After users starting having problems with a Windows Vista update, KB937287, that is a prerequisite for service pack 1, Microsoft pulled the update from automatic distribution until they discovered what the problem is. All they have stated so far is that it has only affected a small number of users in certain unique circumstances, no cause for the problems have been given yet.
So far, we’ve been able to determine that this problem only affects a small number of customers in unique circumstances. We are working to identify possible solutions and will make the update available again shortly after we address the issue.
Customers who may be experiencing this issue can use system restore to correct it or contact 1-866-PC-Safety for help troubleshooting. Additional guidance will be available via Microsoft’s free Update Support Center soon. Source: Update on Windows Vista SP1 Prerequisite KB937287
Mary Jo has this to add:
Last week wasn’t the first time endless reboot problems were reported by Vista users. In fact, there were reports of endless-reboot-loop problems from some Vista SP1 users dating back to late January, before Microsoft distributed the prerequisites for SP1 — right around the time the company delivered the final bits (in the form of the Vista Service Pack 1 Release Candidate 1 Refresh 2 build). Source: Microsoft suspends distribution of Vista SP1 prerequisite update
The final release of Windows Vista Service Pack 1 is getting closer all the time as Microsoft has released the release candidate to Microsoft Connect and it will be available to TechNet and MSDN subscribers tomorrow and it will be available to the public next week. They also made Windows Server 2008 RC available and everyone can grab it here.
Let me call out several changes made since the Beta release of Service Pack 1 — many of which came about as a result of direct feedback from our Beta-testing community (thank you!):
- The size of the standalone installers have decreased significantly. For example, the standalone installer packages consisting of all 36 languages (x86 and x64 chip architectures) are smaller by over 50%. The standalone installer packages consisting of just the 5 languages (again, x86 and x64) slated for initial release are more than 30% smaller in size.
- The required amount of disc space for SP1 installation has also decreased significantly. Furthermore, with the RC, if more space is required to install SP1, an error message will now display exactly how much space is needed to complete the installation.
- Previous SP1 versions left behind a directory of files that wasn’t needed after installation and occupied about 1GB of space; the RC includes automatic disk clean-up to remove this directory.
- Installation reliability has been improved based on bug reports and error codes reported from Windows Update (thanks, Beta testers!). Testing shows that these improvements have significantly increased the proportion of successful installations of the RC.
- We’ve improved the user experience of installing SP1 via Windows Update. During the Beta release, users installed without much guidance from Windows Update. The RC now contains a series of screens with detailed information on SP1.
We also have information to share with IT professionals and system administrators regarding final plans for SP1: we’re on track to complete and release SP1 in the first quarter of 2008. When SP1 is complete and we reach our release to manufacturing (RTM) milestone, then shortly after the standalone installer will be released to the Web in two waves. The first wave will consist of the standalone installer (x86 and x64) for the 5 initial languages — English, French, Spanish, German and Japanese. These languages will be deployed shortly after the RTM milestone. The second wave will launch 8-12 weeks after the first and will consist of all remaining languages, for both chip architectures (x86 and x64). Source: Announcing Windows Vista SP1 Release Candidate (RC)
Looks like Microsoft has released beta versions of the service packs for Windows Vista and Windows XP.
Shhhh! Pre-beta Vista SP1 is out there Over the past couple of days, there have been new reports of sightings of the pre-beta of Windows Vista Service Pack (SP) 1. The reported build number: 6001.16549 (longhorn_sp1beta1.070628-1825). I?ve been getting tips over the past couple of weeks from testers who said they had the promised pre-beta. The tipsters all were referencing different build numbers. My first guess was the secrecy-obsessed Windows Vista team might be providing different testers with different build numbers in order to trace leaks.
Windows XP SP3 Released To Small Group (Updated) In addition to the previously reported Windows Vista SP1 drop to testers, Microsoft has just recently (few days ago) dropped a copy of Windows XP Service Pack 3 in the lap of the same small group of testers. Coming in at less than 350MB, the service pack includes fixes for over 900 reported problems, some of which have already been resolved with post-Service Pack 2 hot fixes. For the hardcore build string collectors, this build is tagged 5.1.2600.3180 (xpsp.070718-2058).
They have included several screenshots of both service packs.
Here are a couple Vista service pack 1 related stories.
Vista ReadyBoost Suckage & Vista resume sluggishness Problems with a computer resuming from S3/S4 sleep are related to the encryption key that is created with the Readyboost file. Apparently, the key is created once per windows session, so, sometimes when resuming from sleep, Vista realizes it needs to rebuild the Readyboost file because of the key, so, while it is trying to come out of sleep mode, while it is paging data to the memory, it is also rebuilding the Readyboost file. So, on resume, if you notice your computer thrashing the hard drive and poor resume performance, you know why. This is supposed to be fixed in Windows Vista SP1.
Vista SP1 beta 1 to launch in mid-July Looks like Microsoft is planning on beta testing the Vista SP1 in mid July with a final release date of November 2007.
Microsoft’s OEM catch-22: XP still in the driver’s seat Now more than half a year into the launch of Windows Vista, it’s beginning to look as though Microsoft may have a rebellion on its hands, at least in the corporate world. While Windows Vista continues to sell like hotcakes via OEMs to consumers, businesses are calling up those same OEMs and asking how they can get Windows XP instead.
Since Microsoft has decided to wait until Tuesday to release it’s patch for the latest Windows exploit, the WMF security flaw, F-Secure has posted on their site about a fix released by the author of Interactive Disassembler and probably one of the best low level Windows experts in the world, Ilfak Guilfanov. The fix is here.
Ilfak Guilfanov has published a temporary fix which does not remove any functionality from the system (all pictures and thumbnails continue to work normally).
The fix works by injecting itself to all processes loading USER32.DLL. It patches the Escape() function in GDI32.DLL, revoking WMF’s SETABORT escape sequence that is the root of the problem.
This flaw has already spawned dozens of attacks from a MSN Messenger worm to spam that tries to get users to click on malicious web sites.
The vulnerability can be easily exploited in Windows XP with Service Pack 1 and 2, as well as Windows Server 2003, security experts said. Older versions of the operating system, including Windows 2000 and Windows ME, are also at risk, though in those cases the flaw is more difficult to exploit, said Mikko Hypponen, chief research officer at F-Secure.
“We have seen dozens of different attacks using this vulnerability since Dec. 27,” Hypponen said. “One exploits image files and tries to get users to click on them; another is an MSN Messenger worm that will send the worm to people on your buddy list, and we have seen several spam attacks.”
He added that some of the spam attacks have been targeted to select groups, such as one that purports to come from the U.S. Department of State. The malicious e-mail tries to lure the user to open a map attachment and will then download a Trojan horse. The exploit will open a backdoor on the user’s system and allow sensitive files to be viewed.
A chief researcher at F-Secure said,
“We are still far away from a massive virus,” he said. “Most people get attacked by this if they (search for something on the Internet) and get a million results. They may click on a link that goes to a malicious Web site or one that has been hacked, and then get infected.”
In an article from News.com posted today, an antivirus specialist stated that over a million pc’s have been compromised,
More than a million PCs have already been compromised, said Andreas Marx, an antivirus software specialist at the University of Magdeburg in Germany. He has found a hidden Web site that shows how many copies of a program that installs malicious software have been delivered to vulnerable PCs.
“I’m sure it’s just a matter of days until the first (self-propagating) WMF worm will appear,” he said. “A patch is urgently needed.”
So, with Microsoft waiting until Tuesday, attackers are going to have about a week with no worries to try to take advantage of this. So far, most of the attacks have involved installing spyware and adware to display pop up advertising on the infected pc’s.
Microsoft has completed a fix for the problem and is currently testing and localizing the update into 23 languages, the software maker said in its advisory, updated on Tuesday. “Microsoft’s goal is to release the update on Tuesday, Jan. 10, 2006, as part of its monthly release of security bulletins,” the company said.
To protect Windows users, Microsoft shouldn’t wait, but release the patch now, several critics said.
