Updates 11/13/12 - "Microsoft Tuesday"

Virus & Spyware

Virus & Spyware
Perspectives on PC security, including antivirus, anti-spyware and firewall solutions.

Updates 11/13/12 - "Microsoft Tuesday"

  • Today is "Microsoft Tuesday" --- the SECOND Tuesday of the month --- on which Microsoft is expected to release its monthly cycle of Windows critical/security updates.   Based on previous history, they should become available at 1 PM [USA - Eastern Standard Time].

    Be sure to use Windows/Automatic Update to determine precisely which updates are applicable to your particular system.

    Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware

    Windows 7 Pro SP1 (64-bit), avast! v2014 Free, MBAM Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, EMET+MBAE, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), CryptoPrevent, Secunia PSI.

    [I believe computer-users who sandbox (Sandboxie) are acting prudently.]

  • Windows Malicious Software Removal Tool (MSRT, or MRT) for November, Version 4.14

    32-bit version for Windows 8/7/Vista/XP/Server2003 http://www.microsoft.com/en-us/download/details.aspx?id=16

    x64-bit version http://www.microsoft.com/en-us/download/details.aspx?id=9905

     

    Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware

    Windows 7 Pro SP1 (64-bit), avast! v2014 Free, MBAM Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, EMET+MBAE, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), CryptoPrevent, Secunia PSI.

    [I believe computer-users who sandbox (Sandboxie) are acting prudently.]

  • The following 4 updates are rated CRITICAL:

    MS12-071 Cumulative Security Update for Internet Explorer (2761451)

    MS12-072  Vulnerabilities in Windows Shell Could Allow Remote Code Execution (2727528)

    MS12-074 Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2745030)

    MS12-075 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2761226)

    ======================================================

    The following update is rated IMPORTANT:

    MS12-076 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2720184)

    ======================================================

    The following update is rated MODERATE:

    MS12-073 Vulnerabilities in Microsoft Internet Information Services (IIS) Could Allow Information Disclosure (2733829)

    =======================================================

    Yikes:   On a Win7x64 system, with Office, I'm finding 18 updates totalling 166.7 MEG

     

    Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware

    Windows 7 Pro SP1 (64-bit), avast! v2014 Free, MBAM Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, EMET+MBAE, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), CryptoPrevent, Secunia PSI.

    [I believe computer-users who sandbox (Sandboxie) are acting prudently.]

  • This month's MSRT (cited above) added detection/removal of Win32/Folstart :  a family of worms that spread via removable [USB] drives and modify system settings.

    For more information/details, see http://blogs.technet.com/b/mmpc/archive/2012/11/13/don-t-fall-for-folstart.aspx 

    EDIT:  Also added this month:

    Win32/Weelsof -  a family of ransomware trojans that targets users from certain countries. It locks your computer and displays a localized webpage that covers your desktop and demands the payment of a fine for the supposed possession of illicit material.

    Win32/Phorpiex - a family of worms that spread via removable drives and IM(instant messaging) software. The worms also allow backdoor access and control.

     

    Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware

    Windows 7 Pro SP1 (64-bit), avast! v2014 Free, MBAM Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, EMET+MBAE, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), CryptoPrevent, Secunia PSI.

    [I believe computer-users who sandbox (Sandboxie) are acting prudently.]

  • Anybody have trouble installing KB2698023 for .net 1.1 SP1 under Win XP (pro)? It failed to install on my system today.

    If this answers your question, please click  Yes  

    Ron

    Forum Member since 2004

    I am NOT a Dell employee

  • RoHe

    Anybody have trouble installing KB2698023 for .net 1.1 SP1 under Win XP (pro)? It failed to install on my system today.

    No problem here.
    Ron, are running Avast! ? its behavior shield if set to ask will alert and stop some temp installer files for .NET.

    Hernan.

