Mim0

The File-Checker (HFSLIPFC) for HFSLIP

1,617 posts in this topic

Vulnerability in Windows Kernel Could Allow Elevation of Privilege (KB2724197)

EDIT: I was wrong. :Looks like there is some non security updates.

OCT.png

Mim0 already did KB2661254

Edit 2: Looks like 2661254 and a bunch of others went to a v2 so they will have to be replaced....

List of available rereleases

In some cases, to best meet customer needs, Microsoft is addressing this issue by rereleasing affected updates.

  • On October 9, 2012, Microsoft rereleased the KB723135 update for Windows XP. For more information, see MS12-053.
  • On October 9, 2012, Microsoft rereleased the KB2705219 update for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. For more information, see MS12-054.
  • On October 9, 2012, Microsoft rereleased the KB2731847 update for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. For more information, see MS12-055.
  • On October 9, 2012, Microsoft rereleased the updates for Microsoft Exchange Server 2007 Service Pack 3 (KB2756496), Microsoft Exchange Server 2010 Service Pack 1 (KB2756497), and Microsoft Exchange Server 2010 Service Pack 2 (KB2756485). For more information, see MS12-058.
  • On October 9, 2012, Microsoft rereleased the KB2661254 update for Windows XP. For more information, see Microsoft Security Advisory 2661254.

Edited by -X-
0

Share this post


Link to post
Share on other sites

From what I found:

2724197 replaces 2707511

2749655 (no replacement)

2756822 TZ update, replaces 2732052

890830 (MRT) v4.13 replaces v4.12

that's what I got so far.

bye!

0

Share this post


Link to post
Share on other sites

May I summarize all of these?

October 2012 Patch Tuesday

Windows XP

KB2724197 | MS12-068 | Kernel | 34845 | replaces KB2707511 (MS12-042)

KB2749655 | advisory | Wintrust.dll | 34924 | nothing replaced

KB2723135-v2 | 30590 (same link as before) *

KB2705219-v2 | 30497 (same link as before) *

KB2731847-v2 | 30564 (same link as before) *

KB2661254-v2 | 30503 (same link as before) *

KB2756822 | timezone | | 34931 | replaces KB2732052

KB890830 | MSRT v4.13.6701.0 | 16 (same link as before) | replaces v4.12.6601.0

* : Microsoft just re-signed their updates with new certificates. While the download link is the same as before, HFSLIPFC has to be aware of the v2 versions of these updates.

Office 2003

KB2687483 | MS12-064 | Microsoft Word | 34882 | replaces KB2598332 (MS12-029)

KB2687314 | MS12-064 | Word Converter (Compatibility Pack) | 34876 | replaces KB2596880 (MS12-029)

EDIT: Today (2012-10-10) Microsoft adds the "validation required" thing to the download pages of these updates: KB2661254 KB2749655 KB2756822

Darn it!

Edited by Explorer09
0

Share this post


Link to post
Share on other sites

Thank you all for very useful information :)

0

Share this post


Link to post
Share on other sites

Can anyone explain why KB2661254 (crypt32.dll)....

WindowsXP-KB2661254-v2-x86-ENU.exe KB2661254 Update For Minimum Certificate Key Length - Advisory 2661254

contains....

[Product.Add.Reg]
HKLM,"SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\109F1CAED645BB78B3EA2B94C0697C740733031C","Blob",0x00000001,03,00,00,00,01,00,00,00,14,00,00,00,10,9f,1c,ae,d6,45,bb,78,b3,ea,2b,94,c0,69,7c,74,07,33,03,1c,0f,00,00,00,01,00,00,00,10,00,\
00,00,05,85,87,0a,20,bd,9e,68,5a,85,14,a9,82,bb,2b,e2,18,00,00,00,01,00,00,00,10,00,00,00,3f,c8,cb,0b,c0,52,41,e5,8d,65,e9,44,8b,2d,07,c2,19,00,00,00,01,00,00,00,10,00,00,00,83,b6,53,18,66,4e,6f,a2,45,e0,d7,60,9f,b9,58,20,14,00,00,00,01,00,00,00,14,0\
0,00,00,26,5d,05,07,d8,2f,a2,60,84,bd,83,7d,f5,21,80,a7,05,6f,5a,85,04,00,00,00,01,00,00,00,10,00,00,00,09,c2,54,bd,e4,ea,50,f2,6d,14,97,f2,9c,51,af,6d,20,00,00,00,01,00,00,00,13,04,00,00,30,82,04,0f,30,82,02,f7,a0,03,02,01,02,02,0a,19,8b,11,d1,3f,9a\
,8f,fe,69,a0,30,0d,06,09,2a,86,48,86,f7,0d,01,01,04,05,00,30,70,31,2b,30,29,06,03,55,04,0b,13,22,43,6f,70,79,72,69,67,68,74,20,28,63,29,20,31,39,39,37,20,4d,69,63,72,6f,73,6f,66,74,20,43,6f,72,70,2e,31,1e,30,1c,06,03,55,04,0b,13,15,4d,69,63,72,6f,73,\
6f,66,74,20,43,6f,72,70,6f,72,61,74,69,6f,6e,31,21,30,1f,06,03,55,04,03,13,18,4d,69,63,72,6f,73,6f,66,74,20,52,6f,6f,74,20,41,75,74,68,6f,72,69,74,79,30,1e,17,0d,39,37,31,30,30,31,30,37,30,30,30,30,5a,17,0d,30,32,31,32,33,31,30,37,30,30,30,30,5a,30,8\
1,c3,31,2b,30,29,06,03,55,04,0b,13,22,43,6f,70,79,72,69,67,68,74,20,28,63,29,20,31,39,39,37,20,4d,69,63,72,6f,73,6f,66,74,20,43,6f,72,70,2e,31,41,30,3f,06,03,55,04,0b,13,38,4d,69,63,72,6f,73,6f,66,74,20,57,69,6e,64,6f,77,73,20,48,61,72,64,77,61,72,65\
,20,43,6f,6d,70,61,74,69,62,69,6c,69,74,79,20,49,6e,74,65,72,6d,65,64,69,61,74,65,20,43,41,31,1e,30,1c,06,03,55,04,0b,13,15,4d,69,63,72,6f,73,6f,66,74,20,43,6f,72,70,6f,72,61,74,69,6f,6e,31,31,30,2f,06,03,55,04,03,13,28,4d,69,63,72,6f,73,6f,66,74,20,\
57,69,6e,64,6f,77,73,20,48,61,72,64,77,61,72,65,20,43,6f,6d,70,61,74,69,62,69,6c,69,74,79,30,81,9f,30,0d,06,09,2a,86,48,86,f7,0d,01,01,01,05,00,03,81,8d,00,30,81,89,02,81,81,00,e0,4e,10,0e,b8,a7,ef,21,ca,60,5a,dc,9f,1e,3e,83,77,5a,29,2e,f9,4e,e5,08,5\
d,de,e1,cf,09,c0,1f,44,b7,07,a8,4b,a4,22,30,3b,19,06,83,ee,f3,ac,27,78,ae,ca,d6,40,2b,ce,79,01,e1,9d,56,8b,36,72,b1,63,90,5f,a0,b2,c0,66,a6,49,c5,3c,fa,26,a2,62,c3,d3,b5,cc,61,15,4c,f2,3f,b4,e7,45,08,43,89,7f,6a,8d,d5,66,fb,d7,ff,64,00,c4,11,fd,2c,a3\
,0b,75,b0,fb,e5,ac,26,65,a3,81,e6,66,49,3d,1d,73,7a,9b,71,d7,02,03,01,00,01,a3,81,da,30,81,d7,30,0f,06,03,55,1d,13,01,01,ff,04,05,30,03,01,01,ff,30,1f,06,03,55,1d,25,04,18,30,16,06,08,2b,06,01,05,05,07,03,03,06,0a,2b,06,01,04,01,82,37,0a,03,05,30,81,\
a2,06,03,55,1d,01,04,81,9a,30,81,97,80,10,5b,d0,70,ef,69,72,9e,23,51,7e,14,b2,4d,8e,ff,cb,a1,72,30,70,31,2b,30,29,06,03,55,04,0b,13,22,43,6f,70,79,72,69,67,68,74,20,28,63,29,20,31,39,39,37,20,4d,69,63,72,6f,73,6f,66,74,20,43,6f,72,70,2e,31,1e,30,1c,0\
6,03,55,04,0b,13,15,4d,69,63,72,6f,73,6f,66,74,20,43,6f,72,70,6f,72,61,74,69,6f,6e,31,21,30,1f,06,03,55,04,03,13,18,4d,69,63,72,6f,73,6f,66,74,20,52,6f,6f,74,20,41,75,74,68,6f,72,69,74,79,82,0f,00,c1,00,8b,3c,3c,88,11,d1,3e,f6,63,ec,df,40,30,0d,06,09\
,2a,86,48,86,f7,0d,01,01,04,05,00,03,82,01,01,00,16,d8,58,76,83,60,8b,e8,49,58,2c,05,0b,64,4d,40,ad,2d,4d,c2,fc,5f,7d,96,3c,d0,af,b9,54,52,28,28,d5,65,5e,8f,71,0e,b3,08,0e,15,09,c9,d5,92,cc,24,11,44,24,2d,51,df,af,54,44,4b,7b,d6,71,d4,d7,3a,35,7c,d1,\
86,b4,05,dc,a7,09,74,98,b2,1b,16,6d,39,a7,44,6a,ad,79,ea,a2,cd,ff,5b,2a,63,d1,84,84,22,ab,98,c6,87,62,62,1b,53,96,15,60,47,31,57,1e,e0,01,61,ad,36,ef,c5,2d,0a,b4,d0,18,53,f3,56,9c,b4,b7,b7,05,04,33,ad,29,27,93,51,07,0c,9e,be,80,ff,15,bc,26,c7,41,f3,6\
c,e2,c2,ea,af,b4,ae,5e,08,bb,a8,c9,5b,50,9b,4a,08,43,0c,ce,dc,ff,bb,2a,a7,81,6f,5f,ac,bc,75,28,ea,36,3e,bc,0a,94,45,0b,5c,cd,b5,e3,9f,23,8c,b5,07,81,3d,59,78,51,46,39,bc,a7,f6,6d,17,03,7f,ee,52,9a,39,bc,09,f2,d2,ba,a8,d7,95,05,eb,46,52,54,71,8e,e8,7e\
,cd,9a,6e,e7,4a,f3,a4,49,f0,ca,c6,95,a5,51,60,55,bd,74,1e,cb,2c,01

