Patch Tues.; Blue Screen Wednesday

Friday, April 12, 2013 @ 10:04 AM gHale


Microsoft stopped pushing a security update originally released on Patch Tuesday because the fix is causing some PCs to blue screen.

Microsoft recommended users uninstall the patch, which is also causing compatibility with some endpoint security software.

RELATED STORIES
Malware Block: Chrome’s CAMP System
ICS Patching Ineffective
Downtime: Utility Suffers Virus
Antivirus Not Catching New Viruses

“We’ve determined that the update, when paired with certain third-party software, can cause system errors,” said Trustworthy Computing group manager Dustin Childs.

MS13-036 was part of this week’s Patch Tuesday update. It addressed three vulnerabilities in the Windows Kernel-Mode Driver, which if exploited could allow an attacker to elevate their privileges on a compromised machine.

Microsoft rated the vulnerabilities “important” because an exploit would require an attacker to have physical access to a computer. The faulty update does not result in any data loss for users, Childs said. Only update 2823324 ended up removed from the Windows download center, and the remainder of MS13-036 is still available.

Users began reporting issues earlier this week with some systems failing to recover from restarts, or applications failing to load, after the patch installed.

The idea behind the MS13-036 update was to patch two separate race condition vulnerabilities (CVE-2013-1238 and CVE-2013-1292) and a NTFS NULL pointer deference vulnerability (CVE-2013-1293) that lead to privilege escalation for attackers. The update also addresses a font parsing vulnerability (CVE-2013-1291) that could lead to crashes and a denial-of-service condition.



Leave a Reply

You must be logged in to post a comment.