    Dim9200/XPS 410.C2D 2.40GHz.2GB RAM.XP Pro_86 SPk3.IE8 & FF33.1

    Avast!Free 2015. CIS 5.12(FW/D+). MBAM Premium. MCShield. WinPatrol +. WOT. OpenDNS. SAS(o/d)

    "We are all ignorant, but we don't all ignore the same things..." Albert Einstein

     "When you've excluded the impossible, whatever remains, however improbable, must be the truth..." Sherlock Holmes.

  • No problem here either (KB2698023 for .net 1.1 SP1 under Win XP pro)... installed yesterday.

    [I disable avast's behavior shield for .NET updates.]

    Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware

    Windows 7 Pro SP1 (64-bit), avast! v2014 Free, MBAM Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, EMET+MBAE, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), CryptoPrevent, Secunia PSI.

    [I believe computer-users who sandbox (Sandboxie) are acting prudently.]

  • Kevin,

     

    When I did the updates on Windows 7 64-bit, was there something written about registry? I say some registry being done when it updated.

     

     

    Rick

    #DellRockStar

    What is a Dell Service Tag and how do I locate it? 

     

     

    Original poster, If you have solved your problem, can you please mark the correct thread(s) with your solution. Thanks 

    Welcome to Dell Community!

  • Don't use Avast, only MSE.

    Others with exact same problem have posted on the MS forum today too. I tried the Fix-it at a link posted in that thread on the MS forum but it downloaded a strange .diagcab file that didn't do anything.

    I ran the Microsoft dotnetfx_cleanup_tool to remove dotnet 1.1 and then reinstalled that from a clean download which went ok. But then dotnet 1.1 SP1 refused to install and the new KB2698023 won't install without  dotnet 1.1 SP1.  Angry

    Subsequently used the cleanup tool to remove all dotnets. When I went back to the MS update site, it offered dotnet 1.1. 2, 3, 3.5 and all their service packs and hotfixes but it didn't offer dotnet 1.0. Took 2 hours, but whatever was offered was finally reinstalled, including the new KB2698023 for 1.1 SP1.

    But since I didn't install dotnet 1.0 (because it wasn't offered), now I'm getting notices that KB2698035 is missing.  But as far as I can tell, KB2698035 is only for  dotnet 1.0 SP3 running on XP SP3 Tablet or Media Center. I have XP Pro SP3, not Tablet or MCE.

    Are dotnet 1.0 and its service packs actually needed for anything?

    I HATE DOTNET! I HATE DOTNET! I HATE DOTNET!    Super Angry Super Angry Super Angry Super Angry Super Angry

     

     

    If this answers your question, please click  Yes  

    Ron

    Forum Member since 2004

    I am NOT a Dell employee

  • Ron,

    the first question is whether or not you actually need/use .NET for anything.   Computers (particularly older ones) may run fine without ANY .NETs.

    SOME programs DO force you to install some versions of .NET:

                FileHippo Update Checker,  and Microsoft's EMET, each require .NET 2.0

                Windows Software Development Kit, and Windows Debugging Tools, require higher versions of .NET

    And to compound matters, the versions of .NET are independent of each other!   That is to say, you can't simply load the highest number (4.5??), as including/superceding the lower numbers (e.g., 2,0) --- as programs that invoke .NET can still require a specific lower-numbered version!   That's why users will find multiple .NET (1.x, 2.x, 3.x, 4.x) versions on their systems.

    I suggest you run your system as is --- or reverting back to no .NET --- until you find something that doesn't work without (i.e., tells you it needs) .NET.

    I use EMET, so I need .NET.   On my XP system, I believe I have through 3.5 (but not 4).   On my win7 system, I have through 4 --- but only because it came pre-installed.

    Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware

    Windows 7 Pro SP1 (64-bit), avast! v2014 Free, MBAM Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, EMET+MBAE, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), CryptoPrevent, Secunia PSI.

    [I believe computer-users who sandbox (Sandboxie) are acting prudently.]

