Windows Patch Leaves XP Users With Blue Screen of Death



Windows Patch Leaves XP Users With Blue Screen of Death

Gregg Keizer, Computerworld
Feb 11, 2010 9:01 am

Tuesday's security updates from Microsoft have crippled Windows XP PCs
with the notorious Blue Screen of Death (BSOD), users have reported on
the company's support forum.

Complaints began early yesterday, and gained momentum throughout the

"I updated 11 Windows XP updates today and restarted my PC like it
asked me to," said a user identified as "tansenroy" who kicked off a
growing support thread . "From then on, Windows cannot restart again!
It is stopping at the blue screen with the following message: 'A
problem has been detected and Windows has been shutdown to prevent
damage to your computer.'"

Others joined in with similar reports. "There is something seriously
wrong with the update. I can't even open in safe mode," said
"Ghellow," referring to Windows diagnostic mode that's often a last-
chance way to boot a PC.

"I am not very happy with Microsoft as I got to work this morning to
find my helpdesk flooded with messages that the PC has the famous Blue
Screen," said "brawfab."

"I had to go to work and use my Mac to get online to find out what is
going on with the XP updates last night," complained "moosewalk" on
the same thread. "I am this much closer to switching over to a Mac for

The support thread, which was first noticed by security blogger Brian
Krebs , contained more than 120 messages as of early Thursday, making
it the third-longest on the Windows Update support forum. The thread
had been viewed more than 2,800 times since its inception.

Several users posted solutions, but the one laid out by "maxyimus" was
marked by a Microsoft support engineer as the way out of the perpetual
blue screens. To regain control of their PCs, users were told to boot
from their Windows XP installation disc, launch the Recovery Console
and enter a series of commands.

Unfortunately, that left netbook users out of luck, since most of the
lightweight, inexpensive laptops lack an optical drive, and so can't
boot from an XP installation disc. "Are there any fixes for netbooks,
or am I essentially screwed for the time being?" asked "HimDen."

Several users tentatively identified the MS10-015 update as the one
which triggered the BSOD, and claimed that uninstalling that security
fix -- which was labeled as KB977165 -- returned their PC to working

MS10-015 , one of 13 security updates Microsoft issued Tuesday,
patched a 17-year-old kernel bug in all 32-bit versions of Windows.
The vulnerability went public three weeks ago when a Google engineer
disclosed the bug and posted proof-of-concept attack code.

This was not the first time that a Microsoft update has incapacitated
Windows PCs. Two years ago, a set of updates for Vista sent an unknown
number of machines into an endless series of reboots . Similar
problems stymied users who tried to upgrade to Windows XP Service Pack
3 (SP3) in May 2008, and others attempting to upgrade from Vista to
Windows 7 last October.

Microsoft was not immediately available for comment early Thursday.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers
and general technology breaking news for Computerworld . Follow Gregg
on Twitter at @gkeizer , send e-mail to (e-mail address removed) or
subscribe to Gregg's RSS feed .

Read more about windows and linux pcs in Computerworld's Windows and
Linux PCs Knowledge Center.

SC Tom

Ablang said:
Windows Patch Leaves XP Users With Blue Screen of Death

Gregg Keizer, Computerworld
Feb 11, 2010 9:01 am

If you had done any research at all, you would have found out that it's not
the fault of the update. The BSOD's are caused by the fact that the PC's
affected were already infected with a rootkit. The BSOD is caused by the
rootkit, not the update. That article is old news already, even if it is
only a week old.


Wake up and do some research....there's been a lot more news on this
since that article you linked The issue was not with the patch, but due
to the fact that the affected computers were infected with a TDSS
rootkit variant. I had one in my shop the next day that I was sure was
clean, and it turned out to have an infected atapi.sys

Here are a couple of links to "catch you up":

Tidserv and MS10-015 | Symantec Connect -

Rootkit Authors Issue Patch For Critical Bug -

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question