Start
About
FAQ
Blogroll
ShopMS07-038: Vulnerability in Windows Vista Firewall could allow information disclosure
Description: A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft.
Update type: Important
Release date: July 10, 2007
Applies to: All versions
Knowledge base: support.microsoft.com/kb/935807
Download link: 32-bit | 64-bit
Comments: This moderate security update resolves a privately reported vulnerability. This vulnerability could allow incoming unsolicited network traffic to access a network interface. An attacker could potentially gather information about the affected host.
This security update addresses the vulnerability by modifying the Windows Vista firewall default behavior to block unsolicited traffic communicating over the Teredo interface. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information. Details also available in security bulletin MS07-038.
For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB935807.
Digg
Mixx
Propeller
Slashdot
Stumble
Tips and Tricks
Windows Updates
Hotfixes
Keyboard Shortcuts
Vista's Services
Vista's Commands
Product Reviews
Glossary
Videos
Web Links
Comments
Scott
Jul 10, 2007 at 7:37 pm
I just can not seem to get this patch to install. Even tried the standalone version from MS.
Any suggestions are more than welcome.
Joe
Jul 10, 2007 at 8:28 pm
Does it give you an error? Perhaps try to run it with administrative rights and see if that makes a difference. Maybe a reboot and then try again.
Eric Kemp
Jul 10, 2007 at 8:52 pm
In the same boat as Scott… Failed installs both 32 and 64 bit Vista machines. No dice with the standalone install, nor with the Firewall stopped or disabled. Worse still, the 64 bit machine kept rebooting until it was started with “Last Known Good.”
This patch is a disaster.
Jay
Jul 10, 2007 at 8:59 pm
Same here man…. i have tried over and over again it gives me error 800070002 then i followed instructions on how to deal with it, it said to stop windows update then clear the temp file and resart windows update, anyways i have been doing this dance over and over, hoping some1 out there can help plzz….. that one update is annoying me!!!
Scott
Jul 10, 2007 at 9:00 pm
Joe, thank you for your reply.
No less than 6 reboots later, still no go. This is an odd one as all the other updates were successful.
The error code is 80070002, which asks me to clean out my temp files, which I have done. Run as Admin didn’t work, sadly.
I’m trying this MS workaround now:
http://support.microsoft.com/Default.aspx?kbid=910336
Scott
Jul 10, 2007 at 9:25 pm
Joe, Eric & Jay-
The workaround doesn’t work. The first thing it asks me to do is shutdown Automatic Updates in services.msc.
Not so funny thing is, I no longer have that service!
I have Windows Update enabled and I;m certain that AU existed as of a few days ago.
ARGH.
Sorry to say I’m glad I’m not alone.
trent
Jul 10, 2007 at 10:46 pm
Just for the sake of solidarity — no luck with this patch here either.
Mike Smith
Jul 11, 2007 at 12:10 am
Same place as you guys, Microsift Testing needs a good going over.
Eleeter
Jul 11, 2007 at 12:48 am
In the same boat here, update will not install, I get the same error. On my other system (both are running Vista x64) the install was successful. The difference I noticed is after the update installer runs and reboots, ANOTHER reboot occurs. This did not happen on the system where it installed correctly.
I tried all the suggestions in the MS article, and a few of my own. Nothing made any difference. There is a thread on MS’s forum that is not helpful at all.
http://forums.microsoft.com/Genuine/ShowPost.aspx?PostID=1814377&SiteID=25
JesseJ
Jul 11, 2007 at 1:10 am
Same problem with me too. Seeing the number of people who have the problem here, I think it may be a problem on Microsoft’s end and not ours. I am going to set this update on hide so my system won’t bug me about it and hope MS will fix the issue.
diekmann2
Jul 11, 2007 at 1:45 am
Same problems here, tried everything !
Very bad patch !
Hope microsoft provides a solution !
rig
Jul 11, 2007 at 3:56 am
Turn off auto updates service.
Then goto window directory and rename SoftwareDistribution folder to SoftwareDistributionold.
Then restart the auto updates and then download the update. It should now work.
Hope this helps
Paul
Jul 11, 2007 at 5:32 am
I’ve tried this one too and can’t get it to install. Tried the workarounds and no joy. Tried with the firewall and my virus scanner enabled and disabled and tried with the wireless and network cards enabled and disabled.
No joy: infact, the first couple of attempts caused Vista to warn that Windows might be counterfeit (which it definitely isn’t) and needed to re-validate itself.
Looks like this one might have to be hidden!
rolfo
Jul 11, 2007 at 6:48 am
same here…
Jay
Jul 11, 2007 at 7:13 am
so any good luck guyss…… still not working
nemo
Jul 11, 2007 at 7:59 am
Polish version of Vista 64. The same problem when trying to install - reboot and 80070002 error code… KB935807 seems to be broken.
Now I can tell - I’m glad I’m not alone
Joe
Jul 11, 2007 at 8:11 am
Has anyone tried Rig’s suggestion:
-Turn off auto updates service.
-Goto the Window directory and rename the SoftwareDistribution folder to SoftwareDistributionold.
-Restart the auto updates and then download the update.
I’m curious if this works for anyone else.
Ron
Jul 11, 2007 at 9:08 am
Deleting the Downloads and DataStore folder files does not work (re: Disable the windows update service).
None of my updates would install due to this error. I had to specifically disable the KB935807 from installing just to get the rest of the updates to install.
Jose
Jul 11, 2007 at 9:18 am
I’ve gone ahead and done Rig’s suggestion. Still failed, Joe.
I’mma sit this one out and wait for Microsoft to go ahead and fix this patch. I’m not sure what the issue is but it’s not trying to install on my particular PC and it appears on your guys’s as well.
Jose
Jul 11, 2007 at 9:58 am
Try installing the following :
http://www.microsoft.com/downloads/details.aspx?FamilyId=e9b64746-6afa-4a30-833d-e058e000c821&displaylang=en
Charlie
Jul 11, 2007 at 10:18 am
Tried above still cannot, my system was Vista Ultimate 32Bit. Also try to shutdown update but even get worst now kept giving me BSOD every time start up windows…T_T
Eric Kemp
Jul 11, 2007 at 11:28 am
@Joe: Nope, still won’t install.
Steve
Jul 11, 2007 at 12:48 pm
Since this, I can’t install ANY Windows updates, are others experiencing the same thing?
JesseJ
Jul 11, 2007 at 1:18 pm
I found something that worked for me. Go here and use TaurArian’s advice: http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.windowsupdate&mid=27be6281-dc84-4dcd-9b37-026ac92eb7e1
The update will still show up in Windows Update, but it also shows that this method installed it successfully.
Ross Snowden
Jul 11, 2007 at 1:58 pm
I’m beginning to wonder why I had no problem installing this update on my VISTA x64 machine. There was no error message for me at all when the machine was rebooted after installation.
Eric Kemp
Jul 11, 2007 at 2:04 pm
Ross, your machine doesn’t have an AMD processor by any chance, does it?
Eleeter
Jul 11, 2007 at 2:55 pm
I tried the suggestion. I cleared IE cache, installed stand alone update. Rebooted, windows says “configuring updates” then reboots. Log back into Windows, wait a bit, no message pops up about install failure. So did the update actually work? How to check? Windows update still wants to install KB935807.
Both my systems have an AMD processor, the update worked correctly on one. On the system it worked on, I don’t get the second reboot.
Scott
Jul 11, 2007 at 3:19 pm
OK, I think I’ve tried every possible solution posted here and then some, just reaching now.
For what it’s worth I have an Inspiron laptop, dual XP-VISTA boot, Centrino Duo chip and a glass eye. No, a peg leg.
Anyone else with a similar setup?
Eleeter
Jul 11, 2007 at 3:37 pm
Update: I checked the update history and it states the install was successful, so I guess clearing the IE cache worked for some reason.
Just hide the update that still shows up and all is well.
