On August 18, I blogged about the withdrawal of a series of updates originally released on August 12 — most notably, KB2982791. At that time, MS recommended that IT admins at least consider uninstalling any or all of KB2982791, KB297028, KB2975719, and KB2975331, especially those who might experience an 0x50 Stop error (aka “Blue Screen of Death” or BSOD).
Out with the old, in with the new: KB2982791 gives way to KB2993651.
Here’s what MS is now saying in its more detailed TechNet discussion of MS14-045 from the “Update FAQ” section about a replacement update KB2993651 pushed out of band, or OOB, on August 27 (emphasis via light-gray background in the following quote is mine, to highlight the discussion that follows it):
Why was this bulletin revised on August 27, 2014? What happened to the original 2982791 security update?
To address known issues with security update 2982791, Microsoft rereleased MS14-045 to replace the 2982791 update with the 2993651 update for all supported releases of Microsoft Windows. Microsoft expired update 2982791 on August 15, 2014. All customers should apply the 2993651 update, which replaces the expired 2982791 update. Microsoft strongly recommends that customers who have not uninstalled the 2982791 update do so prior to applying the 2993651 update.
I already successfully installed the original 2982791 security update and am not experiencing any difficulties. Should I apply the replacement update (2993651) released on August 27, 2014?
Yes. All customers should apply the 2993651 update, which replaces the expired 2982791 update. Customers do not need to uninstall the expired 2982791 update before applying the 2993651 update; however, Microsoft strongly recommends it. Customers who do not remove the expired update will retain a listing for 2982791 under installed updates in Control Panel.
I uninstalled the original 2982791 security update. Should I apply the August 27, 2014 rereleased update (2993651)?
Yes. To be protected from CVE-2014-0318 and CVE-2014-1819, all customers should apply the rereleased update (2993651), which replaces the expired 2982791 update.
Here are the important takeaways from this out-of-band update that should be of particular interest to Windows administrators, particularly those charged with maintaining Windows images for users in an enterprise setting:
- If you haven’t yet deployed (or tested) KB2982791, don’t bother. It is completely supplanted by KB2993651.
- Users whose PCs have KB2982791 already installed will be best served by first uninstalling that update, then installing KB2993651 instead.
- In environments where users may have BYOD notebooks, tablets, laptops, and so forth running Windows, they may need to be informed about proper handling of KB2993651 and KB2982791. Such information should include brief instructions on how to uninstall the obsolete update prior to installing its replacement.