Spyware, Viruses, & Security forum

General discussion

April Security Bulletins by Microsoft

April 11, 2006

Today Microsoft released the following Security Bulletin(s).

Bulletin Summary:
http://www.microsoft.com/technet/security/Bulletin/ms06-Apr.mspx

Critical Bulletins:

Cumulative Security Update for Internet Explorer (912812)
http://www.microsoft.com/technet/security/Bulletin/ms06-013.mspx

Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562)
http://www.microsoft.com/technet/security/Bulletin/ms06-014.mspx

Vulnerability in Windows Explorer Could Allow Remote Code Execution (908531)
http://www.microsoft.com/technet/security/Bulletin/ms06-015.mspx

Important Bulletins:

Cumulative Security Update for Outlook Express (911567)
http://www.microsoft.com/technet/security/Bulletin/ms06-016.mspx

Moderate Bulletins:

Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting (917627)
http://www.microsoft.com/technet/security/Bulletin/ms06-017.mspx

Re-Released Bulletins:

Vulnerability in Windows Media Player Could Allow Remote Code Execution
(911565)
http://www.microsoft.com/technet/security/Bulletin/ms06-005.mspx

Discussion is locked
You are posting a reply to: April Security Bulletins by Microsoft
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: April Security Bulletins by Microsoft
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
BE CAREFUL-Problems Here

In reply to: April Security Bulletins by Microsoft

I just visited the Windows Update site using 4 test machines. 2 with Windows XP SP2 Pro and 2 with Windows 2000 SP4.) BOTH XP machines were unable to restart after installing all the updates. Although the installations went fine and appeared to install successfully, upon the automatic restart, then desktop appears but no program icons load in the lower right corner. It freezes at that poin. In addition, an error message pop up occurs indicating that a dll is unable to load and the application must load.

Updates installed that caused the problem:

WMP10-KB911565
Cumulative Outlook Express-KB911567
Security Update for XP-KB908531
Cumulative Internet Explorer for XP-KB912812
Security Update For XP-KB911562

A restart into Safe Mode and System Restore to an ealier time fixed the issue.

At this point, I've ceased updating till I can narrow down the problem.

Hope this helps.

Grif

Collapse -
(NT) (NT) Thanks for the quick feedback Grif!

In reply to: BE CAREFUL-Problems Here

Collapse -
Grif, PSS Security and ...

In reply to: BE CAREFUL-Problems Here

I'm sure you are aware of this but worth to mention:

1-866-PCSAFETY to report what happened so they can fix it soon if it was reproduced. As we know, different environment, different result. Hopefully this is not a problem to all or many.

Also, do you managed to note down what dll file and application that didn't load?

Thank you!

Collapse -
Found The Culprit

In reply to: Grif, PSS Security and ...

I've now installed each update separately and only one causes the issue. It's the Security Update for XP-KB908531. It's a Windows Explorer update and installs a new "Shell32.dll" file.

The error message indicates: "EngUtil.exe-Dll Initialization Failed". Although the error message only appears briefly as a restart occurs, I'm guessing the "shell32.dll" isn't functioning correctly.

Hope this helps.

Grif

Collapse -
Over here.. I got not problem with that particular update

In reply to: Found The Culprit

Grify,

EngUtil.exe is EasyCD Creator?

I am now installing the updates one by one and I just finished installing the KB908531. I received no dll initialization failure notice.

Collapse -
Got the dll initialization notice on another system

In reply to: Found The Culprit

feedback.exe dll initialization failed.
That feedback.exe is a component of Outpost Firewall Pro. The computer restarted though and no problem after that. Outpost loaded and is running as it should. Using WE (Windows Explorer) is fine.

Off to install the others - one by one Grin

Collapse -
I've Now Installed KB908531 On About 30 Computers..

In reply to: Got the dll initialization notice on another system

...and only those first two XP's showed a problem. One of them was fixed by simply using System Restore and then manually installing all the updates from downloaded update files.

At this time, only one machine is still having a problem. Although all the other updates have installed fine, when I attempt to install 908531, the computer refuses to completely load into normal Windows upon the automatic restart..

So at this point, I'm not sure that it's a problem with the update itself. It may be an issue with this particular computer. I'll keep tinkering tomorrow to see if I can get things going correctly.

Hope this helps.

Grif

Collapse -
Great to know more computers got the update Grif!

In reply to: I've Now Installed KB908531 On About 30 Computers..

Seen if Event and update logs shows any hint?

Collapse -
Corrupted User Profile...

In reply to: Great to know more computers got the update Grif!

Once I switched to a different user with admin rights on the same machine, it installed fine.. I ended up deleting that user and creating a new one. Things are fine now..

