Microsoft doesn't say whether the new version fixes conflicts with EMET 5.5 caused by the original, so it's best to steer clear Last week I wrote about an odd security update, KB 3146706, that appeared to be bricking pirated copies of Windows 7 and locking horns with Microsoft’s own EMET 5.5 malware blocker. Details are hazy, but apparently Microsoft released MS 16-044/KB 3146706 on April 12 as a “checked” Important update. Since it was checked, those who ran Windows Update or had enabled Automatic Update got the patch installed, sometimes to deleterious effect. Shortly after the patch was released, the auto update “check” disappeared from most — if not all — Windows 7 computers. Customers could install the patch, but only if they manually checked it first. KB 3146706 also raised a storm of complaints, particularly in China, among people using a particular pirated version of Windows 7 known by the name Ghost — no doubt in reference to its origins as a Norton Ghost copy of a heavily modified (and sometimes malware infested) version of Win7. Suddenly, without any notification and not much explanation, KB 3146706 is back again. It appeared, checked, on many computers yesterday afternoon. (I have reports that on some systems it still isn’t checked.) The KB article has been modified, raised to version 2 with this caveat added: After you install this security update on a Windows 7 SP1-based system, you may experience any of the following problems: The system slows down You cannot access folders under the Documents and Settings folder. You cannot modify permissions on the Security tab in a the Properties dialog box You may receive a disk write failure error message This problem may occur when certain third-party DRM software is installed. The problem is known to occur with certain DRM software from Fasoo.com. Contact the manufacturer of your software for more information about how to resolve this problem. Fasoo is a company based in Seoul that “provides data-centric security to protect data as it travels both within the organizational perimeter and beyond by limiting access to sensitive data according to policies that cover both users and activities.” Microsoft’s KB article doesn’t mention the well-documented EMET 5.5 problems, nor does it say whether those problems have been solved. Tellingly, the published File Information shows that all of the modules were compiled on or before March 21. That’s three weeks before original, buggy version of 3146706 rolled out. Whether the modules have been changed to fix the problem, whether there’s a change in the “metadata” that controls the Windows Update behavior, or there’s no change at all is simply unknown at this point. Microsoft also neglected to mention the change in the official Windows Update list. It would be a good idea to avoid installing KB 3146706 until we have a clearer understanding of the situation — especially if you run EMET. Update: A Fassoo spokesperson has contacted us with this explanation: Fasoo resolved this problem two years ago, but some customers were using an old version of the software. Fasoo resolved the problem introduced by Microsoft patch KB3146706 by releasing v2.0.0.6 of f_ih.sys on Feb. 14, 2014. Some customers in Korea using an older version of f_ih.sys had a problem after installing the Microsoft patch. Fasoo has informed customers running the old component to update to the new software. Related content opinion On a personal note... Woody Leonhard looks back a bit, looks ahead to retirement — and shares good news about who's picking up the Windows patching torch. By Woody Leonhard Nov 09, 2020 3 mins Small and Medium Business Computers Windows news analysis Get Microsoft's October patches installed — and seriously consider Win10 2004 Odd ancillary patches have their problems, but the mainstream October patches look pretty reliable. The big question: Is Win10 version 2004 up to your stability standards. I’m skeptical -- especially because it has few worthwhile improvements. By Woody Leonhard Oct 30, 2020 6 mins Small and Medium Business Microsoft Computers news analysis Microsoft Patch Alert: October 2020 The big news with this month’s patches – aside from the usual smorgasbord of strange errors – has more to do with the patches that are outside the regular cumulative update stream. Remarkably, we didn’t get any security fixes By Woody Leonhard Oct 22, 2020 189 mins Small and Medium Business Microsoft Office Microsoft news analysis With Patch Tuesday here, be sure Windows Update is paused With all the flotsam floating around, it’s easy to lose sight of Second Tuesdays. October’s arrives tomorrow and, with it, another round of Windows and Office patches. Take a minute to make sure you aren’t in the front lines, as eve By Woody Leonhard Oct 12, 2020 5 mins Small and Medium Business Microsoft Windows Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe