back to article Windows 7 'security' patch knocks out PCs, knackers antivirus tools

Windows 7 users should uninstall a security patch Microsoft issued on Tuesday because some PCs failed to restart after applying the update. The software giant advised users of Win 7 and Windows Server 2008 R2* to roll-back a patch within MS13-036, a security update that closed two vulnerabilities in the Windows file system …

COMMENTS

This topic is closed for new posts.
  1. LarsG
    Meh

    Ouch, ouch, ouch ouch.....

    1. Fatman
      FAIL

      RE: Ouch, ouch, ouch ouch.....

      I know!!!

      I had a relative call me up after his WindblowZE 7 box crapped out after installing this botched update.

      He was so unhappy when I informed him that like the maid, I don't do Windows anymore, since I switched to Linux in 2008.

      He was so desperate!!!!

      Icon says it all!!!!

      1. Anonymous Coward
        Anonymous Coward

        Re: RE: Ouch, ouch, ouch ouch.....

        Maybe someone could tell Steve Baller to stop working on his basketball-theme cookbook and fix MSoft!

        1. Tom 13
          Devil

          Re: stop working on his basketball-theme cookbook and fix

          No, leave him where he is. There's a better chance of things getting fixed if he's there instead of in the shop.

      2. Anonymous Coward
        Anonymous Coward

        Re: RE: Ouch, ouch, ouch ouch.....

        @Fatman

        Auto downvote for using the term "WindblowZE" as I do for anyone using terms like "Micro$oft" or "crApple", even if I liked the rest of the post.

  2. Pete Spicer
    Pint

    So for people who use Win7 at home, who have automatic updates turned on but don't follow tech news outlets like El Reg, how are they going to know to roll this update back and/or apply a fix?

    Pint, because it's Friday and I've dealt with enough issues today.

    1. Anonymous Coward
      Anonymous Coward

      Because their PCs will be tits-up?

      This is quite a rare issue that only hits certain combinations of corporate focused software - so unlikely to effect the vast majority of home users....

      1. Tom 13

        Re: Because their PCs

        If you had left it at just that first line, you would have been in line for lots of up votes.

    2. Helldesk Dogsbody
      Coat

      As the majority of home and/or small business users don't permit updates to run automatically and apply patches to Windows at gunpoint or other threat of iminent death or pain I reckon they're probably safe.

      1. Stevie

        Er...

        Do you have actual figures to back up that statement? It would fly in the face of the Windows 7 nagware which suggests you turn on automatic updates. Indeed, if you got you machine from Dell, it is in all likelihood turned on for you before it leaves the shop.

  3. Bill the Sys Admin
    Mushroom

    Oh dear. That will cause serious issues. A good example of why never to use auto updates..

    1. Captain Scarlet Silver badge
      Mushroom

      I apply updates when I shutdown, I can't help that I am lazy (Well ok I can but I am so lazy I demand Automatic updates take place when it doesnt bother me).

    2. Anonymous Coward
      Anonymous Coward

      Updates

      Indeed, but even users who do not auto update will be affected by this. I checked this patch out, decided I needed it, then had it not been for an El Reg email today, on a day that I do not normally read El Reg, then I would not have now just installed it as a precaution despite not been affected.

  4. Alister
    Joke

    Win 7 PCs in Samba-loving Brazil are apparently hardest hit.

    Well if you will use an open source network protocol, what do you expect?

    1. Dalen
      Pint

      Took me a second to figure out they weren't talking about network protocols. Pint, because I need one.

  5. RyokuMas
    Coat

    Oh boy...

    Friday sweepstake on how long before the first anti-window-bile post hits from the usual suspects, who will have conveniently "forgotten" about how a Linux patch was bricking some machines in a very similar manner not too long ago...?

    1. thesykes

      Re: Oh boy...

      Seems you were a minute too late.. good old reliable-as-ever Eadon.

      1. RyokuMas
        Joke

        Re: Oh boy...