Jay
Jul 11, 2007 at 3:47 pm
ok guys is there any way we can contact microsoft
Scott
Jul 11, 2007 at 3:57 pm
Yes Jay,
Follow this link:
http://support.microsoft.com/select/default.aspx?target=assistance&ln=en-us#11832657548601899130
You may have to sign into live.com but if you want to reach them, the more the merrier I guess.
Ross Snowden
Jul 11, 2007 at 4:12 pm
Yes, my machine has an AMD processor - a Athlon x2 4600+
Paul
Jul 12, 2007 at 1:24 am
Further to my comment earlier on: got home last night and did the Windows Update thing on my main machine and all went well!
Laptop is still not happy about it though. Both machines have AMD procs; only differences I can think of now (besides one being a laptop and the other a desktop) are that the firewall on the desktop is disabled, the desktop is wired to the LAN not on a wireless and the desktop was connected to the domain it’s part of while the laptop is a guest on my office domain.
I’m not about to waste another 3 hours of my working day trying to get this one on.
If anyone figures it out I’ll give it another go…
Andy
Jul 12, 2007 at 4:45 am
Absolutely no go with this one - installing the other updates individually has worked for them.
Tried all the suggestions above without any joy.
I did try downloading the fix and installing it “manually” before coming here and got a triple reboot before I could log back in only to find the update had failed again!
Ron B
Jul 12, 2007 at 5:38 am
Looking at the event log, you get the following error:
Log Name: Setup
Event ID: 4
Level: Error
The Windows update Security Update for Windows (KB935807) requires reboot. (Command line: “”C:\Windows\system32\wusa.exe” “C:\Users\Ron\Desktop\Windows6.0-KB935807-x64.msu”")
You will then get an error like this after the reboot:
Log Name: System
Source: Servicing
Event ID: 4375
Level: Error
Windows Servicing failed to complete the process of setting package Package_for_KB935807~31bf3856ad364e35~amd64~~6.0.1.6 () into Staged(Staged) state
I don’t know if the above info will help, but there you go…
DJRumpy
Jay
Jul 12, 2007 at 7:59 am
paul, 0n my laptop i made sure that all firewalls were disabled all anti virus were disabled i connected the internet directly from my cable modem to my laptop using an Ethernet wire, and still the same results…… listen guys as said before i really don’t think it has anything to do with us, as there are a number of ppl here who are having problems with this update…. i gave up wasting my time trying solutions and what now, for now i just hid the download till some1 really comes up with something that works
dgwilkie
Jul 12, 2007 at 8:08 am
For whatever it’s worth I just checked my update history and found this one was listed as a “Successful” install, and I’ve noticed no problems. Ultimate w/an Intel Core 2 Duo 7900.
Paul
Jul 12, 2007 at 8:08 am
Yeah Jay, done that too and had no success.
Only other difference between the way I did it on the laptop and at home is that, at home, I deliberately de-selected this one from the list of available updates, made sure all the rest were done, then did this one on it’s own knowing that it could f^ck up.
I can’t repeat this on the laptop now as I’ve already attempted it several times now. Agh well! It’s hidden now, just like the SQL Express one that wouldn’t go take!
Jay
Jul 12, 2007 at 8:12 am
do you guys thin Microsoft knows we have this problem…..
Jay
Jul 12, 2007 at 8:12 am
do you guys think Microsoft knows we have this problem…..
Eric Kemp
Jul 12, 2007 at 8:23 am
The problem seems to be really widespread, and not limited to a particular process architecture, therefore, I’m inclined to think that there might be a certain configuration that we that wouldn’t have been properly tested in Microsoft QA.
I encountered this on a machine that underwent a fresh install just 24 hours earlier, so it’s really pretty close to a default install, with the exception that UAC and Windows Defender are disabled. Anyone else with with a similar config?
Scott
Jul 12, 2007 at 8:26 am
Eric,
I have UAC disabled but my wife does not. Her install went smoothly.
We both have Defender active.
