Microsoft Black Tuesday Patches Bring Blue Screens of Death 179
snydeq (1272828) writes "Two of Microsoft's kernel-mode driver updates — which often cause problems — are triggering a BSOD error message on some Windows systems, InfoWorld reports. 'Details at this point are sparse, but it looks like three different patches from this week's Black Tuesday crop are causing Blue Screens with a Stop 0x50 error on some systems. If you're hitting a BSOD, you can help diagnose the problem (and perhaps prod Microsoft to find a solution) by adding your voice to the Microsoft Answers Forum thread on the subject.'"
Laugh.. (Score:4, Interesting)
Someone right now is looking at that error and figuring out how to exploit it.
Re: (Score:2)
Lucky I'm on XP and don't have to worry. It's been 100% stable for months now.
Re: (Score:2)
Re: (Score:3)
Re: (Score:2, Troll)
Re: (Score:2)
Sadly people take it as part of using computers and are just happy it doesn't do it anywhere near as often as XP used to so they don't bother to complain.
Re: (Score:2)
Imaginary? Look at the article FFS (Score:2)
Re: (Score:2)
Yeah, I mean, what sort of user has more than one connected device these days? Maybe some rich guy with a premium cardboard box in a quiet alley, whose uncle gets him free wifi at the library. Oh, wait...
Phew. (Score:5, Insightful)
I work in schools, preparing for a huge summer deployment, just re-imaged every PC on-site.
Fortunately, although I pushed the updates out over WSUS, my image was taken BEFORE patch Tuesday. Anything that hasn't been out for a least a month is in beta testing, as far as I'm concerned, and after a month it either "works" (for some definition) or something like this will come to my attention.
Have all the PC's imaged in my rooms, but only have a handful actually deployed at the moment while I test. The very first blue-screen I see, any kernel-mode patch this month will be changed to "Declined" so no further PC's get it.
Yet again, those people who get all stroppy about "you should install updates the SECOND they come out".... real life hits you again. And the downtime from a potential "zero-day" that I'll probably never witeness is nothing compared to potentially rolling out faulty updates to hundreds of PC's that would then have to be re-imaged, and/or having a faulty update inside your images forcing you to reverse changes (in my case, to pre-summer images which is a HUGE step backwards) and re-deploy.
Re:Phew. (Score:5, Insightful)
I've never understood that mentality ... usually I give patches from any vendor a few weeks or more to have a shakedown period.
Let someone else do the beta testing.
I've seen more problems caused by applying fresh steaming patches than I have seen problems solved by it.
Re: (Score:2)
That only works if you either 1) have a test system you can test patches on or 2) turn off automatic updates. Either way, you need to be savvier than your average Windows user.
Fortunately, the big corps that give Microsoft the majority of its sales tend to have sufficiently capable tech teams. It's the small businesses that really lose (the personal/home users can mostly hit the reboot button or hold the power button down for 5 seconds or whatever passes for a hard reset these days).
Re: (Score:2)
That's not exactly setting the bar very high, is it?
Re: (Score:2)
Even if they are zero/0 days?
Re: (Score:2)
In all honesty, I've had to deal with very few of them, and only indirectly. Most notably the heartbleed thing recently. And you know what? It was senior management and IT managers who made that call and accepted the risks. (I'm primarily inside the firewall, so usually not my issue.)
There are times when you have to weigh risks and make choices.
But generally speaking, I don't apply a patch which is fresh and steaming immediately, and then I deploy to a lab and do some testing first.
Assume the worst, an
Re: (Score:2)
Sure, and there will always be those who do it right away.
But I have no intention of being the first lemming off the cliff. I've been in IT way too long to trust a fresh patch for any vendor.
There was a time when release cycles were much longer, nowadays, you're just as likely to end up in the situation of a busted environment.
At the very least you have non-prod systems which you use as guinea pigs. But I've met people who apply new patches to
Re: (Score:3)
Re: (Score:2)
You'd think the guys at M$ had already done that. Isn't that why you pay the yearly extortion fees?
