new_update

KB3097877 causing severe difficulties for some Windows 7 users November 2015 Windows updates. We are seeing numerous reports from Windows 7 users  about difficulties logging on to windows after doing the November 2015 patch Tuesday updates. We are also hearing about crashes in  Outlook 2010 and 2013 when viewing HTML emails.  We also are hearing about crashes in gadgets in windows sidebar on Windows 7 computers. ( Gadgets have been deprecated and are not recommended for use any longer due to security issues. I seem to remember an earlier GDIplus or win32k.sys update having similar gadget issues )

All the problems appear to be caused by  KB3097877 which is part of a vital security update included in MS15-115 This update is a security update that updates Win32k.sys and Gdiplus.dll to help prevent a remote code execution if an attacker convinces a user to open a specially crafted document or to go to an untrusted webpage that contains embedded fonts.

Best advice we can give at the moment is NOT to install KB3097877 on any Windows7 computer until Microsoft have investigated and issued a workaround or revised patch.

If you are suffering from Crashes in Outlook, then uninstall KB3097877

If you are amongst the very unfortunate, unlucky people who cannot log on to windows after installing this patch, I really don’t have an answer yet but will update as soon as I can find a fix and a way for you to  uninstall the patch without being logged on.

Update: it appears the simplest fix for the unable to log in will be to boot to recovery options and uninstall the offending KB3097877 by using a command line instruction ( most W7 computers should have the recovery console inbuilt) see http://windows.microsoft.com/en-gb/windows/what-are-system-recovery-options#what-are-system-recovery-options=windows-7

To open the System Recovery Options menu on your computer

  1. Remove all floppy disks, CDs, and DVDs from your computer, and then restart your computer using the computer’s power button.

  2. Do one of the following:

    • If your computer has a single operating system installed, press and hold the F8 key as your computer restarts. You need to press F8 before the Windows logo appears. If the Windows logo appears, you need to try again by waiting until the Windows logon prompt appears, and then shutting down and restarting your computer.

    • If your computer has more than one operating system, use the arrow keys to highlight the operating system you want to repair, and then press and hold F8.

  3. On the Advanced Boot Options screen, use the arrow keys to highlight Repair your computer, and then press Enter. (If Repair your computer isn’t listed as an option, then your computer doesn’t include preinstalled recovery options, or your network administrator has turned them off.)

  4. Select a keyboard layout, and then click Next.

  5. On the System Recovery Options menu, click a tool to open it.

  6. Select Command Prompt
  7. Type or paste this line in to the cmd prompt window  ( be careful to type it exactly with all punctuation marks)
    dism /image:X:\ /remove-package /packagename:Package_for_KB3097877~31bf3856ad364e35~amd64~~6.1.1.1 /scratchdir:X:\temp   ( where X is the drive that windows is installed on, If using the inbuilt recovery console it will normally be C:)

If you do not have the recovery console preinstalled then you will need to use a copy of the windows 7 installation media ( dvd)
To open the System Recovery Options menu using the Windows 7 installation disc or a USB flash drive, or a system repair disc

If your computer’s system is severely damaged and you can’t access the System Recovery Options menu on your computer, you can access it using the Windows 7 installation disc or a USB flash drive, or using a system repair disc if you created one earlier.

To use this method, you need to restart (boot) your computer using the disc or USB flash drive.

  1. Insert the Windows 7 installation disc or USB flash drive, or a system repair disc, and then shut down your computer.

  2. Restart your computer using the computer’s power button.

  3. When prompted, press any key, and then follow the instructions that appear.

  4. On the Install Windows page, or on the System Recovery Options page, choose your language and other preferences, and then click Next.

  5. If you are using the Windows installation disc or USB flash drive, click Repair your computer.

  6. Select the Windows installation you want to repair, and then click Next.

  7. On the System Recovery Options menu, click a tool to open it.

  8. Select command prompt
  9. Type or paste this line in to the cmd prompt window   ( be careful to type it exactly with all punctuation marks)
    dism /image:X:\ /remove-package /packagename:Package_for_KB3097877~31bf3856ad364e35~amd64~~6.1.1.1 /scratchdir:X:\temp   ( where X is the drive that windows is installed on, If using the dvd or USB drive it will frequently be D: but could be any drive letter and should be quite easy to see from the cmd prompt window)
Microsoft have just posted an update to https://support.microsoft.com/en-us/kb/3097877  ( 11/11/2015, 22:26 UTC)  that says

Known issues in this security update

  • We are aware of reports of crashes in all supported versions of Microsoft Outlook that occur when users are reading certain emails after this update is installed.

We are investigating this issue and will update this article when further information is available.

They have still not admitted or acknowledged the more serious (although affecting fewer users) problem of being unable to log in and getting flashing screens or being unable to enter the user credentials ( user name and password)
Further Update : 12 November 2015. Microsoft now say they have reissued this update
This security update was rereleased on November 11, 2015 for Windows 7 and Windows Server 2008 R2 to resolve an issue where crashes occurred in all supported versions of Microsoft Outlook when users were reading certain emails.
However still no acknowledgement of log in issues, only crashes in Outlook
2nd Update 12 November 2015: Microsoft have reissued the reissued update with this statement ( Last Review: 11/12/2015 19:00:00 – Revision: 5.0)

This security update was rereleased on November 11, 2015, for Windows 7 and Windows Server 2008 R2 to resolve the following issues:

  • Resolves crashing that occurred in all supported versions of Microsoft Outlook when users were reading certain emails.
  • Resolves problems that occurred while users were logging on to the system. For example, after a user restarted the computer and then pressed Ctrl+Alt+Delete at the logon screen, the screen flashed and then went black. The user was then unable to continue. There may be other, similar logon issues that are related to this issue.

