Microsoft stops serving Windows patch blamed for blue screens
Pulls suspect security update, but questions -- and problems -- remain
Computerworld - Microsoft late Thursday said it had halted distribution of a security update linked to crippled Windows XP PCs that display the notorious Blue Screen of Death.
According to users who posted complaints to Microsoft's support forum, after installing the update, one of 13 released Tuesday, their machines refuse to start up. Instead, their systems shudder to a stop at the blue screen which in Windows indicates a serious software error and crash.
"We stopped offering this update through Windows Update as soon as we discovered the restart issues," said Jerry Bryant, a senior manager with the Microsoft Security Response Center (MSRC).
Bryant also said that Microsoft was digging into the problem. "Our initial analysis suggests that the issue occurs after installing MS10-015 (KB977165)," he said. "However, we have not confirmed that the issue is specific to MS10-015 or if it is an interoperability problem with another component or third-party software."
He also downplayed the extent of the blue screening, saying that only a "limited number" of users were affected.
The support thread dedicated to the problem, however, grew by bounds on Thursday. By day's end it boasted more than 250 messages -- double the number of 12 hours before -- and had been accessed over 55,000 times.
Bryant encouraged Windows XP users to apply Tuesday's other patches, and to protect their machines in lieu of the now-missing MS10-015 with a automated workaround that disables the vulnerable NT Virtual DOS Mode (NTVDM) subsystem.
MS10-015 quashed a pair of 17-year-old kernel bugs in all 32-bit versions of Windows. The vulnerability went public three weeks ago when a Google engineer published proof-of-concept attack code.
Microsoft did not provide any new help Thursday to users whose machines have been incapacitated, nor did Bryant provide a timetable when the company would conclude its investigation. The only Microsoft-endorsed solution, which was posted to the support forum Wednesday by a user, is worthless to netbook owners whose systems lack a CD or DVD drive.
Late Thursday, however, someone identified as "John E" and labeled as a Microsoft employee asked users with the blue screen problem to submit a memory dump file from their PCs for examination.
The impact now stretches beyond Microsoft. A spokeswoman for Dell acknowledged Thursday that calls to its support center were on the increase because of the blue screen issue. Hewlett-Packard did not respond to a similar request for comment on the update problem.
Not surprisingly, rumors began circulating about possible causes of the apparent conflict between the MS10-015 update and some, though certainly not all, Windows XP machines. One making the rounds ended up on the support thread: "Is it true that the [Blue Screen of Death] only happens on people already infected with the malware that this update is supposed to fix?" Several users jumped in to reject that theory, a good bet since although exploit code was publicly disclosed several weeks ago, Microsoft said Tuesday that it had seen no in-the-wild attacks.
This week's incident was not the first where a Microsoft update has harmed rather than helped. Two years ago, a set of updates for Vista sent machines into an endless series of reboots. Similar problems stymied users who tried to upgrade to Windows XP Service Pack 3 (SP3) in May 2008, and others attempting to upgrade from Vista to Windows 7 last October.
Robert McMillan of the IDG News Service contributed to this story.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, send e-mail to email@example.com or subscribe to Gregg's RSS feed .
Read more about PCs in Computerworld's PCs Topic Center.
- Agility & Scalability for Oracle EBS R12 and RAC on VMware vSphere 5 This white paper outlines extensive performance and scalability testing of Oracle EBS applications on a Vblock™ Systems with vSphere 5.
- Oracle and VCE: The Next Step in Integrated Computing Platforms In this ESG Lab review you will learn how a VCE system driven by Oracle, delivers the perfect blend of high performance and...
- Migrate Oracle Apps from RISC/UNIX to Virtualized x86 Ready to move Oracle to a virtualized environment? This brief explains how true converged infrastructure can help you migrate from a RISC/UNIX environment...
- Step Out of the Bull's-Eye Learn about the evolution of targeted attacks, the latest in security intelligence, and strategic steps to keep your business safe.
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily...
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their... All PCs White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!