Topic
  • 24 replies
  • Latest Post - ‏2013-10-22T10:07:42Z by sylviabeing
sylviabeing
sylviabeing
148 Posts

Pinned topic Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

‏2013-10-09T12:38:21Z |

Content in the Patches for Windows (English) Fixlet Site has been released.


New Fixlet Messages:

Fixlet messages for Microsoft Security Bulletins:
      MS13-080 *
      MS13-081
      MS13-082 *
      MS13-083 *
      MS13-084
      MS13-085
      MS13-086
      MS13-087

* This is publication 1 of 2. The noted bulletins have been included in the first publishing.


Modified Fixlet Messages:


Fully Superseded Fixlet Messages due to October 2013 Security Bulletins:

[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 6 - Windows XP SP3 (Superseded)        (ID: 1306901)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 6 - Windows XP SP3 - CORRUPT PATCH (Superseded)        (ID: 1306902)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 6 - Windows XP SP2 (x64) (Superseded)        (ID: 1306903)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 6 - Windows XP SP2 (x64) - CORRUPT PATCH (Superseded)        (ID: 1306904)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 6 - Windows Server 2003 SP2 (Superseded)        (ID: 1306905)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 6 - Windows Server 2003 SP2 - CORRUPT PATCH (Superseded)        (ID: 1306906)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 6 - Windows Server 2003 SP2 (x64) (Superseded)        (ID: 1306907)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 6 - Windows Server 2003 SP2 (x64) - CORRUPT PATCH (Superseded)        (ID: 1306908)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 7 - Windows XP SP3 (Superseded)        (ID: 1306909)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 7 - Windows XP SP3 - CORRUPT PATCH (Superseded)        (ID: 1306910)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 7 - Windows XP SP2 (x64) (Superseded)        (ID: 1306911)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 7 - Windows XP SP2 (x64) - CORRUPT PATCH (Superseded)        (ID: 1306912)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 7 - Windows Server 2003 SP2 (Superseded)        (ID: 1306913)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 7 - Windows Server 2003 SP2 - CORRUPT PATCH (Superseded)        (ID: 1306914)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 7 - Windows Server 2003 SP2 (x64) (Superseded)        (ID: 1306915)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 7 - Windows Server 2003 SP2 (x64) - CORRUPT PATCH (Superseded)        (ID: 1306916)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 7 - Windows Vista SP2 (Superseded)        (ID: 1306917)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 7 - Windows Vista SP2 (x64) (Superseded)        (ID: 1306919)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 7 - Windows Server 2008 SP2 (Superseded)        (ID: 1306921)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 7 - Windows Server 2008 SP2 (x64) (Superseded)        (ID: 1306923)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 8 - Windows XP SP3 (Superseded)        (ID: 1306925)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 8 - Windows XP SP3 - CORRUPT PATCH (Superseded)        (ID: 1306926)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 8 - Windows XP SP2 (x64) (Superseded)        (ID: 1306927)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 8 - Windows XP SP2 (x64) - CORRUPT PATCH (Superseded)        (ID: 1306928)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 8 - Windows Server 2003 SP2 (Superseded)        (ID: 1306929)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 8 - Windows Server 2003 SP2 - CORRUPT PATCH (Superseded)        (ID: 1306930)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 8 - Windows Server 2003 SP2 (x64) (Superseded)        (ID: 1306931)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 8 - Windows Server 2003 SP2 (x64) - CORRUPT PATCH (Superseded)        (ID: 1306932)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 8 - Windows Vista SP2 (Superseded)        (ID: 1306933)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 8 - Windows Vista SP2 (x64) (Superseded)        (ID: 1306935)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 8 - Windows Server 2008 SP2 (Superseded)        (ID: 1306937)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 8 - Windows Server 2008 SP2 (x64) (Superseded)        (ID: 1306939)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 8 - Windows 7 SP1 (Superseded)        (ID: 1306941)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 8 - Windows 7 SP1 (x64) (Superseded)        (ID: 1306943)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 