Eric Kemp
Jul 12, 2007 at 8:42 am
Well, UAC seems unlikely, but I’ll give it a shot… I’ll report my results back here…
Paul
Jul 12, 2007 at 8:46 am
I have UAC disabled on both my laptop and desktop and it worked on the desktop but not the laptop…
Jay
Jul 12, 2007 at 8:46 am
so i dont get uac on or off, cuzz i got UAC on and it still didn’t go through
dgwilkie
Jul 12, 2007 at 8:54 am
In my last post indicating that I’ve had no trouble with this update, for analysis purposes I should have mentioned that, Defender is on, Firewall is off (being provided by ZoneAlarm), Auto Updating is on, Malware Protection (both Virus and Spyware) is on, Internet security settings are at “recommended” levels, and UAC is on.
Eric Kemp
Jul 12, 2007 at 9:56 am
I can confirm it’s not related to UAC, as well as not being related to System Restore being disabled or IIS being installed.
Kim
Jul 12, 2007 at 3:57 pm
Same problem her in Norway!!! I can not at all get this update to install.. I have AMD processor.
Scott
Jul 12, 2007 at 10:00 pm
So, MS released a new version, revision 1.1 today: http://www.microsoft.com/technet/security/Bulletin/ms07-038.mspx
It did not work for me.
The manual installation did however. Check your ‘installation history’, and if successful, just hide the update if it still appears.
For manual x32 install: http://www.microsoft.com/downloads/details.aspx?FamilyId=e9b64746-6afa-4a30-833d-e058e000c821&displaylang=en
for x64: http://www.microsoft.com/downloads/details.aspx?FamilyId=0df5d190-3ad7-42d5-8629-43c47ec450cb&displaylang=en
Hope this works for everyone.
Shawn Brink
Jul 13, 2007 at 2:47 am
I right clicked on the details for it and went to the MS link and downloaded the stand alone installer. That one install perfectly, but I has to hide the one in Windows Update. The rest of the updates had to be installed one by one in Windows Update.
Joe
Jul 13, 2007 at 8:20 am
Thanks Scott, the update is listed as:
“V1.1 (July 12, 2007): Bulletin revised. CVE hyperlink updated to correct CVE id. Workarounds Section updated to correct command line instructions.”
I don’t know what that means, everyone try the download and see if this fixes it and let us know!
Kim
Jul 13, 2007 at 9:13 am
If you do a manual instalation of KB935807, it says in the win update instalation history that KB935807 are sucsessfull. But if you look on the computer settings for”installed updates” KB935807 IS STILL NOT ON THIS LIST.
Ron B
Jul 13, 2007 at 9:20 am
Still no good, even with version 1.1 of this update. It does not show up in the installed updates, and of course it still shows up in the available updates. I wonder why the event log is showing AMD64? I have a core 2 duo on X64 Vista.
Kim
Jul 13, 2007 at 11:04 am
I have AMD Athlon 64 x 2 Dual Core. On Vista home premium. 32 bit system. Maybe the problem is around AMD proc..
Pauljs
Jul 13, 2007 at 8:38 pm
Suddenly after yesterday’s Windows automatic downloads my Windows Mail doesn’t work properly. If I attach anything to an e-mail I can just forget sending it out. I’m beginning to think I need to find another e-mail software that is more reliable than Windows Mail. Pauljs
Chin
Jul 13, 2007 at 10:58 pm
Same problem here. Spent the whole evening trying and tweaking. No luck.
Mike
Jul 13, 2007 at 11:32 pm
Hi,
I had the same problem with KB935807 with Vista Ultimate. For the past 48 hours, I spent about 7 hours with Microsoft Techs and at least 20 hours on my owne applying all the suggested fixes.
Just finished successful installation of this patch. I had to do a reinstallation of Vista fron the existing system (nothing will change or be deleted, except system files recopied). It took about 3 hours to get my unit fine tuned the way I like it as it was before. In the process, all the updates were downloaded and installed properly and acknowledged by Windows Updates.
I wish I knew of this solution before I wasted all these hours.
Good luck all and thank you for your input.
Mike
Ron B
Jul 14, 2007 at 8:07 am
That is WAY too much work for a low risk patch. Besides, I’ve had horrible luck getting my upgrade version of Ultimate to actually upgrade anthing. Microsofts upgrade scheme on this release is absolutely horrible.
I’m tired of mesing with this pathc myself. I think I’ll just ignore it until a fix comes along.