when this registry entry comes in a stock XP? It's in HIVESFT.INF.

Edited by -X-
0

Share this post


Link to post
Share on other sites

For some reason, WU only wanted the updates I posted, no "v2" of the older ones...

I mean, I installed the "v1" of the updates and that was it, WU didn't ask for the new versions...

Edited by jvidal
0

Share this post


Link to post
Share on other sites

That's because the binaries are the same. The only difference is in the update installer. They used a bad certificate to sign them.

0

Share this post


Link to post
Share on other sites

But, in the case of win7, it DID ask for the new (v2, v3 or v4) versions of the updates...weird...

0

Share this post


Link to post
Share on other sites

Can anyone explain why KB2661254 (crypt32.dll)....

WindowsXP-KB2661254-v2-x86-ENU.exe KB2661254 Update For Minimum Certificate Key Length - Advisory 2661254

contains....

[Product.Add.Reg]
HKLM,"SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\109F1CAED645BB78B3EA2B94C0697C740733031C","Blob",0x00000001, (skipped)

when this registry entry comes in a stock XP? It's in HIVESFT.INF.

That key is present in all of the crypt32.dll updates. AFAIK.

But, in the case of win7, it DID ask for the new (v2, v3 or v4) versions of the updates...weird...

In Vista/Win7 the certificates inside the updates are stored in your computer when you install the updates.

This is what I can tell so far. I don't use Win7 often.

0

Share this post


Link to post
Share on other sites

Hi guys,

thanks for your support - so I could compare my result.

new file-checker for XP:

2012-10-12
- Added: KB2723135 (MS12-053: Remote Desktop, v2)
- Added: KB2705219 (MS12-054: Networking Components, Remote Administration Protocol, v2)
- Added: KB2731847 (MS12-055: Windows Kernel-Mode Drivers , v2)
- Added: KB2724197 (MS12-068: Windows Kernel)
- Added: KB2661254 (Security Advisory 2661254: Minimum Certificate Key Length, v2)
- Added: KB2749655 (Security Advisory 2749655: Digital Certificates)
- Added: KB2756822 (Cumulative Time Zone Update)
- Added: Adobe Flash Player 11.4.402.287
- Added: Malicious Software Removal Tool 4.13.6701.0
- Removed: KB2723135 (MS12-053: Remote Desktop, replaced by KB2723135v2)
- Removed: KB2705219 (MS12-054: Windows Networking Components, Remote Administration Protocol, replaced by KB2705219v2)
- Removed: KB2731847 (MS12-055: Windows Kernel-Mode Drivers, replaced by KB2731847v2)
- Removed: KB2707511 (MS12-042: Windows Kernel, replaced by KB2724197)
- Removed: KB2661254 (Security Advisory 2661254: Minimum Certificate Key Length, replaced by KB2661254v2)
- Removed: KB2732052 (Cumulative Time Zone Update, replaced by KB2756822)
- Removed: Adobe Flash Player 11.4.402.278
- Removed: Malicious Software Removal Tool 4.12.6601.0

Download: HFSLIPFC v.2012/05/04 with WindowsXP-update-list v.2012/10/12

btw... is there something to do with this: ?

Can anyone explain why KB2661254 (crypt32.dll)....

WindowsXP-KB2661254-v2-x86-ENU.exe KB2661254 Update For Minimum Certificate Key Length - Advisory 2661254

contains....

[Product.Add.Reg]
HKLM,"SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\109F1CAED645BB78B3EA2B94C0697C740733031C","Blob",0x00000001,03,00,00,00,01,00,00,00,14,00,00,00,10,9f,1c,ae,d6,45,bb,78,b3,ea,2b,94,c0,69,7c,74,07,33,03,1c,0f,00,00,00,01,00,00,00,10,00,\
00,00,05,85,87,0a,20,bd,9e,68,5a,85,14,a9,82,bb,2b,e2,18,00,00,00,01,00,00,00,10,00,00,00,3f,c8,cb,0b,c0,52,41,e5,8d,65,e9,44,8b,2d,07,c2,19,00,00,00,01,00,00,00,10,00,00,00,83,b6,53,18,66,4e,6f,a2,45,e0,d7,60,9f,b9,58,20,14,00,00,00,01,00,00,00,14,0\
...

when this registry entry comes in a stock XP? It's in HIVESFT.INF.

Edited by Mim0
0

Share this post


Link to post
Share on other sites

@Mimo

thanks for the update but File-checker doesn't remove WindowsXP-KB2731847-x86.reg from HFSVCPACK directory

0

Share this post


Link to post
Share on other sites

AAA understand that reg file contents not changed :blushing:

0

Share this post


Link to post
Share on other sites

Maybe it should be renamed to WindowsXP-KB2731847-v2-x86.reg?????

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.