Patch Tuesday: October's Rescinded 2949927 Gets Reissued as 3033929

Patch Tuesday: October's Rescinded 2949927 Gets Reissued as 3033929

Back in October 2014, Microsoft released 2949927 update to add functionality for SHA-2 signing and verification due a weakness in SHA-1 for Windows 7 and Windows Server 2008 R2. But, due to problems customers had with the update, the company removed it.

Now, a full 5 months later, the security update has resurfaced. This month Microsoft has made an updated version of the patch available and has assigned it a different number. 2949927 is now 3033929.

Incidentally, the SHA-2 functionality is already integrated into Windows 8, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT, and Windows RT 8.1, so the update is not needed for these OS versions. However, the capability does not exist in Windows Server 2003, Windows Vista, and Windows Server 2008, but this newly released update is not applicable to these versions.

One big word of caution – this update shares binaries with one of this month's security updates, MS15-025 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (3038680), so there's a specific installation order required.

If using automatic updates, the Windows Update mechanism will take care of the proper installation order. But, if you are deploying manually or using a staged deployment solution like System Center Configuration Manager, you need to observe the order. Update 3035131 (which is being released simultaneously with MS15-025, needs to be installed first, and then update 3033929.

More information and guidance can be found in Microsoft Security Advisory 3033929.

UPDATE: Reports are already starting to suggest that there may be problems with 3033929. It fails with error code 80004005 and puts computers into a reboot loop. We'll update you with more as it becomes available.

 

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish