Vista Tutorial - CAPICOM UPDATE KB 931906

02-13-2008

Hi

Another Windows Update peculiarity??? In addition to my recent post re
having successfully downloaded and installed the same Update - KB943411 -
on Jan 9 AND Feb 9 this year, now my wife's PC has the above SECURITY Update
listed as IMPORTANT and installed successfully yesterday on her Vista Home
Premium PC, and 12 new updates today.

But whilst MY PC has the 12 from today, but NO Update KB 931906 listed
yesterday or today and NO updates waiting to be downloaded. My Vista Home
PRemium PC is UP to date with no new updates.

Why would her PC have required this and not mine do you think?

It IS listed on MS support page as a MAY 2007 Security Update.

http://www.microsoft.com/protect/com...ns/200705.mspx

Again, IT is NOT listed on MY PC as an installed update, BUT WAS downloaded
and installed on my wife's yesterday. Again, why not on mine? AND how/why
did her PC all of a sudden, a few months after install, decide it needed
this MAY 2007 update? Should I worry about my PC NOT having it?

Rgds
Rod
Perth

02-13-2008

That is a really old update from May of 2007. Are you sure you don't have it?

http://www.microsoft.com/downloads/d...DisplayLang=en
--
Paul

"Rod Davies" wrote:

Quote:

> Hi
>
> Another Windows Update peculiarity??? In addition to my recent post re
> having successfully downloaded and installed the same Update - KB943411 -
> on Jan 9 AND Feb 9 this year, now my wife's PC has the above SECURITY Update
> listed as IMPORTANT and installed successfully yesterday on her Vista Home
> Premium PC, and 12 new updates today.
>
> But whilst MY PC has the 12 from today, but NO Update KB 931906 listed
> yesterday or today and NO updates waiting to be downloaded. My Vista Home
> PRemium PC is UP to date with no new updates.
>
> Why would her PC have required this and not mine do you think?
>
> It IS listed on MS support page as a MAY 2007 Security Update.
>
> http://www.microsoft.com/protect/com...ns/200705.mspx
>
> Again, IT is NOT listed on MY PC as an installed update, BUT WAS downloaded
> and installed on my wife's yesterday. Again, why not on mine? AND how/why
> did her PC all of a sudden, a few months after install, decide it needed
> this MAY 2007 update? Should I worry about my PC NOT having it?
>
> Rgds
> Rod
> Perth
>

02-13-2008

No I definately do not have it....should I worry?

Rgds
Rod

"PaulB" <PaulB@xxxxxx> wrote in message
news:AF887CA9-CA61-4C7E-9F6E-6D1D82C12329@xxxxxx

Quote:

> That is a really old update from May of 2007. Are you sure you don't have
> it?
>
> http://www.microsoft.com/downloads/d...DisplayLang=en
> --
> Paul
>
>
> "Rod Davies" wrote:
>

Quote:

>> Hi
>>
>> Another Windows Update peculiarity??? In addition to my recent post re
>> having successfully downloaded and installed the same Update -
>> KB943411 -
>> on Jan 9 AND Feb 9 this year, now my wife's PC has the above SECURITY
>> Update
>> listed as IMPORTANT and installed successfully yesterday on her Vista
>> Home
>> Premium PC, and 12 new updates today.
>>
>> But whilst MY PC has the 12 from today, but NO Update KB 931906 listed
>> yesterday or today and NO updates waiting to be downloaded. My Vista Home
>> PRemium PC is UP to date with no new updates.
>>
>> Why would her PC have required this and not mine do you think?
>>
>> It IS listed on MS support page as a MAY 2007 Security Update.
>>
>> http://www.microsoft.com/protect/com...ns/200705.mspx
>>
>> Again, IT is NOT listed on MY PC as an installed update, BUT WAS
>> downloaded
>> and installed on my wife's yesterday. Again, why not on mine? AND how/why
>> did her PC all of a sudden, a few months after install, decide it needed
>> this MAY 2007 update? Should I worry about my PC NOT having it?
>>
>> Rgds
>> Rod
>> Perth
>>

02-14-2008

[snippage and reordering]

"Rod Davies" <ldavies@xxxxxx> wrote:

Quote:

> "PaulB" <PaulB@xxxxxx> wrote:

Quote:

>> "Rod Davies" wrote:

Quote:

>>> But whilst MY PC has the 12 from today, but NO Update KB 931906 listed
>>> yesterday or today and NO updates waiting to be downloaded. My Vista
>>> Home
>>> PRemium PC is UP to date with no new updates.