        Would have been alright, had it not been for that dodgy Iranian time-machine I was using!

  6. Dodel

    Firstly it looks as though this is a kaspersky related issue, but also you can boot into safe mode (F8) and uninstall the offending update until a fix is issued.

  7. Anonymous Coward
    Anonymous Coward

    Microsoft is determined to kill the desktop. And apparently since they are having trouble doing it with Win8 because nobody wants to buy it, now they're going after Win7 users via automatic updates.

  8. Anonymous Coward
    Anonymous Coward

    Win7 + Patch + Kaspersky here

    I haven't noticed any probl

    1. NomNomNom

      Re: Win7 + Patch + Kaspersky here

      have you rebooted ?

  9. NomNomNom

    well i only reboot about every 3 weeks so guess I'll just leave it to microsoft to silently patch the patch and if they dont i will just have to watch tv

    1. Captain DaFt

      "i will just have to watch tv"

      That's a rather harsh punishment, even if it's self inflicted!"

      Man up and uninstall the patch!

      1. This post has been deleted by its author

  10. Steve Davies 3 Silver badge
    WTF?

    Not the only problem with recent patches

    One (not in this lot) has changed how Windows Explorer sees some of my USB Flash Drives.

    If I take one drive and plug it into a USB3 port on my laptop the output is shown by file type rather that the 'details' list. If I want to see that I have to right click on the drive, select open as removable media etc.

    If I take the same drive and plug it into a USB2 port on the same machine it shows the classic 'details' list.

    WTF Microsoft?

    1. This post has been deleted by its author

    2. mickey mouse the fith

      Re: Not the only problem with recent patches

      "One (not in this lot) has changed how Windows Explorer sees some of my USB Flash Drives. If I take one drive and plug it into a USB3 port on my laptop the output is shown by file type rather that the 'details' list. If I want to see that I have to right click on the drive, select open as removable media etc. If I take the same drive and plug it into a USB2 port on the same machine it shows the classic 'details' list."

      I noticed this behaviour suddenly appear, but didnt attribute it to an update, I just thought it was a random screwup on my windows install. Its really, really irritating, rather like the way Vista used to randomly change the icon sizes in control panel.

      My laptop doesnt have usb3 ports, so its not that causing it, but it does change depending on which port the flash drive is plugged into.

      1. frank ly

        Re: Not the only problem with recent patches

        Windows has done this for years. I've had folder view settings randomly change on an individial basis. At the moment, Windows 7 keeps taking icons off my system tray and I have to go into the options to set them back to 'Show Icon and Notifications' .

        It keeps you alert and stops you getting complacent.

    3. tempemeaty

      Re: Not the only problem with recent patches

      Great, somebody at MS probably broke something in the code and the resulting mess you are seeing is their kludge to make it stay working. Chances are they'll call this USB FUBAR a new "Feature".

      Thank God I didn't update last Tuesday.

      m(_ _)m

  11. wondermouse
    FAIL

    Dell OEM and other hit last weekend - was it this?

    At some point last weekend, my trusty Dell Laptop suddenly decided that my Dell OEM Windows 7 was not geniune. So did my mate's. All this week I've been hearing about machines that were legitimately running Windows 7 OEM suddenly being illegitemised.

    Is it the same thing? Something MS has done seems to have screwed the status of these machines.

    1. J. Cook Silver badge

      Re: Dell OEM and other hit last weekend - was it this?

      @wondermouse: It's entirely possible that MS may have nuked the OEM key that Dell uses on their pre-loaded image. I seem to recall Dell doing that for their XP image, at least.

    2. Anonymous Coward
      Anonymous Coward

      Re: Dell OEM and other hit last weekend - was it this?

      Go through telephone activation. They will resolve it for you by issuing a new key if required.

    3. Paul Crawford Silver badge
      Linux

      Re: Dell OEM and other hit last weekend - was it this?

      Ah yes, reminds me of one very good reason why XP was the last MS operating system I got: "Product Activation" that could be revoked (unlike w2k that just was happy with the CD key).

      <= Tux, my non-DRM'ed friend.

  12. Roger Stenning
    Meh

    Odd...

    I've got auto update switched on, and the machine performed the usual update routine last night; it rebooted, and the usual messages following such an update were present when I woke it up this morning.

    However, having looked over the installed patches via the control panel, there's no trace of KB2823324 ever having been installed; guess they deleted the offending patch from the update before my machine got around to getting the update done.

    *shrug*

  13. ashdav

    I've just uninstalled the offending update KB2823324 ,like a good citizen.

    Restarted as requested and lo and behold Windows Update offered it to me again!

    Wasn't causing a problem anyway. I'll leave it off for now and see what transpires.

  14. Anonymous Coward
    Anonymous Coward

    Looks like we've been hit

    I was scratching my head over one machine today suffering a problem with Kaspersky AntiVirus for Windows Workstations.

    Wound up uninstalling and reinstalling Kaspersky. Still it refuses to see the license. I did the install using the network agent in the Kaspersky Administration Kit. I left it thinking I'll take it up with Kaspersky on Monday.

    The same machine also showed CHKDSK on boot … something it started doing a few days ago.

    Looks like I know what I'll be doing first thing on Monday, is uninstall this patch.

  15. Anonymous Coward
    Anonymous Coward

    I'm confused.

    KB2823324 installed on my machine on the 10th and I haven't noticed any problems - no crashes and startup is fine. Should I uninstall it anyway?

    1. Graham Marsden

      Re: I'm confused.

      Good question.

      I had more problems with the latest update to Skype which caused the machine to freeze (but not BSOD) after booting.

      Eventually after restarting in Safe Mode and stopping Skype trying to run on startup I was able to uninstall it and roll back to an earlier version which fixed the problem.

      1. Anonymous Coward
        Anonymous Coward

        Re: I'm confused.

        Re Skype - thanks for that. I shall continue to ignore requests/prods to update it. Don't have any use for it anyway.

  16. Cipher
    Joke

    Don't be so hard on Microsoft. Everyone knows how hard it is to do proper testing before release when your company has such meager resources. This is no worse than the 5 major update fails in 2012, Microsoft just cannot devote resources to testing and QC when Marketing clearly needs the help far more...

  17. Colin Ritchie
    Windows

    Are you sure you don't want a nice new Win 8 build ?

    When Vista was being ignored by the XP masses M$ released SP3 for XP. It killed all sorts of network functionality on a friend of mine's PC. His NAS and Xbox mysteriously decided to stop connecting to it and M$ suggested he update to Vista to restore his previously happy networking situation. He preferred a clean reinstall of XP and blocking SP3 on the updates list. M$ made sure SP3 nagged and attempted to be applied forever more.

    I can't help thinking that Win 7 users will suffer a string of unhelpful and increasingly buggy patches till the herd accept that this crap isn't going away till they buy in to Win 8 and are properly assimilated into the collective.

    1. frank ly

      Re: Are you sure you don't want a nice new Win 8 build ?

      Same happened to me with XP on my old latop. I've installed Linux Mint 13 on it and I'm very happy with it so far after five days. It can do everything my shiny new Windows 7 laptop can do, including running my favourite Windows applications (in WINE, obviously). This is the first time I've used Linux and I'm pleasantly surprised at how easy it was to get going and customise. There have been problems and shortfalls but they may be caused by the fact that the laptop is now 8 years old and has a dead battery.

      I'll get used to it and when I'm fully satisfied and confident, then I'll install Linux on my shiny new laptop and not bother with future versions of Windows.

  18. pete 22
    Mushroom

    But, how can that "free" stuff *possibly* be of higher quality ?!! After all, this has a big corp backing it up, and we *paid* for it!!

  19. Dr_Cynic

    Was messing up my laptop, windows event viewer was showing various dlls as having invalid hashs and was trying to do a chkdisk on every boot(but finding no problems. Kaspersky refused to start claiming corrupt database which an update fixed.

    Checking another machine this morning , which also now keeps wanting to run chkdsk, but in this case kaspersky keeps claiming it's not activated, point it at the key file it is happy till next reboot at which point it has forgotten again. Looks like I will have to remove the update from that machine on Monday.

  20. Anonymous Coward
    Anonymous Coward

    Rule number one for Windows Update

    TURN OFF AUTOMATIC UPDATES.

    Never trust that the updates okayed for release by Microsoft will work flawlessly. Manually update. Read up on the security bulletins.

    This is not the first time Microsoft had screwed up a software update. I won't be surprised if Microsoft is cutting corners on software maintenance due to its declining corporate fortunes. Whatever it takes to keep the sinking ship afloat, eh?

    1. Wzrd1 Silver badge

      Re: Rule number one for Windows Update

      Either that or have a test environment full of sacrificial lambs to slaughter with the oopsdate.

  21. ElNumbre
    Facepalm

    Wonder..

    .I wonder if this is the cause of my laptop knifing itself. Consuming most of the CPU resources with nothing running. I was going to blame McAfee, but it seems like it may be Microsoft.

  22. sisk

    Microsoft's security gnomes also deserve credit for quickly determining there was a problem before the vast majority of corporates rolled out the problematic patch.

    I disagree. They deserve the blame for failing to follow the basic step of TESTING THEIR PATCH before they started to roll it out. How many times does this have to happen before Microsoft figures that out? It seems like they've been pushing out a dodgy patch two or three times a year for ages. That's the sort of thing I expect in the beta software I run, not in a fully released product like Windows.

    1. Crazy Operations Guy
      FAIL

      Yeah because testing with 100s of different software packages and system configurations while there is a looming deadline to get a patch out before the exploit becomes common is so damn quick and easy to do....

    2. El Andy

      @sisk: "I disagree. They deserve the blame for failing to follow the basic step of TESTING THEIR PATCH before they started to roll it out. How many times does this have to happen before Microsoft figures that out?"

      Er, they do. Why do you think it takes so long to produce patches in the first place?

      The problem is the sheer volume of combinations of hardware and third party software that exist in the wild mean that testing ever single possible combination out there is just never going to happen. Sooner or later there is going to be an edge case combination that hits a problem, it's simply a mathematical certainty. Doubly so when you consider how many of these third party "security" solutions often dick around with internal data structures of Windows in ways they really ought not to.

  23. Gray
    Facepalm

    I'll uninstall that patch ...

    right after I get back from having the root canal done at the discount dentist shop!

    Thanks EVER so effing much, M$!

    (Mr. Ballmer has a summer home here, on the west side of the island. The other week a huge chunk of the island slid away into the Sound, taking a neighbor's home with it. The local newsrag's said nothing about it, but I suspect it was triggered by Ballmer bangin' his chair against the garage wall, working out his tension from the office!)

  24. computer repair bronxville

    Hard to do

    It's ok to roll back for IT admins but hard for normal non-tech Windows 7 users. Better to shift to Linux.

    1. Crazy Operations Guy
      Thumb Down

      Re: Hard to do

      Yeah because a user that doesn't know how to use the Uninstall feature in Programs and Features is totally going to be able to install Linux...

      1. eulampios

        Re: Hard to do

        Can't recall a similar problem with my GNU Linux systems for some time. However, by default, a common practice for grub (or whatever boot loader) and updater to mark and keep at least the last stable kernel. So if your system has a problem with new one you can always boot that one.

    2. Toothpick

      Re: Hard to do

      and what about software that doesn't run under Linux?

      1. robynsveil
        Happy

        Re: Hard to do

        Simple answer: VirtualBox. Free and easy.

