A
Ablang
< I am definitely fearful of Windows Updates. I do a manual creating
a Restore before doing an update.
My other laptop is still down from the damage of KB977165.>
--
Microsoft Tries to Avoid Windows Blue Screen Repeat
Gregg Keizer
Apr 14, 2010 5:09 am
http://www.pcworld.com/article/194205/microsoft_tries_to_avoid_windows_blue_screen_repeat.html
Microsoft took steps Tuesday to avoid repeating the debacle two months
ago that left Windows XP users staring at the notorious "Blue Screen
of Death" error message after they applied a patch.
In February, a security update that fixed two flaws in the Windows
kernel -- the operating system's most important component -- wreaked
havoc when it was applied by users, who almost immediately flooded
Microsoft 's support forum with reports of crippled computers .
As the number of reports grew, Microsoft first stopped automatically
serving the MS10-015 update, then confirmed that a rootkit caused the
crashes . Only PCs that had been previously infected with the Alureon
rootkit were incapacitated, Microsoft's investigation found.
Microsoft restarted distribution of the update only after it had come
up with a way to block rootkit-infected PCs from receiving the
patches. "If detection logic included in Automatic Update discovers
abnormal conditions in certain operating system file configurations,
the update will fail and customers will be presented with an error
message that offers alternative support options," said Jerry Bryant,
general manager with the Microsoft Security Response Team, in early
March.
MS10-021 , one of the 11 updates issued yesterday as part of
Microsoft's monthly Patch Tuesday cycle , also fixed flaws in the
Windows kernel. But Microsoft is hoping that this month's update won't
trigger a repeat Blue Screen of Death.
"This security update includes package detection logic that prevents
the installation of the security update if certain abnormal conditions
exist on 32-bit systems," stated the MS10-021 bulletin. "These
abnormal conditions on a system could be the result of an infection
with a computer virus that modifies some operating system files, which
renders the infected computer incompatible with the kernel update."
One security expert applauded the move.
"I give Microsoft a big tip of the hat for not taking [the February
incident] as a one-off," said Jason Miller, data and security team
manager at network compliance and security vendor Shavlik
Technologies. "The kernel is something that if something goes bad,
that's not good. Patching the kernel is not like patching a media
player."
Microsoft obviously learned a lesson. Even though the February update
crashed a relatively small number of PCs, the problem actually
affected many more, he argued. "It may have affected just a few
people, but it scared almost everyone into not patching," Miller said.
Although scattered reports of problems with Tuesday's security updates
have been posted on Microsoft's support forum, Computerworld did not
find any message threads describing Blue Screen of Death crashes after
users applied yesterday's MS10-021 kernel update.
Enterprises should still test the update before widely deploying it,
Miller recommended. "With every kernel patch, you really have to test.
We're pretty adamant about that," he said.
Microsoft also urged users to apply MS10-021 to protect themselves.
Although attacks had not been found in the wild exploiting any of the
eight vulnerabilities addressed by the update, the company noted that
users would "likely...see reliable exploit code developed for one or
more of these eight vulnerabilities" in the next 30 days.
This month's security update, including MS10-021, can be downloaded
and installed via the Windows Update and Microsoft Update services, as
well as through Windows Server Update Services.
a Restore before doing an update.
My other laptop is still down from the damage of KB977165.>
--
Microsoft Tries to Avoid Windows Blue Screen Repeat
Gregg Keizer
Apr 14, 2010 5:09 am
http://www.pcworld.com/article/194205/microsoft_tries_to_avoid_windows_blue_screen_repeat.html
Microsoft took steps Tuesday to avoid repeating the debacle two months
ago that left Windows XP users staring at the notorious "Blue Screen
of Death" error message after they applied a patch.
In February, a security update that fixed two flaws in the Windows
kernel -- the operating system's most important component -- wreaked
havoc when it was applied by users, who almost immediately flooded
Microsoft 's support forum with reports of crippled computers .
As the number of reports grew, Microsoft first stopped automatically
serving the MS10-015 update, then confirmed that a rootkit caused the
crashes . Only PCs that had been previously infected with the Alureon
rootkit were incapacitated, Microsoft's investigation found.
Microsoft restarted distribution of the update only after it had come
up with a way to block rootkit-infected PCs from receiving the
patches. "If detection logic included in Automatic Update discovers
abnormal conditions in certain operating system file configurations,
the update will fail and customers will be presented with an error
message that offers alternative support options," said Jerry Bryant,
general manager with the Microsoft Security Response Team, in early
March.
MS10-021 , one of the 11 updates issued yesterday as part of
Microsoft's monthly Patch Tuesday cycle , also fixed flaws in the
Windows kernel. But Microsoft is hoping that this month's update won't
trigger a repeat Blue Screen of Death.
"This security update includes package detection logic that prevents
the installation of the security update if certain abnormal conditions
exist on 32-bit systems," stated the MS10-021 bulletin. "These
abnormal conditions on a system could be the result of an infection
with a computer virus that modifies some operating system files, which
renders the infected computer incompatible with the kernel update."
One security expert applauded the move.
"I give Microsoft a big tip of the hat for not taking [the February
incident] as a one-off," said Jason Miller, data and security team
manager at network compliance and security vendor Shavlik
Technologies. "The kernel is something that if something goes bad,
that's not good. Patching the kernel is not like patching a media
player."
Microsoft obviously learned a lesson. Even though the February update
crashed a relatively small number of PCs, the problem actually
affected many more, he argued. "It may have affected just a few
people, but it scared almost everyone into not patching," Miller said.
Although scattered reports of problems with Tuesday's security updates
have been posted on Microsoft's support forum, Computerworld did not
find any message threads describing Blue Screen of Death crashes after
users applied yesterday's MS10-021 kernel update.
Enterprises should still test the update before widely deploying it,
Miller recommended. "With every kernel patch, you really have to test.
We're pretty adamant about that," he said.
Microsoft also urged users to apply MS10-021 to protect themselves.
Although attacks had not been found in the wild exploiting any of the
eight vulnerabilities addressed by the update, the company noted that
users would "likely...see reliable exploit code developed for one or
more of these eight vulnerabilities" in the next 30 days.
This month's security update, including MS10-021, can be downloaded
and installed via the Windows Update and Microsoft Update services, as
well as through Windows Server Update Services.