8 - Windows Server 2008 R2 SP1 (x64) (Superseded)        (ID: 1306945)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 9 - Windows Vista SP2 (Superseded)        (ID: 1306947)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 9 - Windows Vista SP2 (x64) (Superseded)        (ID: 1306949)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 9 - Windows Server 2008 SP2 (Superseded)        (ID: 1306951)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 9 - Windows Server 2008 SP2 (x64) (Superseded)        (ID: 1306953)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 9 - Windows 7 SP1 (Superseded)        (ID: 1306955)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 9 - Windows 7 SP1 (x64) (Superseded)        (ID: 1306957)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 9 - Windows Server 2008 R2 SP1 (x64) (Superseded)        (ID: 1306959)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 10 - Windows 7 SP1 (Superseded)        (ID: 1306961)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 10 - Windows 7 SP1 (x64) (Superseded)        (ID: 1306963)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 10 - Windows Server 2008 R2 SP1 (x64) (Superseded)        (ID: 1306965)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 10 - Windows 8 Gold (Superseded)        (ID: 1306967)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 10 - Windows 8 Gold (x64) (Superseded)        (ID: 1306969)
[Major]    MS13-069: Cumulative Security Update for Internet Explorer - IE 10 - Windows Server 2012 Gold (x64) (Superseded)        (ID: 1306971)
[Major]    MS13-040: Vulnerabilities in .NET Framework Could Allow Spoofing - .NET Framework 2.0 SP2 - Windows XP SP2 / Windows Server 2003 SP2 (x64) (Superseded)        (ID: 1304001)
[Major]    MS13-040: Vulnerabilities in .NET Framework Could Allow Spoofing - .NET Framework 4 - Windows XP SP2 / 2003 SP2 / Vista SP2 / 2008 SP2 / 7 SP1 / Server 2008 R2 (x64) (Superseded)        (ID: 1304003)
[Major]    MS13-040: Vulnerabilities in .NET Framework Could Allow Spoofing - .NET Framework 2.0 SP2 - Windows Vista SP2 / Windows Server 2008 SP2 (x64) (Superseded)        (ID: 1304005)
[Major]    MS13-040: Vulnerabilities in .NET Framework Could Allow Spoofing - .NET Framework 4.5 - Windows Vista SP2 / Server 2008 SP2 / 7 SP1 / Server 2008 R2 SP1 (x64) (Superseded)        (ID: 1304007)
[Major]    MS13-040: Vulnerabilities in .NET Framework Could Allow Spoofing - .NET Framework 3.5.1 - Windows 7 SP1 / Windows Server 2008 R2 SP1 (x64) (Superseded)        (ID: 1304009)
[Major]    MS13-040: Vulnerabilities in .NET Framework Could Allow Spoofing - .NET Framework 3.5 - Windows 8 Gold / Windows Server 2012 Gold (x64) (Superseded)        (ID: 1304011)
[Major]    MS13-040: Vulnerabilities in .NET Framework Could Allow Spoofing - .NET Framework 4.5 - Windows 8 Gold / Windows Server 2012 Gold (x64) (Superseded)        (ID: 1304013)
[Major]    MS13-040: Vulnerabilities in .NET Framework Could Allow Spoofing - .NET Framework 2.0 SP2 - Windows XP SP3 / Windows Server 2003 SP2 (Superseded)        (ID: 1304015)
[Major]    MS13-040: Vulnerabilities in .NET Framework Could Allow Spoofing - .NET Framework 4 - Windows XP SP3 / 2003 SP2 / Vista SP2 / 2008 SP2 / 7 SP1 (Superseded)        (ID: 1304017)
[Major]    MS13-040: Vulnerabilities in .NET Framework Could Allow Spoofing - .NET Framework 2.0 SP2 - Windows Vista SP2 / Windows Server 2008 SP2 (Superseded)        (ID: 1304019)
[Major]    MS13-040: Vulnerabilities in .NET Framework Could Allow Spoofing - .NET Framework 4.5 - Windows Vista SP2 / Windows Server 2008 SP2 / Windows 7 SP1 (Superseded)        (ID: 1304021)
[Major]    MS13-040: Vulnerabilities in .NET Framework Could Allow Spoofing - .NET Framework 3.5.1 - Windows 7 SP1 (Superseded)        (ID: 1304023)
[Major]    MS13-040: Vulnerabilities in .NET Framework Could Allow Spoofing - .NET Framework 3.5 - Windows 8 Gold (Superseded)        (ID: 1304025)
[Major]    MS13-040: Vulnerabilities in .NET Framework Could Allow Spoofing - .NET Framework 4.5 - Windows 8 Gold (Superseded)        (ID: 1304027)
[Major]    MS11-100: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege - Microsoft .NET Framework 3.5 SP1 - Windows XP / 2003 / Vista / 2008 (Superseded)        (ID: 1110005)
[Major]    MS11-100: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege - Microsoft .NET Framework 3.5 SP1 - Windows XP SP2 / 2003 SP2 / Vista SP2 / 2008 SP2 (x64) (Superseded)        (ID: 1110011)
[Major]    MS13-052: Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code Execution - .NET Framework 4 - Windows XP SP3 / 2003 SP2 / Vista SP2 / 2008 SP2 (KB2832407) (Superseded)        (ID: 1305213)
