[There's a reason that Yoda is the unofficial mascot of SBS.  Size indeed matters not.] Dealing with the patching weekend - THE OFFICIAL BLOG OF THE SBS DIVA
Fri, May 11 2012 23:57 bradley

Dealing with the patching weekend

It's the patch Tuesday weekend and we have a doosey.  I've seen on average about 18-24 patches PER workstation.  Several .nets per version of .net and several versions of .nets.  Which makes for a slow patching weekend.

The patch causing either no issues or lots of issues appears to be KB2686509 - which is ONLY on XP and Windows 2003.  It's a backporting of an keyboard protection that Vista and later already has.

MS12-034: Description of the security update for CVE-2012-0181 in Windows XP and Windows Server 2003: May 8, 2012:
http://support.microsoft.com/default.aspx?scid=kb;en-us;2686509

While I applaud Microsoft for backporting a protection that they already gave Vista and Windows 7, the fact that the deployment of it .... is .... for lack of a better description... totally sucky.... leaves a lot to be desired.  The patch installs and should it fine keyboard files that shouldn't be whereever they are, it fails with a cryptic error message.

In my personal case, I had disabled a scroll lock key and this alone caused the failure -- with no failedkeyboard.log file as there is supposed to be in the documentation.

In other cases, there is left behind a failedkeyboard.log file and you are told to dig into your computer and copy .dll files.

There appears to be a third failure as yet not documented well in the KB.  In this third one, any language keyboard files under the keyboard registry key causes the failure.  The failedkeyboard.log file doesn't point to dll files, but rather kbd files listed in the log file.

Bottom line, install the .net's separately (assuming you want to do them this weekend.  And be prepared to deal with this XP patch.

We're patching for this issue:  http://blog.coresecurity.com/2012/05/10/the-big-trick-behind-exploit-ms12-034/?utm_source=dlvr.it&utm_medium=twitter

Filed under: