[Donna]

Event Title: <<*Patch ASAP* MS Security Bulletin- April 2007>>
Event Owner: Donna
Event Calendar: Calendar of Updates
Event Date: April 3rd 2007
Topic Starter: acooldozen
Event Post:
Please Patch ASAP

Microsoft released the below security bulletin to address a CRITICAL vulnerability issue in Windows:

MS07-017 - Vulnerabilities in GDI Could Allow Remote Code Execution (925902)

The security update applies to:
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems and Microsoft Windows Server 2003 with SP2 for Itanium-based Systems
Microsoft Windows Server 2003 with SP2 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
Microsoft Windows Server 2003 x64 Edition Service Pack 2
Microsoft Windows Vista

References:
MS Advisory 935423: http://www.microsoft.com/technet/security/...ory/935423.mspx
MS Security Bulletins for end-users: http://www.microsoft.com/athome/security/u...ins/200704.mspx
MS Security Bulletins for IT Pro: http://www.microsoft.com/technet/security/...n/ms07-apr.mspx
MS Response Center Blog: http://blogs.technet...rc/default.aspx
MS KB925902: http://support.micro...om/?kbid=925902
MS Security Bulletin: http://www.microsoft.com/technet/security/...n/ms07-017.mspx

Note:
Microsoft NEVER send security updates via e-mail. Download only the updates using Windows Updates, Microsoft Download Center websites or Automatic Updates functionality in Windows.



View Event

[acooldozen]

Installed this update and get this dialog on each restart............Any suggestions? other than Windows support???? Subsequently I uninstalled the update and all is back to normal. However this is not the answer!

[attachment=4473:sshot_2.gif]

This post has been edited by acooldozen: 03 April 2007 - 06:24 PM

[Donna]

Known issue Please see http://support.micro...om/?kbid=925902
Contact MS for hotfix

[acooldozen]

......40 minutes on the phone to Microsoft support (first the US & transfered to Canada).....and the tekkie is unable to find the hotfix...go figure.

[WiltedShoots]

Same issue for me,please keep me updated about the hotfix.
Thanks

This post has been edited by FortressX: 03 April 2007 - 10:21 PM

[Donna]

The hotfix is now available for download. No need to call MS

Download from: http://www.microsoft.com/downloads/details...;displaylang=en
KB article: http://support.micro....com/kb/935448/

[WiltedShoots]

Thank you Donna,am downloading now.

[acooldozen]

thanx Donna that did the trick.

[ahulett]

Want to note real fast that simply having a RealTek sound card does not mean the hotfix is necessary. If you install the GDI patch and then experience the RealTek error message, then apply the hotfix and restart. If you install the GDI patch and don't experience the error message, then you don't need the hotfix.

Thanks,
Aaron

[Donna]

Thanks for dropping those notes Aaron! and thank you for making the said info available fast

[Donna]

There is a post at GRC.com newsgroup that installing the new R1.64 version High Definition Audio Codecs from
Realtek should fix the problem. No need for the hotfix as per the poster at GRC.com.

[sander]

Donna, on Apr 4 2007, 10:50 AM, said:

There is a post at GRC.com newsgroup that installing the new R1.64 version High Definition Audio Codecs from
Realtek should fix the problem. No need for the hotfix as per the poster at GRC.com.

I seached for and I found the newsgroup and the posting:
http://12078.net/grcnews/article.php?id=11...security#117834

downloaded the update for my Realtek soundcard:
http://www.kortelinks.dk/?TCTHP

after that I didn't need to fix Microsofts update KB925902

So the tip seems to be working.

[acooldozen]

Downloaded the Realtek driver update/uninstalled hotFix/rebooted/error message again/installed Realtek/rebooted/ No ERROR message...............all is cozy again! Thanx for the Hedz up.

[Celtic Ferret]

Considerable noise over this one:
Latest MS Update Causing Major Headaches
http://www.neowin.ne...t=view&id=39249
http://www.dslreport.../shownews/82781

I was amused by "MS, breaking PC's one patch at a time." and
"...I'm still puzzled why the kb927891 fix wasn't pushed during the last cycle of updates...
Or why this patch to "fix what we broke" requires validation when the breaking patch didn't..."

But I had no real issues here, despite one MCESP2 pc with Realtek audio. All had the ZERT patch applied and the "sacrificial box" still had that patch active when I copied the "update" hot from C:\WINDOWS\SoftwareDistribution\Download\ to my LAN.

Realizing my error and not being able to stop the update or just download it at that time I tried the ZERT unpatch and BSOD'd. Reboot in Safe Mode, ran the ZERT unpatch, rebooted off-line, ran the MS update, allowed the reboot, and the only thing out of the ordinary in the past 24 hours was a lockup requiring a hardware reset during an AVG Anti-Spyware v7.5 complete scan; maybe not related. I have installed a reset switch on this pc as the header was on the motherboard but Dell cut costs by not hooking it to anything. I believe every pc should have a reset switch as that is much kinder to the hard drive than a power cycle.

Hope nobody here has had any serious issues.
--CF

[guest]

Quote

I have installed a reset switch on this pc as the header was on the motherboard but Dell cut costs by not hooking it to anything. I believe every pc should have a reset switch as that is much kinder to the hard drive than a power cycle.

As the sayings go You Get What You Pay For and Buyer Beware ( Caveat Emptor ) plus it is much faster than a power cycle.

Both of my local PC shop systems come with a reset switch

As Dell wants to be the Low Cost High Volume PC system provider they have taken notice of Mr. Henry Ford's idea that $0.01 saved in PC system production will result in about $1,000,000 in profits over the life of the product.

My $0.02 worth.

[Donna]

Updated info:

MS revised the KB article 925902: http://support.microsoft.com/kb/925902 by adding the following applications 'in known issues' in addition to Realtek:

· ElsterFormular

· TUGZip

· CD-Tag

See: http://blogs.technet.com/msrc/archive/2007...02-updated.aspx

[hayc59]

Thanks You

[Donna]

MSRC blog today that they've added three additional applications to the list of applications affected by the issue discussed in Knowledge Base article 935448. The hotfix that is available addresses the issues in these applications:

- BricoPack Vista Inspirat 1.1 (by CrystalXP)
- AVG 7.5 (by Grisoft, Inc)
- BMC PATROL 7.1 (now called Performance Manager, by BMC Software, Inc)

http://blogs.technet.com/msrc/archive/2007...cle-925902.aspx