
The new, fixed patch has the same KB number as the old, bad patch that crashed Outlook and busted network logon
As best I can tell, around 1:30 a.m. Redmond time on Thursday, Nov. 12, Microsoft re-released KB 3097877 — the horribly messed-up security patch I talked about yesterday that freezes Outlook, blocks network logons, crashes the Asus DX Xonar driver, and kills Win7 sidebar gadgets and SolidWorks, among others.
The patch is part of security bulletin MS15-115, a “critical update,” in Microsoft’s lexicon, designed to prevent remote code execution triggered by malicious fonts. Yes, fonts.
[ Everything you need to know about Windows 10, in a handy PDF. Download it today! | For the latest changes and updates, see “Where Windows 10 stands right now.” | Stay up on key Microsoft technologies with the Windows newsletter. ]
The KB article was updated at 1:42 a.m. Redmond time to say:
This security update was rereleased on November 11, 2015 for Windows 7 and Windows Server 2008 R2 to resolve an issue where crashes occurred in all supported versions of Microsoft Outlook when users were reading certain emails.
I’ve seen no other official description of the problem or its solution. The master list of Windows updates doesn’t list a re-release. Several TechNet threads mention a second version of KB 3097877, but I haven’t seen any official confirmation or description. It’s mushroom patch management time.
It looks like the patch was only re-released for Windows 7, not for any of the other Windows versions. I had anecdotal evidence on AskWoody.com that the patch had been pulled for Windows 7 on the night of Nov. 11, at least for a short time.
That means it took Microsoft 30 hours or more to pull the bad KB 3097877 and 36 hours to get a new version posted. That’s the kind of timescale we were accustomed to earlier this year. Considering that the failure seems to affect all versions of Windows 7 running all versions of Outlook, it’s hard to understand why the problem wasn’t caught in testing — and why it took so long to make it right.
It’s also not clear why Microsoft re-released the patch with the same KB number as the bad patch. That’s going to make life difficult for some admins. For those who hang their tails out in the breeze and turn on Windows Automatic Update, though, it means that a run through Windows Update will solve the old problems, and you’re not likely to notice that anything’s been updated.
If you can get to Windows Update.
If the new version really solves all the problems.
SOURCE: Infoworld
Here is the fix for this update:
1. Upon starting up your computer, enter Advanced Boot Options by hitting F8 repeatedly before you get the “Starting Windows” screen.
2. Go to “Repair my computer”.
3. Wait for it to ask you to enter your credentials, and do so.
4. System Recovery Options list will come up. The last option should be to open Command Prompt – do this now.
5. Type the following (where X: refers to the drive that your Windows updates should be installed to – this is usually C:, but mine is D:):
6. It should now remove the update. Once it tells you that the removal has reached 100%, close the prompt and restart your computer.
7. Wait for it to run through the usual boot-up routine – at the end, you should have no flashing screen anymore, and get the login prompt!
After this has completed you’ll want to go into Control Panel>Windows Update and change your update settings to ‘Never check for updates’ to help prevent it from reinstalling update KB3097877, at least for the time being until Microsoft pushes a fix for this.
Link to full walk through for this fix
Resolution for customers who are unable to log on to their Windows 7 computers:
If you cannot log on to your Windows 7-based computer because of the known issue mentioned earlier, we recommend that you uninstall security update 3097877 and then install all the latest updates from Windows Update.
The following section provides ways to uninstall the update:
Option 1: Disconnect any digitizer devices
Option 2: Recover the last Restore Point by using System Restore
Option 3: Uninstall security update 3097877 at a command prompt
For more information about how to determine whether you are running a 32-bit or 64-bit edition of Windows, click the following article number to view the article in the Microsoft Knowledge Base:
How to determine whether a computer is running a 32-bit version or a 64-bit version of the Windows operating system