General

[CJOttawa]

Hey.

I realize M.CB isn't a tech forum so if you know of a better place to post this, let me know.

I ran a series of system updates for Windows XP and one of them is causing a particular program I use to crash.

It may be a C++ Runtime error it's causing but I can't verify consistently.

The problem is, it's flagged as a critical update so I'm leery of uninstalling it. I have verified it is the update related to this issue:
Microsoft Security Bulletin MS12-081 - Critical : Vulnerability in Windows File Handling Component Could Allow Remote Code Execution (2758857)

Would YOU leave a critical update uninstalled?

EDIT - the problem is solved. Someone hacked a .DLL file for MS Money Sunset and the update no longer conflicts with it. Installed and safe again.

[chrislognshot]

well for one thing microsoft did stop supporting xp awhile back if i am right. so not sure how you got update if they stop supporting xp. not even sure how we can fix it since looks like you got virus or some sort of program that caused your xp not to work right.

[HOEPER]

My current laptop runs vista and I picked it up in 2007. I thought it was on its last leg when it kept crashing, blue screen of death every time during start up. Luckily I had made backups of everything. It was worthless as is so I nuked the hard drive and re installed the operating system, drivers and a bunch of other stuff. To make a long story short it ran until I downloaded updates again. There was one (or more) along the way that just clashed. I'm no techie so I nuked it again, installed everything but turned off automatic updates. Basically in its current state its like it came out of the box. Its been running well for a year since then. Haven't really missed the updates other than one that bumps up the screen resolution.

[Falcon16]

Just looked it up mainstream support stopped in 09. Extended support is due to end in 014 for businesses. In all seriousness upgrade to Win 7 Home Premium or Pro you won't regret it

[MaD]

I'd leave that one and look more into the cause of the problem. It'll only be a day or two before it's actively being exploited by malicious web sites. Chances are there will be a patch or update for the conflict that fixes your issue. I would post it on some M$ and security related forums though.


SANS assesements are always up to date and spot on.
https://isc.sans.edu/diary/Microsoft...Overview/14683

Quote:

Originally Posted by chrislognshot

well for one thing microsoft did stop supporting xp awhile back if i am right. so not sure how you got update if they stop supporting xp. not even sure how we can fix it since looks like you got virus or some sort of program that caused your xp not to work right.

Quote:

Originally Posted by Falcon16

Just looked it up mainstream support stopped in 09. Extended support is due to end in 014 for businesses. In all seriousness upgrade to Win 7 Home Premium or Pro you won't regret it

Extended support covers security patches through 2014. It also covers bug fixes for those who have paid for the hotfix agreement. This basically means if there is a conflict or widespread issue, SOMEONE who has the agreement (covered under most corporate M$ licensing agreements) will have experienced it and the solution will trickle into technet or public forums.

[CJOttawa]

Quote:

Originally Posted by MaD

...It'll only be a day or two before it's actively being exploited by malicious web sites...

Any reason why exploits wouldn't be floating around already? I'm just not sure how much exposure I'll have to this... but I'm wary.

Quote:

...Extended support covers security patches through 2014. It also covers bug fixes for those who have paid for the hotfix agreement. This basically means if there is a conflict or widespread issue, SOMEONE who has the agreement (covered under most corporate M$ licensing agreements) will have experienced it and the solution will trickle into technet or public forums.

^^^ This. XP is still supported and I have no reason to switch. It works.

[MaD]

Quote:

Originally Posted by CJOttawa

Any reason why exploits wouldn't be floating around already? I'm just not sure how much exposure I'll have to this... but I'm wary.

Well.... it's tough to say. Since SANS rated it as "Critical" vs "Patch Now" it means it was probably discovered and submitted via responsible disclosure (discovered before it's actively being exploited and reported privately). The "Patch now" state means the bad guys discovered it first and were exploiting it before a patch was even releases.

So what happens is this.... the bad guys will now reverse engineer the patch and immediately start exploiting it. This allows them to hit anyone who hasn't patched yet and anyone who doesn't.

There are many web sites that have simple code that detects your OS patch level and just toss the relevant exploits at it. Some just throw all exploits at your OS hoping for one to own you. These would be any remote code execution exploit from any vendor (M$, Adobe...etc).

So here's the really bad thing about getting exposed. They're smart. I've even seen malware infections from "clean" sites because the bad guys slip on a bad ad into the stream and wham, pwnage. It's also common practice to hack sites and use them to install malware. There have been some very interesting sites (govt, banking, business) that have been owned and actually installed malware on people's PCs. Completly safe and friendly one day, owned the next.

I actually had an unnamed large PB related web site try to infect my machine because one of those bad ads made it in.

[CJOttawa]

Thanks MaD. I'm cautious online (NoScript, AdBlock Plus, FlashBlock, anti-malware tools resident etc) but not assuming those will be enough to keep me safe.

Unfortunately, the application this update breaks is my most frequently used one: MS Money. I have to find a way around this.

[dukie]

Have you updated all your drivers and bios? its surprising how that can cause issues sometimes.

[MaD]

Hrm... well you're probably safer than most. Might try a patch uninstall to see if it actually fixes the issue.

What are the actual error messages in the application event log?