, updates, etc are posted. The crazy thing is if I click on link on the to the CVE article, CVE-2018-8653, it takes me to different article than the one your link does. The second one does not list any workarounds – stated as no known worlarounds. That link is https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8653.

        Goes to show that Microsoft has some serious issues and we are suppose to “trust” them.

        Thanks for all the great information that you and others provide.

      • #242005 Reply

        PKCano
        Da Boss

        The Workaround has been changed. As of 12/22/2018 see #242004 for the changes.

        • #242028 Reply

          anonymous

          Yeah, Microsoft realized that you can’t change or edit the access control list of certain files without being the owner of them in the first place, so they added the command to take ownership of the jscript.dll file. The file’s original owner is the TrustedInstaller.exe program, which runs a good portion of Windows Update.

    • #241332 Reply

      anonymous

      ? says:

      thanks for the “workaround,” Woody! the patch updates all 3 jscript().dlls to version 5.8.9600.19230 12-13-2018…

    • #241338 Reply

      fernlady
      AskWoody Lounger

      I checked for updates and KB4483187 came in so I hid it. I’ll keep reading till I figure out if I should install it.

      Windows 7 Home Premium x64 AMD Group A Realtek PCLe GBE Family Controller

    • #241349 Reply

      Geo
      AskWoody Plus

      Group A,  Win7x64, Home premium, AMD.  KB4483187.    I use IE to install updates.  other then that I use Firefox.  No problems.

    • #241344 Reply

      anonymous

      So is this an extreme urgent one? Don’t use IE at all, always wondered why I can’t uninstall it. Hope I can pospone it for a week or so since we’re packing up for the holidays and prepare for a long trip. Just shut down, backed up and imaged laptops we take. I am not very keen to start them again with all kinds of risks involved… :-/ Sorry for the question, but don’t know if I should be nervous about this one.

      • #241356 Reply

        GoneToPlaid
        AskWoody Plus

        Given that MS is pushing this IE update to everyone via Windows Update, instead of as usual bundling this update in MS’s telemetry laden monthly rollups, yeah, you should take this one seriously.

        • #241358 Reply

          anonymous

          Tnx, I was afraid of that already 🙁 I have so extremely enough of Windows 10 you can’t imagine that. Ok, so the first time we fire up those laptops at our destination, they will start updating. Absolutely wonderful thought. Why on earth can’t we install stuff we don’t need, it would save such a lot of hassle. The sad thing is that some hours ago we checked for updates, none were found, while this one was released some hours before this check. Even just before Christmas Microsoft rolls out nasty surprises, so demotivating. We’ll hope the next time we switch on those laptops, the updates will be installed smoothly.

          • #241367 Reply

            anonymous

            But Woody saying we should avoid installing it.

    • #241345 Reply

      anonymous

      Update came through on XP for IE8.  Installed – no problem noticed.

    • #241365 Reply

      abbodi86
      AskWoody_MVP

      Side notice: a flood of new KB articles about privacy in Windows 10

      https://support.microsoft.com/en-us/help/4459081/general-privacy-settings-in-windows-10-microsoft-privacy
      https://support.microsoft.com/en-us/help/4468236/diagnostics-feedback-and-privacy-in-windows-10-microsoft-privacy
      https://support.microsoft.com/en-us/help/4468228/windows-10-app-diagnostics-and-privacy-microsoft-privacy
      https://support.microsoft.com/en-us/help/4468229/windows-10-apps-and-services-activity-on-the-privacy-dashboard-microso
      https://support.microsoft.com/en-us/help/4468240/windows-10-location-service-and-privacy-microsoft-privacy
      https://support.microsoft.com/en-us/help/4468247/windows-10-privacy-settings-that-apps-use-microsoft-privacy
      https://support.microsoft.com/en-us/help/4468227/windows-10-activity-history-and-your-privacy-microsoft-privacy
      https://support.microsoft.com/en-us/help/4468232/windows-10-camera-microphone-and-privacy-microsoft-privacy
      https://support.microsoft.com/en-us/help/4468230/windows-10-background-apps-and-privacy-microsoft-privacy
      https://support.microsoft.com/en-us/help/4468235/windows-10-eye-tracking-and-privacy-microsoft-privacy
      https://support.microsoft.com/en-us/help/4468243/windows-10-motion-data-and-privacy-microsoft-privacy
      https://support.microsoft.com/en-us/help/4468234/windows-10-desktop-apps-and-privacy
      https://support.microsoft.com/en-us/help/4468239/location-activity-on-the-privacy-dashboard-microsoft-privacy
      https://support.microsoft.com/en-us/help/4468231/browsing-history-on-the-privacy-dashboard-microsoft-privacy

      1 user thanked author for this post.
    • #241368 Reply

      Hopper15
      AskWoody Lounger

      So is this an extreme urgent one? Don’t use IE at all, always wondered why I can’t uninstall it. Hope I can pospone it for a week or so since we’re packing up for the holidays and prepare for a long trip. Just shut down, backed up and imaged laptops we take. I am not very keen to start them again with all kinds of risks involved… :-/ Sorry for the question, but don’t know if I should be nervous about this one.

      “Way-out-of-band patches like this one have a nasty history of blowing up” Like Woody said I would avoid it.

      • #241370 Reply

        anonymous

        Hi! Thanks, I just wanted to avoid wild adventures around Christmas. Anyway, my laptops don’t find this patch anyway (see post below)…

    • #241369 Reply

      anonymous

      I got lost. Just to avoid a nasty surprise during Christmas, I decided to fire up my laptop in the middle of the night. It didn’t find the update. Neither did another laptop. And yes, I even dared to click this dreaded seek for updates-button, several times even. Both systems are on 1803, Semi Annual Channel, 365 days deferral of feature updates and 0 days deferral of quality updates. Could that have anything to do with it? I have a vague memory of not getting some other out of band updates in the past either, but not sure. Also I never get those extra non-security updates seperately (not that I miss them). The updates from patch Tuesday I always pick up. Same behavior on all systems which have no exotic software or drivers.

      Or is this specific update/patch withdrawn already? Saw some complaints on Reddit regarding hanging black boot screens and some other weird things.

      Anyway: should I as someone who defenitely never uses IE worry about this at all, actually…? I assume that I get the patch included in January’s cumulative updates, so yeah… Manually installing updates I never did in my life and I don’t feel comfortable doing that now either to be honest. I am just an average user, not an IT-expert.

    • #241382 Reply

      anonymous

      The IE update automatically downloaded for me and keeps prompting me to install. it’s not worth the risk of delaying it. I am not an IT Pro though – just IMHO.

    • #241384 Reply

      According to Ars Technica,

      “Windows users should ensure their computer installs the update as soon as possible, even if they don’t normally use IE to browse sites.”

      Woody says not to patch.

      The article seems to infer (it’s the last sentence) that MSFT has decreed this. It’s not clear if this is the opinion of the writer or MSFT.

      Can anyone decipher this? I hate it when two security sources I trust seem to disagree.

      https://arstechnica.com/information-technology/2018/12/microsoft-issues-emergency-update-to-fix-critical-ie-flaw-under-active-exploit/?comments=1&start=40

      Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", Group "Wait for the all-clear", Multiple Air-Gapped backup drives in different locations, "Don't check for updates-Full Manual Mode."
      --
      "...All the people, all the time..." (Peter Ustinov ad-lib from "Logan's Run")

    • #241402 Reply

      radosuaf
      AskWoody Lounger

      Does not show up in WU with 7 days quality updates deferral set.

      MSI H110 PC MATE * Intel Core i5-6402P * 2 x 8 GB Corsair Vengeance LPX DDR4 2133 MHz * Aorus Radeon RX 570 4GB * Samsung 840 EVO 250GB SSD * Western Digital Blue 1TB HDD * Seagate Barracuda 1TB HDD * DVD RW Lite-ON iHAS 124 * Creative X-Fi XtremeGamer PCI * Windows 10 Pro 1809 64-bit
    • #241406 Reply

      anonymous

      KB4483187. W7 64 Home Premium. FF64.
      Installed. Reboot. OK.
      I’ve IE11 permanently inhibited in ‘Add/Remove Features’.

      Merry Christmas & Happy New Year !

        HAPPY HOLIDAYS DON’T CUT IT !
    • #241418 Reply

      anonymous

      This is REALLY disgusting: you have to set the deferral of feature updates to 0 days or otherwise the update doesn’t appear. How low can you go, Microsoft? This is a SECURITY update, NOT a feature update!!!!

    • #241420 Reply

      numike
      AskWoody Lounger
    • #241424 Reply

      LTL
      AskWoody Plus

      Given the fact that I personally don’t know to what extend IE is embedded in the OS and therefore endangering system wide safety, I decided to install KB 4483187 on my Group B Win7 X64 system.
      All seems well.

      Thanks always @woody @pkcano

      **** Happy days to all ****

    • #241432 Reply

      geekdom
      AskWoody Plus

      Beta Test
      Reporting on Windows 7 x64 update

      – KB4483187 installed without error and the system rebooted without error.
      – Firefox 65.0b5 (64-bit) in use.

