Microsoft re-releases 'Blue Screen of Death' patch
All is well, the company says; the once-flawed fix is now safe
Computerworld - Microsoft today re-released a security update that had crashed customers' PCs and crippled the machines with endless reboots, saying that the revised patch is now safe to install.
The revamped MS13-036 update -- first issued April 9, but pulled three days later from distribution -- "resolves issues some customers experienced," said Microsoft spokesman Dustin Childs in an email Tuesday.
"The new update, KB2840149, still addresses the Moderate security issue described in MS13-036, and should not cause these [rebooting] issues," Childs added in a post to the Microsoft Security Response Center blog.
Two weeks ago, Microsoft yanked one of the two patches comprising MS13-036 from the Windows Update service as reports spread that the fix was generating the notorious "Blue Screen of Death" (BSOD) error message and paralyzing PCs with repeated reboots.
Microsoft never clearly described the causes of the BSODs and endless reboots, saying at the time, "We've determined that the update, when paired with certain third-party software, can cause system errors." Childs today also declined to get into specifics, instead saying only that "some customers were having issues."
Customers and experts, however, pinned blame on combinations of the security update and "G-Buster," a browser security plug-in widely used in Brazil for online banking; and on the Microsoft patch and Kaspersky Lab security software.
In a support document, Microsoft had posted several error messages that were symptoms of the patch failure, and recommended that Windows 7 users uninstall the update.
The revised MS13-036 update has been restored to the Windows Update service, and will be downloaded and installed by machines with Automatic Updates enabled. Microsoft urged those who manually download patches to deploy the re-release at their earliest convenience.
Customers who prefer to retrieve updates manually can obtain the patch appropriate for their system -- Windows Vista, Windows 7, Windows Server 2008 or Windows Server 2008 R2 -- at Microsoft's Download Center by searching for " KB2840149" to filter the results.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His email address is firstname.lastname@example.org.
Read more about Windows in Computerworld's Windows Topic Center.
- Top 10 Reasons to Strengthen Information Security with Desktop Virtualization Regain control and reduce risk without sacrificing business productivity and growth
- Preventing Sophisticated Attacks: Anti-Evasion & Advanced Evasion Techniques McAfee Next Generation Firewall applies sophisticated analysis techniques specifically to detect advanced evasion techniques (AET).
- The Security Industry's Dirty Little Secret The debate over advanced evasion techniques (AETs) This report summarizes the findings of a McAfee commissioned research group to determine the level of understanding IT security professionals have about AETs...
- Demand More, Get the Most from the Move to a Next-Generation Firewall Beyond the basics in a next generation firewall, to protect your investment you should demand other valuable features: intrusion prevention, contextual rules, advanced...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!