Update 13 November 2015: Microsoft have posted detailed instructions with pictures to show how to use the available options including  recovery environment and the DISM commands to remove the buggy KB3097877 update for those Windows 7 users who cannot log on to windows.

 



 

Leave a Reply

109 Comments on "KB3097877 causing severe difficulties for some Windows 7 users November 2015 Windows updates"

Notify of
avatar
10000

Sort by:   newest | oldest | most voted
Chris Appel
Guest
Chris Appel
11 November 2015 6:06 pm 6:06 pm

Seeing flashing screen just after seeing login prompt on Dell Latitude 7450 with KB3097877, unable to login locally, remoted into machine adn uninstalled patch adn then was able to login normally.

James Myers
Guest
James Myers
12 November 2015 10:16 am 10:16 am

Nice one mate. Good lateral thinking sorted my issue out as that file path above I think is not universal. This seem’s to work flawlessly.

Anonymous
Guest
Anonymous
11 November 2015 6:35 pm 6:35 pm

After installing this, the monitor turns off like the GPU is resetting itself, then I get a black screen with a white cursor. Can’t do anything except insert the Windows 7 install CD and run a system restore.

Darren Coventry
Guest
Darren Coventry
11 November 2015 6:55 pm 6:55 pm

I have this issue, login background screen loads and starts flashing but no option to login, tried starting in safe mode and safe mode with cmd prompt but just loads the above and that’s it.

george allen
Guest
george allen
12 November 2015 9:36 am 9:36 am

darren – if you haven’t cracked it yet – select the “first” option “repair your computer” (the one already highlighted).
I tried safe mode with networking etc and non of them worked. The first one got me to sys restore and it worked a treat.

Zara
Guest
Zara
21 November 2015 6:19 pm 6:19 pm

My acer requires an admin password to get to the restore page, no idea how to get round this any ideas? No idea what the password is either

Brian
Guest
Brian
11 November 2015 6:57 pm 6:57 pm

If you cannot login, I just fixed a sale’s guy machine by restarting machine, smash F8 until you get the advanced boot options screen, go to Windows Restore and restore to yesterday’s date. Once finished, go in and turn off automatic updating (or at least tell it to require your permission to install updates). In the meantime, wait for Microsoft to pull the rouge update.

Beek
Guest
Beek
11 November 2015 7:33 pm 7:33 pm

I tried and it wouldn’t do a restore to yesterdays date, or any other date.

Selby
Guest
Selby
11 November 2015 7:25 pm 7:25 pm

Potentially found a fix for this issue.

You’ll need a recovery cd/usb

In the recovery console get to a command prompt
from there type:

dism /image:d:\ /remove-package /packagename:Package_for_KB3097877~31bf3856ad364e35~amd64~~6.1.1.1 /scratchdir:d:\temp

The ” ~amd64~~ ” is for a 64bit system
I would assume you’d replace that with ” x86 ” for a 32bit copy of windows

jm
Guest
jm
12 November 2015 7:29 pm 7:29 pm

I am trying to use this command line to remove the update, but it is not working. I have an HP and the image is on D, but I can determine if this command line has any spaces that I am not typing in such as: is there a space between 6.1.1.1 /scratchdire:d:\temp??

i am getting Error: 1639 “The command-line is missing a required servicing command.

jm
Guest
jm
12 November 2015 8:19 pm 8:19 pm

ignore that – looks like it worked!

Leo
Guest
Leo
12 November 2015 8:37 pm 8:37 pm

How did you fix the error I keep getting that same error

Mish
Guest
Mish
12 November 2015 9:10 pm 9:10 pm

I kept getting the error as well and I found out it was because the path had spaces I wasn’t including. Hope this helps~

Mark
Guest
Mark
12 November 2015 8:59 pm 8:59 pm

Same solution we came up with. Boot to recovery console command prompt or Windows Preinstall Environment USB key and run:

dism /image:c:\ /remove-package /PackageName:Package_for_KB3097877~31bf3856ad364e35~amd64~~6.1.1.1

where c:\ is the drive letter of your OS partition

trackback

[…] Outlook issues after Windows update (11/11) (reddit.com)Crashes since 11/11/15 Updates in both Outlook 2010 and 2013… (Technet)KB3097877 causing severe difficulties for some Windows 7Facebook-Diskussion […]

Curly
Guest
Curly
11 November 2015 8:43 pm 8:43 pm

I have the same problem with windows 64 bit.

i have managed to get to a command prompt but i dont have the skills to develop the message to type in can anyone help with the correct command message please

Dave
Guest
Dave
11 November 2015 8:59 pm 8:59 pm

Thanks Selby … saved me a bunch of time, though I typed one of the ~ in as a hyphen so still had to use /get-packages and wade through to find the right one, only to see it was exactly as you typed 🙂 I’m back into Windows now anyway.

Curly – that dism line Selby showed above worked for me but you need to work out in the recovery cmd prompt which drive your Windows installation is on, and then that becomes the drive letter referenced in the /image and /scratchdir options (above Selby used d: but for me it was f:)

Good Luck!

Curly
Guest
Curly
11 November 2015 9:29 pm 9:29 pm

Thanks Dave & thanks Selby

I will give it a try !!

wpDiscuz