[Major]    MS13-052: Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code Execution - .NET Framework 4 - Windows XP SP2 / 2003 SP2 / Vista SP2 / 2008 SP2 (x64) (KB2832407) (Superseded)        (ID: 1305225)
[Major]    MS13-052: Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code Execution - .NET Framework 4.5 - Windows Vista SP2 / 2008 SP2 (KB2835622) (Superseded)        (ID: 1305241)
[Major]    MS13-052: Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code Execution - .NET Framework 4.5 - Windows Vista SP2 / 2008 SP2 (x64) (Superseded)        (ID: 1305253)
[Major]    MS10-081: Vulnerability in Windows Common Control Library Could Allow Remote Code Execution - Windows XP SP2 (x64) (Superseded)        (ID: 1008103)
[Major]    MS10-081: Vulnerability in Windows Common Control Library Could Allow Remote Code Execution - Windows XP SP2 (x64) - CORRUPT PATCH (Superseded)        (ID: 1008104)
[Major]    MS10-081: Vulnerability in Windows Common Control Library Could Allow Remote Code Execution - Windows Server 2003 SP2 (Superseded)        (ID: 1008105)
[Major]    MS10-081: Vulnerability in Windows Common Control Library Could Allow Remote Code Execution - Windows Server 2003 SP2 - CORRUPT PATCH (Superseded)        (ID: 1008106)
[Major]    MS10-081: Vulnerability in Windows Common Control Library Could Allow Remote Code Execution - Windows Server 2003 SP2 (x64) (Superseded)        (ID: 1008107)
[Major]    MS10-081: Vulnerability in Windows Common Control Library Could Allow Remote Code Execution - Windows Server 2003 SP2 (x64) - CORRUPT PATCH (Superseded)        (ID: 1008108)
[Major]    MS13-067: Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution - SharePoint Foundation 2010 SP1/SP2 (wss) (x64) (Superseded)        (ID: 1306707)
[Major]    MS13-067: Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution - SharePoint Server 2013 (wacserver) (x64) (Superseded)        (ID: 1306717)
[Major]    MS13-067: Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution - Excel Services - SharePoint Server 2007 SP3 (Superseded)        (ID: 1306719)
[Major]    MS13-067: Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution - Excel Services - SharePoint Server 2007 SP3 (x64) (Superseded)        (ID: 1306721)
[Major]    MS13-067: Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution - Excel Services - SharePoint Server 2010 SP1/SP2 (x64) (Superseded)        (ID: 1306723)
[Major]    MS13-067: Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution - Word Automation Services - SharePoint Server 2010 SP1/SP2 (x64) (Superseded)        (ID: 1306727)
[Major]    MS13-067: Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution - Excel Web App - Office Web Apps 2010 SP1/SP2 (x64) (Superseded)        (ID: 1306729)
[Major]    MS13-067: Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution - Word Web App - Office Web Apps 2010 SP1/SP2 (x64) (Superseded)        (ID: 1306731)
[Major]    MS11-072: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2007 SP2 (KB2553089) (Superseded)        (ID: 1107211)
[Major]    MS11-072: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2007 SP2 (KB2553090) (Superseded)        (ID: 1107216)
[Major]    MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2007 SP3 - Excel 2007 SP3 (Superseded)        (ID: 1307303)
[Major]    MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2013 - Excel 2013 (Superseded)        (ID: 1307309)
[Major]    MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2013 - Excel 2013 (x64) (Superseded)        (ID: 1307311)
[Major]    MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Excel Viewer 2007 SP3 (Superseded)        (ID: 1307315)
[Major]    MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office Compatibility Pack SP3 (Superseded)        (ID: 1307317)
[Major]    MS13-072: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Word 2003 SP3 (KB2817682) (Superseded)        (ID: 1307203)
[Major]    MS13-072: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Word 2007 SP3 (KB2767773) (Superseded)        (ID: 1307209)
[Major]    MS13-072: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Office Compatibility Pack SP3 (KB2760823) (Superseded)        (ID: 1307219)
[Major]    MS13-052: Vulnerability in Silverlight Could Allow Remote Code Execution - Silverlight 5 (Superseded)        (ID: 13052103)
[Major]    MS13-052: Vulnerability in Silverlight Could Allow Remote Code Execution - Silverlight 5 for Developers (Superseded)        (ID: 13052105)
[Major]    MS13-052: Vulnerability in Silverlight Could Allow Remote Code Execution - Silverlight 5 for Developers (x64) (Superseded)        (ID: 13052107)
[Major]    MS13-052: Vulnerability in Silverlight Could Allow Remote Code Execution - Silverlight 5 (x64) (Superseded)        (ID: 13052109)