Nobody pays Microsoft any money for OS updates as long as the OS is in general support.
Re: (Score:2)
Re: (Score:2)
you need to update drivers as well. Don't use the ones on the dell website (other then with some laptop that will not take the full ones)
Also drives on windows update can be very hit or miss.
Comment removed (Score:5, Informative)
Re: (Score:3)
It is not a bug, it is a feature..
It was supposed to always BSOD in this case! MS fixed the bug so it finally BSODs. ;)
Re: (Score:2)
Potentially true, a BSOD is preferable to a rootkit.
Fortunately there is Linux.... (Score:1, Offtopic)
Note to self: Always, always put a Linux partition on EVERY Windoze machine!
Yeah, yeah, I could carry a bootable USB around, but this way, it's always IN the machine.
My problem is this: WHO is going to PAY me fo
Re: (Score:2)
Re:Fortunately there is Linux.... (Score:4, Insightful)
That's because it broke through normal wear and tear. If someone from Ford came out to your house one night and swapped parts and as a result your formerly running car wouldn't start in the morning, you would certainly be entitled to compensation for your time and trouble as well as a fix fro your car.
Re: (Score:2, Insightful)
My problem is this: WHO is going to PAY me for my time?
Goddamn, how entitled can you be? How about this question: how much time have you saved by using a computer running Windows to do your job? But, what, you expect Microsoft to shell out your hourly rate every time something on your computer doesn't work right? That must mean that you cut Microsoft a portion of every check you make from working on your Windows machine, right? Or wait, you keep all that money don't you? And Microsoft never expects you to cut them part of your check, do they? It's a one-t
Re:Fortunately there is Linux.... (Score:4, Insightful)
If it doesn't work right because of something MS did and they then leave him to fix it, why not?
I'm pretty sure MS insists on being paid for each and every install of Windows.
Since you were perfectly free to not reply at all, you're an unpaid volunteer.
Re: (Score:2)
If it doesn't work right because of something MS did and they then leave him to fix it, why not?
You mean other than the license agreement which specifically indemnifies them against things like that?
Is the first time that a Windows update has caused problems on certain configurations? No? It's not? Is it a fantastic idea to have automatic updates enabled if you're going to whine about being paid for your time to fix a problem that your computer had but most others did not?
Re: (Score:2)
EULAs claim all sorts of wacky things.
Re: (Score:2)
The one that tries to unilaterally alter a deal after the fact? Why would that make Microsoft not subject to consumer protection laws simply because they said they aren't?
Re: (Score:2)
Simply because there's no legal precedent that would say otherwise. Maybe there should be a class action lawsuit, I don't know, but I think it's kind of ridiculous for people to expect payment from Microsoft because an update caused problems on their machine. If an update causes problems on 25% of machines that's one thing. If the percentage is in the low single digits then I think it would be difficult for a judge with knowledge about computers to find Microsoft liable.
Re: (Score:2)
You somehow find it impossible for a Ford to break down?
Of course. That would require a Ford that actually runs in the first place.
Buh dum, crash!
Thank you, thank you. I'll be here all week. Try the fish; it's delicious!
(I don't really have anything against Ford, other than their miserable first gen Sync system, but it was just too good to pass up....)
I have a solution for impacted users (Score:5, Informative)
This rollback procedure got my Win7 x64 system booting again:
From another system with the same bit width and service pack level, grab the files C:\Windows\System32\gdi32.dll and C:\Windows\System32\Win32k.sys.
Using HBCD or a similar boot disc, boot your defunct system. You can also snag the hard drive and plug it into another working computer.
BACK UP the gdi32.dll and win32k.sys files from System32 to another location just in case. Overwrite those two files in System32 with the ones you grabbed from the other system.
Your system is now bootable, having effectively rolled back the KB2982791 update. This is a quick and dirty procedure and leaves the update itself in an indeterminate state.
Re: (Score:3)
This is a quick and dirty procedure and leaves the update itself in an indeterminate state.
Quick if you live in an area with lots of cloned Windows around.
