Microsoft Releases Flawed Windows Updates in Feb 13-16, 2007 Patch and Hardware Updates
Three flawed Windows security and driver updates were released on Patch Tuesday, February 13, and continued through Friday, February 16, 2007. The first one involves a defective "signed" VIA IDE driver update that places most computers into endless reboot cycles. The second involves installing an unnecessary Alps Pointing Device driver, on computers that don't have such a device. The third is a patch for PowerPoint that fails to fix the stated vulnerabilities it is meant to address.
The flawed VIA Primary IDE driver only appeared under optional Hardware Updates, if you ran manual updates, using the Custom Option. I first became aware of the problem on Friday, February 16, when I performed Windows Updates for a client, at his office. The first and second machines to receive updates had the VIA Primary IDE Driver listed under Hardware Updates, so I installed it and rebooted, and rebooted, and rebooted... After the third time I realized that there was a problem with that driver and I used F8 to get to the boot menu, where I selected "Last Known Good Configuration," which succeeded in getting back into Windows. From there I right-clicked on My Computer, selected Properties, then Hardware, then Device Manager > IDE ATA ATAPI Controllers, then rolled-back the VIA Primary Channel IDE driver update to the previous driver, rebooted, and all was well again.
Another one of the Hardware updates seems to have placed an unwanted and unneeded Alps Touchpad/Pointing device driver and icon on the computers that did not have an Alps Touchpad attached to them. Using Device Manager > Mice/Pointing Devices I rolled-back the driver and the touchpad icon and other pointer problems were resolved, after a reboot.
The third problem was just announced via Microsoft Technet, in this security re-release notice: http://www.microsoft.com/technet/security/bulletin/ms06-058.mspx
Microsoft Security Bulletin MS06-058
Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (924163)
Published: October 10, 2006 | Updated: February 21, 2007
Recommendation: Customers should apply the update immediately
Security Update Replacement: This bulletin replaces a prior security update.
Why did Microsoft minor revise this bulletin on February 13, 2006?
Further investigation of CVE-2006-3877 as originally revealed that the update was not effective in removing the vulnerability from affected systems. The Microsoft Security bulletin, MS07-015 has been issued to properly address CVE-2006-3877 and customers should apply the updates in this bulletin immediately.
More information and links to download hotfixes are in the extended entry -->
Affected Software:
• Microsoft Office 2000 Service Pack 3 — Download the update (KB923093)
• Microsoft PowerPoint 2000
• Microsoft Office XP Service Pack 3 — Download the update (KB923092)
• Microsoft PowerPoint 2002
• Microsoft Office 2003 Service Pack 1 or Service Pack 2 — Download the update (KB923091)
• Microsoft Office PowerPoint 2003
• Microsoft Office 2004 for Mac
• Microsoft PowerPoint 2004 for Mac - Download the update (KB924999)
• Microsoft Office v. X for Mac
• Microsoft PowerPoint v. X for Mac - Download the update (KB924998)
Full disclosure and details are on this Microsoft Security Bulletin page: http://www.microsoft.com/technet/security/bulletin/ms06-058.mspx
Spyware Doctor is a multi-award winning spyware removal utility that detects, removes and protects your PC from thousands of potential spyware, adware, Trojans, keyloggers, spybots and tracking threats.
Spyware Doctor is fully capable of detecting and removing hidden processes associated with complex threats and rootkits. Such threats are otherwise difficult to remove by conventional means since they may be hidden to the operating system.
A Startup Scanner removes references to malicious programs that run at startup in the registry and Windows startup files, as well as malicious files in Windows startup locations.
State-of-the-art scanning engines, including file scan, memory scan, registry scan, browser helper objects scan, cookie scan and much more.
