Non-security Office patches appear with the reprise of KB 2952664 and 2976978

The usual bunch of non-security Office patches appeared yesterday, along with a couple surprises. Publisher 2007, which is long past end-of-life, got a patch. Plus, we saw the relaunch of two widely despised Windows 7 and 8.1 “compatibility appraiser” updates.

Microsoft relaunches nonsecurity Office patches KB 2952664 and 2976978

November’s two dozen or so non-security Office patches won’t raise any eyebrows: A bad antivirus scanning sequence problem (KB 4011188, 4011229, 3162081, 4011138), an upgrade from Lynch 2013 to Skype for Business (KB 4011255), and lots of miscellaneous bug fixes. Two patches caught my eye.

First, I’m surprised that the antivirus scanning problem is characterized as non-security:

If Windows Defender is enabled and registered for IOfficeAntivirus scanning, Office applications still run registry key scanning first instead of using Windows Defender for documents scanning. After you install this update, Office applications will use Windows Defender instead.

The description’s more than a little hard to parse, but it certainly sounds like a security problem to me.

Second, we got a patch for Publisher 2007, even though Office 2007 as a whole reached end-of-life on Oct. 10. The KB 4011203 article says:

This update fixes the following issue:

When you edit a title bar in a newsletter in Office Publisher 2007, and then you deselect the title bar by clicking away from the text box, Publisher crashes.

… which strikes me as an egregious bug to suddenly appear in a 10-year-old program. It would be interesting to know if some recent patch introduced the bug, or if it’s been hiding there all along. Either way, none of the possible antecedents instill much confidence.

2 old and detested Office patches

While the patching world was concentrating on the laundry list of non-security Office patches, two old, detested patches made a reappearance. KB 2952664, the Compatibility update for keeping Windows up to date in Windows 7 patch, is now up to version 13, and KB 2976978, the Compatibility update for keeping Windows up to date in Windows 8.1 and Windows 8, appeared in its version 10.

Oddly, both patches were released yesterday, Nov. 7, but the KB articles say they were updated on Oct. 31. The digital signatures for the Windows 7 patch are Oct. 20. Those for the Windows 8/8.1 patch are Oct. 12. Microsoft’s been waiting a while to push these puppies out.

As I explained more than a year ago, it’s an update to the scanning system used by Windows Update. Microsoft says:

This KB article is related to the Windows Update and the appraiser systems that enables us to continue to deliver servicing updates to Windows 7 and Windows 8.1 devices, as well as ensure device and application compatibility.

I’ll note in passing that last year, the Windows 7 patch was dated Oct. 4, 2016, at revision 25. Now it’s listed as Oct. 31, 2017, at revision 13. Sequential numbering must be a hard computer science problem.

I see no pressing reason to install any of the patches, unless you’re having problems crashing Publisher 2007 while switching away from the title bar. Let’s wait and see what bugs may surface in these patches — and, more important, wait for the crescendo following Patch Tuesday.

Find a bug in one of the patches? Join the night watch on the AskWoody Lounge.

How to protect Windows 10 PCs from ransomware
Shop Tech Products at Amazon