Not that quick if you have to call a few friends, ask they Windows' versions, get a match, grab a pendrive, drop by the friend's house, copy the files, use the friend's computer to download and burn a rescue disk, drive home, and proceed to step 2.
Re: (Score:2)
Indeed.
You could also boot with the install media and do a System Restore since Windows Update generates a checkpoint when you install updates.
If you don't have that option, my original solution will get you up and running, inconvenient as it may be.
Re: (Score:2)
Or you can boot the recovery partition on Windows (startup repair), and you can use it to restore from a previous restore point.
You should also be able to find a copy of the older gdi32.dll in the WinSxS directory (that's where all updates are stored - then the files are hard-linked to their final location in the Windows directory. You could, in theory just alter the hard l
Re: (Score:2)
Yep. That partition didn't exist on the affected machine because end user reasons, or I definitely would have tried it.
Re: (Score:2)
As interesting as this technical solution is, why not just do a system restore?
The default settings for windows are to create a restore point before any patches are applied, and if your computer BSODs during boot performing a recovery from a restore point is an option given to the user before next boot.
Or is there something special about this BSOD that prevents that from happening?
Re: (Score:2)
This system did not have a recovery partition, so no recovery mode on the HD, and it won't boot a restore disc... it was the perfect storm of garbage.
Otherwise I absolutely would have done a system restore.
don't kill the persistent taskbar and add it + sta (Score:1)
don't kill the persistent task bar and add it + start menu to windows 9.
You just had to be on the bleeding edge of tech (Score:5, Funny)
Re:You just had to be on the bleeding edge of tech (Score:4, Funny)
Re:You just had to be on the bleeding edge of tech (Score:4, Informative)
nonsense, plenty of current malware prevention and detection wares run on XP, better than Microsoft's.
you are full of needless FUD
Re: (Score:2)
Now, OS is generally not exploited head-on, but it makes it easier to leverage other vulnerabilities that would be largely mitigated on something newer.
You are probably safe if you disab
Re: (Score:2)
I am going to be infected by the three site I exclusively use with my Windows XP machine for busines reasons? no I am not. no reason to disable any functionality.
Re: (Score:2)
7/12/2014 Patches applied and no problem (Score:2)
Second that (Score:2)
Updates Win 8.1 x64 all patches. No problems.
Sounds like it's... (Score:3)
... Throwback Tuesday!
Lay off testers? This is what happens. (Score:2)
Once again, Microsoft discovers what's obvious anyone else who's been in the business for 25 years or so.
You have to have manual and automated GUI testers. Unit testing is nifty, but that's like testing just the spark plug, or maybe the spark plug and the ignition timing. Not a bad idea, but listen. If you knew about a new car, but knew that nobody had ever actually *driven* the car, much less taken it out on the road on a regular basis, would you buy that car?
For that matter, would you fly in a plane teste
The fix is to delete the font cache (Score:5, Informative)
The way to fix this is to delete \Windows\System32\FNTCACHE.DAT. The file will automatically be regenerated on the next boot.
(Information found on Microsoft Support Forum [microsoft.com] and used to successfully fix my own system.)
How do you delete the file if you can't boot?
(1) Press F8 during boot to get to the Windows boot manager advanced options screen.
(2) Select "Repair".
(3) Provide password for a local account that's a member of the Administrator group.
(4) Select "Command Prompt".
(5) Find drive letter assigned to Windows partition (may not be C: in the repair environment!).
(6) Delete \Windows\System32\FNTCACHE.DAT.
(7) Exit command prompt and reboot system.
(8) Fixed!
----------
And now, since this is /., here is the required Windows bashing...
This bug demonstrates the danger of running your GUI in kernel mode (win32k.sys). One stray pointer can ruin your whole day. In this case the pointer was sufficiently invalid to cause a bugcheck. A stray pointer that silently scribbles on other kernel data structures is even worse.
"Those who would give up essential Safety, to purchase a little temporary Performance, deserve neither Performance nor Safety."
Patch Tuesday is not Black Tuesday (Score:3)
I know that Slashdot loves to bash Microsoft, but calling it's monthly patching cycle "Black Tuesday [wikipedia.org]" is pushing it. Black Tuesday was the name for the stock market crash that preceded the Great Depression, and for all the negativism about Microsoft, I have yet to hear of someone committing suicide over a Microsoft patch.
Frankly, using Woody "I'm a Windows victim [infoworld.com]" Leonhard as a source of information about Microsoft patches isn't a good idea, at least until he stops grinding whatever axe it is he has against Microsoft. Go read Microsoft's Security TechCenter [microsoft.com] if you want to know the patches are for, or at least blogs like ComputerWorld o ZDNet's r>Ed Bott, both of whom are more likely to put facts ahead of opinions. Even Paul Thurrott [winsupersite.com] provides some good coverage, although I think he often is the opposite of Woody Leonhard, e.g.doesn't critical enough coverage.
Regards,
Aryeh Goretsky
Re: THANK GOD for "automatic updates" (Score:3)
so funny ... if you were competent enough to review all the patches and keep your server secure enough to be a good Internet citizen, unchecking 'automatic ' would not be a hurdle.
Re: (Score:2)
You'd also be competent enough to not use Windows.
Re: (Score:2)
Re: (Score:2)
I don't mind this. A client with important servers is running a different OS. Nearly any other OS actually, there are a wide variety of quality choices on a server these days.
Auto update shields the admin from being responsible for MS screwups. Those are MS's fault, not the admin, and are related to the customers choice of technologies. If a client starts to complain about the problems, that is a premium time to discuss the extra charges for fixing the screwup. That shifts their focus onto MS, because if th
Re: (Score:1)
Right - like - call your phone vendor if you experience loss of service... Never figured that one out either... ;-)
Re: (Score:2)
Build a new computer. The instructions are right there on the CD that comes with the motherboard.....
Re: Bad Assumptions... (Score:3)
if you only have one computer you're not the kind of person who will be helpful in diagnosing a kernel driver bug (sorry if that stings).
Re: (Score:2)
It's like the power company.
You can now track outages online (this back when cell phone only had very basic web)
Re:The suck, it burns .... (Score:5, Insightful)
Gee, I don't like Micro$oft as much as the next Linux Zealot, but let's be fair here...
M$ is darned if they do and darned if they don't. When they hold up patching stuff they get pillaged in the press for not getting the gaping security holes in their OS fixed soon enough. When they release stuff too soon and stuff like this happens, they get racked over the coals for not knowing what they are doing, cannot develop/test/integrate their software. M$ has ebbed and flowed on the quality of their patches in the past, they've been slow, they've released some really disruptive software. Being fair, they don't do too bad on either responsiveness or on the introduction of new bugs.
So lighten up on Micro$oft, at least on this front. Now Windows 8 metro and removing the 'start' button? Fire away at that garbage....
Re: (Score:2)
So lighten up on Micro$oft, at least on this front.
Correct me if I'm wrong, but didn't Microsoft just lay off a large number of testers?
Re: (Score:3)
Re: (Score:2)
What could possibly go wrong? Oh wait...
Re:The suck, it burns .... (Score:4, Insightful)
Yes, but that is because the developers are now required to test their own code before it goes to testing,
Well that explains things. Apparently prior to this, developers would just deploy their code without ever testing it. No wonder they had so many bugs!
Out in the real world, developers test their code before submitting it to source control. They write unit tests to verify the functionality. QA verifies that the functionality works after that, still finding bugs that weren't obvious to the developers. For example, what happens when you run code on a variety of chipsets. If you're really lucky, a SDE-T might write some of the unit tests for you.
A BSOD that only happens to some people is a great example of something that rigorous QA should catch but that developers are likely to miss. Developer testing is not a replacement for QA. They should be doing both.
Re: (Score:2)
No, it was mostly marketing and middle managers.