Partially superseded Fixlet Messages due to October 2013 Security Bulletins:

[Major]    MS11-100: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege - Microsoft .NET Framework 4 - Windows 7 Gold        (ID: 1110007)
[Major]    MS11-100: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege - Microsoft .NET Framework 4.0 - Windows 7 Gold / 2008 R2 Gold (x64)        (ID: 1110013)
[Major]    MS11-072: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2010 Gold (KB2553091)        (ID: 1107226)
[Major]    MS11-072: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2010 Gold (KB2553096)        (ID: 1107231)
[Major]    MS11-072: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2010 Gold (KB2553091) (x64)        (ID: 1107241)
[Major]    MS11-072: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2010 Gold (KB2553096) (x64)        (ID: 1107246)
[Major]    MS12-078: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - Windows 7 Gold (KB2753842) (V2.0)        (ID: 1207833)
[Major]    MS12-078: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - Windows 7 Gold (KB2753842) (x64) (V2.0)        (ID: 1207837)
[Major]    MS12-078: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - Windows Server 2008 R2 Gold (KB2753842) (x64) (V2.0)    (ID: 1207841)
[Major]    MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2010 SP2 - Excel 2010 SP2        (ID: 1307305)
[Major]    MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2010 SP2 - Excel 2010 SP2 (x64)        (ID: 1307307)


Reason for Update:

Microsoft has released 8 Security Bulletins for October 2013.




Actions to Take:

None


Published site version:

Patches for Windows (English), version 1849


Additional links:

Microsoft Security Bulletin Summary:
http://technet.microsoft.com/en-us/security/bulletin/ms13-oct


Application Engineering Team
IBM Endpoint Manager

 

  • cstoneba
    cstoneba
    92 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-09T18:48:28Z  

    Anyone having issues with fixlet ID 13081157 (MS13-081: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - KB2862330 - Windows Server 2008 R2 SP1 (x64)) ?  It is still showing relevant after being installed and the target rebooted. 

  • TerryWeiChao
    TerryWeiChao
    165 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-09T19:26:44Z  
    • cstoneba
    • ‏2013-10-09T18:48:28Z

    Anyone having issues with fixlet ID 13081157 (MS13-081: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - KB2862330 - Windows Server 2008 R2 SP1 (x64)) ?  It is still showing relevant after being installed and the target rebooted. 

    Hi,

    It is still showing relevant after installing the patch, I think maybe some files are still not to the version that relevance expects. Can you try to find out which file cause the file check relevance still show true?

     

    Thanks!

  • liuhoting
    liuhoting
    79 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-09T19:35:45Z  

    Hi,

    It is still showing relevant after installing the patch, I think maybe some files are still not to the version that relevance expects. Can you try to find out which file cause the file check relevance still show true?

     

    Thanks!

    You can use this relevance to get at file information on systems that you're having trouble with. In addition, I'd try running the patch manually and seeing if it sticks or checking out to see if an error message pops up.

    Q: version of file "atmfd.dll" of system x64 folder

    Q: version of file "atmfd.dll" of system wow64 folder

    Q: version of file "atmlib.dll" of system x64 folder

    Q: version of file "atmlib.dll" of system wow64 folder

    Q: version of file "dciman32.dll" of system x64 folder

    Q: version of file "dciman32.dll" of system wow64 folder

    Q: version of file "fontsub.dll" of system x64 folder

    Q: version of file "fontsub.dll" of system wow64 folder

    Q: version of file "lpk.dll" of system x64 folder

    Q: version of file "lpk.dll" of system wow64 folder

     

  • cstoneba
    cstoneba
    92 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-10T14:03:39Z  
    • liuhoting
    • ‏2013-10-09T19:35:45Z

    You can use this relevance to get at file information on systems that you're having trouble with. In addition, I'd try running the patch manually and seeing if it sticks or checking out to see if an error message pops up.

    Q: version of file "atmfd.dll" of system x64 folder

    Q: version of file "atmfd.dll" of system wow64 folder

    Q: version of file "atmlib.dll" of system x64 folder

    Q: version of file "atmlib.dll" of system wow64 folder

    Q: version of file "dciman32.dll" of system x64 folder

    Q: version of file "dciman32.dll" of system wow64 folder

    Q: version of file "fontsub.dll" of system x64 folder

    Q: version of file "fontsub.dll" of system wow64 folder

    Q: version of file "lpk.dll" of system x64 folder

    Q: version of file "lpk.dll" of system wow64 folder

     

    PMR 56651,7TD,000 created for this problem.

