Microsoft’s November Botched Updates Include KB 3003743, KB 2992611, IE11, EMET 5 and More

By: Radu Tyrsina
3 minute read

We talked about Patch Tuesday botched updates for the previous month of October, and now it’s worth taking into account problems related to this month. We are indeed a little late than the usual schedule, but we hope this will prove helpful for those in need.
november botched updates
It seems that the month of November has brought some of the most annoying botched updates of this year, as Woody Leonhard from Inforworld informs us. The security expert is always keeping an eye out for Black Tuesday patches and here’s what he had to report for the month of November.

KB 3003743, part of MS14-074

It seems that this specific update is breaking concurrent RDP sessions according to some forum posters who said the following:

Today’s updates includes KB3003743 and with it comes termsrv.dll version 6.1.7601.18637

KB 3003743 is also said to kill the NComputing’s virtualization software, according to some tweets. At the moment, there doesn’t seem to be an official fix for this, but you are advised to take the same steps as in the KB 2984972 patch.

KB 3003057, part of MS14-065

It seems that if you’re running IE11 and EMET, it’s important to move to the latest version, EMET 5.1, because if you want to install the KB 3003057 on EMET 5.0, it won’t work. And since not all users know that EMET 5.1 is out, a lot of compatibility issues have emerged.

If you are using Internet Explorer 11, either on Windows 7 or Windows 8.1, and have deployed EMET 5.0, it is particularly important to install EMET 5.1 as compatibility issues were discovered with the November Internet Explorer security update and the EAF+ mitigation. Yes, EMET 5.1 was just released on Monday.

KB 2992611

This is regarded as the ‘star’ of this month’s botched updates, and considered by many to be a quite serious security problem. KB 2992611 was rolled out to every Vista, Windows 7, Windows 8/8.1, and Windows Server 2003, 2008, 2008 R2, 2012, and 2012 R2 machine. Here’s what’s wrong with it, according to Microsoft:

TLS 1.2 connections are dropped, processes hang (stop responding), or services become intermittently unresponsive. You may also receive an error message that resembles the following in the System log in Event Viewer:

Log Name: System
Source: Schannel
Date: Date and time
Event ID: 36887
Task Category: None
Level: Error
Keywords:
User: SYSTEM
Computer: ComputerName
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

To solve issues, Microsoft instructs to delete the following registry values:

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,

TLS_RSA_WITH_AES_256_GCM_SHA384,

TLS_RSA_WITH_AES_128_GCM_SHA256.

But there seem still to be issues related to SQL servers’ functionality:

Security Update MS14-066 causes major performance problems in Microsoft Access/SQL Server applications… When the update is installed to a server running Microsoft SQL Server (So far, confirmed as issue with SQL Server 2008 R2, SQL Server 2012, SQL Server 2014) client applications that access the database via ODBC such as Microsoft Access clients pointing to SQL Tables encounter a major performance hit…

Our customers are reporting that this security update causes MAJOR performance problems in any Microsoft Access application with a SQL Server backend (any version). For example, a simple operation such as clicking from one line of an order to another (without performing ANY data updates) can take from 5 to 15 seconds! For users having to update hundreds of lines of orders, the application becomes nearly unusable – an activity that used to take 5 minutes could take hours.to complete.

Uninstalling the patch has proved to be a solution, but not for all. Here are some even more problems:

There are other problems. Poster Nicholas Piasecki says that installing KB 2992611 throws internal errors 1250 and 1051 when using Firefox, Chrome, and Safari (but IE was OK). Leon McCalla on the Microsoft Connect forum says that KB 2992611 breaks ODBC access in SQL Server 2008. Mike G on the Citrix forum reports that KB 2992611 breaks XML. Cristian Satnic at OdeToData posted his experiences with https problems using IIS and Chrome. Even Amazon Web Services acknowledges the problem — but doesn’t yet have a solution.

If you’re still having issues on your PC or you simply want to avoid them for the future, we recommend you to download this tool to fix various PC problems, such as file loss, malware and hardware failure.

That’s all for now. Leave your comment below and let us know if you have encountered another annoying issues related to the latest Windows Update cycle.

READ ALSO: Fix: Error 0x0000005D When Installing Windows 10

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patended Technologies (requires upgrade).

Discussions

Next up

Best Windows 10 antivirus software to use in 2018

By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809

iamsovy@gmail.com' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading