Remember that suggestion by Microsoft to uninstall MS14-045? Well, you should have listened.
Today, Microsoft is rolling out a fixed version of KB2982791, but under a new name, KB2993651. This is the culprit of the litany of bluescreens caused by a rollout of August 2014's Patch Tuesday update cycle. But, to install the updated version, Microsoft is again suggesting that you uninstall the original. Some were able to install the problematic update without problem – though how do you truly know you don't have a problem until something bad happens, right?
The statement on the matter goes like this:
Microsoft strongly recommends that customers who have not uninstalled the 2982791 update do so prior to applying the 2993651 update. Customers do not need to uninstall the expired 2982791 update before applying the 2993651 update; however, Microsoft strongly recommends it. Customers who do not remove the expired update will retain a listing for 2982791 under installed updates in Control Panel.
Today's rerelease comes with a note from Tracey Pretorius, the Director of Microsoft Trustworthy Computing area. In the note, Tracey explains the situation and again highlights that the incident only affected a small number of customers. The statement is questionable, considering the number of complaints I've heard personally over the issues presented by KB2982791.
Take it away Tracey:
Every month for many years, we’ve released a number of updates focused on the continuous improvement of customers’ experiences with our technology. Historically, these updates happened at different times during the month, with the security-specific ones occurring on the second Tuesday of each month. Recently, to further streamline, we decided to include more of our non-security updates together with our security updates and begin the global release to customers on the second Tuesday of each month.
This month we had our first roll out with additional non-security updates. A small number of customers experienced problems with a few of the updates. As soon as we became aware of some problems, we began a review and then immediately pulled the problematic updates, making these unavailable to download. We then began working on a plan to rerelease the affected updates.
We encourage customers to install the security update as soon as possible. Customers with automatic updates enabled do not need to take any action. If you don’t have Windows Update enabled, we encourage you to do so now. If you’re not sure whether you’ve enabled Windows Update, you can check here. For organizations, your IT Group, the team or person administering the network, would be the best place to check.
P.S. I had originally received Tracey's note over email, but it now looks like the full text is posted to an official blog: Security Bulletin MS14-045 rereleased
What's truly interesting about Tracey's note is how its explained that the primary issue was not the update, but rather the change in how Microsoft lumped more non-security updates in with security updates this month. To hear that, makes me think back to an article I wrote just this morning about how this will become the norm once Windows 9 (Threshold) releases. In It's Just Windows, I talked about how Microsoft is looking to meld features and fixes into smaller, quicker updates. If August Patch Tuesday customers were the guinea pigs for testing this new practice, well, I'd say Microsoft has much farther to go. Its also possible that Tracey's note is an official announcement of policy changes that customers have already know about for some time.
Let's just hope it works this time. If you have any issues with this new release, you know who to tell. Drop a note in the comments, or…