      2. eulampios

        @Toothpick

        And what about the one that doesn't run under Windows?

        What is your point? There is plenty of software available for both OS', however you might be surprised with some "weird" facts. Plus, MS

        Windows has a pretty messy architecture. It's hard to debug and control, it's poorly designed. It has a lot of things as afterthoughts, just like a headless server or PowerShell.

        Take this particular problem, there is no "safe kernel" to boot, unlike GNU Linux.

  25. CodeMonkery
    Joke

    "Windows 7 users should uninstall a security patch Microsoft issued on Tuesday because some PCs failed to restart after applying the update."

    So... how do you uninstall it if you can't restart it??!! :-p

    1. Zmodem

      http://support.microsoft.com/kb/2839011

  26. Anonymous Coward
    Anonymous Coward

    SOS, DD

    It's amazing that Microsucks raps Billions in rvenues annually from selling defective products and releasing defective updates.

  27. RyuWonder

    Buy a Mac...

    That is Apple's answer

  28. chivo243 Silver badge
    Holmes

    3 days?

    It took 3 days to figure this out? Uhm.... so even my waiting 36 hours after release to install updates isn't sufficient to determine the update is borking systems? Fortunately, we use MSSE on our MS Boxes.

    Nice Monday meeting talking point...

  29. This post has been deleted by its author

  30. David Glasgow

    Grave potential

    As I read

    "STOP: c000021a {Fatal System Error}

    The Session Manager Initialization system process terminated unexpectedly with a status of 0xC000003a (0x00000000 0x00000000).

    The system has shutdown."

    ... It suddenly occurred to me that this would be a pretty good inscription on a gravestone. I might just change my will. Until now, I had specified " E16-10-06 10:36:16|SETI@home|Unrecoverable error for result 09my03aa.866.9600.884652.3.79_1 ( - exit code -4 (0xfffffffc))

  31. Anonymous Coward
    Boffin

    Kaspersky license problems — a fix that worked for us.

    For those on the forums here who were hit. Some notes:

    Typical problem is that Kaspersky will claim its license is invalid. Uninstalling KB2823324 for us resulted in Kaspersky accepting the license, but then refusing to start due to an "unexpected error".

    The fix was to uninstall the patches KB2817183, KB2813347, KB2813170 and KB2808735, rebooting each time, then using the Kaspersky uninstaller tool distributed with your version of Kaspersky, uninstall it, and re-install from your installation media.

    Turns out three of the users here got Patch-Wednesday'd (we run UTC+10 here, so it falls on a Wednesday for us). I'm putting a general network notice out to our users here, but for those who read these forums, the above might be worth trying. It of course comes with no guarantees whatsoever.

  32. Wzrd1 Silver badge

    NT4, SP6 repeat, on steroids.

    Way to suck, MickeySoft!

  33. Fihart

    Pity about the fire....

    Nice Windows 7 installation you got there. Pity if something terrible happened to it. On the other hand we have Windows 8 that might interest you.

  34. NOTiFY

    How I fixed it

    Just seen this. I assumed the problem I had on Tuesday am was related to some previous start-up problems.

    It took nearly an hour from logging in to get to start menu, then it was really slow. Restarted in safe mode and rebooted okay.

    Disabled a load of automatic start-up services. Eventually isolated it to the AVG Watch service,

    Uninstalled AVG and it all started okay. Now relying on Microsoft Security Essentials.

  35. vmcreator

    Cloud Beware

    And they want us to move from Vmware to Hyper-V and their Private Cloud!.

    Patch Tuesday = kill your cloud.

  36. Maharg
    WTF?

    But, but but....

    I don't understand, did they not test it?

  37. AndrewCarlton
    Angel

    Tried Kaspersky once...

    I tried Kaspersky once, while I was trying to find replacement for ESET Nod32, Kaspersky is really annoying so went for Bitdefender AV

This topic is closed for new posts.

Other stories you might like