Microsoft issues fresh update to fix bugs caused by December Patch Tuesday Applies to computers running Windows 7 Service Pack 1 and Windows Server 2008 R2 MICROSOFT HAS ISSUED a fresh patch to fix bugs in its December Patch Tuesday update, which caused problems for computers running Windows 7 Service Pack 1 (SP1) and Windows Server 2008 R2 SP1. The latest patch fixes problems relating to Microsoft's Windows Root Certificate Program that automatically distributes trusted root certificates in Windows. Once installed, the update caused problems with computers running Windows 7 SP1 and Windows Server 2008 R2 SP1 by preventing the installation of future updates. "The KB 3004394 update that was dated December 10, 2014 can cause additional problems on computers running Windows 7 SP1 and Windows Server 2008 R2 SP1," Microsoft's latest advisory stated. "This includes the inability to install future updates. This new update is available to remove KB 3004394 from your computer." The new patch can be obtained via Windows Update or the Microsoft Download Center. The original patch was released on 9 December, and users of the Windows 10 Technical Preview were advised to uninstall Microsoft Office before applying the security updates, then to reinstall it. Testers have been warned since the announcement and release of the Preview to expect complications and irregularities with the operating system as it is in no way considered finished. It is rather an opportunity for people to feed back on its development before consumer release in the second half of 2015. Also worthy of note in the December 2014 Patch Tuesday was that none of the seven updates affects users of the Microsoft Surface tablet range. The seven updates provide fixes for 24 vulnerabilities, four rated critical and three rated important. In addition, two troublesome updates from previous months have been fixed so that they no longer bork systems, and a further one plugging a hole in Adobe Flash has been revised. This month's top of the troublemakers involves Microsoft Exchange and plugs a vulnerability which could give hackers elevated account privileges if a user clicks on an engineered URL in a phishing email, for example. A similar phishing approach is addressed in the second critical update, which addresses 14 Internet Explorer vulnerabilities. The third addresses vulnerabilities in Word and Web apps allowing hackers to create a Word document with a payload which could in turn allow a remote code execution (RCE), while the fourth offers a similar fix for the rest of the Office suite and the fifth tackles a specific issue with Excel. Six and seven cover an RCE issue in VBScript and a possible data leak in Microsoft Graphics Component, which can be triggered by an infected jpeg file. Gabriel Aule of the Windows Preview team tweeted: http://www.theinquirer.net/inquirer...s-forced-to-uninstall-office-on-patch-tuesday
Forbes Blasts Latests Windows 7 Patch as Malware Forbes contributor Jason Evangelho has nothing good to say about a recent Windows 7 patch that's causing a range of trouble for some users. He writes: If you have Windows 7 set to automatically update every Tuesday, it may be to permanently disable that feature. Microsoft has just confirmed that a recent update — specifically KB 3004394 — is causing a range of serious problems and recommends removing it. The first issue that caught my attention, via AMD’s Robert Hallock, is that KB 3004394 blocks the installation or update of graphics drivers such as AMD’s new Catalyst Omega. Nvidia users are also reporting difficulty installing GeForce drivers, though I can’t confirm this personally as my machines are all Windows 8.1. Hallock recommended manually uninstalling the update, advice now echoed officially by Microsoft. More troubles are detailed in the article; on the upside, Microsoft has released a fix. http://tech.slashdot.org/story/14/1...utm_source=rss1.0mainlinkanon&utm_medium=feed
nstall KB3024777 to fix an issue with KB3004394 on Windows 7 and Windows Server 2008 R2 Update information The KB 3004394 update that was dated December 10, 2014 can cause additional problems on computers that are running Windows 7 Service Pack 1 (SP1) and Windows Server 2008 R2 SP1. This includes the inability to install future updates. This new update is available to remove KB 3004394 from your computer. For more information about the KB 3004394 update, see the following Microsoft Knowledge Base article: 3004394 December 2014 update for Windows Root Certificate Program in Windows How to obtain this update Windows Update This update is available from Windows Update. Microsoft Download Center The following files are available for download from the Microsoft Download Center. download here https://support.microsoft.com/kb/3024777