Posted by: Ed Tittel
KB231010138 causes immediate Windows desktop problems, watch out for network security gotchas or worse from KB2310138
OK, so if you’re running Microsoft Security Essentials (MSE) installed then you must figure out what to do with an update that Microsoft pushed yesterday in its increasingly typical “2nd Patch Tuesday” release. This update is labeled KB2310138 though it is also entitled “Definition Update for Microsoft Windows Security Essentials” (which is something of a misnomer, because this actually refers to a KB article entitled “Description of Microsoft Security Essentials and of the definition file updates for beta version 2.0.0375.0” which really has nothing to do with this current update at all).
But what I experienced today on those machines where I do permit auto-updates to proceed (how else can we learn about these things? or find such gotchas?) is that applying this update causes Windows 7 to reset all known network types from “Home” or “Work” to “Public.” Of course, this immediately broke RDP access for me on my LAN since by default RDP is allowed on trusted networks, but blocked on untrusted one (which defines networks labeled “Public” by deliberate design).
Public network reassignment plays hob with all kinds of security stuff
I’ve also been followed online chatter about lots of other problems related to this update for those running Microsoft Security Essentials. Turns out that if you’ve ever installed another security package before using MSE, your machine may hang on the reboot after installing the patch, for which the only fix is to roll back to the LKGC or a restore point before installing the patch, then running a clean-up tool to remove all vestiges of the preceding security package. and trying again. Others have posted to report of issues related to MS Office network links failing (which I imagine is related to network security defaults). Seems like other bugbears are going to come pouring out of the woodwork as well, given the many other Windows widgets and behaviors that depend on secure network access.
Two observations about Windows Update KB2310138 dated 7/26/2011:
Don’t even think about rolling this out to your client base until the issues get addressed and fixed! (It takes no crystal ball to foresee some kind of follow-up, repair tool, or clean up effort appearing as soon as MS can whip something out.)
If you do work with machines for which auto-update is turned on (typical at home and in SOHO situations) be prepared for some clean-up work. For me, properly restoring the network type seemed to fix all of my problems — but then, I have messed with security software long enough to know that you never install a new such package on a Windows PC without first thoroughly cleaning up a prior such package beforehand.
Caveat emptor (or “downloador” if you prefer), baby! And for those who are compelled to ask “Who uses MSE anyway?” the answer may be surprising, given that it’s free for up to 10 PCs in home and SOHO situations, and available for generous corporate license terms. I use it in almost all of my VMs these days, because it is free and updates flow through the same mechanisms as OS updates. It’s adequate and too convenient not to use in such situations. I suspect there may be pockets of it in test and development labs, even in situations where more general licensing may not be in effect for corporate use.