MS14-045 re-released today and everyone wants to know if they need to uninstall the previous version

Microsoft re-released MS14-045, which was causing blue screens for some customers. Our content team did release an out-of-band content update to add the new version of MS14-045. It was released as a new KB (2993651). The Microsoft bulletin has answers to many common questions in the Update FAQ, but the one question most people are asking me is do they have to uninstall the previous one if it is not blue screening systems. Microsoft states in the FAQ that the patch will install over the top of the previous version, but they are recommending uninstall even if you are not having issues.

For that reason, Shavlik Protect will still show the original KB if you have already installed the original. The new version replaces the previous one, so if you have not installed it you would not see the original by default. We kept the original in product but marked it as non-deployable so customers who had not already installed would not accidentally do so. This also removed the ability to uninstall if you had already deployed the original update. Our support team has created a set of custom actions to remove the original patch. You can view that KB here.



Shavlik Team Takes the ALS Ice Bucket Challenge

Shavlik Vice President Rob Juncker brings IT deployment models to the ALS challenge. Rob, who was nominated by Pertino CMO Todd Krautkremer, nominated Odell Tuttle, VP of Engineering at SportsNGin, Stephen Poppe, CIO at Roto-Rooter, and Pat O’Day, CTO at BlueLock.


In the photos below, Shavlik team members Chris Goettl, Kate Borsheim, and Anne Steiner also take the plunge.


The Communicator’s Corner: How Shavlik Products Leverage Cloud Computing

Over the last few years the term “cloud computing” has become a regular part of our everyday vernacular. Most of us have a pretty good feel for what cloud computing has to offer, but how does it apply to Shavlik products? Specifically, how are Shavlik products taking advantage of cloud computing? How is it improving our products, and how is it providing benefits to you, our customer?

Third-Party Patch Add-on for SCCM: Extend or Invest?

SCCM Plug-inYour company has made the decision to use Microsoft System Center as your systems management solution. You have spent months and precious dollars getting all of the moving parts to work together. Congratulations, you are now a fearless SCCM user!

Now it’s working well for most things, but one question keeps nagging at you, “What about third-party application patching?”

Microsoft pulls MS14-045 and recommends uninstall if you have already deployed

BSODLate last week Microsoft revised MS14-045 removing links from the Download Center for security update 2982791.  Microsoft updated KB 2982791 documenting three known issues that have been verified causing Microsoft to pull the download links for the update and recommend uninstall of four specific KBs.  The worst of these issues is a possible blue screen.  If you have installed any of the four updates, Microsoft recommends uninstalling them and waiting for a re-release of the updates.

  • KB2982791
  • KB2970228
  • KB2975719
  • KB2975331

Shavlik recommends that all Shavlik Protect customers uninstall the updates and also go into the Patch View in Shavlik Protect and search for MS14-045.  Select all variations of MS14-045 and right click and delete them.  This will ensure the version of the patch with the known issues is removed from the console.

Customers with Distribution Servers should also take steps to delete the patches from the distribution servers in their environment.  You can right click in the patch view and go to column chooser.  Drag the Download File Name into the Patch View grid allowing you to see the name of the patches.  Find and remove these from the distribution servers in your environment.


Blue Screen (Stop 0x50) after applying update KB2982791 to Windows 7


Reports have started popping up regarding a Blue Screen of Death (BSOD) after applying MS14-045 to Windows 7 systems. If you are seeing issues please go to this Microsoft forum post and let them know. Microsoft MVP Susan Bradley and others have started a support case with Microsoft and are asking for anyone else who sees these issues to let them know so they can collect all possible information in one place and help Microsoft quickly find and resolve this issue.

All is not doom and gloom, however. Many reports for members of (mailing list focused on patch management issues), have reported successful deployment of these updates. The Shavlik Content Team did not encounter the BSOD during our Patch Tuesday testing. LANDESK and Shavlik employees have not reported issues either. I personally deployed 11 updates including MS14-045 (KB2976897 and KB2982791) to my own Windows 7 x64 system on Wednesday morning without issue. So, while this is not an epidemic affecting all deployments of the Kernal-Mode Driver patch, it should prompt Admins to take a little extra time to test if possible.