     

    Here are the QnA Results:

    q: version of file "atmfd.dll" of system x64 folder
    A: 5.1.2.237
    T: 0.217 ms
     
    Q: version of file "atmfd.dll" of system wow64 folder
    A: 5.1.2.237
    T: 0.235 ms
     
    Q: version of file "atmlib.dll" of system x64 folder
    A: 5.1.2.237
    T: 0.226 ms
     
    Q: version of file "atmlib.dll" of system wow64 folder
    A: 5.1.2.237
    T: 0.222 ms
     
    Q: version of file "dciman32.dll" of system x64 folder
    A: 6.1.7600.16385
    T: 0.233 ms
     
    Q: version of file "dciman32.dll" of system wow64 folder
    A: 6.1.7600.16385
    T: 0.256 ms
     
    Q: version of file "fontsub.dll" of system x64 folder
    A: 6.1.7601.17105
    T: 0.233 ms
     
    Q: version of file "fontsub.dll" of system wow64 folder
    A: 6.1.7601.17105
    T: 0.237 ms
     
    Q: version of file "lpk.dll" of system x64 folder
    A: 6.1.7600.16385
    T: 0.235 ms
     
    Q: version of file "lpk.dll" of system wow64 folder
    A: 6.1.7600.16385
    T: 0.243 ms
     
    q:  (exists file "usbehci.sys" whose (((exists value "FileVersion" whose (it as lowercase contains "qfe" OR it as lowercase contains "ldr") of version blocks of it) AND ((version of it >= "6.1.7601.21000" AND version of it < "6.1.7601.22441"))) OR ((exists value "FileVersion" whose (not (it as lowercase contains "qfe" OR it as lowercase contains "ldr")) of version blocks of it) AND ((version of it >= "6.1.7601.17000" AND version of it < "6.1.7601.18251")))) of it) of (folder "drivers" of system x64 folder)
    A: True
    T: 1.395 ms
     
    q: (exists file "usbport.sys" whose (((exists value "FileVersion" whose (it as lowercase contains "qfe" OR it as lowercase contains "ldr") of version blocks of it) AND ((version of it >= "6.1.7601.21000" AND version of it < "6.1.7601.22441"))) OR ((exists value "FileVersion" whose (not (it as lowercase contains "qfe" OR it as lowercase contains "ldr")) of version blocks of it) AND ((version of it >= "6.1.7601.17000" AND version of it < "6.1.7601.18251")))) of it) of (folder "drivers" of system x64 folder)
    A: True
    T: 2.752 ms
     
  • liuhoting
    liuhoting
    79 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-10T21:29:59Z  
    • cstoneba
    • ‏2013-10-10T14:03:39Z

    PMR 56651,7TD,000 created for this problem.

     

    Here are the QnA Results:

    q: version of file "atmfd.dll" of system x64 folder
    A: 5.1.2.237
    T: 0.217 ms
     
    Q: version of file "atmfd.dll" of system wow64 folder
    A: 5.1.2.237
    T: 0.235 ms
     
    Q: version of file "atmlib.dll" of system x64 folder
    A: 5.1.2.237
    T: 0.226 ms
     
    Q: version of file "atmlib.dll" of system wow64 folder
    A: 5.1.2.237
    T: 0.222 ms
     
    Q: version of file "dciman32.dll" of system x64 folder
    A: 6.1.7600.16385
    T: 0.233 ms
     
    Q: version of file "dciman32.dll" of system wow64 folder
    A: 6.1.7600.16385
    T: 0.256 ms
     
    Q: version of file "fontsub.dll" of system x64 folder
    A: 6.1.7601.17105
    T: 0.233 ms
     
    Q: version of file "fontsub.dll" of system wow64 folder
    A: 6.1.7601.17105
    T: 0.237 ms
     
    Q: version of file "lpk.dll" of system x64 folder
    A: 6.1.7600.16385
    T: 0.235 ms
     
    Q: version of file "lpk.dll" of system wow64 folder
    A: 6.1.7600.16385
    T: 0.243 ms
     
    q:  (exists file "usbehci.sys" whose (((exists value "FileVersion" whose (it as lowercase contains "qfe" OR it as lowercase contains "ldr") of version blocks of it) AND ((version of it >= "6.1.7601.21000" AND version of it < "6.1.7601.22441"))) OR ((exists value "FileVersion" whose (not (it as lowercase contains "qfe" OR it as lowercase contains "ldr")) of version blocks of it) AND ((version of it >= "6.1.7601.17000" AND version of it < "6.1.7601.18251")))) of it) of (folder "drivers" of system x64 folder)
    A: True
    T: 1.395 ms
     
    q: (exists file "usbport.sys" whose (((exists value "FileVersion" whose (it as lowercase contains "qfe" OR it as lowercase contains "ldr") of version blocks of it) AND ((version of it >= "6.1.7601.21000" AND version of it < "6.1.7601.22441"))) OR ((exists value "FileVersion" whose (not (it as lowercase contains "qfe" OR it as lowercase contains "ldr")) of version blocks of it) AND ((version of it >= "6.1.7601.17000" AND version of it < "6.1.7601.18251")))) of it) of (folder "drivers" of system x64 folder)
    A: True
    T: 2.752 ms
     

    It looks like the patch just isn't getting installed.....

    and it looks like you're not the only one having problems:

    http://answers.microsoft.com/en-us/windows/forum/windows_7-windows_install/kb2862330-fails-to-install/a51a34c3-6a67-43dc-b5d1-81d35401299c

    http://news.softpedia.com/news/KB2862330-Windows-7-Update-Fails-to-Install-389542.shtml

    It's happening on both Windows 7 and Server 2008 R2 machines. In addition to not being installed properly, or having the update stall out, this update looks like it's randomly causing blue screens as well.

