MS09-032 Installation

The security bulletin for MS09-032 fixes an ActiveX vulnerability first
described in Security Advisory 972890. We applied the workaround described
there for our XP and Windows 2003 systems. Now that the Security Bulletin is
released we're wondering what would happen should we apply MS09-032 and then
undo the fix in 927890. MS09-032 answers the question by describing a
scenario of Vista and Win 2008 systems, not XP or Win 2003. Here's the FAQ
I'm talking about:

What would happen if I install this update and then undo the workaround from
Microsoft Security Advisory 972890?

In this scenario, customers of Windows Vista and Windows Server 2008 install
this security update for defense-in-depth and then either manually undo the
workaround from Microsoft Security Advisory 972890, or use the automated
Microsoft Fix it solution in Microsoft Knowledge Base Article 972890 to
disable the workaround. Such customers will no longer prevent the Microsoft
Video ActiveX Control from running in Internet Explorer, making their systems
vulnerable. Also, such systems will not be reoffered this update since future
detection results will yield the successful installation that was undone by
workaround.
--
Sandy Wood
Orange County District Attorney

 

"Sandy Wood" <sandy.wood@nospam.com> wrote in message
news:A3737A7F-81DA-49E0-A6E5-43A6B4CC9CBA@microsoft.com...<!--coloro:blue--><span style="color:blue <!--/coloro-->
> The security bulletin for MS09-032 fixes an ActiveX vulnerability
> first
> described in Security Advisory 972890. We applied the workaround
> described
> there for our XP and Windows 2003 systems.<!--colorc--><!--/colorc-->

Apparently the "workaround" does the same thing that the "update" does
regarding that vulnerability. The update addresses other items though,
and should be taken advantage of.
<!--coloro:blue--><span style="color:blue <!--/coloro-->
> Now that the Security Bulletin is
> released we're wondering what would happen should we apply MS09-032
> and then
> undo the fix in 927890.<!--colorc--><!--/colorc-->

You would be "updated" but then you would be undoing that part of the
update that addresses that particular issue. You would then no longer be
offered that update because it is already installed - and remain
vulnerable do to your manual mis-configuration.
<!--coloro:blue--><span style="color:blue <!--/coloro-->
> MS09-032 answers the question by describing a
> scenario of Vista and Win 2008 systems, not XP or Win 2003. Here's the
> FAQ
> I'm talking about:
>
> What would happen if I install this update and then undo the
> workaround from
> Microsoft Security Advisory 972890?
>
> In this scenario, customers of Windows Vista and Windows Server 2008
> install
> this security update for defense-in-depth and then either manually
> undo the
> workaround from Microsoft Security Advisory 972890, or use the
> automated
> Microsoft Fix it solution in Microsoft Knowledge Base Article 972890
> to
> disable the workaround. Such customers will no longer prevent the
> Microsoft
> Video ActiveX Control from running in Internet Explorer, making their
> systems
> vulnerable. Also, such systems will not be reoffered this update since
> future
> detection results will yield the successful installation that was
> undone by
> workaround.<!--colorc--><!--/colorc-->

Clear as mud...

For people between the ages of 20 and 57, it is not a good idea to stick
your fingers in an energized lightbulb socket.

 

So it sounds like the update does the same thing as the workaround!
--
Sandy Wood
Orange County District Attorney


"FromTheRafters" wrote:
<!--coloro:blue--><span style="color:blue <!--/coloro-->
> "Sandy Wood" <sandy.wood@nospam.com> wrote in message
> news:A3737A7F-81DA-49E0-A6E5-43A6B4CC9CBA@microsoft.com...<!--coloro:green--><span style="color:green <!--/coloro-->
> > The security bulletin for MS09-032 fixes an ActiveX vulnerability
> > first
> > described in Security Advisory 972890. We applied the workaround
> > described
> > there for our XP and Windows 2003 systems.<!--colorc--><!--/colorc-->
>
> Apparently the "workaround" does the same thing that the "update" does
> regarding that vulnerability. The update addresses other items though,
> and should be taken advantage of.
> <!--coloro:green--><span style="color:green <!--/coloro-->
> > Now that the Security Bulletin is
> > released we're wondering what would happen should we apply MS09-032
> > and then
> > undo the fix in 927890.<!--colorc--><!--/colorc-->
>
> You would be "updated" but then you would be undoing that part of the
> update that addresses that particular issue. You would then no longer be
> offered that update because it is already installed - and remain
> vulnerable do to your manual mis-configuration.
> <!--coloro:green--><span style="color:green <!--/coloro-->
> > MS09-032 answers the question by describing a
> > scenario of Vista and Win 2008 systems, not XP or Win 2003. Here's the
> > FAQ
> > I'm talking about:
> >
> > What would happen if I install this update and then undo the
> > workaround from
> > Microsoft Security Advisory 972890?
> >
> > In this scenario, customers of Windows Vista and Windows Server 2008
> > install
> > this security update for defense-in-depth and then either manually
> > undo the
> > workaround from Microsoft Security Advisory 972890, or use the
> > automated
> > Microsoft Fix it solution in Microsoft Knowledge Base Article 972890
> > to
> > disable the workaround. Such customers will no longer prevent the
> > Microsoft
> > Video ActiveX Control from running in Internet Explorer, making their
> > systems
> > vulnerable. Also, such systems will not be reoffered this update since
> > future
> > detection results will yield the successful installation that was
> > undone by
> > workaround.<!--colorc--><!--/colorc-->
>
> Clear as mud...
>
> For people between the ages of 20 and 57, it is not a good idea to stick
> your fingers in an energized lightbulb socket.
>
>
> <!--colorc--><!--/colorc-->

 

Regarding that particular vulnerability, yes.

It is still a good idea to get the update rather than to rely on only
the workaround. The update does other things as well as address that
vulnerability.

"Sandy Wood" <sandy.wood@nospam.com> wrote in message
news:46A498EB-F6D7-424B-A10E-4B53C4EBAC03@microsoft.com...<!--coloro:blue--><span style="color:blue <!--/coloro-->
> So it sounds like the update does the same thing as the workaround!
> --
> Sandy Wood
> Orange County District Attorney
>
>
> "FromTheRafters" wrote:
><!--coloro:green--><span style="color:green <!--/coloro-->
>> "Sandy Wood" <sandy.wood@nospam.com> wrote in message
>> news:A3737A7F-81DA-49E0-A6E5-43A6B4CC9CBA@microsoft.com...<!--coloro:darkred--><span style="color:darkred <!--/coloro-->
>> > The security bulletin for MS09-032 fixes an ActiveX vulnerability
>> > first
>> > described in Security Advisory 972890. We applied the workaround
>> > described
>> > there for our XP and Windows 2003 systems.<!--colorc--><!--/colorc-->
>>
>> Apparently the "workaround" does the same thing that the "update"
>> does
>> regarding that vulnerability. The update addresses other items
>> though,
>> and should be taken advantage of.
>><!--coloro:darkred--><span style="color:darkred <!--/coloro-->
>> > Now that the Security Bulletin is
>> > released we're wondering what would happen should we apply MS09-032
>> > and then
>> > undo the fix in 927890.<!--colorc--><!--/colorc-->
>>
>> You would be "updated" but then you would be undoing that part of the
>> update that addresses that particular issue. You would then no longer
>> be
>> offered that update because it is already installed - and remain
>> vulnerable do to your manual mis-configuration.
>><!--coloro:darkred--><span style="color:darkred <!--/coloro-->
>> > MS09-032 answers the question by describing a
>> > scenario of Vista and Win 2008 systems, not XP or Win 2003. Here's
>> > the
>> > FAQ
>> > I'm talking about:
>> >
>> > What would happen if I install this update and then undo the
>> > workaround from
>> > Microsoft Security Advisory 972890?
>> >
>> > In this scenario, customers of Windows Vista and Windows Server
>> > 2008
>> > install
>> > this security update for defense-in-depth and then either manually
>> > undo the
>> > workaround from Microsoft Security Advisory 972890, or use the
>> > automated
>> > Microsoft Fix it solution in Microsoft Knowledge Base Article
>> > 972890
>> > to
>> > disable the workaround. Such customers will no longer prevent the
>> > Microsoft
>> > Video ActiveX Control from running in Internet Explorer, making
>> > their
>> > systems
>> > vulnerable. Also, such systems will not be reoffered this update
>> > since
>> > future
>> > detection results will yield the successful installation that was
>> > undone by
>> > workaround.<!--colorc--><!--/colorc-->
>>
>> Clear as mud...
>>
>> For people between the ages of 20 and 57, it is not a good idea to
>> stick
>> your fingers in an energized lightbulb socket.
>>
>>
>> <!--colorc--><!--/colorc--><!--colorc--><!--/colorc-->

 

Egggzzzzactly!

Sandy Wood wrote:<!--coloro:blue--><span style="color:blue <!--/coloro-->
> So it sounds like the update does the same thing as the workaround!
> <!--coloro:green--><span style="color:green <!--/coloro-->
>> "Sandy Wood" <sandy.wood@nospam.com> wrote in message
>> news:A3737A7F-81DA-49E0-A6E5-43A6B4CC9CBA@microsoft.com...<!--coloro:darkred--><span style="color:darkred <!--/coloro-->
>>> The security bulletin for MS09-032 fixes an ActiveX vulnerability
>>> first
>>> described in Security Advisory 972890. We applied the workaround
>>> described
>>> there for our XP and Windows 2003 systems.<!--colorc--><!--/colorc-->
>>
>> Apparently the "workaround" does the same thing that the "update" does
>> regarding that vulnerability. The update addresses other items though,
>> and should be taken advantage of.
>> <!--coloro:darkred--><span style="color:darkred <!--/coloro-->
>>> Now that the Security Bulletin is
>>> released we're wondering what would happen should we apply MS09-032
>>> and then
>>> undo the fix in 927890.<!--colorc--><!--/colorc-->
>>
>> You would be "updated" but then you would be undoing that part of the
>> update that addresses that particular issue. You would then no longer be
>> offered that update because it is already installed - and remain
>> vulnerable do to your manual mis-configuration.
>> <!--coloro:darkred--><span style="color:darkred <!--/coloro-->
>>> MS09-032 answers the question by describing a
>>> scenario of Vista and Win 2008 systems, not XP or Win 2003. Here's the
>>> FAQ
>>> I'm talking about:
>>>
>>> What would happen if I install this update and then undo the
>>> workaround from
>>> Microsoft Security Advisory 972890?
>>>
>>> In this scenario, customers of Windows Vista and Windows Server 2008
>>> install
>>> this security update for defense-in-depth and then either manually
>>> undo the
>>> workaround from Microsoft Security Advisory 972890, or use the
>>> automated
>>> Microsoft Fix it solution in Microsoft Knowledge Base Article 972890
>>> to
>>> disable the workaround. Such customers will no longer prevent the
>>> Microsoft
>>> Video ActiveX Control from running in Internet Explorer, making their
>>> systems
>>> vulnerable. Also, such systems will not be reoffered this update since
>>> future
>>> detection results will yield the successful installation that was
>>> undone by
>>> workaround.<!--colorc--><!--/colorc-->
>>
>> Clear as mud...
>>
>> For people between the ages of 20 and 57, it is not a good idea to stick
>> your fingers in an energized lightbulb socket.<!--colorc--><!--/colorc--><!--colorc--><!--/colorc-->

 

It is recommended to install the update even if you have done the work around.

--
ET
PSS


"FromTheRafters" wrote:
<!--coloro:blue--><span style="color:blue <!--/coloro-->
> Regarding that particular vulnerability, yes.
>
> It is still a good idea to get the update rather than to rely on only
> the workaround. The update does other things as well as address that
> vulnerability.
>
> "Sandy Wood" <sandy.wood@nospam.com> wrote in message
> news:46A498EB-F6D7-424B-A10E-4B53C4EBAC03@microsoft.com...<!--coloro:green--><span style="color:green <!--/coloro-->
> > So it sounds like the update does the same thing as the workaround!
> > --
> > Sandy Wood
> > Orange County District Attorney
> >
> >
> > "FromTheRafters" wrote:
> ><!--coloro:darkred--><span style="color:darkred <!--/coloro-->
> >> "Sandy Wood" <sandy.wood@nospam.com> wrote in message
> >> news:A3737A7F-81DA-49E0-A6E5-43A6B4CC9CBA@microsoft.com...
> >> > The security bulletin for MS09-032 fixes an ActiveX vulnerability
> >> > first
> >> > described in Security Advisory 972890. We applied the workaround
> >> > described
> >> > there for our XP and Windows 2003 systems.
> >>
> >> Apparently the "workaround" does the same thing that the "update"
> >> does
> >> regarding that vulnerability. The update addresses other items
> >> though,
> >> and should be taken advantage of.
> >>
> >> > Now that the Security Bulletin is
> >> > released we're wondering what would happen should we apply MS09-032
> >> > and then
> >> > undo the fix in 927890.
> >>
> >> You would be "updated" but then you would be undoing that part of the
> >> update that addresses that particular issue. You would then no longer
> >> be
> >> offered that update because it is already installed - and remain
> >> vulnerable do to your manual mis-configuration.
> >>
> >> > MS09-032 answers the question by describing a
> >> > scenario of Vista and Win 2008 systems, not XP or Win 2003. Here's
> >> > the
> >> > FAQ
> >> > I'm talking about:
> >> >
> >> > What would happen if I install this update and then undo the
> >> > workaround from
> >> > Microsoft Security Advisory 972890?
> >> >
> >> > In this scenario, customers of Windows Vista and Windows Server
> >> > 2008
> >> > install
> >> > this security update for defense-in-depth and then either manually
> >> > undo the
> >> > workaround from Microsoft Security Advisory 972890, or use the
> >> > automated
> >> > Microsoft Fix it solution in Microsoft Knowledge Base Article
> >> > 972890
> >> > to
> >> > disable the workaround. Such customers will no longer prevent the
> >> > Microsoft
> >> > Video ActiveX Control from running in Internet Explorer, making
> >> > their
> >> > systems
> >> > vulnerable. Also, such systems will not be reoffered this update
> >> > since
> >> > future
> >> > detection results will yield the successful installation that was
> >> > undone by
> >> > workaround.
> >>
> >> Clear as mud...
> >>
> >> For people between the ages of 20 and 57, it is not a good idea to
> >> stick
> >> your fingers in an energized lightbulb socket.
> >>
> >>
> >> <!--colorc--><!--/colorc--><!--colorc--><!--/colorc-->
>
>
> <!--colorc--><!--/colorc-->

 

QED: Will MS09-032 be offered by Automatic Updates or Windows Update if the
work-around is in place or the now-withdrawn FixIt was applied?

ET wrote:<!--coloro:blue--><span style="color:blue <!--/coloro-->
> It is recommended to install the update even if you have done the work
> around.
>
> "FromTheRafters" wrote:<!--coloro:green--><span style="color:green <!--/coloro-->
>> Regarding that particular vulnerability, yes.
>>
>> It is still a good idea to get the update rather than to rely on only
>> the workaround. The update does other things as well as address that
>> vulnerability.
>>
>> "Sandy Wood" <sandy.wood@nospam.com> wrote in message
>> news:46A498EB-F6D7-424B-A10E-4B53C4EBAC03@microsoft.com...<!--coloro:darkred--><span style="color:darkred <!--/coloro-->
>>> So it sounds like the update does the same thing as the workaround!
>>> --
>>> Sandy Wood
>>> Orange County District Attorney
>>>
>>>
>>> "FromTheRafters" wrote:
>>>
>>>> "Sandy Wood" <sandy.wood@nospam.com> wrote in message
>>>> news:A3737A7F-81DA-49E0-A6E5-43A6B4CC9CBA@microsoft.com...
>>>>> The security bulletin for MS09-032 fixes an ActiveX vulnerability
>>>>> first
>>>>> described in Security Advisory 972890. We applied the workaround
>>>>> described
>>>>> there for our XP and Windows 2003 systems.
>>>>
>>>> Apparently the "workaround" does the same thing that the "update"
>>>> does
>>>> regarding that vulnerability. The update addresses other items
>>>> though,
>>>> and should be taken advantage of.
>>>>
>>>>> Now that the Security Bulletin is
>>>>> released we're wondering what would happen should we apply MS09-032
>>>>> and then
>>>>> undo the fix in 927890.
>>>>
>>>> You would be "updated" but then you would be undoing that part of the
>>>> update that addresses that particular issue. You would then no longer
>>>> be
>>>> offered that update because it is already installed - and remain
>>>> vulnerable do to your manual mis-configuration.
>>>>
>>>>> MS09-032 answers the question by describing a
>>>>> scenario of Vista and Win 2008 systems, not XP or Win 2003. Here's
>>>>> the
>>>>> FAQ
>>>>> I'm talking about:
>>>>>
>>>>> What would happen if I install this update and then undo the
>>>>> workaround from
>>>>> Microsoft Security Advisory 972890?
>>>>>
>>>>> In this scenario, customers of Windows Vista and Windows Server
>>>>> 2008
>>>>> install
>>>>> this security update for defense-in-depth and then either manually
>>>>> undo the
>>>>> workaround from Microsoft Security Advisory 972890, or use the
>>>>> automated
>>>>> Microsoft Fix it solution in Microsoft Knowledge Base Article
>>>>> 972890
>>>>> to
>>>>> disable the workaround. Such customers will no longer prevent the
>>>>> Microsoft
>>>>> Video ActiveX Control from running in Internet Explorer, making
>>>>> their
>>>>> systems
>>>>> vulnerable. Also, such systems will not be reoffered this update
>>>>> since
>>>>> future
>>>>> detection results will yield the successful installation that was
>>>>> undone by
>>>>> workaround.
>>>>
>>>> Clear as mud...
>>>>
>>>> For people between the ages of 20 and 57, it is not a good idea to
>>>> stick
>>>> your fingers in an energized lightbulb socket. <!--colorc--><!--/colorc--><!--colorc--><!--/colorc--><!--colorc--><!--/colorc-->

 

The vulnerability is addressed by the registry setting (whether done
manually or automatically). The update does other things *plus* makes
the appropriate registry setting. If a user applies the"workaround" the
user should still apply the update. After applying the update, it would
be a mistake to "undo" the workaround, making the system vulnerable
again, *plus* making it so that the update is not offered again even
though the system is now vulnerable to one of the things that the update
addressed.

"ET" <et@microsoft.com> wrote in message
news:1795F85C-CD97-4561-B7CD-E79F113321E2@microsoft.com...<!--coloro:blue--><span style="color:blue <!--/coloro-->
> It is recommended to install the update even if you have done the work
> around.
>
> --
> ET
> PSS
>
>
> "FromTheRafters" wrote:
><!--coloro:green--><span style="color:green <!--/coloro-->
>> Regarding that particular vulnerability, yes.
>>
>> It is still a good idea to get the update rather than to rely on only
>> the workaround. The update does other things as well as address that
>> vulnerability.
>>
>> "Sandy Wood" <sandy.wood@nospam.com> wrote in message
>> news:46A498EB-F6D7-424B-A10E-4B53C4EBAC03@microsoft.com...<!--coloro:darkred--><span style="color:darkred <!--/coloro-->
>> > So it sounds like the update does the same thing as the workaround!
>> > --
>> > Sandy Wood
>> > Orange County District Attorney
>> >
>> >
>> > "FromTheRafters" wrote:
>> >
>> >> "Sandy Wood" <sandy.wood@nospam.com> wrote in message
>> >> news:A3737A7F-81DA-49E0-A6E5-43A6B4CC9CBA@microsoft.com...
>> >> > The security bulletin for MS09-032 fixes an ActiveX
>> >> > vulnerability
>> >> > first
>> >> > described in Security Advisory 972890. We applied the workaround
>> >> > described
>> >> > there for our XP and Windows 2003 systems.
>> >>
>> >> Apparently the "workaround" does the same thing that the "update"
>> >> does
>> >> regarding that vulnerability. The update addresses other items
>> >> though,
>> >> and should be taken advantage of.
>> >>
>> >> > Now that the Security Bulletin is
>> >> > released we're wondering what would happen should we apply
>> >> > MS09-032
>> >> > and then
>> >> > undo the fix in 927890.
>> >>
>> >> You would be "updated" but then you would be undoing that part of
>> >> the
>> >> update that addresses that particular issue. You would then no
>> >> longer
>> >> be
>> >> offered that update because it is already installed - and remain
>> >> vulnerable do to your manual mis-configuration.
>> >>
>> >> > MS09-032 answers the question by describing a
>> >> > scenario of Vista and Win 2008 systems, not XP or Win 2003.
>> >> > Here's
>> >> > the
>> >> > FAQ
>> >> > I'm talking about:
>> >> >
>> >> > What would happen if I install this update and then undo the
>> >> > workaround from
>> >> > Microsoft Security Advisory 972890?
>> >> >
>> >> > In this scenario, customers of Windows Vista and Windows Server
>> >> > 2008
>> >> > install
>> >> > this security update for defense-in-depth and then either
>> >> > manually
>> >> > undo the
>> >> > workaround from Microsoft Security Advisory 972890, or use the
>> >> > automated
>> >> > Microsoft Fix it solution in Microsoft Knowledge Base Article
>> >> > 972890
>> >> > to
>> >> > disable the workaround. Such customers will no longer prevent
>> >> > the
>> >> > Microsoft
>> >> > Video ActiveX Control from running in Internet Explorer, making
>> >> > their
>> >> > systems
>> >> > vulnerable. Also, such systems will not be reoffered this update
>> >> > since
>> >> > future
>> >> > detection results will yield the successful installation that
>> >> > was
>> >> > undone by
>> >> > workaround.
>> >>
>> >> Clear as mud...
>> >>
>> >> For people between the ages of 20 and 57, it is not a good idea to
>> >> stick
>> >> your fingers in an energized lightbulb socket.
>> >>
>> >>
>> >><!--colorc--><!--/colorc-->
>>
>>
>> <!--colorc--><!--/colorc--><!--colorc--><!--/colorc-->

 

> The update does other things...

Such as...?

With all due respect, MS09-032 only addresses MS Video ActiveX Control
Vulnerability - CVE-2008-0015, as does the FixIt some had used before
MS09-032 was released. See the Vulnerability Information section of

--
~PA Bear


FromTheRafters wrote:<!--coloro:blue--><span style="color:blue <!--/coloro-->
> The vulnerability is addressed by the registry setting (whether done
> manually or automatically). The update does other things *plus* makes
> the appropriate registry setting. If a user applies the"workaround" the
> user should still apply the update. After applying the update, it would
> be a mistake to "undo" the workaround, making the system vulnerable
> again, *plus* making it so that the update is not offered again even
> though the system is now vulnerable to one of the things that the update
> addressed.
>
> "ET" <et@microsoft.com> wrote in message
> news:1795F85C-CD97-4561-B7CD-E79F113321E2@microsoft.com...<!--coloro:green--><span style="color:green <!--/coloro-->
>> It is recommended to install the update even if you have done the work
>> around.
>>
>> --
>> ET
>> PSS
>>
>>
>> "FromTheRafters" wrote:
>><!--coloro:darkred--><span style="color:darkred <!--/coloro-->
>>> Regarding that particular vulnerability, yes.
>>>
>>> It is still a good idea to get the update rather than to rely on only
>>> the workaround. The update does other things as well as address that
>>> vulnerability.
>>>
>>> "Sandy Wood" <sandy.wood@nospam.com> wrote in message
>>> news:46A498EB-F6D7-424B-A10E-4B53C4EBAC03@microsoft.com...
>>>> So it sounds like the update does the same thing as the workaround!
>>>> --
>>>> Sandy Wood
>>>> Orange County District Attorney
>>>>
>>>>
>>>> "FromTheRafters" wrote:
>>>>
>>>>> "Sandy Wood" <sandy.wood@nospam.com> wrote in message
>>>>> news:A3737A7F-81DA-49E0-A6E5-43A6B4CC9CBA@microsoft.com...
>>>>>> The security bulletin for MS09-032 fixes an ActiveX
>>>>>> vulnerability
>>>>>> first
>>>>>> described in Security Advisory 972890. We applied the workaround
>>>>>> described
>>>>>> there for our XP and Windows 2003 systems.
>>>>>
>>>>> Apparently the "workaround" does the same thing that the "update"
>>>>> does
>>>>> regarding that vulnerability. The update addresses other items
>>>>> though,
>>>>> and should be taken advantage of.
>>>>>
>>>>>> Now that the Security Bulletin is
>>>>>> released we're wondering what would happen should we apply
>>>>>> MS09-032
>>>>>> and then
>>>>>> undo the fix in 927890.
>>>>>
>>>>> You would be "updated" but then you would be undoing that part of
>>>>> the
>>>>> update that addresses that particular issue. You would then no
>>>>> longer
>>>>> be
>>>>> offered that update because it is already installed - and remain
>>>>> vulnerable do to your manual mis-configuration.
>>>>>
>>>>>> MS09-032 answers the question by describing a
>>>>>> scenario of Vista and Win 2008 systems, not XP or Win 2003.
>>>>>> Here's
>>>>>> the
>>>>>> FAQ
>>>>>> I'm talking about:
>>>>>>
>>>>>> What would happen if I install this update and then undo the
>>>>>> workaround from
>>>>>> Microsoft Security Advisory 972890?
>>>>>>
>>>>>> In this scenario, customers of Windows Vista and Windows Server
>>>>>> 2008
>>>>>> install
>>>>>> this security update for defense-in-depth and then either
>>>>>> manually
>>>>>> undo the
>>>>>> workaround from Microsoft Security Advisory 972890, or use the
>>>>>> automated
>>>>>> Microsoft Fix it solution in Microsoft Knowledge Base Article
>>>>>> 972890
>>>>>> to
>>>>>> disable the workaround. Such customers will no longer prevent
>>>>>> the
>>>>>> Microsoft
>>>>>> Video ActiveX Control from running in Internet Explorer, making
>>>>>> their
>>>>>> systems
>>>>>> vulnerable. Also, such systems will not be reoffered this update
>>>>>> since
>>>>>> future
>>>>>> detection results will yield the successful installation that
>>>>>> was
>>>>>> undone by
>>>>>> workaround.
>>>>>
>>>>> Clear as mud...
>>>>>
>>>>> For people between the ages of 20 and 57, it is not a good idea to
>>>>> stick
>>>>> your fingers in an energized lightbulb socket. <!--colorc--><!--/colorc--><!--colorc--><!--/colorc--><!--colorc--><!--/colorc-->

 

From

What kill bits does this Cumulative Security Update of ActiveX Kill Bits
contain?
This Cumulative Security Update of ActiveX Kill Bits contains all kill
bits previously released in MS08-023, Security Update of ActiveX Kill
Bits; MS08-032, Cumulative Security Update of ActiveX Kill Bits; and
advisories entitled Update Rollup for ActiveX Kill Bits, Microsoft
Security Advisory 953839, Microsoft Security Advisory 956391, Microsoft
Security Advisory 960715, and Microsoft Security Advisory 969898.

"PA Bear [MS MVP]" <PABearMVP@gmail.com> wrote in message
news:ej7bSiMCKHA.4432@TK2MSFTNGP05.phx.gbl...<!--coloro:blue--><span style="color:blue <!--/coloro--><!--coloro:green--><span style="color:green <!--/coloro-->
>> The update does other things...<!--colorc--><!--/colorc-->
>
> Such as...?
>
> With all due respect, MS09-032 only addresses MS Video ActiveX Control
> Vulnerability - CVE-2008-0015, as does the FixIt some had used before
> MS09-032 was released. See the Vulnerability Information section of
>
> --
> ~PA Bear
>
>
> FromTheRafters wrote:<!--coloro:green--><span style="color:green <!--/coloro-->
>> The vulnerability is addressed by the registry setting (whether done
>> manually or automatically). The update does other things *plus* makes
>> the appropriate registry setting. If a user applies the"workaround"
>> the
>> user should still apply the update. After applying the update, it
>> would
>> be a mistake to "undo" the workaround, making the system vulnerable
>> again, *plus* making it so that the update is not offered again even
>> though the system is now vulnerable to one of the things that the
>> update
>> addressed.
>>
>> "ET" <et@microsoft.com> wrote in message
>> news:1795F85C-CD97-4561-B7CD-E79F113321E2@microsoft.com...<!--coloro:darkred--><span style="color:darkred <!--/coloro-->
>>> It is recommended to install the update even if you have done the
>>> work
>>> around.
>>>
>>> --
>>> ET
>>> PSS
>>>
>>>
>>> "FromTheRafters" wrote:
>>>
>>>> Regarding that particular vulnerability, yes.
>>>>
>>>> It is still a good idea to get the update rather than to rely on
>>>> only
>>>> the workaround. The update does other things as well as address
>>>> that
>>>> vulnerability.
>>>>
>>>> "Sandy Wood" <sandy.wood@nospam.com> wrote in message
>>>> news:46A498EB-F6D7-424B-A10E-4B53C4EBAC03@microsoft.com...
>>>>> So it sounds like the update does the same thing as the
>>>>> workaround!
>>>>> --
>>>>> Sandy Wood
>>>>> Orange County District Attorney
>>>>>
>>>>>
>>>>> "FromTheRafters" wrote:
>>>>>
>>>>>> "Sandy Wood" <sandy.wood@nospam.com> wrote in message
>>>>>> news:A3737A7F-81DA-49E0-A6E5-43A6B4CC9CBA@microsoft.com...
>>>>>>> The security bulletin for MS09-032 fixes an ActiveX
>>>>>>> vulnerability
>>>>>>> first
>>>>>>> described in Security Advisory 972890. We applied the workaround
>>>>>>> described
>>>>>>> there for our XP and Windows 2003 systems.
>>>>>>
>>>>>> Apparently the "workaround" does the same thing that the "update"
>>>>>> does
>>>>>> regarding that vulnerability. The update addresses other items
>>>>>> though,
>>>>>> and should be taken advantage of.
>>>>>>
>>>>>>> Now that the Security Bulletin is
>>>>>>> released we're wondering what would happen should we apply
>>>>>>> MS09-032
>>>>>>> and then
>>>>>>> undo the fix in 927890.
>>>>>>
>>>>>> You would be "updated" but then you would be undoing that part of
>>>>>> the
>>>>>> update that addresses that particular issue. You would then no
>>>>>> longer
>>>>>> be
>>>>>> offered that update because it is already installed - and remain
>>>>>> vulnerable do to your manual mis-configuration.
>>>>>>
>>>>>>> MS09-032 answers the question by describing a
>>>>>>> scenario of Vista and Win 2008 systems, not XP or Win 2003.
>>>>>>> Here's
>>>>>>> the
>>>>>>> FAQ
>>>>>>> I'm talking about:
>>>>>>>
>>>>>>> What would happen if I install this update and then undo the
>>>>>>> workaround from
>>>>>>> Microsoft Security Advisory 972890?
>>>>>>>
>>>>>>> In this scenario, customers of Windows Vista and Windows Server
>>>>>>> 2008
>>>>>>> install
>>>>>>> this security update for defense-in-depth and then either
>>>>>>> manually
>>>>>>> undo the
>>>>>>> workaround from Microsoft Security Advisory 972890, or use the
>>>>>>> automated
>>>>>>> Microsoft Fix it solution in Microsoft Knowledge Base Article
>>>>>>> 972890
>>>>>>> to
>>>>>>> disable the workaround. Such customers will no longer prevent
>>>>>>> the
>>>>>>> Microsoft
>>>>>>> Video ActiveX Control from running in Internet Explorer, making
>>>>>>> their
>>>>>>> systems
>>>>>>> vulnerable. Also, such systems will not be reoffered this update
>>>>>>> since
>>>>>>> future
>>>>>>> detection results will yield the successful installation that
>>>>>>> was
>>>>>>> undone by
>>>>>>> workaround.
>>>>>>
>>>>>> Clear as mud...
>>>>>>
>>>>>> For people between the ages of 20 and 57, it is not a good idea
>>>>>> to
>>>>>> stick
>>>>>> your fingers in an energized lightbulb socket. <!--colorc--><!--/colorc--><!--colorc--><!--/colorc--><!--colorc--><!--/colorc-->

 

Well, one assumes all of those other updates have been installed already,
doesn't one?

And if they hadn't been installed already, chances are that user's
encountered far worse problems by now. <eg>