[...]

Quote:

>>> Again, IT is NOT listed on MY PC as an installed update, BUT WAS
>>> downloaded
>>> and installed on my wife's yesterday. Again, why not on mine? AND
>>> how/why
>>> did her PC all of a sudden, a few months after install, decide it needed
>>> this MAY 2007 update? Should I worry about my PC NOT having it?

Quote:

>> That is a really old update from May of 2007. Are you sure you don't have
>> it?

Quote:

> No I definately do not have it....should I worry?

K931906 (MS07-028) is an update to the crypto API for Windows, addressing a
remote code execution vulnerability. The oddity about the feature is that it
isn't part of the base Windows product, and the prime file (capicom.dll) may
be installed by any application (from Microsoft or a third-party vendor)
that needs it, and might be placed in any folder. The patch puts the
updated copy in a standard location and makes appropriate entries in the
Registry.

If you don't have the CAPICOM.DLL file on your system, you don't need the
update. What can happen is that a computer doesn't need the patch when it
was released in last May's "Patch Tuesday" fun, but at some later time the
user might install an application that brings with it a downlevel copy of
the DLL file...and thus triggers the need for MS07-028.

Having said that, my experience with the patch is that its "am I needed?"
logic isn't the best. if you install the patch it seems to do what it
should, but the Microsoft-provided XML that drives the installation tests
doesn't seem to always trigger installation when an unpatched version is
present. (I've squawked this up the line, and received the expected
response: none.)

Joe Morris

02-13-2008	#1 (permalink)
Rod Davies Guest n/a posts	CAPICOM UPDATE KB 931906 Hi Another Windows Update peculiarity??? In addition to my recent post re having successfully downloaded and installed the same Update - KB943411 - on Jan 9 AND Feb 9 this year, now my wife's PC has the above SECURITY Update listed as IMPORTANT and installed successfully yesterday on her Vista Home Premium PC, and 12 new updates today. But whilst MY PC has the 12 from today, but NO Update KB 931906 listed yesterday or today and NO updates waiting to be downloaded. My Vista Home PRemium PC is UP to date with no new updates. Why would her PC have required this and not mine do you think? It IS listed on MS support page as a MAY 2007 Security Update. http://www.microsoft.com/protect/com...ns/200705.mspx Again, IT is NOT listed on MY PC as an installed update, BUT WAS downloaded and installed on my wife's yesterday. Again, why not on mine? AND how/why did her PC all of a sudden, a few months after install, decide it needed this MAY 2007 update? Should I worry about my PC NOT having it? Rgds Rod Perth
My System Specs

02-13-2008	#2 (permalink)
PaulB Guest n/a posts	RE: CAPICOM UPDATE KB 931906 That is a really old update from May of 2007. Are you sure you don't have it? http://www.microsoft.com/downloads/d...DisplayLang=en -- Paul "Rod Davies" wrote: Quote: > Hi > > Another Windows Update peculiarity??? In addition to my recent post re > having successfully downloaded and installed the same Update - KB943411 - > on Jan 9 AND Feb 9 this year, now my wife's PC has the above SECURITY Update > listed as IMPORTANT and installed successfully yesterday on her Vista Home > Premium PC, and 12 new updates today. > > But whilst MY PC has the 12 from today, but NO Update KB 931906 listed > yesterday or today and NO updates waiting to be downloaded. My Vista Home > PRemium PC is UP to date with no new updates. > > Why would her PC have required this and not mine do you think? > > It IS listed on MS support page as a MAY 2007 Security Update. > > http://www.microsoft.com/protect/com...ns/200705.mspx > > Again, IT is NOT listed on MY PC as an installed update, BUT WAS downloaded > and installed on my wife's yesterday. Again, why not on mine? AND how/why > did her PC all of a sudden, a few months after install, decide it needed > this MAY 2007 update? Should I worry about my PC NOT having it? > > Rgds > Rod > Perth >
My System Specs

