Microsoft urges customers to uninstall 'Blue Screen of Death' update

17.08.2014
Microsoft on Friday quietly recommended that customers uninstall one of last week's security updates after users reported that it crippled their computers with the infamous "Blue Screen of Death" (BSOD).

The update, identified as MS14-045 in Microsoft's numbering, was one of nine released on "Patch Tuesday," Aug. 12, was designed to fix three separate flaws, including one related to a font vulnerability and another in the Windows kernel, the heart of the operating system.

Within hours of its release, however, users reported that MS14-045 had generated a Stop 0x50 error on some systems, mostly on Windows 7 PCs running the 64-bit version of the OS.

"Installation went smoothly. After rebooting everything worked fine. But when I shut down my notebook and switched it on a little later it came up with a blue screen with a Stop 0x50 in Win32k.sys. I could not even boot into safe mode as Windows failed to start no matter which mode chose," wrote a user identified as "xformer" to start a now-long thread on Microsoft's support discussion forum.

As of Sunday, the thread contained nearly 380 messages and had been viewed almost 50,000 times. The latter is a large number even for Microsoft's support forum, and hints at the scope of the problem.

Others on that same discussion thread pointed to different updates issued the same day that caused identical problems, including one meant to support the Russian ruble symbol.

Woody Leonhard of InfoWorld, like Computerworld an IDG publication, reported the BSODs on Thursday, Aug. 14.

Some customers were able to regain control of their PCs by using System Restore to return the machine to a previous date, but only after they'd booted the computer using original install media.

In the updated MS14-045 and other supporting documents, Microsoft said it had removed the patches from its Download Center. As of Saturday, however, the flawed update was still being pushed by Windows Update, Microsoft's service for delivering patches to PCs.

"Microsoft is investigating behavior associated with the installation of this update, and will update this bulletin when more information becomes available," the company said in the revised MS14-045's Update FAQ. "Microsoft recommends that customers uninstall this update. As an added precaution, Microsoft has removed the download links to the 2982791 security update."

Microsoft's advice, however, may not be of any help to those already afflicted. It told users, for example, to boot using Safe Mode, which many on the support thread said didn't work.

Not every PC that installed MS14-045 or the other suspect patches reported problems. Several IT administrators posted messages on Patchmanagement.org, a mailing list dedicated to the subject, that said they had successfully updated hundreds of client systems and servers.

Last week's patch problem was not Microsoft's first by any means.

In April 2013, Microsoft urged Windows 7 users to uninstall an update that had generated BSOD screens. And last August and September Microsoft had such a run of problems with updates for its Office suite that experts called it a "worrisome" sign of declining update quality.

In October 2013, Microsoft yanked a Windows 8.1 RT update from the Windows Store after some tablet owners reported their devices had been crippled.

Although Microsoft always publicizes its Patch Tuesday slate, it has not broadcast that MS14-045 should be uninstalled. Neither the blog run by the Microsoft Security Response Center nor the Twitter account the group uses has mentioned the flawed update or the company's recommendation.

Additional information on how customers should deal with the buggy updates can be found on Microsoft's support site.

On Friday, InfoWorld's Leonhard wrote another piece that offered up fixes based on his culling of the support discussion thread. Leonhard's story was filed before Microsoft acknowledged the problem.

Read more about malware and vulnerabilities in Computerworld's Malware and Vulnerabilities Topic Center.

(www.computerworld.com)

Gregg Keizer