Re: Missing Windows update reported as a vulnerability by TMH and BA

This is where 'problems' arise :

*Step 3.* I downloaded and reinstalled Internet Explorer 7. During IE7 installation, I was given the option to download and install immediately any IE7 updates along with the IE7 installation (the same checkbox allowed also to download and run immediately the Microsoft latest malware removal tool). I ticked that checkbox, and started the installation, but at the end of the process, i was told that not all the IE7 updates were successfully installed, and that i should reboot my computer, then open Internet Explorer and go to the 'Windows Update' site to install any remainder updates.

During the installlation of IE7 it is HIGHLY recommended that one disable Automatic Updates :
http://www.ie-vista.com/known_issues.html#pre-install

If one allows Automatic Updates during the install of IE7 that means that files that are being written to the HardDrive are being replaced by files downloaded from AU either while they're being written or right afterwards. Not good practice, IMHO.
Just allow the files to be written and then reenable AU.

Thanks for posting the Version of jscript.dll that is installed with IE7. It's too bad that Microsoft hasn't published a file list as they did for previous versions of IE.

Now, as to Spybot ... although it's not active it can/will cause issues when TeaTimer is enabled when updates are installed.
Disable TeaTimer either right before updating or all together.
Said issues can/will occur when the system is installing updates from either of the Update sites, not when using Automatic Updates.
That's because TeaTimer monitors/blocks ActiveX components and the Update sites use that component [wuweb.dll for Windows Update; muweb.dll for Microsfot Update] during the updating process.

SDHelper is totally useless, IMO. Your mileage may vary [YMMV ;)]

MowGreen [MVP 2003-2008]
===============
*-343-* FDNY
Never Forgotten
===============



Hugo_Pt wrote:
"Engel" wrote:


Don't bother writing, look here

http://home.earthlink.net/~mrob/pub/acroabbrev.html

I hope this post is helpful.


Thanks for the link ! It will certainly be useful. I'll add it to my 'Favorites'. I noted that 'AV'=Antivirus isn't listed there. It should be added.

Now, back to the problem.

Mowgreen:
Besides Avast, i have also Spybot-S&D, Ad-Aware 2007 (Free Edition), SpywareBlaster and Windows Defender installed, but from these 4, only Windows Defender has real time protection monitoring my system in the background. Spybot-S&D has two additional resident protection modules: Resident "SDHelper" and Resident "TeaTimer". "SDHelper" is a Internet explorer bad download blocker. It is an IE add-on (Browser Helper Object) that blocks any content coming from a list of known malware sites when i'm browsing the web. I always have it enabled. "TeaTimer" protects over-all system settings. I never activated it. I also have Peerguardian 2. It blocks IPs from selected lists. Most of the time i only have the 'Spyware' list of IPs enabled. PG2 works at the kernel level (don't know what this means).

Yesterday, I couldn't wait for MowGreen's reply. My browser stop responding for 2 times, when closing IE7 window, and I felt an urge to solve this without more delays. So, I did the following:

*Step 1.* I had at least 4 IE7 updates listed in 'Add or Remove programs'. I didn't know if i should uninstall them all before uninstalling IE7, or if I should uninstall only IE7, hoping all the IE7 updates to be automatically uninstalled in the process. I uninstalled only the KB939653, then I uninstalled IE7.

*Step 2.* After uninstalling IE7, i noted that KB917344 appeared in my 'Add and Remove programs' (it was hidden before by IE7) and also noted that jscript.dll on WINDOWS\system32 was now v.5.6.0.8831.
Also, after uninstalling IE7, one last IE7 update remained in the 'Add or Remove programs'. I chose to remove it, and clicked on 'Continue' when an *annoying* dialog box showed up, warning me about a list of programs *and Windows updates* that might not work correctly if that update was removed.
*Step 3.* I downloaded and reinstalled Internet Explorer 7. During IE7 installation, I was given the option to download and install immediately any IE7 updates along with the IE7 installation (the same checkbox allowed also to download and run immediately the Microsoft latest malware removal tool). I ticked that checkbox, and started the installation, but at the end of the process, i was told that not all the IE7 updates were successfully installed, and that i should reboot my computer, then open Internet Explorer and go to the 'Windows Update' site to install any remainder updates.