FromTheRafters wrote:<!--coloro:blue--><span style="color:blue <!--/coloro-->
> From
>
> What kill bits does this Cumulative Security Update of ActiveX Kill Bits
> contain?
> This Cumulative Security Update of ActiveX Kill Bits contains all kill
> bits previously released in MS08-023, Security Update of ActiveX Kill
> Bits; MS08-032, Cumulative Security Update of ActiveX Kill Bits; and
> advisories entitled Update Rollup for ActiveX Kill Bits, Microsoft
> Security Advisory 953839, Microsoft Security Advisory 956391, Microsoft
> Security Advisory 960715, and Microsoft Security Advisory 969898.
>
> "PA Bear [MS MVP]" <PABearMVP@gmail.com> wrote in message
> news:ej7bSiMCKHA.4432@TK2MSFTNGP05.phx.gbl...<!--coloro:green--><span style="color:green <!--/coloro--><!--coloro:darkred--><span style="color:darkred <!--/coloro-->
>>> The update does other things...<!--colorc--><!--/colorc-->
>>
>> Such as...?
>>
>> With all due respect, MS09-032 only addresses MS Video ActiveX Control
>> Vulnerability - CVE-2008-0015, as does the FixIt some had used before
>> MS09-032 was released. See the Vulnerability Information section of
>>
>> --
>> ~PA Bear
>>
>>
>> FromTheRafters wrote:<!--coloro:darkred--><span style="color:darkred <!--/coloro-->
>>> The vulnerability is addressed by the registry setting (whether done
>>> manually or automatically). The update does other things *plus* makes
>>> the appropriate registry setting. If a user applies the"workaround"
>>> the
>>> user should still apply the update. After applying the update, it
>>> would
>>> be a mistake to "undo" the workaround, making the system vulnerable
>>> again, *plus* making it so that the update is not offered again even
>>> though the system is now vulnerable to one of the things that the
>>> update
>>> addressed.
>>>
>>> "ET" <et@microsoft.com> wrote in message
>>> news:1795F85C-CD97-4561-B7CD-E79F113321E2@microsoft.com...
>>>> It is recommended to install the update even if you have done the
>>>> work
>>>> around.
>>>>
>>>> --
>>>> ET
>>>> PSS
>>>>
>>>>
>>>> "FromTheRafters" wrote:
>>>>
>>>>> Regarding that particular vulnerability, yes.
>>>>>
>>>>> It is still a good idea to get the update rather than to rely on
>>>>> only
>>>>> the workaround. The update does other things as well as address
>>>>> that
>>>>> vulnerability.
>>>>>
>>>>> "Sandy Wood" <sandy.wood@nospam.com> wrote in message
>>>>> news:46A498EB-F6D7-424B-A10E-4B53C4EBAC03@microsoft.com...
>>>>>> So it sounds like the update does the same thing as the
>>>>>> workaround!
>>>>>> --
>>>>>> Sandy Wood
>>>>>> Orange County District Attorney
>>>>>>
>>>>>>
>>>>>> "FromTheRafters" wrote:
>>>>>>
>>>>>>> "Sandy Wood" <sandy.wood@nospam.com> wrote in message
>>>>>>> news:A3737A7F-81DA-49E0-A6E5-43A6B4CC9CBA@microsoft.com...
>>>>>>>> The security bulletin for MS09-032 fixes an ActiveX
>>>>>>>> vulnerability
>>>>>>>> first
>>>>>>>> described in Security Advisory 972890. We applied the workaround
>>>>>>>> described
>>>>>>>> there for our XP and Windows 2003 systems.
>>>>>>>
>>>>>>> Apparently the "workaround" does the same thing that the "update"
>>>>>>> does
>>>>>>> regarding that vulnerability. The update addresses other items
>>>>>>> though,
>>>>>>> and should be taken advantage of.
>>>>>>>
>>>>>>>> Now that the Security Bulletin is
>>>>>>>> released we're wondering what would happen should we apply
>>>>>>>> MS09-032
>>>>>>>> and then
>>>>>>>> undo the fix in 927890.
>>>>>>>
>>>>>>> You would be "updated" but then you would be undoing that part of
>>>>>>> the
>>>>>>> update that addresses that particular issue. You would then no
>>>>>>> longer
>>>>>>> be
>>>>>>> offered that update because it is already installed - and remain
>>>>>>> vulnerable do to your manual mis-configuration.
>>>>>>>
>>>>>>>> MS09-032 answers the question by describing a
>>>>>>>> scenario of Vista and Win 2008 systems, not XP or Win 2003.
>>>>>>>> Here's
>>>>>>>> the
>>>>>>>> FAQ
>>>>>>>> I'm talking about:
>>>>>>>>
>>>>>>>> What would happen if I install this update and then undo the
>>>>>>>> workaround from
>>>>>>>> Microsoft Security Advisory 972890?
>>>>>>>>
>>>>>>>> In this scenario, customers of Windows Vista and Windows Server
>>>>>>>> 2008
>>>>>>>> install
>>>>>>>> this security update for defense-in-depth and then either
>>>>>>>> manually
>>>>>>>> undo the
>>>>>>>> workaround from Microsoft Security Advisory 972890, or use the
>>>>>>>> automated
>>>>>>>> Microsoft Fix it solution in Microsoft Knowledge Base Article
>>>>>>>> 972890
>>>>>>>> to
>>>>>>>> disable the workaround. Such customers will no longer prevent
>>>>>>>> the
>>>>>>>> Microsoft
>>>>>>>> Video ActiveX Control from running in Internet Explorer, making
>>>>>>>> their
>>>>>>>> systems
>>>>>>>> vulnerable. Also, such systems will not be reoffered this update
>>>>>>>> since
>>>>>>>> future
>>>>>>>> detection results will yield the successful installation that
>>>>>>>> was
>>>>>>>> undone by
>>>>>>>> workaround.
>>>>>>>
>>>>>>> Clear as mud...
>>>>>>>
>>>>>>> For people between the ages of 20 and 57, it is not a good idea
>>>>>>> to
>>>>>>> stick
>>>>>>> your fingers in an energized lightbulb socket.<!--colorc--><!--/colorc--><!--colorc--><!--/colorc--><!--colorc--><!--/colorc-->