KB891711 on Win9x/ME has been updated

[David H. Lipman]

This is a repost from an original by; Microsoft MVP Robear Dyer concerning an issue noted
with KB891711 on Win9x/ME platforms and had been noted as problematic in *many* News Groups
in the beginning to mid-March..

~~~~~~~~~~~~~~~~~

Microsoft Security Bulletin MS05-002: Vulnerability in Cursor and Icon
Format Handling Could Allow Remote Code Execution (891711):
http://www.microsoft.com/technet/Sec.../ms05-002.mspx

<quote>
Why was this security bulletin updated on April 12, 2005?

After the release of the MS05-002 security bulletin, Microsoft became aware
of an issue affecting customers deploying the Windows 98, 98SE and ME
security update. In most cases, the issue caused machines to unexpectedly
restart.

Microsoft has investigated this issue and has made available revised
security updates for these platforms. These revised security updates are
available from Windows Update and the Microsoft Download Center. Customers
who have not yet applied the original version of these updates should visit
Windows Update to receive the revised updates.

[NB:] Customers who have already applied the original Windows 98, 98SE and
ME security update are advised to install the current revision of the update
from Windows Update.

<snip>

Are Windows 98, Windows 98 Second Edition, or Windows Millennium Edition
critically affected by any of the vulnerabilities that are addressed in this
security bulletin?

Yes. Windows 98, Windows 98 Second Edition, and Windows Millennium Edition
are critically affected by this vulnerability. A Critical security update
for these platforms is available and is provided as part of this security
bulletin and can be downloaded only from the Windows Update Web site.
[Emphasis added]
</quote>

Thanks to all those who called MS at 1-866-PCSAFETY about the bug in 891711
as released in Feb-05. Your documentation of the problems caused by 891711
played a major role in getting them fixed.

AFAIK KB891711 should no longer load at Startup and display as a running
Process.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

[JD]

On 12-Apr-05 14:18, David H. Lipman wrote:

> This is a repost from an original by; Microsoft MVP Robear Dyer concerning an issue noted
> with KB891711 on Win9x/ME platforms and had been noted as problematic in *many* News Groups
> in the beginning to mid-March..
>
> ~~~~~~~~~~~~~~~~~
>
> Microsoft Security Bulletin MS05-002: Vulnerability in Cursor and Icon
> Format Handling Could Allow Remote Code Execution (891711):
> http://www.microsoft.com/technet/Sec.../ms05-002.mspx
>
> <quote>
> Why was this security bulletin updated on April 12, 2005?
>
> After the release of the MS05-002 security bulletin, Microsoft became aware
> of an issue affecting customers deploying the Windows 98, 98SE and ME
> security update. In most cases, the issue caused machines to unexpectedly
> restart.
>
> Microsoft has investigated this issue and has made available revised
> security updates for these platforms. These revised security updates are
> available from Windows Update and the Microsoft Download Center. Customers
> who have not yet applied the original version of these updates should visit
> Windows Update to receive the revised updates.
>
> [NB:] Customers who have already applied the original Windows 98, 98SE and
> ME security update are advised to install the current revision of the update
> from Windows Update.
>
> <snip>
>
> Are Windows 98, Windows 98 Second Edition, or Windows Millennium Edition
> critically affected by any of the vulnerabilities that are addressed in this
> security bulletin?
>
> Yes. Windows 98, Windows 98 Second Edition, and Windows Millennium Edition
> are critically affected by this vulnerability. A Critical security update
> for these platforms is available and is provided as part of this security
> bulletin and can be downloaded only from the Windows Update Web site.
> [Emphasis added]
> </quote>
>
> Thanks to all those who called MS at 1-866-PCSAFETY about the bug in 891711
> as released in Feb-05. Your documentation of the problems caused by 891711
> played a major role in getting them fixed.
>
> AFAIK KB891711 should no longer load at Startup and display as a running
> Process.
>

Since they screwed to pooch on this update, is a 98SE user better off
removing this or letting MS fix the problem? I have the KB891711 loading
at start up and it didn't create any problems for me but I also see it
in Add/Remove programs so I could remove it before taking the new fix?

--
JD..

[David H. Lipman]

"JD" <JD@example.invalid> wrote in message
news:XuV6e.68903$cg1.10565@bgtnsc04-news.ops.worldnet.att.net...
| On 12-Apr-05 14:18, David H. Lipman wrote:
|
| > This is a repost from an original by; Microsoft MVP Robear Dyer concerning an issue
noted
| > with KB891711 on Win9x/ME platforms and had been noted as problematic in *many* News
Groups
| > in the beginning to mid-March..
| >
| > ~~~~~~~~~~~~~~~~~
| >
| > Microsoft Security Bulletin MS05-002: Vulnerability in Cursor and Icon
| > Format Handling Could Allow Remote Code Execution (891711):
| > http://www.microsoft.com/technet/Sec.../ms05-002.mspx
| >
| > <quote>
| > Why was this security bulletin updated on April 12, 2005?
| >
| > After the release of the MS05-002 security bulletin, Microsoft became aware
| > of an issue affecting customers deploying the Windows 98, 98SE and ME
| > security update. In most cases, the issue caused machines to unexpectedly
| > restart.
| >
| > Microsoft has investigated this issue and has made available revised
| > security updates for these platforms. These revised security updates are
| > available from Windows Update and the Microsoft Download Center. Customers
| > who have not yet applied the original version of these updates should visit
| > Windows Update to receive the revised updates.
| >
| > [NB:] Customers who have already applied the original Windows 98, 98SE and
| > ME security update are advised to install the current revision of the update
| > from Windows Update.
| >
| > <snip>
| >
| > Are Windows 98, Windows 98 Second Edition, or Windows Millennium Edition
| > critically affected by any of the vulnerabilities that are addressed in this
| > security bulletin?
| >
| > Yes. Windows 98, Windows 98 Second Edition, and Windows Millennium Edition
| > are critically affected by this vulnerability. A Critical security update
| > for these platforms is available and is provided as part of this security
| > bulletin and can be downloaded only from the Windows Update Web site.
| > [Emphasis added]
| > </quote>
| >
| > Thanks to all those who called MS at 1-866-PCSAFETY about the bug in 891711
| > as released in Feb-05. Your documentation of the problems caused by 891711
| > played a major role in getting them fixed.
| >
| > AFAIK KB891711 should no longer load at Startup and display as a running
| > Process.
| >
|
| Since they screwed to pooch on this update, is a 98SE user better off
| removing this or letting MS fix the problem? I have the KB891711 loading
| at start up and it didn't create any problems for me but I also see it
| in Add/Remove programs so I could remove it before taking the new fix?
|
| --
| JD..

You are better off upgrading to WinXP ;-)

Win98 is reaching its End of Life (EoL) and at that point, there will be nor more
cpmpatibility testing nor security patches for Win98.

Otherwise -- If your system was working properly with the patch, then keep it. It is
doubtful (but never guranteed) that the updated patch will cause detriment.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

[Stephen Howard]

On Tue, 12 Apr 2005 19:18:39 GMT, "David H. Lipman"
<DLipman~nospam~@Verizon.Net> wrote:

>This is a repost from an original by; Microsoft MVP Robear Dyer concerning an issue noted
>with KB891711 on Win9x/ME platforms and had been noted as problematic in *many* News Groups
>in the beginning to mid-March..
>
>~~~~~~~~~~~~~~~~~
Thanks for the heads up.

Regards,



--
Stephen Howard - Woodwind repairs & period restorations
www.shwoodwind.co.uk
Emails to: showard{whoisat}shwoodwind{dot}co{dot}uk

[Mich]

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:jaV6e.14296$nH4.1196@trndny05...