I just find it interesting that the first two XP machines I installed it on were bad.. After investigation, it wasn't the update but the machine.

Take care.

Grif

Collapse -
KB908531 Problems

In reply to: I've Now Installed KB908531 On About 30 Computers..

We applied this hotfix on our network of about 400 users. The network is 100% Microsoft and consists of XP professional w/SP2 with SMS as the agent distributing the updates. On a small number of clients (12), once MS06-015 (aka KB908531) was applied, Windows Explorer "locked up" and the PC became unresponsive while trying to browse for files in MS Office 2003. Interestingly enough, browsing for files via Corel Wordperfect worked just fine.

Our work around was to un-install the offending hot fix. It's still pretty early, but I am reading from other message boards where this problem is causing alot of people problems.

Collapse -
Same Windows Explorer Issue Here On The Problem Comp

In reply to: KB908531 Problems

It won't browser correctly in Windows Explorer. "My Computer" works alright but Windows Explorer when accesses from a RIGHT click on the Start button or when accessing from other locations..will lock up and cause problem.

Hope this helps.

Grif

Collapse -
Phunter, Something For You To Check On Problem Comps

In reply to: KB908531 Problems

Although I'm away from the problem machine at the moment, While searching the net, I've found some "old" issues with Windows Explorer and HP Scanjet scanners. There are also new posts below about a similar association. To troubleshoot my single problem machine, I reformatted and reinstalled everything from scratch.. The problem machine started exhibiting the issue after installing the Scanjet software but I didn't associate it at the time.. It might be worth exploring but I won't be able to check my theory till Monday.

Just a thought.

Read the entire thread at the link below and see the relationship others are seeing with the HP scanners:

http://forums.techarena.in/showthread.php?t=494711

Hope this helps.

Grif

Collapse -
Response by Microsoft regarding MS06-015 / KB908531 issue

In reply to: Phunter, Something For You To Check On Problem Comps

Hi Grif,

MSRC blogged today:

QUOTE

I wanted to quickly let you know about some things related to MS06-015 that we’ve gotten some customer questions on. First, we’re currently tracking an issue involving the interaction of the security update with some components related to some Hewlett Packard devices that so far appear to be consumer level. The scope is limited at the moment but the impact might be that an application could hang when conducting certain operations, like opening a file from the “File-open” dialog in an application. While we’re working on determining all the affected possibilities, you can do the following if you’ve been affected:

- (If you have multiple user accounts set up) Log onto the computer using an account with Administrator privileges

- Click the Start button, then click Run and type "regedit" at the prompt, without the quotes; this will start Registry Editor

- Locate the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached key in Registry Editor

- Right click on the key and select New / DWORD Value

- Rename the resulting value "{A4DF5659-0801-4A60-9607-1C48695EFDA9}{000214E6-0000-0000-C000-000000000046} 0x401", without the quotes

- Right click the value, select Modify, and type "1" into the Value Data field

- Close Registry Editor

We’re working on a KB article on this and adding it to the bulletin caveats. Again, our information at this time leads us to believe that this is having little to no impact on corporate networks. The MSRC along with the Windows team and PSS will be investigating this through the weekend. If you believe you are having this issue, I certainly urge you to contact 1-866-PCSafety in Canada and the US for no charge support. International customers can receive the same support by contacting their local Microsoft subsidiary.

Another question I’ve gotten is around the defense in depth change documented in MS06-015. There’s been some confusion around that I think, but as is our normal practice for security bulletins, we document the existence of any additional defense in depth product behavioral changes, as well as the area of functionality where the change occurred so that customers can assess the impact to their environments. However, providing more detail on internal product changes could serve to aid attackers. Suffice to say the change is *not* related to a software vulnerability, merely a product behavior change to make the product more resilient to attack. There’s been some feedback we can make that more clear so we will work to do so in the future. On the whole, customers have been clear that we need to strike a balance between providing information to assess risk, and aiding attackers. But as our constant readers know, the information in our security bulletins has become more and more detailed over time so we certainly will be listening to your feedback about the information we provide to make the bulletins better.

END OF QUOTE

http://blogs.technet.com/msrc/archive/2006/04/15/425311.aspx

Collapse -
Thanks Donna... The Registry Edit Might Do It... But..

In reply to: Response by Microsoft regarding MS06-015 / KB908531 issue

...I'll need to wait till Monday to try the fix on the work computer... Despite the comment made by Mike Reavey at the blog, there are a number of "corporate network" computers experiencing this issue.. Certainly, it's not a "network" problem but a lot of corporate workstations use HP scanners.

Thanks for confirming my suspicions.. I'll need to see if the regedit fixes the issue or whether removal of the update or the HP software works for us.

Take care.

Grif

Collapse -
(NT) (NT) Hopefully it will solve the issue Grif. :-)

In reply to: Thanks Donna... The Registry Edit Might Do It... But..

Collapse -
Microsoft published the Knowledge Base on this issue

In reply to: (NT) Hopefully it will solve the issue Grif. :-)

Collapse -
Problem Solved

In reply to: Microsoft published the Knowledge Base on this issue

I followed the microsoft-proposed fix (editing regedit) and everything now seems to be OK. I guess the problem on my PC was related to HP software as I have an old scanner.

Collapse -
kb908531

In reply to: I've Now Installed KB908531 On About 30 Computers..

I just installed this patch and it broke my Wireless network and would not allow Norton Ghost9.0 Server applet to start. Seems to affect VPN client products as well.

Al Newsom - EDS

Collapse -
(NT) (NT) NO problems at all here !

In reply to: BE CAREFUL-Problems Here

Collapse -
(NT) (NT) NO problems here either. XP SP2.

In reply to: BE CAREFUL-Problems Here

Collapse -
Installed all but 908531, but.......

In reply to: (NT) NO problems here either. XP SP2.

I accidentally installed today's MS Update 911567 update for Outlook Express -- I use AOL for E-mail and do not usually install Outlook Express Updates.

So....I went to Add/Remove to uninstall and received the ''warning'' if I uninstall 911567, 911562 (today's update for MDAC) and 912812 (today's Cumulative Update for I.E.) might not work. I postponed the uninstall until I could check it out.

Whadda y'all think? -- Will uninstalling 911567 put my computer in harm's way?

Miki

Collapse -
Miki, Leave It Installed

In reply to: Installed all but 908531, but.......

It won't hurt anything and generally, if you uninstall the first one, you'll need to reinstall the others that might be effected by it's removal..

Even though you don't use Outlook Express, it's good to secure ALL programs on the computer as best as possible.

Hope this helps.

Grif

Collapse -
Reply to Grif -- Miki, Leave It Installed

In reply to: Miki, Leave It Installed

Methinks I will do as you say Happy

Thank you so much.

Miki

Collapse -
Security Update for XP-KB908531

In reply to: BE CAREFUL-Problems Here

I had a big problem recently when i was trying to insert a file either by way of word or outlook email
when i clicked insert and then did the navigate it would hang! I spent a long time on this as you do and narrowed it down to the above update...

But am not sure why it is causing this can not find any bugs etc that would be my only guess...

but I also had problem with microsoft defender failing to update and even saying it was uptodate when clearly it was not!! I have now removed it for a breather.......... Any Ideas??

Collapse -
Problem with XP-KB908531

In reply to: Security Update for XP-KB908531

Sounds like I am having the same problem.

In Outlook when I try to add an attachment to an outgoing message and click on favourites (to find the directory with my files in) in the subwindow that opens from the paperclip button the computer hangs.

It also hangs when I try to use the SAVE AS command within Word.

I have loaded/removed all the latest updates one-by-one and it is definitely this one that is causing the problems. Given the security nature of the update, I am somewhat loathed not to install it.

Any ideas??

Collapse -
Be Careful id right

In reply to: BE CAREFUL-Problems Here

I manually downloaded this week's Win XP patches and after rebooting my computer froze. I had to restart in safe mode and do a system restore. Then Windows Update inatalled the whole batch of patches and the same thing happened again. Now I guess Auto updates have to be turned off until Microsoft fixes the fix. This is a real pain!

Collapse -
Windows Update Works

In reply to: April Security Bulletins by Microsoft

Just successfully installed all 5 using Windows update.

Collapse -
Ouch!

In reply to: April Security Bulletins by Microsoft

I was expecting this update. So when I got an email from Microsoft with a security update attachment, I clicked on it. Norton caught the virus.
It of course wan't microsoft at all. I forwarded the whole thing to abuse@microsoft and I hope they do something about it.

Collapse -
Yup, Microsoft never send update as attachment

In reply to: Ouch!

They only send information with link to the security bulletin.

Collapse -
Todd.. You may want to..

In reply to: April Security Bulletins by Microsoft

try reading through this entire thread and see if it helps.

http://aumha.net/viewtopic.php?t=19125

Addtionally, for your good, you might want to ask to have your email address removed from your post. It can open you up for a great deal of spam. (Press "report offensive post" and request it be removed)

It may help..
Carol

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

SMART HOME

This one tip will help you sleep better tonight

A few seconds are all you need to get a better night's rest.