August Patch Tuesday Advanced Notification

We have a big Patch Tuesday this month.  Microsoft started by releasing 8 updates and slipped in a later 9th later in the week last week.  That is just the beginning.  As of this morning we have updates from Opera, Picasa, Adobe Acrobat, Reader, Flash 13 and 14, and AIR, with likely appearances by Chrome (high likelihood) and a possible FireFox (have had a beta out for some time and likely to release soon).  A couple of things to look out for.  There is a Critical IE, which is likely the continuation of resolving a large number of memory corruption issues starting with the June IE resolving around 60 vulnerabilities and continuing in July resolving about half that many.  There is a SQL patch this month which will need some attention in testing and there is also a .Net patch resolving a Security Feature Bypass.

Security Bulletins:

  • 2 bulletins are rated as Critical.
  • 7 bulletins are rated as Important.

Vulnerability Impact:

  • 3 bulletins address vulnerabilities that could allow Remote Code Execution.
  • 4 bulletins address vulnerabilities that could allow Elevation of Privileges.
  • 2 bulletins address vulnerabilities that could lead to Security Feature Bypass.

Affected Products:

  • All supported Windows operating systems
  • All supported Internet Explorer versions
  • Microsoft SQL Server
  • .Net Framework

Join us as we review the Microsoft and third-party releases for August Patch Tuesday in our next monthly Patch Tuesday webcast, which is scheduled for Wednesday, August 12th at 11 a.m. CDT.  We will also discuss other product and patch releases since the July Patch Tuesday.

You can register for the Patch Tuesday webinar here.

Internet of Things Makes Patch Management Unruly

MediaCabinetWhen installing my new television the other day, I found that I had to install a new network switch in my multimedia cabinet.  It turns out that the new TV had a place to plug in a network cable and being naturally curious, I wanted to find out what I got when I plugged the Television into a home network.  It turns out I get the same things that I already have on my DVD player, my Tivo, my AppleTV, my receiver, and my Windows Media PC.

OK, you got me.  I’m a nerd when it comes to my entertainment center.  Who else needs a 6-port switch for their entertainment center?  I know wireless exists, but Gigabit Ethernet is the way to go for streaming content from my other Windows computers and from the Internet.  All of this is very cool and very geeky. Gartner describes this as the Internet of things.

The other day my DVD player graciously reminded me that its software was out of date and needed a firmware upgrade.  It took about 20 minutes before I could watch a DVD frustrating me and the kids waiting to watch the movie.  The Tivo just updated overnight.  The Windows Media Center updates what seems like just about every time I use it and the AppleTV mysteriously has new icons for me to play with every time I switch over to it.  Who’s tracking all these updates?  I’m hoping they give me new features but more importantly, I’m hoping they keep me secure.

HomeAutomationTake this to the next level.  My buddy has connected all his lights, thermostat, home security, doggy door, and who knows what else to the Internet.  It’s gotten to a point that home thieves don’t need to know how to break glass or work a lock, they need to know how to hack your home security.

With all of these devices connected to the internet, how secure are you? HP investigated the companies who create these products which include intelligent appliances, garage door openers, sprinkler controllers, remote power outlets, etc and found them to be lacking some basic security measures.  These include plain text communication, storing passwords that were easy to hack, and stored and unencrypted personal data.  Do you know if you name, address, or even credit card information is stored on your garage door opener?

On the bright side, these vendors are coming up with clever ways to at least update these devices from the Cloud, sending down new firmware to fix security issues.  However, how do you know if you have the latest software on these devices?  How do you know if your personal information is encrypted and your data safe?

What if you are a business and you have some of these devices in the workplace.  Is it IT’s responsibility to secure these devices?  This poses a question of “who is responsible for securing and updating the Internet of Things?”

Share with me your thoughts on what IT is doing to prepare for the Internet of Things?  What are some of the ways patch management will change in the future?