  • liuhoting
    liuhoting
    79 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-10T21:40:34Z  
    • liuhoting
    • ‏2013-10-10T21:29:59Z

    It looks like the patch just isn't getting installed.....

    and it looks like you're not the only one having problems:

    http://answers.microsoft.com/en-us/windows/forum/windows_7-windows_install/kb2862330-fails-to-install/a51a34c3-6a67-43dc-b5d1-81d35401299c

    http://news.softpedia.com/news/KB2862330-Windows-7-Update-Fails-to-Install-389542.shtml

    It's happening on both Windows 7 and Server 2008 R2 machines. In addition to not being installed properly, or having the update stall out, this update looks like it's randomly causing blue screens as well.

    Also my mistake I posted the relevance checks for a different fixlet entirely. The relevance that *should* be run is:

    Q: version of file "usbccgp.sys" of folder "drivers" of system x64 folder

    Q: version of file "usbd.sys" of folder "drivers" of system x64 folder

    Q: version of file "usbehci.sys" of folder "drivers" of system x64 folder

    Q: version of file "usbhub.sys" of folder "drivers" of system x64 folder

    Q: version of file "usbohci.sys" of folder "drivers" of system x64 folder

    Q: version of file "usbport.sys" of folder "drivers" of system x64 folder

    Q: version of file "usbuhci.sys" of folder "drivers" of system x64 folder
     

  • Andrew_TEM
    Andrew_TEM
    17 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-11T17:53:25Z  

    Please check the relevance for Fixlet (13081171) MS13-081: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - KB2883150 - Windows Server 2008 R2 SP1 (x64).

    I believe the Relevance 6 block to be incorrect.  It is checking for service branches incorrectly.  We ran into this issue last month and the relevance was updated without the service branches and only focused on the file versions.  Below is my QnA:

     

    q: (exists file "win32k.sys" whose (((exists value "FileVersion" whose (it as lowercase contains "qfe" OR it as lowercase contains "ldr") of version blocks of it) AND ((version of it >= "6.1.7601.21000" AND version of it < "6.1.7601.22435"))) OR ((exists value "FileVersion" whose (not (it as lowercase contains "qfe" OR it as lowercase contains "ldr")) of version blocks of it) AND ((version of it >= "6.1.7601.17000" AND version of it < "6.1.7601.18246")))) of it) of (system x64 folder)
    A: False
    T: 5.041 ms

    q: value "FileVersion" of version blocks of file "win32k.sys" of system x64 folder
    A: 6.1.7600.16385 (win7_rtm.090713-1255)
    T: 3.362 ms

    q: version of file "win32k.sys" of system x64 folder
    A: 6.1.7601.22416
    T: 0.848 ms

    Updated on 2013-10-11T17:58:30Z at 2013-10-11T17:58:30Z by Andrew_TEM
  • cstoneba
    cstoneba
    92 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-11T18:35:38Z  

    thanks liuhoting. Yes, sounds like there are some issues with it. I guess i'm glad we pulled the MS13-081 fixlets from our baselines for October then.

     

    Hopefully MS provides a v2 update.

  • CSL2012
    CSL2012
    85 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-11T19:15:50Z  

    Fixlet (13081171) MS13-081: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - KB2883150 - Windows Server 2008 R2 SP1(x64). After reviewing http://technet.microsoft.com/en-us/security/bulletin/ms13-081 & http://support.microsoft.com/kb/2883150, I compared TEM Applicability results with WSUS.  WSUS shows KB2883150 is applicable to all of our Win 2008 R2 servers but TEM shows less than 10 Win 2008 R2 applicable.

  • sylviabeing
    sylviabeing
    148 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-14T09:54:04Z  
    • CSL2012
    • ‏2013-10-11T19:15:50Z

    Fixlet (13081171) MS13-081: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - KB2883150 - Windows Server 2008 R2 SP1(x64). After reviewing http://technet.microsoft.com/en-us/security/bulletin/ms13-081 & http://support.microsoft.com/kb/2883150, I compared TEM Applicability results with WSUS.  WSUS shows KB2883150 is applicable to all of our Win 2008 R2 servers but TEM shows less than 10 Win 2008 R2 applicable.

    Hi,

    Thanks for the comparison. I think there is something unusual for file "win32k.sys". 

    Please try the custom copy for both Windows 2008 R2 SP1 (x64) and Windows 7 SP1 (x64) and let me know the results.

