Kaseya Community

Microsoft Security Breach In IE - Disable IE temporarily?

  • Dantheman, have you scanned a machine?  The available patches update with every scan.

  • I need to release technet.microsoft.com/.../ms14-021 the patch just released today! I don't see it in approval by policy. I don't expect these quick turnarounds, but for this hopefully we can get it soon.

  • Kaseya leverages Windows Update.  If it's available using Windows Update it should be available in Kaseya all you have to do is scan a machine and it will update Kaseya.

  • One of the articles listed the wrong KB#. The correct one is KB2964358

  • From MS14-021:

    There are multiple updates listed for Internet Explorer 11. Do I need to install all the updates? 
    No. Depending on how your system is configured to receive updates, only one of the updates for Internet Explorer 11 may apply.

    For systems running Internet Explorer 11 on Windows 7 or Windows Server 2008 R2:

      • The 2964358 update is for systems that have the 2929437 update installed.
      • The 2964444 update is for systems without the 2929437 update installed.

    For systems running Internet Explorer 11 on Windows 8.1, Windows Server 2012 R2, or Windows RT 8.1:

      • The 2964358 update is for systems that have the 2919355 update installed.
      • The 2964444 update is for systems without the 2919355 update installed.

    For Internet Explorer 11, are there any prerequisites for the 2964358 update? 
    Yes. Customers running Internet Explorer 11 on Windows 8.1, Windows Server 2012 R2, or Windows RT 8.1, must first install the 2919355 update released in April, 2014 before installing the 2964358 update. For more information about this prerequisite update, see Microsoft Knowledge Base Article 2919355.

    Customers running Internet Explorer 11 on Windows 7 or Windows Server 2008 R2, must first install the 2929437 update released in April, 2014 before installing the 2964358 update. For more information about this prerequisite update, see Microsoft Knowledge Base Article 2929437.

  • Also note Microsoft made an exception for XP and the patch released today will include XP as well.  

  • Also for those who pushed the custom procedure:

    If you applied the workaround to unregister VGX.DLL, you do not have to undo this workaround before applying the security update. However, the security update will not re-register vgx.dll. See the Workarounds section for the vulnerability for steps on how to re-register vgx.dll.

    Note For users running 64-bit systems who applied the original unregister VGX.DLL workaround documented in version 1.0 of Microsoft Security Advisory 2963983, please apply the updated workaround as described in this security bulletin for 64-bit systems.

  • Patches are released in Kaseya