      Group G{ot backup} TestBeta
      Win7Pro·x64·SP1·i3-3220·HDD·Microsoft Security Essentials·Windows Backup·Windows System Image·Windows Rescue Disk·Windows Firewall
    • #241438 Reply

      Microfix
      Da Boss

      Win8.1 Pro x64 (2 devices)
      no restart required after patch installation (did one anyway, habit)
      no errors in event viewer pre/ post restart.
      Don’t use IE, although this is integral to OS and important.
      No issues with patch.
      Leaving it off W10 1803 and XP for now..

      ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

    • #241454 Reply

      Speccy
      AskWoody Lounger

      As PKCano correctly pointed out, besides updating version numbers, the only major differences between KB4483187 (datetime stamped Dec 15, 2018) and KB4470199 (datetime stamped Nov 14, 2018) are in the specific vulnerability being patched – namely, the mshtml.dll HTML Viewer library (both 64/32 bit versions) and the jscript.dll (both 64/32 bit versions) and jscript9.dll (64-bit version) JScript engine libraries.

      NOTE: Incidentally, that could also mean that the proposed workaround might not fully cover the vulnerability on 64-bit systems…

      There are a few other minor differences (the 32-bit iedkcs32.dll, iexplore.exe and sqmapi.dll files have updated its embedded certificates) but these are, from a functional point of view, irrelevant: basically, KB4483187 is an updated version of (replacement for) KB4470199, patching the specific, Javascript-related vulnerability.

    • #241479 Reply

      David Beroff
      AskWoody Lounger

      Why did my Windows 7 Home Premium (ver 6.1, build 7601, SP1) system start crashing as soon as KB4483187 was installed?  I had about 5 crashes in as many hours, while I was trying to work with overseas clients, before I was able to go in and uninstall it.  I don’t ever use MSIE, and would uninstall it if I could.  No other software was installed recently, and my system is usually as stable as a rock.  (The last time I had crashing issues, I narrowed it down to Google’s Backup and Sync, which is now only run manually at night, rather than on startup, but today it was not running at all during any of these events.)  Thank you.

      2 users thanked author for this post.
      • #241486 Reply

        PKCano
        Da Boss

        My guess is that there is some conflict between the javascript files that were changed in the KB4483187 update and some program you are using on your computer.

        What browser are you using?
        What program(s) are you using when the crash occurs?
        What AV program do you run?

        3 users thanked author for this post.
        • #241500 Reply

          David Beroff
          AskWoody Lounger

          Thanks for the reply, @pkcano.  Each time, I was only using Chrome and sometimes Notepad.  Would Chrome even use any of MSIE’s JS?  I was finally able to uninstall (and “hide”) the update, and have had zero crashes, although admittedly, it’s only been an hour so far.  I’ll be more certain when I can go a week or longer.  I was most-recently using Bitdefender, but it was sucking up way too many resources, which were directly interfering with my overseas work, so I had to turn that off, and haven’t yet had a chance to replace it.

          1 user thanked author for this post.
    • #241492 Reply

      anonymous

      Windows 7 Pro x64 – After waiting overnight to let this settle, I installed KB4483187 requiring a re-start, all OK.
      While I ususally await on Woody, in this instance it doesn’t seem the extreme risk is worth a lengthy wait on one critical security IE update. The normal wait period is usually justified by there is nothing critical, or no known exploits of a pending update fix. In this case neither is correct.
      Based on my and others here, as well as other sites reported install success – I suggest you install but it is ultimately up to each individual.

      Risk <-> Reward

      • #241507 Reply

        woody
        Da Boss

        True on all counts. The problem is that I don’t see any in-the-wild reports of infections.

        The PC security industry has a long, sordid history of “Sky is falling” warnings that fail to live up to their initial billing.

        1 user thanked author for this post.
        • #241588 Reply

          Microfix
          Da Boss

          The PC security industry has a long, sordid history of “Sky is falling” warnings that fail to live up to their initial billing.

          Need I mention ‘Meltdown’ and nothing in the wild a year later..

          ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

        • #241747 Reply

          mn–
          AskWoody Lounger

          Still haven’t seen any specific reports about this one in the wild, but the local national cybersecurity authority did have an official warning up about it being used in specifically targeted attacks…

          Oh well. Guess it isn’t a high priority thing as long as you aren’t a target, then? (Note, no information on target grouping seems to be publicly available. Anyone want to throw wild guesses about likely targets?)

    • #241518 Reply

      SoulAsylum
      AskWoody Lounger

      For some time now, my Dell laptop would open 3 separate instances of IE on its own, without any interaction at boot time. Since the emergency release update yesterday this has also been corrected. Nice seeing that small annoyance disappear. Happy holidays to everyone!!

