Friday, October 18, 2013

Resurrected KB 951847 'zombie' patch fixed -- but now has new problem



Sometimes Microsoft's Black Tuesday flubs make me feel like I'm riding tech bumper cars: One patch bumps into another, then another, which ricochets off into left field and comes back to smack me in a head-on collision. In this case, we have a botched patch from last Tuesday that has brought back to life a two-year-old patch that kept installing and re-installing and re-re-installing itself.


Yesterday Microsoft announced that it had fixed the zombie re-installing behavior, but now we're getting reports that the newly improved two-year-old patch is installing .Net Framework 3.5 on its own volition, without notification or consent, even on systems that have studiously avoided the problematic .Net Framework.


In a scene straight out of "Night of the Living Dead," those surreptitiously installed copies of .Net are now begging for even more patches.


Here's how it happened, as best I can tell. This month's botched MS13-082/KB 2878890 patch, which I talked about last week, was supposed to fix vulnerabilities in .Net Framework that could lead to remote execution attacks. While it appears the patch did, in fact, plug the security holes, it also brought back a two-year-old patch, KB 951847, repeatedly. Here's how I put it:



Applying this week's KB 2878890 patch on some Windows XP and Server 2003 SP2 machines causes a two-year-old .Net Framework roll-up patch, KB 951847, to resurface. Windows Update not only prompts WinXP/Server 2003 users to (re)install the big, old .Net patch, it keeps pestering over and over again to (re)install it, even if the WU install logs say it's been installed.



Yesterday, in an obscure blog post, Microsoft advised that it had fixed the KB 951847 patch. The new version of KB 951847 isn't being re-offered -- which is good, even if it did take more than a week -- except for one little detail. This new, improved version of KB 951847 installs .Net Framework 3.5 on any machine, without warning, without seeking consent, whether there's a copy of .Net on the machine or not.


Source: http://www.infoworld.com/t/microsoft-windows/resurrected-kb-951847-zombie-patch-fixed-now-has-new-problem-229062?source=rss_infoworld_blogs
Tags: Krokodil   antigua  

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.