Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


What’s Up with KB 3132372, KB 3133431 and Flash?

KB 3097877-to-update-or-not-to-updateKB 3132372, a Windows 10 patch for Flash, is one of the updates that caused issues not too long ago.

According to many users’ complaints, the update crashed Skype with an Exception code 0x8000000, among other issues with other applications.

Since Skype support team couldn’t communicate the problem (a.k.a. KB 3132372) with Microsoft, Skype disabled that part of the app that used Flash. This whole thing happened at the end of 2015 and the very beginning of 2016.

Microsoft was aware of the problem. The following information was added to the KB 3132372 article:

We are aware of limited application crashes that occur after this security update is installed on Windows 10.
To resolve this issue, install update 3133431.

What’s the deal with KB 3132372 and KB 3133431?

So, what went wrong and why are we here? Let’s go back to December 29 when Microsoft released the bad KB 3132372 patch. According to its title, the update addressed vulnerabilities in Adobe Flash Player in IE and Edge, particularly IE in Windows 8 and 8.1, Server 2012, 2012 R2, Windows 10, Windows 10 Threshold 2, and in Windows 10, Windows 10 Threshold’s Edge.

Then, problems emerged after users installed the update on Windows 10 machines. Microsoft had to do something as users were getting frustrated. The KB 3132372 article was soon updated:

Known issues in this security update
We are aware of limited application crashes that occur after this security update is installed on Windows 10.

Good to know that Microsoft is aware of the messes it causes!

Let’s forward a bit, to January 5, when Microsoft released the KB 3133431 patch that addressed the issues in Windows 10 brought by the 3132372 patch. Here’s what the article said:

Resolves a problem in which Adobe Flash Player does not load correctly in applications that are running in Internet Explorer or Microsoft Edge and that have Flash Player embedded. This problem occurs after security update 3132372 for Adobe Flash is installed on Windows 10.

Then, we get to Jan 12 Patch Tuesday, where the 3133431 patch was supposedly included. For the sake of experience sharing, we did not locate the update in any of the TechNet’s 2016 security bulletins. However, the update was installed on one of our machines (running Windows 8.1). What may have happened is the update was included in a cumulative update but was not mentioned anywhere. Not the first time something like that happens, perhaps not the last time. We will keep you posted if we get to know what the case is.

Here is its current description:

Resolves a problem in which Adobe Flash Player does not load correctly in applications that are running in Internet Explorer or Microsoft Edge and that have Flash Player embedded. This problem occurs after security update 3132372 for Adobe Flash is installed on Windows 8, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows 10, or Windows 10 Version 1511.

Let’s sum it up and try to see through the inconsistencies with the descriptions (KB articles) published by MS. First, Microsoft discovered and corrected problems with the patch in Windows 8 + 8.1, Windows Server 2012 + R2. Then, the update was pushed in the automatic Windows Update pile. This is when the KB 3133431 description was altered to match the newly discovered problems. Those alterations, however, weren’t published in the KB 3132372 article.

According to Microsoft’s ‘Description of Software Update Services and Windows Server Update Services changes in content for 2016’ (support.microsoft.com), the 3133431 patch is an:

Update for Internet Explorer Flash Player for Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 8, Windows RT, and Windows Server 2012 (KB3133431)

As pointed out by Infoworld’s Woody Leonhard who closely monitors MS activities, this patch never appeared on his Windows 10 test machines. Such a mess, isn’t it?

References

InfoWorld
Microsoft

Milena Dimitrova

An inspired writer, focused on user privacy and malicious software. Enjoys 'Mr. Robot' and fears '1984'.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.