14 DAY TRIAL // The number of botched updates shipped to Microsoft customers across the world has dropped significantly in the last few months, but this doesn’t necessarily mean that patches causing headaches have disappeared entirely.
In fact, one of the updates that were rolled out last month as part of Patch Tuesday was causing issues with security software installed on Windows computers, including not only Microsoft’s but also Symantec’s and other companies’.
Microsoft was quick to acknowledge the problem in August, and the company even provided a manual fix for the issue, admitting that the update was indeed causing these apps to freeze or fail to launch after the boot.
There was just a single problem with this fix: it required users to manually apply it and do all the work, so only a few people were actually aware of its existence. So today, the software giant has decided to ship a fully working patch via Windows Update in order to take care of everything and get the problem fixed on all impacted Windows computers.
“If security update 3076895 is installed on a Windows 7-based or Windows Server 2008 R2-based computer, install update 3092627. If update 3090303 is installed, customers already have the fix for the issue. Therefore, they don't have to install update 3092627. Update 3092627 is a broader GDR release of the fix in update 3090303,” Microsoft explains.
Patch now if you didn’t use the manual fix
In other words, if you already installed the original patch released in August and didn’t apply the fix, you need to get today’s fix. Otherwise, you’re good to go.
In case you’re wondering, the KB3076895 bulletin that Microsoft released last month affects all Windows versions and comes to address security vulnerabilities in the operating system and the Microsoft Office productivity suite.
Redmond explains:
“The vulnerabilities could allow information disclosure by either exposing memory addresses if a user clicks a specially crafted link or by explicitly allowing the use of Secure Sockets Layer (SSL) 2.0. However, in every case an attacker would have no way to force users to click a specially crafted link. An attacker would have to convince users to click the link, typically by way of an enticement in an email or Instant Messenger message.”
The patch is shipped via Windows Update, so fire it up and get it as soon as possible to make sure you’re on the safe side.