{"id":11614,"date":"2018-02-28T06:30:12","date_gmt":"2018-02-28T14:30:12","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/02\/28\/news-5385\/"},"modified":"2018-02-28T06:30:12","modified_gmt":"2018-02-28T14:30:12","slug":"news-5385","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/02\/28\/news-5385\/","title":{"rendered":"Microsoft Patch day brings bug warnings, another Office CtR, and the return of KB 2952664"},"content":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Wed, 28 Feb 2018 05:54:00 -0800<\/strong><\/p>\n

Once upon a time, the fourth Tuesday of the month was reserved by Microsoft for non-security patches. How times have changed. Yesterday, we saw a bunch of new bug warnings \u2014 including an admonition to uninstall a previous buggy .Net Preview patch \u2014 and an unexpected fourth update this month for Office 365\u2019s reputedly stable Monthly Channel.<\/span><\/p>\n

The Feb. 2018 .Net Framework Previews \u2014 which were <\/span>pulled last Thursday<\/span><\/a>\u00a0\u2014 got new warnings. Each of these updated KB articles:<\/span><\/p>\n

… has been modified to include this warning:<\/span><\/p>\n

.NET Framework applications might experience <\/span>System.Security.Cryptography.Xml.Reference.LoadXml <\/strong>exception errors after you install the February 2018 .NET Framework Preview of Quality Rollup updates for Windows 7 SP1, and Server 2008 SP2 and Server 2008 R2 SP1.<\/span><\/p>\n

Because of this known issue, update<\/span> KB 4073701<\/span><\/a> is no longer available from Windows Update, WSUS, or Microsoft Update Catalog as of February 23, 2018.<\/span><\/p>\n

For more information about this known issue, go to the following article in the Microsoft Knowledge Base:<\/span><\/p>\n

4091227<\/span><\/a> Exceptions in System.Security.Cryptography.Xml.Reference.LoadXml after you install the February 2018 .NET Framework Preview of Quality Rollup updates for Windows 7 SP1, Server 2008 R2 SP1, and Server 2008 SP2<\/span><\/p>\n

The instructions at KB 4091227 tell you how to uninstall the patches. Which you should take as a subtle hint that, if you got suckered into installing the Previews, you better get rid of them.<\/span><\/p>\n

None of those patches are currently available in the Microsoft Update Catalog. No indication when they might reappear.<\/span><\/p>\n

Both of the KB articles for this month\u2019s Win7 patches have been updated. <\/span>KB 4074598<\/span><\/a>, the February Win7 Monthly Rollup, and<\/span> KB 4074587<\/span><\/a>, the Feb Win7 Security-Only patch, both triigger a bizarre error, \u201cSCARD_E_NO_SERVICE.\u201d The KB articles now say:<\/span><\/p>\n

The LSM.EXE process and applications that call SCardEstablishContext or SCardReleaseContext may experience a handle leak. Once the leaked handle count reaches a certain threshold, smart card-based operations fail with error “SCARD_E_NO_SERVICE”. Confirm the scenario match by reviewing the handle counts for LSM.EXE and the calling processes in the process tab of Task Manager or an equivalent application.<\/span><\/p>\n

Monitor the handle counts for the LSM.EXE process and the calling process before and after installing this update. Restart the operating system that’s experiencing the handle leak as required.<\/span><\/p>\n

Microsoft is working on a resolution and will provide an update in an upcoming release<\/span><\/p>\n

Which, I\u2019m sure, is comforting news for most Windows 7 customers.<\/span><\/p>\n

You would think that the Office \u201cMonthly Channel\u201d would be stable enough to warrant the name \u201cMonthly Channel.\u201d Not so. Microsoft just released the <\/span>fourth version<\/span><\/a> of Office 365 this month \u2014 build 9001.2138 on Feb. 1, 9001.2144 on Feb. 7, 9001.2171 on Feb. 13, and now version 1802 build 9029.2167 on Feb. 26.<\/span><\/p>\n

Poster <\/span>bobcat5536 on AskWoody<\/span><\/a> put it succinctly:<\/span><\/p>\n

Just did notice that Office 365 has yet another update released on the monthly channel yesterday. That makes 4 this month. Why don\u2019t they rename it the weekly channel. This update stuff is just pure madness.<\/span><\/p>\n

There\u2019s a new bug posted for<\/span> KB 4077525<\/span><\/a>, the second Monthly Rollup this month for Win10 1607:<\/span><\/p>\n

After installing this update, servers where Credential Guard is enabled may restart unexpectedly. The error is \u201cThe system process lsass.exe terminated unexpectedly with status code -1073740791. The system will now shut down and restart.\u201d<\/span><\/p>\n

Event ID 1000 in the application log shows:<\/span><\/p>\n

\u201cC:windowssystem32lsass.exe\u2019 terminated unexpectedly with status code -1073740791<\/span><\/p>\n

Faulting application: lsass.exe, Version: 10.0.14393.1770, Time Stamp: 0x59bf2fb2<\/span><\/p>\n

Faulting module: ntdll.dll, Version: 10.0.14393.1715, Time Stamp: 0x59b0d03e<\/span><\/p>\n

Exception: 0xc0000409<\/span><\/p>\n

English translation: Stop using Win10 1607.<\/span><\/p>\n

Windows XP has been out of service for almost four years, but Office 2010 won\u2019t hit its extended support date until October 2020. So we got a brand-new <\/span>KB 4018314<\/span><\/a> \u2014 February 26, 2018, update for Outlook 2010. The KB article says, through seemingly clenched teeth:<\/span><\/p>\n

This update fixes the following issue:<\/span><\/p>\n

After you install KB4011273 on a Windows XP or Windows Server 2003-based computer, you receive an error message that resembles the following when you start Microsoft Outlook 2010:<\/span><\/p>\n

CompareStringOrdinal not found in dynamic link library KERNEL32.dll<\/span><\/p>\n

Which apparently means nobody bothered testing <\/span>KB 4011273<\/span><\/a>, last month\u2019s Outlook 2010 security patch, on XP or Server 2003. And it took nearly two months to fix it.<\/span><\/p>\n

To put a little cherry bomb on top, our <\/span>old snooping friends<\/span><\/a> KB 2952664 (for Win7) and KB 2976978 (for 8.1) have re-re-appeared. As I <\/span>mentioned <\/span><\/a>earlier this month:<\/span><\/p>\n

Starting this month, Microsoft feeds<\/span> Meltdown\/Spectre vulnerability information<\/span><\/a> into its Azure-based Windows Analytics package using telemetry from those patches. If you\u2019re running Windows Analytics and you don\u2019t want to use<\/span> Steve Gibson\u2019s inSpectre<\/span><\/a>, the patches are worthwhile, snooping and all. If you don\u2019t plan to upgrade to Win10, and don\u2019t care about an Azure-based snooping tool, there\u2019s no reason to install KB 2952664 or KB 2976978 .<\/span><\/p>\n

For whatever reason, as of early Wednesday morning, Microsoft still hasn\u2019t released a fix for the<\/span> acknowledged bugs<\/span><\/a> in this month\u2019s cumulative update for Win10 Fall Creators Update, version 1709. Some of the folks who run the latest Windows 10 are still getting INACCESSIBLE_BOOT_DEVICE bluescreens. Others are having their USB devices wiped out.<\/span><\/p>\n

It\u2019s been a pesky patching month.<\/span><\/p>\n

You can see a list of all of this month\u2019s updated KB articles on the <\/span><\/i>AskWoody site<\/span><\/i><\/a>.<\/span><\/i><\/p>\n

Thx to @SB, @MrBrian, @abbodi86, @PKCano, @bobcat5536 and many others.<\/span><\/i><\/p>\n

Join us for ruminations and recriminations on the <\/span><\/i>AskWoody Lounge<\/span><\/i><\/a>.<\/span><\/i><\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Wed, 28 Feb 2018 05:54:00 -0800<\/strong><\/p>\n

\n
\n

Once upon a time, the fourth Tuesday of the month was reserved by Microsoft for non-security patches. How times have changed. Yesterday, we saw a bunch of new bug warnings \u2014 including an admonition to uninstall a previous buggy .Net Preview patch \u2014 and an unexpected fourth update this month for Office 365\u2019s reputedly stable Monthly Channel.<\/span><\/p>\n

New .Net Preview warning to uninstall<\/strong><\/h2>\n

The Feb. 2018 .Net Framework Previews \u2014 which were <\/span>pulled last Thursday<\/span><\/a>\u00a0\u2014 got new warnings. Each of these updated KB articles:<\/span><\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[714,11619,10761],"class_list":["post-11614","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-security","tag-software","tag-windows-10"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/11614","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=11614"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/11614\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=11614"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=11614"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=11614"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}