Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Pulls Some Non-Security Updates For Microsoft Office 2010, 2013 and 2016 That It Released Earlier This Month (betanews.com)

Posted by msmash on from the deja-vu dept.

Mark Wilson, writing for BetaNews: Having released a series of updates for Office 2010, 2013 and 2016 as part of this month's Patch Tuesday, Microsoft has now pulled two of them and advised sysadmins to uninstall the updates if they have already been installed. In both instances -- KB4461522 and KB2863821 -- Microsoft says that the problematic updates can lead to application crashes. While this is not as serious a problem as, say, data loss, it does little to quieten the fears that have been voiced about the quality control Microsoft has over its updates.

6 of 58 comments (clear)

  1. Kms bypass by AbRASiON · · Score: 2

    These updates didn't buy any chance mess with some of the kms activation cracks, did they? Hypothetically, of course! Just asking.

    Hypothetically 6 friends and family members all of a sudden, hypothetically may have contacted me.

    1. Re: Kms bypass by Anonymous Coward · · Score: 5, Interesting

      Those updates were made partially for the same reason everyone else made an update, which was a bug associated with SSL in the e-commerce space. Why havenâ(TM)t the other vendors recalled their patches? Does anyone know?

  2. New patch made available. by xack · · Score: 4, Funny

    You can download it here

    1. Re:New patch made available. by thegarbz · · Score: 3, Funny

      That patch broke the ribbon. There's a weird menu system that millenials don't know how to use.

  3. Those updates also disabled macros in Word by dhuv · · Score: 3, Informative

    Macros in Office are a big security issue. Once of those updates (I believe it was KB4461522) disabled macros even if the code was signed by Microsoft and is valid. Unfortunately we use this functionality at the moment and had to ask users to remove that update on affected systems.

  4. Re: Minor correction by Zocalo · · Score: 2

    Depends on your network requirements and your appetite for risk vs. saving time. Most of my clients run engineering networks with strict change control processes so patches are tested first and manually pushed via WSUS only when they're confident they won't cause any issues. I suspect that very few of them will have even pushed out the November security patches yet, let alone a couple of feature updates to amend the date format display for a single country, since they tend to rely on Defence in Depth to provide additional layers of security. Of course, if you don't have WSUS, then you don't have many options since MS doesn't have a simple way to automatically defer installation for a few days after release in case they should release yet another bad patch, although i guess you could do something with scripting.

    --
    UNIX? They're not even circumcised! Savages!