      Cheers

    • #241585 Reply

      Bit The bullet, as Ars Tech article went on to say:

      “As the flaw is being actively exploited in the wild, users are urged to update their systems as soon as possible to reduce the risk of compromise,” Narang said.

      I went for it.

      So far, no issues.

      YMMV.

      I hate it when reports of “In The Wild” are non-specific, but thought reports of install success were important too…  ?

      https://arstechnica.com/information-technology/2018/12/microsoft-issues-emergency-update-to-fix-critical-ie-flaw-under-active-exploit/?comments=1&start=40

       

      Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", Group "Wait for the all-clear", Multiple Air-Gapped backup drives in different locations, "Don't check for updates-Full Manual Mode."
      --
      "...All the people, all the time..." (Peter Ustinov ad-lib from "Logan's Run")

    • #241587 Reply

      Sorry…the comments from Narang about it being in the wild were from Krebs at:

      https://krebsonsecurity.com/2018/12/microsoft-issues-emergency-fix-for-ie-zero-day/

      My bad. 🙁

      But when it’s on Krebs….<sigh>..remember when having a PC, and the Internet was fun?

      Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", Group "Wait for the all-clear", Multiple Air-Gapped backup drives in different locations, "Don't check for updates-Full Manual Mode."
      --
      "...All the people, all the time..." (Peter Ustinov ad-lib from "Logan's Run")

      1 user thanked author for this post.
    • #241589 Reply

      anonymous

      IDK what all the fuss is about ? Do I install or not install ? What do I do ?

      • #241608 Reply

        Microfix
        Da Boss

        We are at MS-DEFCON 2 so the AskWoody advice is to do nothing until the rating rises to 3 or above 🙂

        ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

    • #241761 Reply

      anonymous

      I dont readily see any commentary regarding any problems with the update for IE for Windows 10 Pro v1803.

      Did I miss it or is all going well?

      • #241768 Reply

        PKCano
        Da Boss

        Win10 don’t get IE11 CUs. There is a whole new CU for each supported version of Win10. If you have 1709 or 1803 and have not done the December Updates, there is a new SSU you will need to install first. Links to the SSUs ate on the main blog page about DEFCON.

        • #241785 Reply

          anonymous

          Now I’m really confused.  Running Windows 10 Pro x64 ver 1803 – Group A, Group Policy 2

          My Quality Update 10 day hold just gave me KB4471324 (12/11 update) which I was going to hide pending Defcon Rating 3.  There was also mention of an SSU KB4477137, but normally SSU’s are automatically installed with/before an update installed thru Windows Update (ie: not a manual install).

          This post then shows a KB4483234 for ver 1803 and you mention a new SSU.

          So, should I still hide KB4471324?

          Should I set my Quality Update hold to 0 days and will KB4483234 come down? Or should I leave QU at 10 days and wait it out?  Will this KB supercede KB4471324?

          When KB4483234 comes down, should I install it or hide it pending Defcon Rating 3?

          If I allow installation via Windows Updater, do I need to manually install a SSU? And is it KB4477137 or is there a newer SSU?

        • #241791 Reply

          anonymous

          there is a new SSU you will need to install first. Links to the SSUs ate on the main blog page about DEFCON.

          Sorry but where is “the main blog page about DEFCON.”

          • #241796 Reply

            Microfix
            Da Boss

            What PKCano is saying is, the links to the SSU patches are in Woody’s Blog:

            December 2018 Patch Tuesday is under way

            For those of you with Windows 10, there are new Servicing Stack updates:
            Win10 1709 Build 16229.846 KB 4477136
            Win10 1803 Build 17134.471 KB 4477137

            ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

            1 user thanked author for this post.
            • #241807 Reply

              anonymous

              Microfix, thanks for the clarifications.

              Could you or PK pls answer my other questions regarding bringing down, holding, and when to install the KB’s, and whether allowing Windows Updater to install the CU KB’s requires a manual download and install of the SSU beforehand.

            • #241813 Reply

              PKCano
              Da Boss

              We are on DEFCON2 = WAIT

              2 users thanked author for this post.
    • #241771 Reply

      geekdom
      AskWoody Plus

      Further information regarding December patches is now here:

      Where we stand with the December patches

      Group G{ot backup} TestBeta
      Win7Pro·x64·SP1·i3-3220·HDD·Microsoft Security Essentials·Windows Backup·Windows System Image·Windows Rescue Disk·Windows Firewall
    • #242287 Reply

      anonymous

      – There are still a number of programs that use some parts of Internet Explorer. E.g. the rendering machine/engine.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Heads up — Bug fix for IE coming out through Win10 cumulative updates, Win7 and 8.1

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.