MS Critical Update KB911567

Hi,

This critical update is to patch problems with MS Outlook Express. I don't use this on my XP SP1 machine, but it is there behind the scenes. Do I need to apply this critical update?

Thanks

 

I'd say: Implement KB911567

KB911567 details a Windows Address Book File (.wab) vulnerability – which, if nothing else, probably should be patched simply because it might bite when one least expects it. Selectively rejecting updates will often have repercussions downstream, long after the details behind one's decision are forever lost. A person might, for example, decide to open a short-term e-mail account for a visiting friend or relative, using Outlook Express as the host – not remembering that many, many months ago, KB911567 was not implemented. Your friend or relative might have a compromised personal address book that he/she now downloads from his/her travelling floppy disk, and WHAM!

Per Microsoft Security Bulletin MS06-016, this vulnerability can be exploited outside of Outlook Express:



Outlook Express itself is quite safe these days – light-years beyond the swiss-cheesed worm trap of the early decade. If nothing else, I'd keep it up to date because you might never know when it will offer you some utility.

CrackMan
XP/IE6/SP2

 

Yesterdayevening a pc of a friend had the windows update feature in full automatic mode...
After the patch was automatically applied, this person (using outlook express as his e-mail program) had problems accessing his original adressbook with 1500+ contacts...
Although his original .wab adresbook file was left allone (seemingly not 2 be recognized as valid adress book anymore) he had the problem that an empty adressbook was made...
So the obvious way was importing his original adressbook to the automatically freshly created empty one... but... also the wab-importing program failed 2 do a normal import...
The only way to help him out was de-installing the KB911567 patch & the link related patches: KB908531, KB911562, KB912812...

This morning i contacted Microsoft with my findings... & just now i received the message that there is indeed something wrong with the KB911567 patch...

My advice out off experience: just 4 now temporarely skip this update please !

Original e-mail sent (in dutch) to Microsoft this morning:

The issue is in investigation at Microsoft & if they have updated the 4 patches i will place a download link 4 anybodies convenience here.

 

After reading the following, I now concur -- not because "unnecessary" updates should be ignored, but because KB911567 creates problems with unsent messages:

http://www.oehelp.com/OETips.aspx

Feelings about updates otherwise remain the same; I generally apply them even if they initially appear irrelevant.

CrackMan
XP/IE6/SP2

 

Re: MS Critical Update KB911567 REVISED

KB911567 is updated and should work now normally !
It is adviced to download this patch as soon as possible !
For the users who applied the 'old' KB911567 please read the FAQ section thoroughly because there is to be red (amongst other things) that the old KB911567 patch should be uninstalled first...
To aid you in your quest: see this link here

The download link is here

Title: Microsoft Security Bulletin Minor Revisions
Issued: April 26, 2006
********************************************************************

Summary
=======
The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.


Bulletin Information:
=====================

* MS06-016

- http://www.microsoft.com/technet/security/bulletin/ms06-016.mspx
- Reason for Revision: "Caveats" section updated due to new issues
discovered with the security update. Error message when you
open the Windows Address Book or you open Outlook Express
after you install cumulative security update.
- Originally posted: April 11, 2006
- Updated: April 26, 2006
- Bulletin Severity Rating: Important
- Version: 1.2

********************************************************************

Support:
========
Technical support resources can be found at:
http://go.microsoft.com/fwlink/?LinkId=21131

International customers can get support from their local Microsoft
subsidiaries. Phone numbers for international support can be found
at: http://support.microsoft.com/common/international.aspx

Microsoft Support Lifecycle for Business and Developer Software
===============================================================
The Microsoft Support Lifecycle policy provides consistent and
predictable guidelines for product support availability at the
time that the product is released. Under this policy, Microsoft
will offer a minimum of ten years of support. This includes five
years of Mainstream Support and five years of Extended Support for
Business and Developer products. Microsoft will continue to provide
security update support, at a supported Service Pack level, for a
minimum of ten years through the Extended support phase. For more
information about the Microsoft Support Lifecycle, visit
http://support.microsoft.com/lifecycle/ or contact your Technical
Account Manager.

 

Geoff:

Thanks for the heads-up.

CrackMan

 

Your welcome Crackman, that where this forum is all about: helping each other out !

 

Anybody who followed the KB911567 install guide lines AND had a adressbook with many e-mail groups inside them each containing several e-mail adresses has found out by now (as i did yesterday evening) that this importing procedure is a realpain...
All individual e-mail adresses with in those e-mail groups are all plunged in 1 gigantic adress book without any e-mail group being transfered let alone being imported neathly in those e-mail groups...
In my case 35 e-mail groups with in total 18000 individual e-mail adresses were imported (with over a 10 hours importing time) as 1 giant .wab file without e-mail group structure...
Do others have the same problem ?
If so did you found a workable solution for it ?

In the meantime i have contact with Microsoft again asking for a more suiteable solution...