“The flaw is actively exploited on multiple sites, and antivirus provides only limited protection,” said Johannes Ullrich, the chief research officer at the SANS Institute. “Active use of an exploit without sufficient mitigating measures should warrant the early release of a patch, even a preliminary, not fully tested patch.”
Once again, we see a large company not really caring about the users and all they are doing is creating even more ill will.
Added: One of the F-Secure researches stated that one of their test machines became infected after downloading an infected file using the Wget command line tool, without even executing it.
It seems that Google Desktop creates an index of the metadata of all images too, and it issues an API call to the vulnerable Windows component SHIMGVW.DLL to extract this info. This is enough to invoke the exploit and infect the machine. This all happens in realtime as Google Desktop contains a file system filter and will index new files in realtime.
You can use SPCheck to determine the service pack level of various installed components on Windows XP-based computers. SPCheck generates a report that lists the origin of each file for each installed component. SPCheck reports the current service pack level for the following components:
- Internet Protocol (TCP/IP)
- NWLink (IPX/SPX)
- Simple Network Management Protocol (SNMP)
- Client for Microsoft Networks
SPCheck examines each component, one file at a time. SPCheck must run under a security context that is equivalent to the local Administrator account. If SPCheck does not run under this security context, files may be reported as missing even though they are installed. SPCheck searches for files by using the PATH system environment variable. If files are reported as missing (although they are installed), make sure that the folder or folders in which the component is installed are included in the PATH system environment variable.
Click here for more.
Security boards are buzzing with warnings of a serious hole, but Microsoft is simply urging users to upgrade.
Microsoft always urges users to update programs when it ships a Service Pack, but an easily exploited Windows XP flaw makes it especially important that users of the operating system download and install the newly released SP1 promptly, several security experts warn.
The Win XP flaw is described as a still little-known but critical vulnerability, and is described as “trivially easy” to exploit by some who have studied it. It could allow files on any PC running Windows XP to be deleted simply by clicking on a malicious URL, according to bug hunter’s reports.
An exploit could be distributed by e-mail as a URL the recipient is invited to click, or posted in a newsgroup or on a Web page.
Click here for more.
Third-party program rescues Win XP users having trouble installing Microsoft’s update to fix serious flaw.
Windows XP users unable to successfully install the operating system’s first service pack face a bad choice: an unstable system or a vulnerable one with an extremely serious hole that the newly released SP1 corrects. Now, a software developer has released a freeware tool to block exploits of the previously undisclosed flaw–even without SP1.
The flaw, described on a handful of security message boards and revealed earlier this week, relates to the operation of Windows XP’s Help and Support Center’s “self healing” function. It could let a malicious cracker delete files by remote access. The exploit could be easily distributed as a URL in an e-mail or on a Web site.
Click here for more.
Users who forgo recently released SP1 risk a major vulnerability, as well as missing numerous small fixes.
Some Windows XP users are having trouble installing the operating system’s first service pack, bulging with bug fixes and updated drivers–and are judging the cure worse than the disease.
Although SP1 plugs a major hole in the OS, the fix has been painful for a tiny but vocal few of the estimated 1 million users who have downloaded the update, which Microsoft posted on September 9. For the vast majority, the download and installation has gone well, according to a Microsoft spokesperson, who calls the process “smoother than a lot of previous releases.”
But Internet support forums and e-mail to PC World from disgruntled users show that many people continue to have serious problems with the update. The chief complaint: PCs that run like molasses after installing SP1. Running a close second are reports that PCs refuse to restart after installation or become highly unstable. Some systems continuously reboots. Other users complain that applications won’t start or now crash repeatedly, including Microsoft’s own programs.
Click here for more.
After you install Windows XP Service Pack 1 (SP1), you may see a variety of errors relating to Windows XP SP1 client computers. These errors may include, but are not limited to the following errors:
When you open Microsoft Office files, they are opened as read-only (you have to click Save As to save a file).
You cannot copy files.
The file or the network path no longer exists.
Network paths are not accepted by any network provider.
Click here for more.