Re: Missing Windows update reported as a vulnerability by TMH and BA

"Engel" wrote:

Don't bother writing, look here

http://home.earthlink.net/~mrob/pub/acroabbrev.html

I hope this post is helpful.

Thanks for the link ! It will certainly be useful. I'll add it to my
'Favorites'. I noted that 'AV'=Antivirus isn't listed there. It should be
added.

Now, back to the problem.

Mowgreen:

Besides Avast, i have also Spybot-S&D, Ad-Aware 2007 (Free Edition),
SpywareBlaster and Windows Defender installed, but from these 4, only Windows
Defender has real time protection monitoring my system in the background.
Spybot-S&D has two additional resident protection modules: Resident
"SDHelper" and Resident "TeaTimer". "SDHelper" is a Internet explorer bad
download blocker. It is an IE add-on (Browser Helper Object) that blocks any
content coming from a list of known malware sites when i'm browsing the web.
I always have it enabled. "TeaTimer" protects over-all system settings. I
never activated it.
I also have Peerguardian 2. It blocks IPs from selected lists. Most of the
time i only have the 'Spyware' list of IPs enabled. PG2 works at the kernel
level (don't know what this means).

Yesterday, I couldn't wait for MowGreen's reply. My browser stop responding
for 2 times, when closing IE7 window, and I felt an urge to solve this
without more delays. So, I did the following:

*Step 1.* I had at least 4 IE7 updates listed in 'Add or Remove programs'. I
didn't know if i should uninstall them all before uninstalling IE7, or if I
should uninstall only IE7, hoping all the IE7 updates to be automatically
uninstalled in the process. I uninstalled only the KB939653, then I
uninstalled IE7.

*Step 2.* After uninstalling IE7, i noted that KB917344 appeared in my 'Add
and Remove programs' (it was hidden before by IE7) and also noted that
jscript.dll on WINDOWS\system32 was now v.5.6.0.8831.
Also, after uninstalling IE7, one last IE7 update remained in the 'Add or
Remove programs'. I chose to remove it, and clicked on 'Continue' when an
*annoying* dialog box showed up, warning me about a list of programs *and
Windows updates* that might not work correctly if that update was removed.

*Step 3.* I downloaded and reinstalled Internet Explorer 7. During IE7
installation, I was given the option to download and install immediately any
IE7 updates along with the IE7 installation (the same checkbox allowed also
to download and run immediately the Microsoft latest malware removal tool). I
ticked that checkbox, and started the installation, but at the end of the
process, i was told that not all the IE7 updates were successfully installed,
and that i should reboot my computer, then open Internet Explorer and go to
the 'Windows Update' site to install any remainder updates.

*Step 4.* The first thing i did after reboot was to check jscript.dll
version. It was Version 5.7.0.5730 !! "mae" was right...
I also cheched 'Add or Remove programs': Under ‘Windows Internet Explorer 7
– Software Updates’, the only IE7 update listed was KB939653. Then, i went to
'Microsoft Update' site. It found only one IE7 update missing: KB938127. I
downloaded and installed it.
I think it's curious that before *Step 1.* i had 4 IE7 updates listed in
'Add or Remove programs', and now i'm reduced to only 2.

*Step 5.* I reinstalled Belarc Advisor and ran it. Now, it no longer detects
KB917344 as a missing update -*one problem less*-, but it still detects
KB939653-IE7 as missing:
« Missing Microsoft Security Hotfixes
KB939653-IE7 - Critical (details...) These required security hotfixes
(using the 10/09/2007 Microsoft Security Bulletin Summary) were not found
installed. Note: CIS benchmarks require that Critical and Important severity
security hotfixes must be installed.»

*Step 6.* I uninstalled KB939653 and reinstalled it (via automatic updates).
Then, ran Belarc A. again, but it still failed verification of KB939653-IE7.

Have I done something wrong through steps 1-5 ? Or Belarc reported a 'false
positive'? I'd like to know the answer. Any suggestions ?

Two more notes:

Note 1. In *Step 3.*, before downloading IE7, I went to 'Microsoft Update'
site, and it prompted me to install missing KB939653 for IE6. I didn't
download it, as i was going to install IE7.

Note 2. Before installing IE7 and IE7 updates, i disabled both Avast and
Windows Defender.

P.S. I did steps 1-6 yesterday, before MowGreen post. I didn't post this
yesterday, because only now i finished writing the present post. It took me
long, and I wasn't able to finish it yesterday.


"MowGreen [MVP]" wrote:

The update appears to have installed correctly.
I tried to find a file list for IE7 but could not. Am unaware that
jscript.dll is updated to Version 5.7 by the installation of IE7.
I *doubt* that is the case as installing Windows Script 5.7 updates
jscript.dll, but I could be wrong.
According to the Security Bulletin page:
http://www.microsoft.com/technet/security/bulletin/ms07-057.mspx

When KB939653 is installed there is an entry made in Add/Remove
Programs. Since I do not have IE7 installed, I'm assuming that it would
show under 'Windows XP - Software updates' or, directly under the entry
made for the installation of IE7.

Recommend you do what you'd posted previously:

Considering what's been said, i'd like to try the following solution:

1. Uninstall IE7
2. Check again version of jscript.dll in C:\WINDOWS\system32. If it is
v.5.6.0.8831 (like the one i have in C:\WINDOWS\ie7), there's no need to
install KB917344. If jscript.dll is v.5.6.0.8825 (like it is now), then
reinstall KB917344.
3. Reinstall IE7
4. Reinstall the cumulative IE update KB939653.

Besides Avast, is there any other security software installed [Spybot
Search&Destroy, etc] ?

.

Relevant Pages

  • Re: Missing Windows update reported as a vulnerability by TMH and BA
    ... installation, I was given the option to download and install immediately any IE7 updates along with the IE7 installation. ... I ticked that checkbox, and started the installation, but at the end of the process, i was told that not all the IE7 updates were successfully installed, and that i should reboot my computer, then open Internet Explorer and go to the 'Windows Update' site to install any remainder updates. ...
    (microsoft.public.windowsupdate)
  • Re: Creating a Update CD for Distro
    ... >> to my offline users that includes Windows Updates, ... > better informed about your options when it comes to the Windows Updates. ... > Creating an Integrated Installation ... > understand and utilize good passwords. ...
    (microsoft.public.windowsupdate)
  • Re: Attacked by Spyware and Adware
    ... involve installing a service pack again first and then all critical updates. ... your backed up data media before copying to your new installation. ... Windows 2000 and Windows XP: ... back in or dial out to the Internet and you must download and install the MS04-011 ...
    (microsoft.public.win2000.security)
  • Re: Updates since SP3 on XP
    ... except for Defender def updates and occasionally one or two others ... flavor of Windows XP you have. ... You either have a pre-release version of SP3 installed or a failed ... Pack 3 for Windows XP installation. ...
    (microsoft.public.windowsupdate)
  • RE: slow start-up following latest updates windows xp
    ... After the latest set of window security updates, ... seconds before I can run a program from booting up windows. ... With the recent installation of updates/patches from aug 8, ... the limited user account or the admin account), ...
    (microsoft.public.windowsxp.perform_maintain)