microsoft security updates : .NET framework

[Luke_Wilbur]

Is anyone dealing with this Microsoft Nightmare?

 

Microsoft has been running Win2k Pro Updates this week that have now crashed my Outlook Email. It also freezes up Windows IE browser windows.

 

These updates are constant. If you click the Custom Install you get the following message:

 

Size: 8.8 MB

 

A security issue has been identified that could allow an attacker to compromise your Windows-based system running the Microsoft .NET Framework and gain complete control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

 

More information for this update can be found at http://go.microsoft.com/fwlink/?LinkId=91233

 

 

 

[Guest Bret McBride]

Ok, Figured it out thanks to spending some time researching. When Microsoft created this package, they left out netfx.msi file and the Installer package for this Hotfix requires this in its Install sequence. This file was included in the 1st package of .NET and then has been subsequently deleted from our machines thereafter by other updates. So, there are a couple nuiances, but the following works (No more annoying reminder! Yeah!)

 

1. First we get the netfx.msi file by:

 

a) Create a folder called Temp under your C Drive, so you now have C:\Temp

 

Download the .NET 1.1 Redistributable file from Microsoft and save it into the C:\Temp folder. You can download the .Net 1.1 file by clicking here:

 

http://www.microsoft.com/downloads/details...;displaylang=en

 

c) Once you have saved this file in the C:\Temp folder (its name is dotnetfx.exe), you need to Right-Click on it and click properties. Then, at the bottom of the Properties Window, some you need to Enable the file (since it was downloaded, some computers will not allow it to run from the command line like we need it to).

 

d) Now, click START and select RUN...Type nor copy/paste the following (red font) into the file name text box (Starts to the right of "Open:"):

 

C:\Temp\dotnetfx.exe /t:c:\Temp /c

 

and click OK.

 

e) The file will run and extract all the files that it is bundled with into this same directory, one of them being the needed netfx.msi file. (Yeah!)

 

2. Now, we need to get the downloadable manual version (filename is NDP1.1sp1-KB928366-X86.exe) of this failed update file (and Save it into C:\Temp) from Microsoft by clicking here:

 

http://www.microsoft.com/downloads/details...;displaylang=en

 

3. Double-click and Run this file you just downloaded....If you see it asking you if you want to Install it and then it asks you to Accept a License Agreement, Cool!....But, some people may experience the Installer hanging, and if this happens and you do not get those two requests within a couple minutes at most, cancel the Install, Restart it the same way, and it should work this time.......

 

4. At some point, the Installer will Pause and ask you to show it the way to netfx.msi. Type or copy/paste the text in blue below into the text box (or just hit the Browse button, navigate to the file) and click OK:

 

C:\Temp\netfx.msi

 

5. The Installer will finish to completion, and you should restart your computer.....Voila! You just accomplished no more Yellow Shield! Yeah!

 

 

 

Take care and good luck!

 

Bret McBride

[Luke_Wilbur]

Wow that was a fast response. It pays to post.

[Guest Luke Wilbur]

MS07-028: Vulnerability in CAPICOM could allow remote code execution

View products that this article applies to.

Article ID : 931906

Last Review : May 8, 2007

Revision : 1.0

INTRODUCTION

 

Microsoft has released security bulletin MS07-028. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites: • Home users:

http://www.microsoft.com/athome/security/u...ins/200705.mspx (http://www.microsoft.com/athome/security/update/bulletins/200705.mspx)

• IT professionals:

http://www.microsoft.com/technet/security/...n/ms07-028.mspx (http://www.microsoft.com/technet/security/bulletin/ms07-028.mspx)

Note This update requires Microsoft Windows Installer version 3.0 or a later version of Windows Installer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

292539 (http://support.microsoft.com/kb/292539/) How to obtain the Windows Installer engine

 

--------------------------------------------------------------------------------

[BlackSun]

http://www.microsoft.com/technet/security/...n/ms07-042.mspx

 

Microsoft Security Bulletin MS07-042 - Critical

Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227)

Published: August 14, 2007 | Updated: August 15, 2007

 

Version: 1.1

 

General Information

Executive Summary

This critical security update resolves a privately reported vulnerability. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. The vulnerability could be exploited through attacks on Microsoft XML Core Services. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

 

This is a critical security update for all supported editions of Windows 2000, Windows XP, Windows Vista, Microsoft Office 2003, and 2007 Microsoft Office System. For more information, see the subsection, Affected and Non-Affected Software, in this section.

 

This security update addresses the vulnerability by modifying the way that the Microsoft XML Core Services performs parameter validation. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.

 

Recommendation. Microsoft recommends that customers apply the update immediately.

 

Known Issues. None

 

Top of section

Affected and Non-Affected Software

The software listed here has been tested to determine which versions or editions are affected. Other versions or editions are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, visit Microsoft Support Lifecycle.

[Luke_Wilbur]

For the past six hours a Microsoft technician has been working on my computer remotely. He was replacing old files with

ones he found listed on Google (I thought that was pretty funny he was not using Live.com). When he told me to reboot.

 

I now have the following message on my blue screen:

 

*** Stop: 0X00000050 (0xFFFFFDDA, 0x00000000, 0xEB05368A, 0x00000000)

PAGE_FAULT_IN_NONPAGED_AREA

 

*** Address EB05368A base at EB050000, DateStamp 3e25bac8 - VIDEOPRT.SYS

 

Beginning dump of physical memory

Physical memory dump complete. Contact your system administrator or technical support group.

 

PAGE_FAULT_IN_NONPAGED_AREA

 

Explanation:

 

This Stop message occurs when requested data is not found in memory. The system generates a fault, which normally indicates that the system looks for data in the paging file. In this circumstance, however, the missing data is identified as being located within an area of memory that cannot be paged out to disk. The system faults, but cannot find, the data and is unable to recover. Faulty hardware, a buggy system service, antivirus software, and a corrupted NTFS volume can all generate this type of error.

 

When I hold down the F8 button the following blue message box appears:

 

 

SELECT FIRST BOOT DEVICE

 

USB RMD-FDD : SONY USD HS -CF CARD

IDE-0 : ST3200822A

CDROM : VOM-12E48X

NETWORK

 

[up/Dn] Select [RETURN] [ESC] CANCEL