> This is a repost from an original by; Microsoft MVP Robear Dyer concerning
an issue noted
> with KB891711 on Win9x/ME platforms and had been noted as problematic in
*many* News Groups
> in the beginning to mid-March..
>
> ~~~~~~~~~~~~~~~~~
>
> Microsoft Security Bulletin MS05-002: Vulnerability in Cursor and Icon
> Format Handling Could Allow Remote Code Execution (891711):
> http://www.microsoft.com/technet/Sec.../ms05-002.mspx
>
> <quote>
> Why was this security bulletin updated on April 12, 2005?
>
> After the release of the MS05-002 security bulletin, Microsoft became
aware
> of an issue affecting customers deploying the Windows 98, 98SE and ME
> security update. In most cases, the issue caused machines to unexpectedly
> restart.
>
> Microsoft has investigated this issue and has made available revised
> security updates for these platforms. These revised security updates are
> available from Windows Update and the Microsoft Download Center. Customers
> who have not yet applied the original version of these updates should
visit
> Windows Update to receive the revised updates.
>
> [NB:] Customers who have already applied the original Windows 98, 98SE and
> ME security update are advised to install the current revision of the
update
> from Windows Update.
>
> <snip>
>
> Are Windows 98, Windows 98 Second Edition, or Windows Millennium Edition
> critically affected by any of the vulnerabilities that are addressed in
this
> security bulletin?
>
> Yes. Windows 98, Windows 98 Second Edition, and Windows Millennium Edition
> are critically affected by this vulnerability. A Critical security update
> for these platforms is available and is provided as part of this security
> bulletin and can be downloaded only from the Windows Update Web site.
> [Emphasis added]
> </quote>
>
> Thanks to all those who called MS at 1-866-PCSAFETY about the bug in
891711
> as released in Feb-05. Your documentation of the problems caused by
891711
> played a major role in getting them fixed.
>
> AFAIK KB891711 should no longer load at Startup and display as a running
> Process.
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> http://www.ik-cs.com/got-a-virus.htm
>
>

It gave me problems too, I just uninstalled it, and all was good again.
Glad to see they noticed within two weeks.
Mich...

[JD]

On 12-Apr-05 14:59, David H. Lipman wrote:

> "JD" <JD@example.invalid> wrote in message
> news:XuV6e.68903$cg1.10565@bgtnsc04-news.ops.worldnet.att.net...
> | On 12-Apr-05 14:18, David H. Lipman wrote:
> |
> | > This is a repost from an original by; Microsoft MVP Robear Dyer concerning an issue
> noted
> | > with KB891711 on Win9x/ME platforms and had been noted as problematic in *many* News
> Groups
> | > in the beginning to mid-March..
> | >
> | > ~~~~~~~~~~~~~~~~~
> | >
> | > Microsoft Security Bulletin MS05-002: Vulnerability in Cursor and Icon
> | > Format Handling Could Allow Remote Code Execution (891711):
> | > http://www.microsoft.com/technet/Sec.../ms05-002.mspx
> | >
> | > <quote>
> | > Why was this security bulletin updated on April 12, 2005?
> | >
> | > After the release of the MS05-002 security bulletin, Microsoft became aware
> | > of an issue affecting customers deploying the Windows 98, 98SE and ME
> | > security update. In most cases, the issue caused machines to unexpectedly
> | > restart.
> | >
> | > Microsoft has investigated this issue and has made available revised
> | > security updates for these platforms. These revised security updates are
> | > available from Windows Update and the Microsoft Download Center. Customers
> | > who have not yet applied the original version of these updates should visit
> | > Windows Update to receive the revised updates.
> | >
> | > [NB:] Customers who have already applied the original Windows 98, 98SE and
> | > ME security update are advised to install the current revision of the update
> | > from Windows Update.
> | >
> | > <snip>
> | >
> | > Are Windows 98, Windows 98 Second Edition, or Windows Millennium Edition
> | > critically affected by any of the vulnerabilities that are addressed in this
> | > security bulletin?
