Windows security update causes 'blue screen of death' for some
Windows XP users say one patch in particular causes problems, and that there's a fix but it requires an install CD. However, CDs aren't shipped with all computers and aren't available for Netbook users at all.
Elinor MillsFormer Staff Writer
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.
Some Windows users reported on Thursday that they were getting the "blue screen of death" on their computers when they installed Microsoft's latest security updates released two days earlier.
Most of the people complaining on a Windows forum said they had the problem on Windows XP, but one person also reported problems on Windows 7.
Users posted a fix on the site that they said seemed to work, but that didn't necessarily quell the anger.
"Where at Microsoft do I send my invoice for hours spent fixing this BS?" one person wrote on Thursday.
The problem appears to be with one specific update, which addresses a vulnerability in the 32-bit Windows kernel that could allow elevation of privilege that was disclosed last month.
The fix requires users to have an install CD, but not all computer manufacturers ship systems with a disc for re-installing the operating system, according to the Krebs on Security blog, which first reported the problems on Wednesday.
In addition, Netbooks do not have CD-ROM drives, making the problem even more difficult for them to fix, security blogger Brian Krebs wrote.
Several people reported on the Windows forum site that Microsoft told them the company would not be providing a fix for Netbooks and that Netbook users would have to get support from the equipment manufacturer.
Microsoft is investigating the reports to determine the cause of the problems, according to a statement from Jerry Bryant, senior security communications manager lead at Microsoft.
Update 5:05 p.m. PSTMicrosoft published a blog post later on Thursday with this additional information:
"Our initial analysis suggests that the issue occurs after installing MS10-015 (KB977165). However, we have not confirmed that the issue is specific to MS10-015 or if it is an interoperability problem with another component or third-party software. Our teams are working to resolve this as quickly as possible. We also stopped offering this update through Windows Update as soon as we discovered the restart issues. However, those using enterprise deployment systems such as SMS or WSUS will still see and be able to deploy these packages.
"While we work to address this issue, customers who choose not to install the update can implement the workaround outlined in the bulletin. CVE-2010-0232 was publicly disclosed and we previously issued Security Advisory 979682 in response. Customers can disable the NTVDM subsystem as a workaround and we have provided an automated method of doing that with a Microsoft Fix It that you can find here: http://support.microsoft.com/kb/979682."