Updates 10/8/13 - Microsoft+Adobe Tuesday, Opera, WOT for FF

Malicious Software Removal Tool (MSRT, MRT) for October, version 5.5  

http://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx 

Adobe Flash Player 11.9.900.117 has been released.

Offering "new functionality and important bug fixes".

Direct downloads (no bundled junk) for Windows 7 and earlier:

Internet Explorer - http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_11_active_x.exe

Plugin-based browsers (Firefox etc) - http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_11_plugin.exe

Uninstaller (if needed) : http://download.macromedia.com/get/flashplayer/current/support/uninstall_flash_player.exe

(Note:  Users of IE10 on Win8 will receive a proprietary Flash update directly from Microsoft )

----------------------------------------------------------------------------

Also:  Adobe AIR 3.9.0.1030 (for those who have/use AIR)   http://get.adobe.com/air/ 

-----------------------------------------------------------------------------

Documentation (Release Notes):   http://helpx.adobe.com/en/flash-player/release-note/fp_119_air_39_release_notes.html

Adobe Reader for Windows, sequential update (starting from an installed base of 11.0.04) to 11.0.05  

http://www.adobe.com/support/downloads/detail.jsp?ftpID=5674 

EDIT:   These updates address a regression that occurred in version 11.0.04 affecting Javascript security controls. 

A reminder:   Microsoft had issued a temporary "fix it" for a 0-day IE vulnerability:  http://en.community.dell.com/support-forums/virus-spyware/f/3522/t/19525098.aspx

It is expected that today's Windows Updates will include a "permanent" fix for this issue.

Unfortunately, we never know in advance whether we should uninstall the temp fix before or after applying the permanent fix (or if we can simply leave the temp fix alone, coexisting with the permanent fix).   I think the safest option [for those who applied the temp fix] is to remove the temp fix first (by running the UN-do Fix-it #51002 included in the above link) BEFORE applying today's Windows Updates.

==================================================

EDIT:   Basically, the answer is that "anything goes" here -- the following has been copied/pasted from https://technet.microsoft.com/en-us/security/bulletin/ms13-080:

If I applied the automated Microsoft Fix it solution for Internet Explorer in Microsoft Security Advisory 2887505, do I need to undo the workaround before or after applying this update? 
No. Customers who implemented the Microsoft Fix it solution, "CVE-2013-3893 MSHTML Shim Workaround," in Microsoft Security Advisory 2887505, do not need to undo the Microsoft Fix it solution (neither) before (n)or after applying this update.

Note:  Although it is not necessary to undo the Microsoft Fix it solution, customers can follow the steps in Microsoft Security Advisory 2879017 to undo the Microsoft Fix it solution.

The following 4 updates are rated CRITICAL:

MS13-080  Cumulative Security Update for Internet Explorer (2879017)

MS13-081 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2870008)

MS13-082 Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2878890)

MS13-083 Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2864058)

==================================================================

The following 4 updates are rated IMPORTANT:

MS13-084 Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2885089)

MS13-085 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2885080) 

MS13-086 Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2885084)

MS13-087 Vulnerability in Silverlight Could Allow Information Disclosure (2890788)

WOW:   Looks like my Win7x64 Pro system needs 26 updates (19 for Windows, 6 for Office, 1 for Silverlight) totaling 161.7 MEG :emotion-7:

( ... and if I hadn't installed the MSRT earlier today, that would have added another)

WOW:   Looks like my Win7x64 Pro system needs 26 updates (19 for Windows, 6 for Office, 1 for Silverlight) totaling 161.7 MEG :emotion-7:

I don't know whether to feel cheated, or lucky, to only need 22 important updates (~128 MB) on my Win 7x64 Home Premium System! Not including the 21 optional updates (~80MB) which I never select.

This is madness. I hate Patch Tuesday ...

I have 28 Window Updates coming in on a Windows 7 Home-64 bit OS.  On a Windows 8 machine I have 18 coming in. This is a big update day.

No question, we've been seeing many more... and larger... updates the past few months.  

Not sure what to make of it.   On the one hand, it's obviously a nuisance... especially on a relatively slow 1 Mb DSL connection.   On the other hand, you have to give Microsoft credit for supplying these updates free to consumers ---- what other company [internet or real-world] offers free monthly updates/fixes on their products for YEARS!!???  None that I know of.

For those who might counter, "If Microsoft did it right in the first place, there wouldn't be an ongoing need for continual maintenance updates", I would reply that, as long as hackers are out there, capable of reverse-engineering every piece of computer code, we'll always be at their (the hackers) mercy.   It's NOT Microsoft's fault. 

Opera 17

Fixes and stability enhancements

General and User Interface

Opera 17 includes updates to the latest Chromium release, version 30.

New features

Pinned tabs

Opera 17 allows you to pin tabs on the tab bar. This can help prevent you from closing tabs accidentally.

Custom search

In addition to Opera's defaults, you can add custom search engines to your combined search and address bar in Opera 17.

Improvements

• Stability enhancements
• New startup behavior options

========================================================

See also:   Opera 17 FINAL adds pinned tabs, custom search engines and startup options    http://betanews.com/2013/10/09/opera-17-final-adds-pinned-tabs-custom-search-engines-and-startup-options/

Finally. I got 18 critical updates, counting MRT, for my Windows XP and Office 2007.

One each for IE and Silverlight. One each for .Net 2.0 Sp2 and .Net 3.5 Sp 1. Four for Windows Security, and the rest for Office and outlook 2007.

Funny thing though. After the update and reboot I like to check for more optional updates, like root certification patches, I went to Microsoft Update site and I still had an extra critical update waiting for me that has to be istalled alone and before any other, KB951847, BTW it was not there last month.

http://search.microsoft.com/en-us/DownloadResults.aspx?rf=sp&q=kb951847&x=9&y=5

Take a look at the release date. 11/17/2008. I installed it anyway. It did not ask for reboot. Weird since most dotnet updates do. I rebooted anyway and now I do not have any other critical update showing.

Microsoft Confirms KB2862330 (MS13-081) Windows 7 Update Problems - your computer may restart TWO times.

http://news.softpedia.com/news/Microsoft-Confirms-KB2862330-Windows-7-Update-Problems-390567.shtml 

http://support.microsoft.com/kb/2862330

WOT for FF, Version 2013-10-08