Re:The suck, it burns .... (Score:5, Interesting)
I think the criticism isn't so much that they're too responsive to consumers or not -- they obviously listen. The criticism is that there are so many holes to begin with and that their attempts to fix things that are obviously broken -- things that their competitors seem to be able to make work just fine -- often don't work or cause other problems. Knowing the Microsoft engineering culture, their stuff is mostly a patchwork of different groups not talking to each other. In the Windows API, there are something like 17 different representations of strings depending on which engineer/department wrote the code!
When you're disorganized like that in a giant company with a giant piece of software, it's easy to see how bugs can get out of hand.
Re: (Score:2, Insightful)
Microsoft has competitors in the OS market???? Uh, no, no they don't. At least nobody that approaches even 1/4 of the market share.
But really the OS market is not Microsoft's primary concern, but a means to an end. There clamp on the market is Office in the corporate environment, which drives Windows to the desktop, both professionally and for home computers. They have no real competitors in either the OS or Office worlds. You might claim Red Hat/Linux has made inroads, but only in the server market.
Ye
Re:The suck, it burns .... (Score:4, Insightful)
Re: (Score:2)
There are updates to Android on phones? I'm not sure my 5-year-old phone has ever received one, and I'm sure its security flaws are legion, just given the history of flaws over the past few years.
Still, it really makes you wonder how this BSOD slipped through - it's not like MS doesn't have vast test automation for stuff like this. It really makes you wonder about the recent massive layoff of QA (and the restructuring behind it). Given the timing, that change starts to seem ill-advised.
Re: (Score:2)
I'm not aware of QA layoffs, I just started a new QA position at MS!
the layoffs were mainly Nokia, marketing, and middle managers from what I've read.
Re: (Score:2)
Only problem with that is that MS mixes the security and feature updates. If you don't install the latest "service pack" your pants are down and your netbook is a zombie. Presumably you know that and don't mind, as long as it hides its network traffic from you...
Re: (Score:3)
Jesus Christ, you fuck up your computer like that, and still try to blame MS?
Re: (Score:2)
Android is an OS for toys, it doesn't count.
Yes it does.
https://play.google.com/store/... [google.com]
Re: (Score:2)
Android is an OS for toys, it doesn't count.
Yes it does.
https://play.google.com/store/... [google.com]
Well, aren't you just the smartass? :)
Re: (Score:2)
Re: (Score:2)
That can't possibly be a good thing. What's worse is, there's no reason to think that any of the code checks to see which type of string it's been passed instead of just assuming that it's been sent the One True String.
Re: (Score:3)
On the other hand, Apple, Debian and Redhat manage to release timely security patches that don't cause crashing en-masse.
Re: (Score:2, Insightful)
On the other hand, Apple, Debian and Redhat manage to release timely security patches that don't cause crashing en-masse.
Perhaps, but they have a much smaller market share and support much less diverse hardware configurations, especially Apple.
Re: (Score:2)
Really? Debian supports x86 (32 and 64), various arm, mips, etc AND s390 among others. In other words, a much LARGER variety of hardware than Windows. The cherry on top is that it's a volunteer effort.
Re: (Score:2)
On the other hand, Apple, Debian and Redhat manage to release timely security patches that don't cause crashing en-masse.
Perspective, please. This seems to be a *very* limited problem and an (as usual) over-zealous Woody Leonhard trying to stir up a controversy.
Infoworld *is* the fox news of tech.
Re: (Score:2)
There seems to be a new limited problem every month.
Re: (Score:2)
As someone who manages about 1500+ Mac's with JAMF Casper (and another 6000+ windows machines with System Center) - you are talking out of your arse.
In my experience - MS actually issues more patches and actually has a better track record than Apple - for example I've seen them issue firmware patches that have bricked machines (to the point where they had to be repaired) - its enough of a problem I actually now wait a month before releasing firmware patches Apple delivers to see if any issues arise. I've al
Re: (Score:2)
I hadn't heard of the big problems w/ Apple. So scratch them off the list.
That leaves the various Linux and *BSDs as managing to not cause mass crashing. Note I don't claim they're perfect, since nothing is. I just claim they do much better at it.
Re: (Score:3)
Microsoft gets no pass! I generally give Microsoft the benefit of the doubt, but there are too many instances of this. I am going to go off on a bit of a tangent here, but the fail to eat their own dog food. They come up with Best Practices, and they do not even follow them internally. There is not an internal body at Microsoft that enforces uniform standards. They have it setup that way to mitigate risk to the company. If they had a single body responsible for maintaining order, they open themselves
Re: (Score:2)
Gee, I don't like Micro$oft as much as the next Linux Zealot, but let's be fair here... M$ is darned if they do and darned if they don't.
Unless you said the bolded portion gleefully while grinning and rubbing your hands together, you don't really hate Microsoft as much as the next Linux Zealot.
/Linux sorta-Zealot
Re: (Score:2)
you don't really hate Microsoft as much as the next Linux Zealot. /Linux sorta-Zealot
I never said I "hate" Microsoft. I said I don't like them. I have been actively advocating Linux professionally for nearly 15 years now, so I consider myself a Zealot because I would NEVER suggest to a customer that they use windows except, perhaps, on the desktop. But you have to admit that Windows is here, it's what folks understand how to use and you have to do what the customer asks, even if you think something else is better. So Zealot I am, but I'm tolerant of those who don't see things as clearly
Re: (Score:3, Insightful)
Oh wait, I'm on Linux.
Which distribution? I have had issues with Linux patches too.. Not as often as with Microsoft patches, but problems none the less.
Re: (Score:2, Interesting)
On my private machines, I have been using Linux and *BSD for more than ten years, and I only once had a problem with an update (and that was on a Gentoo box that had not been updated for more than a year - in other words, it was to be expected). About one and a half years ago, I started working as a sysadmin at a Windows shop, and I have been enraged, shocked, scared, and surprised more or less continuously ever since.
On the one hand, you want to keep your systems up to date. On the other hand, installing u
Re: (Score:3)
I prefer to play Russian Roulette with a semi-auto with 3 out of 6 rounds loaded. The odds are better.
Re:I just ran an update and don't have any problem (Score:5, Funny)
Oh, and if you are allowed a 15 round magazine, 3 out of 15 is even better!
Re: (Score:3)
If it was a M$ gun it would lock up, or empty the entire magazine.
No, they'd just hide the trigger and require you to hit three separate buttons requiring at least two hands to fire it, then totally disassemble and reassemble it between shots... ([Ctl][Alt][Del] followed by reboot)
Yea, I know, OLD NT joke.....But it's still funny.
Re: (Score:2)
If it was a M$ gun it would lock up, or empty the entire magazine.
and auto-aim at one of your pedal extremities.
Re: (Score:2)
Did they finally take that ribbon crap out, then?
Re: (Score:3)
here, http://www.ultimatebootcd.com/ [ultimatebootcd.com] download, put to usb media... use BIOS to set usb and/or dvd to boot before the hdd. then boot and fix MBR then roll back updates. you can ever use the boot cd to replace the bad files using the copy on your boot dvd (just google the guides i'm lazy)
Re: (Score:2)
I never understood why drivers had to be on the kernel ring anyway. Every single peripheral (GPU, sound card, etc.) driver I've ever encountered has had a history of stability problems. You'd think the largest point of failure on the computer could be moved to userland and restarted when necessary.
Audio drivers were moved to user mode starting with Windows Vista. (That's why DirectSound 3D is no longer supported.) Video drivers, however, pretty much have to be in the kernel for performance reasons.
Re: (Score:2)
All that data originates in userland. So somewhere its got to be copied over.
Re: (Score:2)
that aren't relevant to the software doing the rendering
And how much is that? Compared to the rendered graphics objects?
Very little in a well designed system. Objects to be rendered come from user space. Everything else originates within and remains in the graphics drivers. Or GPU firmware. Or sometimes its not even resident on the same machine (think X servers and window managers).
Re: (Score:2)
You must be new here.