Shawn Brink
Jul 14, 2007 at 9:52 am
Hi Pauljs,
You might try Windows Live Mail Beta. It has worked fine for me. Plus, you can use web based email with it to.
http://get.live.com/betas/maildesktop_betas
Pauljs
Jul 14, 2007 at 11:27 am
Thanks Shawn Brink,
I just downloaded Windows Live Mail Beta. I’ll let you know if it is any better. I can’t find my contacts list however and am scrambling about on that issue. I guess it vaporized the Windows Mail program. Never a dull moment.
Pauljs
Shawn Brink
Jul 14, 2007 at 11:48 am
Pauljs,
Windows Live Mail should completely integrate what you had in Windows Mail into itself. If not, your Contacts are located at” C:\Users\(your username)\Contacts”. Worst case, you will have to enter them manually from this list.
Shawn
Mel
Jul 16, 2007 at 5:50 am
Just wanted to say, same here. Same patch, same problems. This patch is a disaster. I’m turning off autoupdate until they get it resolved.
I am not going to go through a bunch of contortions for this. Everyone send a incident report into MS so they can’t ignore it.
Kim
Jul 18, 2007 at 3:00 pm
Okey folks… Here in Norway we made a fix for this kb935807 install-error. This fix will work for ALL who have trouble with installing KB935807. Go this way.. C-windows-system32-logfiles. Under the folder “logfiles” you create a new folder called “firewall” Now, KB935807 will install SUSESSFULL;) I`m NOT impressed of Microsoft. Good luck folks;)
Shawn Brink
Jul 18, 2007 at 4:11 pm
Kim,
That is great. It installed now without a problem.
Thank you
Scott
Jul 18, 2007 at 4:54 pm
Mange takk Kim, that’s a winner !
DGWilkie
Jul 18, 2007 at 5:27 pm
Re Kim’s solution, an observation: I didn’t have a problem with this fix, but just checked and found that the “Firewall” folder suggested by Kim was already on my system. It’s an empty folder though. Based on Kim’s solution it would now seem that’s why I didn’t have an installation problem. I didn’t put it there. Where did it come from? Wonder why some apparently had it and some didn’t?
Kim
Jul 18, 2007 at 5:39 pm
I`m lucky to help you folks… The “firewall” folder will allways be empty, its correct. But, i`m wondering what the support-people in Microsoft spending their day with…?? Playing games:)??
Jose
Jul 18, 2007 at 5:49 pm
Adding the firewall folder worked for me as well. Thanks!!!
Jay
Jul 18, 2007 at 6:26 pm
and you folks in norway got some working brains thanxs alot worked like a charm……
Ron B
Jul 18, 2007 at 6:29 pm
Worked for me as well
Charlie Seah
Jul 18, 2007 at 7:38 pm
Greatz man it work, finally solve my nightmare, Thanks a lotsz…. love ya ^^
Rick
Jul 18, 2007 at 10:59 pm
The Norway fix works great on Vista x64!!! Thanks!!!
So much for contacting microsoft support..
Mike
Jul 19, 2007 at 9:04 am
Hi Guys,
Afew days back, I resolved the installation of KB935807 by reinstalling Windows as per recommendation of Microsoft tech and it worked (took over 3 hours though). After reading Kim’s solution to add Forewall folder, I thought I would add it anyway (I did not have it in my system). So I added it and then restarted my laptop. Computer did not boot as smoothly as usual but it did boot. I then checked to see what happened to the Firewall folder I created before the restart and guess what? It has disappeared (the installation of the KB935807 was not affected or altered). Any ideas why?
Mike
Scott
Jul 19, 2007 at 9:08 am
Mike,
The issue is somewhat addressed by the revised bulletin:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q935807
What did the MS tech have you do ?
Mike
Jul 19, 2007 at 9:31 am
The MS Tech worked with me before the Firewall solution came out. At that time, she tried a number of things and when she could not resolve it, she suggested that I reinstall Windows on top of current installation and that worked.
My question is that why did the Firewall folder disappear.
Mike
Leave a Comment