  • Have no idea if I need any of the dotnets or not. Tongue Tied

    I've reinstalled up through 3.5 with exception of 1.0 and its 3 service packs. My plan is to leave things like this and ignore offers of a hotfix for 1.0 SP3, unless/until some other app complains.

    I still hate dotnet.

    Thanks!

     

     

    If this answers your question, please click  Yes  

    Ron

    Forum Member since 2004

    I am NOT a Dell employee

  • Ron.

    Here is a list of all NET I have in my XP Pro_86 Spk 3. Disregard language package but notice NET 1 included in NET 2 Sp 2. I have been offered NET 4 as optional, but I have not have the need to install it yet.

    Hope it helps to find out what is missing.

    Hernan.

    Dim9200/XPS 410.C2D 2.40GHz.2GB RAM.XP Pro_86 SPk3.IE8 & FF33.1

    Avast!Free 2015. CIS 5.12(FW/D+). MBAM Premium. MCShield. WinPatrol +. WOT. OpenDNS. SAS(o/d)

    "We are all ignorant, but we don't all ignore the same things..." Albert Einstein

     "When you've excluded the impossible, whatever remains, however improbable, must be the truth..." Sherlock Holmes.

  • Thanks Henan!

    I have everything you listed (aside from the Spanish pack) plus I also have .net framework 3.0 SP2 which you didn't show on your list.

    3.0 was offered to me by the MS update site after I removed all exisiting .net installations so I let it install.

    BTW: It appears the .dotnets have to be reinstalled in a rather strange order.  I let the MS update site install them so I hope it did it in the correct order.  Confused   .dot net 4 wasn't offered, so I haven't installed it.

    Quote Microsoft:

    NOTE: If you remove .NET Framework 3.5 (SP1) using the dotnet cleanup tool, reinstalling .NET Framework 3.5 will also install .NET Framework 2.0 SP2 and 3.0 SP2.

    IMPORTANT! => If you remove .NET Framework 4 or 3.5, reinstall your .NET Framework versions in the following order [even though KB976982 doesn't tell you this]:

        1. .NET Framework 4, then...
        2. .NET Framework 3.5, then...
        3. .NET Framework 1.1.

     => But if you also removed .NET Framework 1.0, reinstall your .NET Framework versions in this order [even though KB976982 doesn't tell you this]:

        1. .NET Framework 3.5, then...
        2. .NET Framework 1.1, then...
        3. .NET Framework 1.0, then...
        4. .NET Framework 4

    If this answers your question, please click  Yes  

    Ron

    Forum Member since 2004

    I am NOT a Dell employee

  • RoHe

    I have everything you listed (aside from the Spanish pack) plus I also have .net framework 3.0 SP2 which you didn't show on your list.

    My bad, I was having problems inserting the image. I knew something was not right but did not look closely. I do have .NET 3.0 Sp2

    RoHe

    BTW: It appears the .dotnets have to be reinstalled in a rather strange order.  I let the MS update site install them so I hope it did it in the correct order.  Confused   .dot net 4 wasn't offered, so I haven't installed it.

    That's so true. Last update KB2729450 (,NET 2.0 PK2) installed first than KB2698023 (.NET 1.1 SP1).

    Thanks Ron for the installation order. Very important.

    Hernan.

    Dim9200/XPS 410.C2D 2.40GHz.2GB RAM.XP Pro_86 SPk3.IE8 & FF33.1

    Avast!Free 2015. CIS 5.12(FW/D+). MBAM Premium. MCShield. WinPatrol +. WOT. OpenDNS. SAS(o/d)

    "We are all ignorant, but we don't all ignore the same things..." Albert Einstein

     "When you've excluded the impossible, whatever remains, however improbable, must be the truth..." Sherlock Holmes.

  • This topic is locked because it has become outdated.
     If you have a similar question or comment, please feel free to start a new thread at the top of the forum.  Thanks.


     

    Microsoft MVP - Consumer Security
    Social Media and Community Professional
    SpywareHammer

    I am not a Microsoft or a Dell employee. I am a volunteer.