02-13-2008	#3 (permalink)
Rod Davies Guest n/a posts	Re: CAPICOM UPDATE KB 931906 No I definately do not have it....should I worry? Rgds Rod "PaulB" <PaulB@xxxxxx> wrote in message news:AF887CA9-CA61-4C7E-9F6E-6D1D82C12329@xxxxxx Quote: > That is a really old update from May of 2007. Are you sure you don't have > it? > > http://www.microsoft.com/downloads/d...DisplayLang=en > -- > Paul > > > "Rod Davies" wrote: > Quote: >> Hi >> >> Another Windows Update peculiarity??? In addition to my recent post re >> having successfully downloaded and installed the same Update - >> KB943411 - >> on Jan 9 AND Feb 9 this year, now my wife's PC has the above SECURITY >> Update >> listed as IMPORTANT and installed successfully yesterday on her Vista >> Home >> Premium PC, and 12 new updates today. >> >> But whilst MY PC has the 12 from today, but NO Update KB 931906 listed >> yesterday or today and NO updates waiting to be downloaded. My Vista Home >> PRemium PC is UP to date with no new updates. >> >> Why would her PC have required this and not mine do you think? >> >> It IS listed on MS support page as a MAY 2007 Security Update. >> >> http://www.microsoft.com/protect/com...ns/200705.mspx >> >> Again, IT is NOT listed on MY PC as an installed update, BUT WAS >> downloaded >> and installed on my wife's yesterday. Again, why not on mine? AND how/why >> did her PC all of a sudden, a few months after install, decide it needed >> this MAY 2007 update? Should I worry about my PC NOT having it? >> >> Rgds >> Rod >> Perth >>
My System Specs

02-14-2008	#4 (permalink)
Joe Morris Guest n/a posts	Re: CAPICOM UPDATE KB 931906 [snippage and reordering] "Rod Davies" <ldavies@xxxxxx> wrote: Quote: > "PaulB" <PaulB@xxxxxx> wrote: Quote: >> "Rod Davies" wrote: Quote: Quote: Quote: >>> But whilst MY PC has the 12 from today, but NO Update KB 931906 listed >>> yesterday or today and NO updates waiting to be downloaded. My Vista >>> Home >>> PRemium PC is UP to date with no new updates. [...] Quote: Quote: Quote: >>> Again, IT is NOT listed on MY PC as an installed update, BUT WAS >>> downloaded >>> and installed on my wife's yesterday. Again, why not on mine? AND >>> how/why >>> did her PC all of a sudden, a few months after install, decide it needed >>> this MAY 2007 update? Should I worry about my PC NOT having it? Quote: Quote: >> That is a really old update from May of 2007. Are you sure you don't have >> it? Quote: > No I definately do not have it....should I worry? K931906 (MS07-028) is an update to the crypto API for Windows, addressing a remote code execution vulnerability. The oddity about the feature is that it isn't part of the base Windows product, and the prime file (capicom.dll) may be installed by any application (from Microsoft or a third-party vendor) that needs it, and might be placed in any folder. The patch puts the updated copy in a standard location and makes appropriate entries in the Registry. If you don't have the CAPICOM.DLL file on your system, you don't need the update. What can happen is that a computer doesn't need the patch when it was released in last May's "Patch Tuesday" fun, but at some later time the user might install an application that brings with it a downlevel copy of the DLL file...and thus triggers the need for MS07-028. Having said that, my experience with the patch is that its "am I needed?" logic isn't the best. if you install the patch it seems to do what it should, but the Microsoft-provided XML that drives the installation tests doesn't seem to always trigger installation when an unpatched version is present. (I've squawked this up the line, and received the expected response: none.) Joe Morris
My System Specs

Similar Threads
Thread	Forum
Old CAPICOM Update received?	Windows Updates
VB Script Trying to use Capicom	VB Script
capicom update	PowerShell
Security update for Capicom (KB931906) hangs-up Updates	Vista performance & maintenance
an update [suspect capicom] messed up ie7 on Vista	Vista General