1 Oct 09:01 2013
RE: MS13-077 - not offered up to machines where it's known that they will have issues.
Christian Joy <christian.joy@...>
2013-10-01 07:01:27 GMT
2013-10-01 07:01:27 GMT
>this security update will not be automatically offered to systems that do not have these registry entries So my WSUS console could show that this update is not needed by any computers, however I could still have some that are vulnerable to what this update patches? The information contained in this communication is intended for the named recipients only. It is subject to copyright and may contain privileged and/or confidential information. If you are not an intended recipient you must not use, copy, distribute or take any action in reliance on it. If you have received this communication in error, please delete all copies from your system and notify us immediately. -----Original Message----- From: Susan Bradley [mailto:sbradcpa@...] Sent: Tuesday, 1 October 2013 4:41 PM To: Patch Management Mailing List Subject: [patchmanagement] MS13-077 - not offered up to machines where it's known that they will have issues. MS13-077: Vulnerability in Windows Service Control Manager could allow elevation of privilege: September 10, 2013: https://support.microsoft.com/kb/2872339/en-us When the system is restarted to complete the installation of this security update, you receive a STOP 0x6B error message. This problem may occur if either of the following registry entries is missing: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-ntdll_31bf3856ad364e35_none_13be95395ddc6d7a HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\wow64_microsoft-windows-ntdll_31bf3856ad364e35_none_1e133f8b923d2f75 The missing registry entries could be caused by corruption in the registry or elsewhere in the system. Be aware that the corruption would have existed before the security update was installed. The corruption is not caused by the security update. *>>>>>>Note* As a mitigation for this issue, this security update will not be automatically offered to systems that do not have these registry entries. We are still looking for evidence to determine whether this is a widely applicable issue when the registry entries are missing.<<<<<<< --- PatchManagement.org is hosted by Shavlik To unsubscribe send a blank email to leave-patchmanagement <at> patchmanagement.org If you are unable to unsubscribe via this email address, please email owner-patchmanagement@...