    Regards,

    Sylvia
     

  • sylviabeing
    sylviabeing
    148 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-14T09:55:04Z  

    Please check the relevance for Fixlet (13081171) MS13-081: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution - KB2883150 - Windows Server 2008 R2 SP1 (x64).

    I believe the Relevance 6 block to be incorrect.  It is checking for service branches incorrectly.  We ran into this issue last month and the relevance was updated without the service branches and only focused on the file versions.  Below is my QnA:

     

    q: (exists file "win32k.sys" whose (((exists value "FileVersion" whose (it as lowercase contains "qfe" OR it as lowercase contains "ldr") of version blocks of it) AND ((version of it >= "6.1.7601.21000" AND version of it < "6.1.7601.22435"))) OR ((exists value "FileVersion" whose (not (it as lowercase contains "qfe" OR it as lowercase contains "ldr")) of version blocks of it) AND ((version of it >= "6.1.7601.17000" AND version of it < "6.1.7601.18246")))) of it) of (system x64 folder)
    A: False
    T: 5.041 ms

    q: value "FileVersion" of version blocks of file "win32k.sys" of system x64 folder
    A: 6.1.7600.16385 (win7_rtm.090713-1255)
    T: 3.362 ms

    q: version of file "win32k.sys" of system x64 folder
    A: 6.1.7601.22416
    T: 0.848 ms

    Can you try the custom copy attached in my last post? Do update me with the result!

    Thanks!

  • Andrew_TEM
    Andrew_TEM
    17 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-14T12:49:37Z  

    Can you try the custom copy attached in my last post? Do update me with the result!

    Thanks!

    The applicable computer count I have for the custom 2K8R2 fixlet is what I would expect to see in our environment.  Your check for the win32k.sys file should be permanently changed.

    I have only tested the 2K8R2 fixlet, I cannot speak for the Win7 fixlet...even though I know they are practically the same.

  • Andrew_TEM
    Andrew_TEM
    17 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-15T13:31:01Z  

    Hi,

    Thanks for the comparison. I think there is something unusual for file "win32k.sys". 

    Please try the custom copy for both Windows 2008 R2 SP1 (x64) and Windows 7 SP1 (x64) and let me know the results.

    Regards,

    Sylvia
     

    Sylvia,

    Are there any plans to update Fixlet 13081171 with the above custom copies to the external site?  We are waiting on this to move forward with our October patching.  Or should we move forward with relying on the custom copy?

  • liuhoting
    liuhoting
    79 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-15T23:11:27Z  

    Sylvia,

    Are there any plans to update Fixlet 13081171 with the above custom copies to the external site?  We are waiting on this to move forward with our October patching.  Or should we move forward with relying on the custom copy?

    Hey Andrew, did those custom fixlets work for you? If yes, we're planning on republishing that version into the external site.

  • sylviabeing
    sylviabeing
    148 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-16T09:13:52Z  

    Sylvia,

    Are there any plans to update Fixlet 13081171 with the above custom copies to the external site?  We are waiting on this to move forward with our October patching.  Or should we move forward with relying on the custom copy?

    Hey Andrew,

    The content (Fixlet 13081171 and 13081153) has been updated and published to the external site.

    Published site version:

    Patches for Windows (English), version 1856.

    Please check out the new copy.

    Regards,

    Sylvia

     

     

  • Andrew_TEM
    Andrew_TEM
    17 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-17T12:48:32Z  

    Hey Andrew,

    The content (Fixlet 13081171 and 13081153) has been updated and published to the external site.

    Published site version:

    Patches for Windows (English), version 1856.

    Please check out the new copy.

    Regards,

    Sylvia

     

     

    They worked.  Thanks for the turn around on those patches Sylvia and liuhoting.

  • cwmenard
    cwmenard
    8 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-17T16:07:30Z  

    It appears that the following fixlets should have been fully superseded by MS13-085:

    [Major]    MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2010 SP2 - Excel 2010 SP2        (ID: 1307305)
    [Major]    MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2010 SP2 - Excel 2010 SP2 (x64)        (ID: 1307307)
     

    They are still showing relevant for systems that have been updated with MS13-085.

    Q: version of regapp "excel.exe"

    A:14.0.7109.5000

    T:1.211 ms

     

    MS13-073 installs version 14.0.7104.5000 of excel.exe.  Since the MS13-073 fixlets don't contain file level relevance they are still showing as relevant since MS13-085 was installed before MS13-073 was applied.