*Step 4.* The first thing i did after reboot was to check jscript.dll version. It was Version 5.7.0.5730 !! "mae" was right...
I also cheched 'Add or Remove programs': Under ‘Windows Internet Explorer 7 – Software Updates’, the only IE7 update listed was KB939653. Then, i went to 'Microsoft Update' site. It found only one IE7 update missing: KB938127. I downloaded and installed it.
I think it's curious that before *Step 1.* i had 4 IE7 updates listed in 'Add or Remove programs', and now i'm reduced to only 2.

*Step 5.* I reinstalled Belarc Advisor and ran it. Now, it no longer detects KB917344 as a missing update -*one problem less*-, but it still detects KB939653-IE7 as missing:
« Missing Microsoft Security Hotfixes
KB939653-IE7 - Critical (details...) These required security hotfixes (using the 10/09/2007 Microsoft Security Bulletin Summary) were not found installed. Note: CIS benchmarks require that Critical and Important severity security hotfixes must be installed.»

*Step 6.* I uninstalled KB939653 and reinstalled it (via automatic updates). Then, ran Belarc A. again, but it still failed verification of KB939653-IE7.

Have I done something wrong through steps 1-5 ? Or Belarc reported a 'false positive'? I'd like to know the answer. Any suggestions ?

Two more notes:

Note 1. In *Step 3.*, before downloading IE7, I went to 'Microsoft Update' site, and it prompted me to install missing KB939653 for IE6. I didn't download it, as i was going to install IE7.

Note 2. Before installing IE7 and IE7 updates, i disabled both Avast and Windows Defender.

P.S. I did steps 1-6 yesterday, before MowGreen post. I didn't post this yesterday, because only now i finished writing the present post. It took me long, and I wasn't able to finish it yesterday.


"MowGreen [MVP]" wrote:


The update appears to have installed correctly.
I tried to find a file list for IE7 but could not. Am unaware that jscript.dll is updated to Version 5.7 by the installation of IE7.
I *doubt* that is the case as installing Windows Script 5.7 updates jscript.dll, but I could be wrong.
According to the Security Bulletin page:
http://www.microsoft.com/technet/security/bulletin/ms07-057.mspx

When KB939653 is installed there is an entry made in Add/Remove Programs. Since I do not have IE7 installed, I'm assuming that it would show under 'Windows XP - Software updates' or, directly under the entry made for the installation of IE7.

Recommend you do what you'd posted previously:


Considering what's been said, i'd like to try the following solution:

1. Uninstall IE7
2. Check again version of jscript.dll in C:\WINDOWS\system32. If it is v.5.6.0.8831 (like the one i have in C:\WINDOWS\ie7), there's no need to install KB917344. If jscript.dll is v.5.6.0.8825 (like it is now), then reinstall KB917344.
3. Reinstall IE7
4. Reinstall the cumulative IE update KB939653.

Besides Avast, is there any other security software installed [Spybot Search&Destroy, etc] ?


.

Relevant Pages

  • Re: Attacked by Spyware and Adware
    ... involve installing a service pack again first and then all critical updates. ... your backed up data media before copying to your new installation. ... Windows 2000 and Windows XP: ... back in or dial out to the Internet and you must download and install the MS04-011 ...
    (microsoft.public.win2000.security)
  • Re: Search Options from Search Explorer Bar in IE6 Missing on Win2
    ... the ability to customize my search window. ... Apparently you can download a MSN desktop search box which also creates ... I do not do automatic updates on my home or work computers. ... do tell about this "IE7 ...
    (microsoft.public.windows.inetexplorer.ie6.setup)
  • Re: Download Only Updates post SP2
    ... > download ONLY of all the ... > Is there a place to search for all patches/fixes/security updates ... Creating an Integrated Installation ...
    (microsoft.public.windowsxp.security_admin)
  • Re: XP SP3 install and problems afterwards
    ... There is some problem with SP3!! ... you may have a bad installation. ... never had any problems with updates in the past. ... can bring myself to download it myself. ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: XP SP3 install and problems afterwards
    ... download and update, ... There is some problem with SP3!! ... you may have a bad installation. ... had any problems with updates in the past. ...
    (microsoft.public.windowsxp.help_and_support)