Microsoft Withdraws Another Buggy Update It’s Déjà vu all over again. Microsoft is at least becoming consistent with its Patch Tuesday releases, each month patches are being recalled on a regular basis. The culprit this month is Microsoft security update 2949927. It's been a rough few months for Microsoft's update quality control. September updates for Lync and OneDrive for Business were withdrawn because of bugs in the updates. The August patches were an even bigger mess with four updates withdrawn. Microsoft withdraws another buggy update Summary: A non-patch security update for Windows 7 and Windows Server 2008 R2 was causing systems to reboot. It's been a rough few months for Microsoft's update quality control. Microsoft has withdrawn an update released this past Tuesday due to user reports of system reboots after installation. The update released as described in Microsoft Security Advisory 2949927 added SHA-2 hash algorithm signing and verification for Windows 7 and Windows Server 2008 R2. It was one of three proactive security feature updates released on Tuesday in addition to the eight patches of Windows and Office. On Friday, October 17 Microsoft revised the 2949927 advisory with the following statement: Removed Download Center links for Microsoft security update 2949927. Microsoft recommends that customers experiencing issues uninstall this update. Microsoft is investigating behavior associated with this update, and will update the advisory when more information becomes available. The second proactive update (2977292) enhanced the Microsoft Extensible Authentication Protocol (EAP) implementation in several versions of Windows by enabling the use of Transport Layer Security (TLS) 1.1 or 1.2. The third (2871997) adds a restricted admin mode for Remote Desktop Connection and Remote Desktop Protocol. Stability problems with other October Microsoft updates were mentioned in a sardonic InfoWorld story. Microsoft hasn't commented publicly on problems in other updates. It's been a rough few months for Microsoft's update quality control. September updates for Lync and OneDrive for Business were withdrawn because of bugs in the updates. The August patches were an even bigger mess with four updates withdrawn. http://www.zdnet.com/microsoft-withdraws-another-buggy-update-7000034819/
TIP TO ALL, DO NOT INSTALL WINDOWS UPDATE WHEN ITS OFFERED. WAIT 5 TO 10 DAYS THEN INSTALL THE UPDATES.
Microsoft pulls second Patch Tuesday update in three months Update forced users to recover servers using CD-Roms MICROSOFT HAS BEEN forced to pull a Patch Tuesday fix for the second time in three months after users reported errors following installation. Redmond's KB2949927 Patch Tuesday for October was issued last week and included eight patches, three of which were for zero-day flaws requiring urgent attention and therefore naturally rated critical. However, users began reporting issues at the weekend, suggesting that the update forced them to recover servers using CD-Roms. Soon after, it became apparent that the link to the Patch had 'expired' in Windows Server Update Services and other patching mechanisms. All download links in Microsoft's original security advisory for the Patch now lead to non-existent pages. The firm has since confirmed pulling the patch while it investigates the problem. Microsoft has issued the following statement: "Removed Download Center links for Microsoft security update 2949927. Microsoft recommends that customers experiencing issues uninstall this update. Microsoft is investigating behaviour associated with this update and will update the advisory when more information becomes available." This is the second patch Microsoft has pulled in just three months. In August, the firm told users to uninstall one or more parts of its August Patch Tuesday release after it emerged that updates were causing blue screen of death (BSoD) system crashes. The Redmond firm warned installers that MS14-045, which fixes various security holes in the Windows kernel, can cause a BSoD, thus forcing a reboot. Microsoft is yet to issue an updated patch to fix the broken October one, which included the MS14-060 patch. This fixed a vulnerability that had been active for five years as part of the Russian Sandworm campaign, which saw Nato targets being actively attacked as part of an intensive cyber-espihttp://www.theinquirer.net/inquirer/news/2376582/microsoft-pulls-second-patch-tuesday-update-in-three-monthsonage initiative. µ