    Thanks,

    Curtis

    Updated on 2013-10-17T17:53:16Z at 2013-10-17T17:53:16Z by cwmenard
  • SLB
    SLB
    35 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-17T17:09:12Z  
    • cwmenard
    • ‏2013-10-17T16:07:30Z

    It appears that the following fixlets should have been fully superseded by MS13-085:

    [Major]    MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2010 SP2 - Excel 2010 SP2        (ID: 1307305)
    [Major]    MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2010 SP2 - Excel 2010 SP2 (x64)        (ID: 1307307)
     

    They are still showing relevant for systems that have been updated with MS13-085.

    Q: version of regapp "excel.exe"

    A:14.0.7109.5000

    T:1.211 ms

     

    MS13-073 installs version 14.0.7104.5000 of excel.exe.  Since the MS13-073 fixlets don't contain file level relevance they are still showing as relevant since MS13-085 was installed before MS13-073 was applied.

    Thanks,

    Curtis

    Hi Curtis,

    I'm seeing the same (I posted a question about this earlier in this forum).  The MS13-085 update doesn't create the same registry keys as the MS13-073 update does.  In defence of IBM though, MS don't state that MS13-085 replaces MS13-073 for Office 2010 SP2, only for SP1.

    Regs

    Rob

     

  • cwmenard
    cwmenard
    8 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-17T21:06:01Z  
    • SLB
    • ‏2013-10-17T17:09:12Z

    Hi Curtis,

    I'm seeing the same (I posted a question about this earlier in this forum).  The MS13-085 update doesn't create the same registry keys as the MS13-073 update does.  In defence of IBM though, MS don't state that MS13-085 replaces MS13-073 for Office 2010 SP2, only for SP1.

    Regs

    Rob

     

    Having some file level relevance in MS13-073 would have avoided this.

  • sylviabeing
    sylviabeing
    148 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-18T03:21:41Z  
    • cwmenard
    • ‏2013-10-17T16:07:30Z

    It appears that the following fixlets should have been fully superseded by MS13-085:

    [Major]    MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2010 SP2 - Excel 2010 SP2        (ID: 1307305)
    [Major]    MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2010 SP2 - Excel 2010 SP2 (x64)        (ID: 1307307)
     

    They are still showing relevant for systems that have been updated with MS13-085.

    Q: version of regapp "excel.exe"

    A:14.0.7109.5000

    T:1.211 ms

     

    MS13-073 installs version 14.0.7104.5000 of excel.exe.  Since the MS13-073 fixlets don't contain file level relevance they are still showing as relevant since MS13-085 was installed before MS13-073 was applied.

    Thanks,

    Curtis

    Hi Curtis,

    Thanks for reporting this.  As mentioned by Rob, MS13-085 only replace MS13-073 for Office 2010 SP1.

    We will work on it and fix the false positive soon.

    Regards,

    Sylvia

  • sylviabeing
    sylviabeing
    148 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-18T06:07:39Z  
    • cwmenard
    • ‏2013-10-17T16:07:30Z

    It appears that the following fixlets should have been fully superseded by MS13-085:

    [Major]    MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2010 SP2 - Excel 2010 SP2        (ID: 1307305)
    [Major]    MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2010 SP2 - Excel 2010 SP2 (x64)        (ID: 1307307)
     

    They are still showing relevant for systems that have been updated with MS13-085.

    Q: version of regapp "excel.exe"

    A:14.0.7109.5000

    T:1.211 ms

     

    MS13-073 installs version 14.0.7104.5000 of excel.exe.  Since the MS13-073 fixlets don't contain file level relevance they are still showing as relevant since MS13-085 was installed before MS13-073 was applied.

    Thanks,

    Curtis

    Hi Curtis,

    Please try the attached custom copy for those 2 fixlets and let me know whether it works.

    I have included a file check for some files mentioned by MS. Please note that this patch can be installed to Office 2010 suite without excel component.

    Regards,

    Sylvia

  • cwmenard
    cwmenard
    8 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-18T12:51:22Z  

    Hi Curtis,

    Please try the attached custom copy for those 2 fixlets and let me know whether it works.

    I have included a file check for some files mentioned by MS. Please note that this patch can be installed to Office 2010 suite without excel component.

    Regards,

    Sylvia

    Thank you Sylvia.  These look much better!

  • sylviabeing
    sylviabeing
    148 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-22T07:26:58Z  
    • cwmenard
    • ‏2013-10-18T12:51:22Z

    Thank you Sylvia.  These look much better!

    Thanks for confirming the results.

    The content will be release to site soon.

    Thanks & Regards,

    Sylvia

  • sylviabeing
    sylviabeing
    148 Posts

    Re: Content Released in Patches for Windows (English) - October 2013 Security Bulletins - 2 of 2 Publishings

    ‏2013-10-22T10:07:42Z  
    • cwmenard
    • ‏2013-10-18T12:51:22Z

    Thank you Sylvia.  These look much better!

    Content has been published.

    Published site version:

    Patches for Windows (English), version 1857.