KB3097877 Causing Severe Difficulties For Some Windows 7 Users November 2015 Windows Updates

Malware Download

KB3097877 causing severe difficulties for some Windows 7 users November 2015 Windows updates. We are seeing numerous reports from Windows 7 users about difficulties logging on to windows after doing the November 2015 patch Tuesday updates. We are also hearing about crashes in Outlook 2010 and 2013 when viewing HTML emails. We also are hearing about crashes in gadgets in windows sidebar on Windows 7 computers. ( Gadgets have been deprecated and are not recommended for use any longer due to security issues. I seem to remember an earlier GDIplus or win32k.sys update having similar gadget issues )

All the problems appear to be caused by KB3097877 which is part of a vital security update included in MS15-115 This update is a security update that updates Win32k.sys and Gdiplus.dll to help prevent a remote code execution if an attacker convinces a user to open a specially crafted document or to go to an untrusted webpage that contains embedded fonts.

Best advice we can give at the moment is NOT to install KB3097877 on any Windows7 computer until Microsoft have investigated and issued a workaround or revised patch.

If you are suffering from Crashes in Outlook, then uninstall KB3097877

If you are amongst the very unfortunate, unlucky people who cannot log on to windows after installing this patch, I really don’t have an answer yet but will update as soon as I can find a fix and a way for you to uninstall the patch without being logged on.

Update: it appears the simplest fix for the unable to log in will be to boot to recovery options and uninstall the offending KB3097877 by using a command line instruction ( most W7 computers should have the recovery console inbuilt) see https://windows.microsoft.com/en-gb/windows/what-are-system-recovery-options#what-are-system-recovery-options=windows-7

To open the System Recovery Options menu on your computer

1. Remove all floppy disks, CDs, and DVDs from your computer, and then restart your computer using the computer’s power button.
2. Do one of the following:

  • If your computer has a single operating system installed, press and hold the F8 key as your computer restarts. You need to press F8 before the Windows logo appears. If the Windows logo appears, you need to try again by waiting until the Windows logon prompt appears, and then shutting down and restarting your computer.
  • If your computer has more than one operating system, use the arrow keys to highlight the operating system you want to repair, and then press and hold F8.

3. On the Advanced Boot Options screen, use the arrow keys to highlight Repair your computer, and then press Enter. (If Repair your computer isn’t listed as an option, then your computer doesn’t include preinstalled recovery options, or your network administrator has turned them off.)
4. Select a keyboard layout, and then click Next.
5. On the System Recovery Options menu, click a tool to open it.
6. Select Command Prompt
7. Type or paste this line in to the cmd prompt window ( be careful to type it exactly with all punctuation marks)
dism /image:X:\ /remove-package /packagename:Package_for_KB3097877~31bf3856ad364e35~amd64~~6.1.1.1 /scratchdir:X:\temp ( where X is the drive that windows is installed on, If using the inbuilt recovery console it will normally be C:)

If you do not have the recovery console preinstalled then you will need to use a copy of the windows 7 installation media ( dvd)

To open the System Recovery Options menu using the Windows 7 installation disc or a USB flash drive, or a system repair disc

If your computer’s system is severely damaged and you can’t access the System Recovery Options menu on your computer, you can access it using the Windows 7 installation disc or a USB flash drive, or using a system repair disc if you created one earlier.

To use this method, you need to restart (boot) your computer using the disc or USB flash drive.

1. Insert the Windows 7 installation disc or USB flash drive, or a system repair disc, and then shut down your computer.
2. Restart your computer using the computer’s power button.
3. When prompted, press any key, and then follow the instructions that appear.
4. On the Install Windows page, or on the System Recovery Options page, choose your language and other preferences, and then click Next.

5. If you are using the Windows installation disc or USB flash drive, click Repair your computer.
6. Select the Windows installation you want to repair, and then click Next.
7. On the System Recovery Options menu, click a tool to open it.
8. Select command prompt
9. Type or paste this line in to the cmd prompt window ( be careful to type it exactly with all punctuation marks)
dism /image:X:\ /remove-package /packagename:Package_for_KB3097877~31bf3856ad364e35~amd64~~6.1.1.1 /scratchdir:X:\temp ( where X is the drive that windows is installed on, If using the dvd or USB drive it will frequently be D: but could be any drive letter and should be quite easy to see from the cmd prompt window)
Microsoft have just posted an update to https://support.microsoft.com/en-us/kb/3097877 ( 11/11/2015, 22:26 UTC) that says

Known Issues In This Security Update

  • We are aware of reports of crashes in all supported versions of Microsoft Outlook that occur when users are reading certain emails after this update is installed.

 

We are investigating this issue and will update this article when further information is available.
They have still not admitted or acknowledged the more serious (although affecting fewer users) problem of being unable to log in and getting flashing screens or being unable to enter the user credentials ( user name and password)

Further Update : 12 November 2015. Microsoft now say they have reissued this update
This security update was rereleased on November 11, 2015 for Windows 7 and Windows Server 2008 R2 to resolve an issue where crashes occurred in all supported versions of Microsoft Outlook when users were reading certain emails.

However still no acknowledgement of log in issues, only crashes in Outlook
2nd Update 12 November 2015: Microsoft have reissued the reissued update with this statement ( Last Review: 11/12/2015 19:00:00 – Revision: 5.0)

This security update was rereleased on November 11, 2015, for Windows 7 and Windows Server 2008 R2 to resolve the following issues:

  • Resolves crashing that occurred in all supported versions of Microsoft Outlook when users were reading certain emails.
  • Resolves problems that occurred while users were logging on to the system. For example, after a user restarted the computer and then pressed Ctrl+Alt+Delete at the logon screen, the screen flashed and then went black. The user was then unable to continue. There may be other, similar logon issues that are related to this issue.

Update 13 November 2015: Microsoft have posted detailed instructions with pictures to show how to use the available options including recovery environment and the DISM commands to remove the buggy KB3097877 update for those Windows 7 users who cannot log on to windows.

Total
0
Shares
Leave a Reply

Your email address will not be published.

Related Posts