Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Microsoft Patch Tuesday followup: KB3097877 re-issued! - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Microsoft Patch Tuesday followup: KB3097877 re-issued!

As a follow-up to the this month's Microsoft Patch Tuesday.  It appears that Microsoft has quietly re-released the problematic KB3097877 fix.  The original was reportedly causing some versions of Outlook to crash on systems and other Windows issues with this patch applied.

Please let us know if you are still experiencing difficulties with the new version applied.

-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)

Rick

290 Posts
ISC Handler
The issue with Outlook is apparently fixed but the other Windows issue not according to multiple sources. RE:

2) Microsoft has not addressed the reported issue of blank or blinking screens after attempted logins that was supposedly resolved by removing this patch, according to some users. A few users are reporting this happens on touch screen systems with on-screen keyboards only and remote controlling them gives them access when the issue happens; some are also saying this happens of regular PCs but remote controlling also works. All are saying uninstalling the patch fixes the problem. Reference: https://social.technet.microsoft.com/Forums/windows/en-US/336eae75-b5f4-41ea-bd2b-5f0248585a66/blank-screen-after-pressing-ctrlaltdel-for-login-after-windows-updates-no-way-of-logging-in-on?forum=w7itpronetworking
Anonymous
Loads of comments on my blog saying the updated patch has not fixed the log in issues. In fact one user fixed the issue by uninstalling the original patch. Installed the revised patch and had the same log in issues again
http://myonlinesecurity.co.uk/kb3097877-causing-severe-difficulties-for-some-windows-7-users-november-2015-windows-updates/
DVK01

21 Posts
As some machines here were still showing Tuesday's issue date for the patch via Win7x64 Windows Update and others were spinning wheels trying to 'check for updates' when manually triggered, I decided to download the patch directly and deploy manually.


Microsoft fails again as the direct download is the defective one issued on Tuesday.

FAIL LINK:

https://www.microsoft.com/en-us/download/details.aspx?id=49787


Since I spent 3+ hours on the phone yesterday with them trying to get the defective patch pulled and have an open case, I will attempt to let them know of their latest FAIL!
AnAdmin

10 Posts
* https://support.microsoft.com/en-us/kb/3097877
Last Review: 11/12/2015 19:00:00 - Rev: 5.0 <<

,
PC.Tech

34 Posts
I continue to receive calls from MS support related to the ticket I opened yesterday.

Unfortunately, they are 'offshore' without working VOIP phones.

This happened yesterday and I have taken 4 more calls today that ended in 'Hello? Hello?'.


Despite all of my efforts (about 6 hours of time), the reps who are contacting me STILL HAVE NO IDEA WHAT THE PROBLEM IS!!!

They think I am trying to 'Install Windows 10'!!!


$20K+ per year in Software Assurance is worth what?



Satya Madella, Microsoft's CEO, is directly responsible for this specific situation as at least two of the calls today were initiated based upon a fax to her.

Microsoft's CEO now knows that 6+ hours of a customer's time will result in nothing useful.


If you work for the Antitrust Division of the Department of Justice, it is time open another investigation and start fining this negligent corporation.
AnAdmin

10 Posts
___

- https://support.microsoft.com/en-us/kb/3097877
Last Review: 11/13/2015 02:21:00 - Rev: 8.0 <<
.
PC.Tech

34 Posts
Last night I actually did the very thing they posted (I had not seen the bulletin till just now). It worked for our Kupa tablet, and I double checked the install history and the patch is definitely gone. Won't re-apply the new one though, not just yet. Gun shy!

Is this a M$ ruse to get everyone to move to Win10? ;-)
Val

10 Posts
My WSUS server has two KB3097877 now (11/13/15). One is declined (which I did early 11/11), but other is not. Checking the revision numbers in WSUS, the newest is revision 200, while the other, older is revision 202 and 201. So the revision numbers decrease!?!? Good luck finding the revision numbers in Windows update history.
R

34 Posts
I totally share your point of view regarding the M$ Ruse :) Of course it is !
GeraldFla

1 Posts

Sign Up for Free or Log In to start participating in the conversation!