Windows

It's Microsoft Patch Tuesday: July 2010

Justin James gathers the information you need to make the right decision on applying Microsoft's July 2010 patches in your organization.

This month's patches were nice and short. Unfortunately, two of the patches are for publicly reported vulnerabilities, and it baffles me that we had to wait until Patch Tuesday for them, while we got cumulative updates for Windows Media Play out-of-band.

This blog post is also available in PDF format in a TechRepublic download. The previous month's Microsoft Patch Tuesday blog entries are also available.

Security Patches

MS10-042/KB2229593 - Critical (XP)/Low (2003): This is the patch for the Help bug that was publicly disclosed in June. You will want to apply it immediately. 745KB - 2.2MB MS10-043/KB2032276 - Critical (W7)/Important (2008 R2): A problem with the Canonical Display Driver is allowing remote code execution attacks. Even though Windows' randomization of memory makes it hard for this attack to execute code, you should install this patch as soon as you can. 475KB - 623KB MS10-044/KB982335 - Critical (Office 2007, Office 2007): There's a security problem in the Microsoft Office Access ActiveX controls that can allow remote code execution attacks. This fix resolves the problem. Since you should not be allowing untrusted Web sites to run ActiveX, you can wait until your next patch cycle for this one.  3.7MB - 10.3 MS10-045/KB978212 - Important (Office XP, Office 2003, Office 2007): This patch resolves an issue in Outlook that allows remote code execution attacks with the same rights as the logged-in user if the user opens an attachment. Microsoft downgrades this because of the limited rights, but I think it is much more important due to it being an issue with opening attachments. I suggest that you install this patch quickly. 4.2MB - 12.5MB

Other Updates

KB982300 - An update for Windows 7 and Server 2008 R2 to resolve an issue where some computers crash on restart if they have certain LSI 1394 (FireWire) controllers. 160KB - 200KB

"The Usual Suspects": Updates to the Malicious Software Removal Tool (11.5MB - 11.8MB) and Junk Email filters (2.2MB).

Changed, but not significantly:

Platform Update for Windows Server 2008 and Windows Vista (KB971644)

Updates since the last Patch Tuesday

There have been a number of minor items added and updated since the last Patch Tuesday:

.NET 3.5 SP1 update for 2008 and Vista (KB956250) 2.0MB - 6.3KB

Update for the Active Directory Domain Services Best Practice Analyzer for 2008 R2 x64 (KB980360) 276KB

Update for Windows 7 and 2008 R2 to work better with apps designed for Vista (KB980846) 529KB - 1.4MB

Windows Media Player Cumulative Update for Vista (KB981078) 10.2MB - 11.0MB

Compatibility Update for Vista, Windows 7, 2008, and 2008 R2 (KB982519) 1.7MB - 4.0MB

.NET 2.5 SP1 and 2.0 SP2 Update for 2003 and XP (KB982524) 116KB - 313KB

.NET 3.5 SP1 update for Vista and 2008 (KB982525) 2.0MB - 6.3MB

.NET 3.5 SP1 update for Windows 7 and 2008 R2 (KB982526) 1.9MB - 6.2MB

.NET Client Profile 4 for XP, Vista, and Windows 7 (KB982670) 2.0MB - 43MB

.NET 4 for XP, Vista, Windows 7, 2003, 2008, and 2008 R2 (KB982671) 2.0MB - 54MB

Changed, but not significantly:

Stay on top of the latest Microsoft Windows tips and tricks with TechRepublic's Windows Desktop newsletter, delivered every Monday and Thursday. Automatically sign up today!

About

Justin James is the Lead Architect for Conigent.

20 comments
AceNewsService
AceNewsService

I have just been alerted today about updates so l will report back when they are installed, but still find a lot of additional security leads to more control by company over your computer.I realise that this is by remote assistance and useful for some, but l add these updates as they are needed. But most of the time my use of windows is limited as l use google apps and will one day have a new computer - not running Windows.

oldbaritone
oldbaritone

Why was Media Player out-of-band but "Critical" vulnerability waiting until Patch Tuesday? Hmmm... maybe... ???

bitdoctor
bitdoctor

And, when you say "Changed, but not significantly," are you meaning 'Previous Patches' that have some updates and/or changes to them?

rasilon
rasilon

Your summaries of Patch Tuesdays are my favorite. I post them every month in my blog. Hank Arnold (MVP)

Who Am I Really
Who Am I Really

Don't know yet, I have WAU set to DL & annoy but don't install I ran the July MRT tool with no problem I'll just leave the update in ...\SoftwareDistribution\Download\... for a few days until there's no indication that there might be any problems also I noticed that my win2K workstations got nothing guess that means support actually ended last month (June)

Mark W. Kaelin
Mark W. Kaelin

Are the patches described by Justin giving you trouble this month? Share your experience with your peers, maybe we can help?

pgit
pgit

I'm just over the hill in the Corning area... We've been sitting in the hot sunshine over here watching the thunderstorms over you guys off to the east. Just yesterday we watched one big, isolated thunderhead glowing red and orange in the sunset, somewhere over in your neck. Absolutely beautiful... You folks gathering up the rain for fracking the Marcellus? =D

bitdoctor
bitdoctor

That made me ROTFL! You may be more right than you know - get those DRM-bypass commissions before we put this latest DRM Media Player patch in!

Justin James
Justin James

That typically means that the update's metadata changes (such as which languages it applies to, or perhaps the prerequisites), but the binary content did not change. If the binary content did change, I will only put it under that heading if the update does not need to be reinstalled. J.Ja

pgit
pgit

I have a folder on the firefox bookmarks toolbar to keep your patch info (these articles) for reference. Thanks. I have also sent a few of them to clients when I realized I wasn't going to get to them in timely fashion, with instructions for them to do the specific updates. I wouldn't do that as a matter of course, only when something very critical relates to a task these clients perform in the course of their work. It would be very difficult to know what to send to whom when, without your great summaries. (also what to ignore!) BTW while on topic how about writing an article about the consequences of staying with XP SP2 in the field... some folks I know had some trouble with SP3, and presently buying new systems (ie win7) isn't anywhere close to being considered at most of the places I work. In fact the only win XP machine I own won't take SP3, kills it deader than a hammer, I've tried 4 times, 3 after a clean install. I have to assume that's a hardware issue. Anyway, yes indeed, I value your inputs here at TR very much. Thanks.

Justin James
Justin James

Nice to hear that you've been enjoying them! J.Ja

NexS
NexS

One year past. The ship's finally sailed and we say goodbye to the sheek, smooth gray-box theme.

Justin James
Justin James

I'm rolling out this month's patches over a few days, so far no problems. J.Ja

rogerval
rogerval

A couple of days ago I installed this latest group of patches including KB980373 for Outlook 2003, and this morning I found that Outlook wouldn't receive any emails. When I tried to check my account settings, an error message popped up saying there was a registry problem, please re-start or re-install Outlook. Restoring the system to the last system checkpoint seems to have fixed it; a "repair" install of Office didn't fix it. (I'm pretty sure the error message came from Outlook, not some rogue antivirus malware.) Has anyone else experienced this problem? Thanks for your thoughts, Roger.

Aknar
Aknar

After installing KB968930 on several of our VM host machines, our MS System Center VM Mgr couldn't connect to the Hosts anymore. Looking at the Host I noticed that the Windows Remote Management Services won't start due to Error 5: Access is denied. I'm still looking into this further. Also this patch doesn't show up in the Uninstall list so it kinda sucks.

bitdoctor
bitdoctor

FYI, I don't remember getting any notices of out-of-band patches? Will you please specify which specific out-of-band Media Player patch to which you are referring? Thanks! Keep up the outstanding work.

rogerval
rogerval

After reading a couple of posts (and thanks for your thoughts, guys) I downloaded and re-installed the updates one by one and.... nothing happened. Outlook operates as normal. I have no idea why it worked this time, and given that the updates downloaded in no time at all, I suspect that Windows Update was using the files stored on my hard drive from the other day. I think the only difference was that I installed them one by one. Strange stuff. But at least Outlook is working, and I'm not missing any important updates now. Cheers, Roger V.

pgit
pgit

Same deal. "repair" install didn't repair. But in my case a system restore didn't make it work, either. I ran the updates first then uninstalled/reinstalled office entirely, which seems to have fixed it.

Who Am I Really
Who Am I Really

if you need to uninstall an update because it failed or baked something on your system but you can still start it up Just navigate with windows exploder into C:\Windows\ and find the C:\Windows\$NtUninstallKB------$ then go up one more into the spuninst folder and run spuninst.exe ___________________________________________ for this to work you need to have checked in folder options: (x) display the contents of system folders and (x) show hidden files & folders and unchecked ( ) hide protected operating system files

Justin James
Justin James

"Windows Media Player Cumulative Update for Vista (KB981078) 10.2MB - 11.0MB" It's under the "Updates since the last Patch Tuesday" heading. Glad you liked the articles! J.Ja