{"id":8409,"date":"2017-07-21T06:30:54","date_gmt":"2017-07-21T14:30:54","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/07\/21\/news-2183\/"},"modified":"2017-07-21T06:30:54","modified_gmt":"2017-07-21T14:30:54","slug":"news-2183","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/07\/21\/news-2183\/","title":{"rendered":"Where are the fixes to the botched Outlook security patches?"},"content":{"rendered":"<p><img decoding=\"async\" src=\"http:\/\/zapt4.staticworld.net\/images\/article\/2016\/01\/question_mark-100636174-primary.idge.jpg\"\/><\/p>\n<p><strong>Credit to Author: Woody Leonhard| Date: Fri, 21 Jul 2017 05:39:00 -0700<\/strong><\/p>\n<p>On June 13\u2014five and a half weeks ago\u2014Microsoft released a series of buggy patches for Outlook. We know they\u2019re buggy because <a href=\"https:\/\/support.office.com\/en-us\/article\/Outlook-known-issues-in-the-June-2017-security-updates-3f6dbffd-8505-492d-b19f-b3b89369ed9b?ui=en-US&amp;rs=en-US&amp;ad=US\">Microsoft acknowledged seven bugs<\/a> (including one primarily caused by bugs in Windows patches) in those four original June 13 security patches. As of this morning, we still don\u2019t have fixes for those seven bugs.<\/p>\n<p>Here are the known buggy original security patches:<\/p>\n<p>If you have Automatic Update turned on, you were treated not only to those patches, but to all of these three later, interim fixes for the bugs in the security patches. Don&#8217;t get too excited about them. In fact, they didn&#8217;t fix the bugs:<\/p>\n<p>Those KB numbers don\u2019t line up with the originally buggy security patch numbers because Microsoft didn\u2019t re-release the bad patches. These new interim patches aren\u2019t cumulative. In other words, in order to get Outlook 2016 patched, for example, you had to install the June 13 patch, then install the June 30 patch. Except, well, the June 30 patch didn\u2019t fix the problems created by the June 13 patch.<\/p>\n<p>Got that?<\/p>\n<p>Lots of Outlook users and admins have been waiting for new fixes ever since <a href=\"http:\/\/www.computerworld.com\/article\/3208033\/microsoft-windows\/microsoft-yanks-bad-outlook-patches-of-patches-kb-3191849-3213654-401042.html\">Microsoft pulled the three interim patches on July 15<\/a>. (Outlook 2007 never received an interim patch.) If Microsoft\u2019s told anyone why they pulled those interim patches, I haven\u2019t heard about it. I haven\u2019t seen any instructions about removing the interim patches. We\u2019re all left sitting in limbo.<\/p>\n<p>On Monday, Microsoft sent its largest customers a secret email saying they would release new patches on Tuesday.<\/p>\n<p>The new security updates scheduled for release are intended to address currently unresolved functional issues affecting Outlook.<\/p>\n<p>But Tuesday came and went, and there weren\u2019t any new patches\u2014re-issues, interim, cumulative or otherwise.<\/p>\n<p>One of the \u201cfixes\u201d to the Outlook bugs proposed by Microsoft relies on patches to Windows itself, and <strong>those<\/strong> patches are going through a <a href=\"http:\/\/computerworld.com\/article\/3209042\/microsoft-windows\/more-june-security-patch-bugs-you-can-patch-an-ie-flaw-cve-2017-8529-or-print-inside-iframes-but-no.html\">mind-numbing series of flip-slops<\/a>. Anybody who used Automatic Update this past month has seen their systems flop around like a beached bluegill.<\/p>\n<p>Ball\u2019s in your court, again, Microsoft.<\/p>\n<p>Discussion continues on the\u00a0<a href=\"https:\/\/www.askwoody.com\/2017\/where-are-the-fixes-to-the-botched-june-office-security-patches\/\" target=\"_blank\">AskWoody Lounge<\/a>.<\/p>\n<p><a href=\"http:\/\/www.computerworld.com\/article\/3209710\/microsoft-windows\/where-are-the-fixes-to-the-botched-outlook-security-patches.html#tk.rss_security\" target=\"bwo\" >http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"http:\/\/zapt4.staticworld.net\/images\/article\/2016\/01\/question_mark-100636174-primary.idge.jpg\"\/><\/p>\n<p><strong>Credit to Author: Woody Leonhard| Date: Fri, 21 Jul 2017 05:39:00 -0700<\/strong><\/p>\n<article>\n<section class=\"page\">\n<p>On June 13\u2014five and a half weeks ago\u2014Microsoft released a series of buggy patches for Outlook. We know they\u2019re buggy because <a href=\"https:\/\/support.office.com\/en-us\/article\/Outlook-known-issues-in-the-June-2017-security-updates-3f6dbffd-8505-492d-b19f-b3b89369ed9b?ui=en-US&amp;rs=en-US&amp;ad=US\">Microsoft acknowledged seven bugs<\/a> (including one primarily caused by bugs in Windows patches) in those four original June 13 security patches. As of this morning, we still don\u2019t have fixes for those seven bugs.<\/p>\n<p>Here are the known buggy original security patches:<\/p>\n<ul>\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/3191898\/descriptionofthesecurityupdateforoutlook2007june13,2017\">KB 3191898<\/a> \u2013 Security update for Outlook 2007, released June 13, 2017<\/li>\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/3203467\/descriptionofthesecurityupdateforoutlook2010june13,2017\">KB 3203467<\/a> \u2013 Security update for Outlook 2010, released June 13<\/li>\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/3191938\/descriptionofthesecurityupdateforoutlook2013june13,2017\">KB 3191938<\/a> \u2013 Security update for Outlook 2013, June 13<\/li>\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/3191932\/descriptionofthesecurityupdateforoutlook2016june13,2017\">KB 3191932<\/a> \u2013 Security update for Outlook 2016, June 13<\/li>\n<\/ul>\n<p>If you have Automatic Update turned on, you were treated not only to those patches, but to all of these three later, interim fixes for the bugs in the security patches. Don&#8217;t get too excited about them. In fact, they didn&#8217;t fix the bugs:<\/p>\n<p class=\"jumpTag\"><a href=\"\/article\/3209710\/microsoft-windows\/where-are-the-fixes-to-the-botched-outlook-security-patches.html#jump\">To read this article in full or to leave a comment, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[714,10525],"class_list":["post-8409","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-security","tag-windows"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/8409","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=8409"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/8409\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=8409"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=8409"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=8409"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}