[wela]

I don´t have a smartcard reader.

[bfc_xxx]

6 new updates today on WU. kb923561, kb961373, kb956572, kb952004, kb960803, kb959426

[Acheron]

No issues here after integrating on Windows XP SP3

Add April 2009 security updates:
KB961373 - Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (supersedes KB951698)
KB963027 - Cumulative Security Update for Internet Explorer (supersedes KB963027)
KB960803 - Vulnerabilities in Windows HTTP services could allow remote code execution 
KB956572 - Vulnerabilities in Windows Could Allow Elevation of Privilege (supersedes KB960419,KB960496)
KB952004 - Vulnerabilities in Windows Could Allow Elevation of Privilege
KB959426 - Blended threat vulnerability in SearchPath could allow elevation of privilege
KB890830 - Microsoft Windows Malicious Software Removal Tool

[Saladin]

Ah, patch week....

Acheron, minor thing, but I think you have a might have a couple of typos in your april changelog list...

Shouldn't the list go like this?

Add April 2009 security updates:
KB961373 - Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (supersedes KB951698)
KB963027 - Cumulative Security Update for Internet Explorer (supersedes KB963027 KB961620)
KB960803 - Vulnerabilities in Windows HTTP services could allow remote code execution
KB956572 - Vulnerabilities in Windows Could Allow Elevation of Privilege (supersedes KB960419,KB960496 KB956841)
KB952004 - Vulnerabilities in Windows Could Allow Elevation of Privilege
KB959426 - Blended threat vulnerability in SearchPath could allow elevation of privilege (supercedes KB935839)
KB923561 - Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution
KB890830 - Microsoft Windows Malicious Software Removal Tool v2.9 (supercedes v2.8)

(great - the one person who's responded to my other post regarding the gpl and hfslip (my first post), and my second one is to turn around and try correct something they've done. Oh yeah, I'm winning the 'most popular on this forum' award for sure...<grin>)

[Brimborium]

There seems to be a problem with Windows 2000 and the new DX9 hotfix (KB961373): hfslip 1.7.9_beta_h doesn't seem to recognize it as DX-specific while slipstreaming, i.e. unlike KB951698-v2 it will be extracted like a normal hotfix, and is also offered on Microsoft Update afterwards. The rest of this week's patchday seems to work fine though.

My config:
Win2k Pro German
IE6 SP1 + WMP 6.4
DX9c original release
MDAC 2.81 SP1
MSXML 4.0 SP2 + 6.0 SP2

This post has been edited by Brimborium: 17 April 2009 - 10:02 AM

[James_A]

@Saladin
Corrections look good to me, except

Saladin, on Apr 17 2009, 12:32 AM, said:

KB963027 - Cumulative Security Update for Internet Explorer (supersedes KB963027 KB961620)

applies to IE 7 only. For IE 6 users (and on Windows 2000) supersedes KB958215 & KB960714.

@Brimborium

Brimborium, on Apr 17 2009, 05:01 PM, said:

MSXML 4.0 SP2 + 6.0 SP2

MSXML 4.0 SP2 has been superseded by SP3.

.

[tommyp]

tommyp, on Nov 21 2008, 06:04 PM, said:

.... This thread is not intended as a game to who posts first on what replaces what on patch Tuesdays. If one needs to get information as early as possible on patch availability visit this site.

Sorry real life got in the way and was not able to touch my PC until today. Does someone else want to maintain the lists?

[Brimborium]

Thanks for the new beta version to fix the DX9 issue, tommyp. KB961373 integrates without problems now, and the same goes for MSXML 4.0 SP3 (thanks James_A for the hint) if you replace msxml4-KB954430 with msxml.msi in the HF folder.

However, there is a small cosmetic glitch: HFSLIP.log and control panel still show 1.7.9_beta_h instead of i.

This post has been edited by Brimborium: 18 April 2009 - 11:17 AM

[tommyp]

Brimborium - Glad it worked out for you. The newest beta rev j is posted which fixes that revision issue. Thanks for the constructive criticism!

[bfc_xxx]

tommyp, on Apr 17 2009, 04:36 PM, said:

tommyp, on Nov 21 2008, 06:04 PM, said:

.... This thread is not intended as a game to who posts first on what replaces what on patch Tuesdays. If one needs to get information as early as possible on patch availability visit this site.

Sorry real life got in the way and was not able to touch my PC until today. Does someone else want to maintain the lists?

I could help maintaining the xp list.

[Martin H]

On the Win2k page, then this link dosen't work: (page dosen't exist anymore)

IE6.0sp1-KB963027-Windows2000-x86-ENU.exe:
http://www.microsoft.com/downloads/details...c12f9d69b03b%5C

The correct link is:
http://www.microsoft.com/downloads/details...;displaylang=en

(I'm not using IE6 myself, but discovered the issue while updating the HFSLIP folder structure for my fathers PC, and he insists on keeping IE around for bad webpages)

This post has been edited by Martin H: 28 April 2009 - 08:05 AM

[halfman]

About last patch week and MS09-12.

Quote

Why does this bulletin contain two updates for each affected operating system?
This bulletin contains two updates, identified by KB number, for all affected operating systems. Customers of Microsoft Windows 2000 only need to apply update package KB952004. Customers running other affected operating systems need to apply security update packages KB952004 and KB956572 for each operating system as applies in their environment.

The two updates are necessary for most affected operating systems because the modifications that are required to address the vulnerabilities are located in separate components. KB952004 addresses the publicly known issue in the MSDTC transaction facility. KB956572 provides the architectural changes needed to ensure proper service isolation across other services on Windows platforms.

So, XP hotfixes list needs to be updated:
+ KB956572
- KB956841 - MS08-064 (replaced by KB956572)


And, download link for WindowsXP-KB905474-ENU-x86-Standalone.exe has gone. Probably, file moved somewhere.

[willydejoe1234]

here is the latest English version

http://www.microsoft.com/downloads/details...;displaylang=en

[Martin H]

Hi Tom

Two small things about your Win2k list:

Listed twice: Windows-KB909520-v1.000-x86-ENU.exe

Wrong description: Windows2000-KB967715-x86-ENU.EXE; it's marked as junk and described as "Autorun disable...", but by reading the KB article through, then it states that the update dosen't disable autorun, and i'm not sure that it's really "Junk":

"The updates that this article describes fix a problem with the disable Autorun feature. Without these updates, Autorun for a network drive cannot be disabled"

And:

Does this update change my current Autorun settings?
No. The update does not change the current Autorun settings on your system. Instead, the update lets users correctly enforce Autorun settings.

[Muppet Hunter]

I've just read Martin's post about KB967715 and I think that the same argument applies to the XP version of the hotfix. However, an additional reason for not describing the XP update as junk is as follows :-

KB967715 updates shell32.dll to version 6.0.2900.5622 and since hfslip uses the QFE version of this update it would effectively include the fix from KB949860 (shell32.dll version 6.0.2900.5555). KB949860 cures the longstanding windows explorer update bug which is most often seen if you use 'run as' to run Windows Exporer as admin for the purposes of carrying out maintenance. Without this hotfix automatic refresh would normally be impaired so that files/folders don't appear or disappear when moving/copying/deleting etc. Dialog boxes relying on the explorer shell which are called from within programs run under different user credentials are also affected.

I'm not sure if 2k was affected by this bug because KB949860 only applied to XP.

This post has been edited by Muppet Hunter: 09 May 2009 - 11:24 AM

[jvidal]

in the xp updates list, IE8 KB968220 (compatibility update) should be replaced with KB969497
I also think windows media 11 kb929399 should be removed, I ahve never installed it and WU has never asked for it. I think it's optional/not needed/non-critical.

This post has been edited by jvidal: 21 May 2009 - 06:10 PM

[tommyp]

Can someone else verify KB929399? This is one of those fixes that go on and off the list. Besides, it's a bugfix that will typically not get reported as a critical update.

[Geej]

tommyp, on May 22 2009, 09:42 AM, said:

Can someone else verify KB929399? This is one of those fixes that go on and off the list. Besides, it's a bugfix that will typically not get reported as a critical update.

If I remove windowsmedia11-kb929399-v2-x86-intl.exe from HFSVCPACK_SW1 folder, Windows Update will prompt for download after boot to desktop. (tested in VM only).

[jvidal]

now, that's weird, I have NEVER included it and WU has NEVER asked for it.
BTW, it should go in HF, not HFSVCPACK_SW1.

This post has been edited by jvidal: 22 May 2009 - 12:29 PM

[Geej]

jvidal, on May 23 2009, 02:28 AM, said:

now, that's weird, I have NEVER included it and WU has NEVER asked for it.
BTW, it should go in HF, not HFSVCPACK_SW1.

If WU never ask for update, then check file version for msscp.dll (located in system32).
For my case,
If I did not include windowsmedia11-kb929399-v2-x86-intl.exe, the file version is 11.0.5721.5145
If I include windowsmedia11-kb929399-v2-x86-intl.exe, the file version is 11.0.5721.5201

BTW, all my WMP11 hotfix is located in HFSVCPACK_SW1. (As long as it takes /quiet /norestart switch, I put it there)
I'm using hfslip-1.7.9_beta_k.cmd, with WMP11 slipstream method as per HFslip webpage. On XP Pro. WU has no complain about missing WMP11 hotfix so far.

Edit==>: I did another test, with windowsmedia11-kb929399-v2-x86-intl.exe in HF folder. Also works. (file version is 11.0.5721.5201 ). Hence either HF or HFSVCPACK_SW1 also works.

This post has been edited by Geej: 23 May 2009 - 04:17 AM