> | >
> | > Yes. Windows 98, Windows 98 Second Edition, and Windows Millennium Edition
> | > are critically affected by this vulnerability. A Critical security update
> | > for these platforms is available and is provided as part of this security
> | > bulletin and can be downloaded only from the Windows Update Web site.
> | > [Emphasis added]
> | > </quote>
> | >
> | > Thanks to all those who called MS at 1-866-PCSAFETY about the bug in 891711
> | > as released in Feb-05. Your documentation of the problems caused by 891711
> | > played a major role in getting them fixed.
> | >
> | > AFAIK KB891711 should no longer load at Startup and display as a running
> | > Process.
> | >
> |
> | Since they screwed to pooch on this update, is a 98SE user better off
> | removing this or letting MS fix the problem? I have the KB891711 loading
> | at start up and it didn't create any problems for me but I also see it
> | in Add/Remove programs so I could remove it before taking the new fix?
> |
> | --
> | JD..
>
> You are better off upgrading to WinXP ;-)
>
> Win98 is reaching its End of Life (EoL) and at that point, there will be nor more
> cpmpatibility testing nor security patches for Win98.
>
> Otherwise -- If your system was working properly with the patch, then keep it. It is
> doubtful (but never guranteed) that the updated patch will cause detriment.
>

If it aint' broke, don't fix it. MS has extended support for 98SE until
June 2006? Something like that. I run two identical computers so I have
a backup and they both run 998SE. Can't easily do that with XP.

No problems, so far, with the patch but I don't like it running in the
background. Since it can be easily removed I thought I'd remove it and
take the new patch.

--
JD..

[Gabriele Neukam]

On that special day, David H. Lipman, (DLipman~nospam~@Verizon.Net)
said...

> AFAIK KB891711 should no longer load at Startup and display as a running
> Process.

(sigh of relief) Finally.


Gabriele Neukam

Gabriele.Spamfighter.Neukam@t-online.de


--
Ah, Information. A property, too valuable these days, to give it away,
just so, at no cost.

[optikl]

Gabriele Neukam wrote:
> On that special day, David H. Lipman, (DLipman~nospam~@Verizon.Net)
> said...
>
>
>>AFAIK KB891711 should no longer load at Startup and display as a running
>>Process.
>
>
> (sigh of relief) Finally.
>
>
> Gabriele Neukam
>
> Gabriele.Spamfighter.Neukam@t-online.de
>
>
That's not the case on my 98Se machine. It's still there.

[JD]

On 13-Apr-05 17:41, optikl wrote:

> Gabriele Neukam wrote:
>
>> On that special day, David H. Lipman, (DLipman~nospam~@Verizon.Net)
>> said...
>>
>>
>>> AFAIK KB891711 should no longer load at Startup and display as a running
>>> Process.
>>
>>
>>
>> (sigh of relief) Finally.
>>
>> Gabriele Neukam
>> Gabriele.Spamfighter.Neukam@t-online.de
>>
> That's not the case on my 98Se machine. It's still there.

Here's what I did: I used msconfig to disable it from Startup, rebooted,
then used Add/Remove to remove it and then took the update again and
it's no longer in Startup.

--
JD..

[Will Dormann]

optikl wrote:
> Gabriele Neukam wrote:
>
>> On that special day, David H. Lipman, (DLipman~nospam~@Verizon.Net)
>> said...
>>
>>
>>> AFAIK KB891711 should no longer load at Startup and display as a running
>>> Process.
>>
>>
>>
>> (sigh of relief) Finally.
>>
>> Gabriele Neukam
>> Gabriele.Spamfighter.Neukam@t-online.de
>>
> That's not the case on my 98Se machine. It's still there.


I believe the process is hidden from the Windows task manager, but is
still visible from Wintop or other similar applications.


--
-WD