MS Admits Latest Patch Tuesday Can Cripple PCs
It appears Microsoft's August Patch Tuesday, which began rolling out last week, didn't quite go according to plan. In fact, the firm was recently forced to pull several updates after reports indicated that some users were experiencing severe system errors.
This month's Patch Tuesday security updates addressed a total of 37 vulnerabilities in Microsoft Windows, Internet Explorer, and Microsoft Office. Within days, it became apparent there was a problem; users reported that after the updates were downloaded and installed, they received the infamous Blue Screen of Death (BSOD), which effectively caused the system to stop responding. Others reported that their system would boot into an infinite BSOD loop, rendering Windows completely unusable.
Bad Patches Cause Blue Screen of Death
It's now known that the 'bad' patch was KB 2982791, which was part of the MS14-045 security bulletin. This particular update was marked "important", Microsoft's second-highest security rating.
However, it also appears there were at least three other bad patches, including KB 2970228 -- a non-security update applied to Windows 7 and Windows 8.1 systems. The other two problem patches, KB 2975719 and KB 2975331 were both applied to Windows 8 and Windows Server 2012.
Microsoft acknowledged the problem on Saturday. "[W]e are aware of some issues related to the recent updates and we are working on a fix," the company said in a statement. (Source: zdnet.com)
Microsoft Recommends Users Uninstall Problem Patches
Microsoft is recommending users uninstall the patches and has updated their Knowledge Base article # KB 2982791 to help users through the long and somewhat complicated process. "Microsoft is investigating behavior in which systems may crash with a 0x50 Stop error message ... This condition may be persistent and may prevent the system from starting correctly," the page reads. (Source: microsoft.com)
Microsoft's user forum makes mention of a temporary fix, whereby users boot from a DVD or USB in order to delete the font cache, which will then help to prevent the system from crashing. This is only a workaround if the updates have already been installed, and if your system is repeatedly crashing and you can't boot into a stable Windows environment in order to properly remove the patches as suggested in KB 2982791.
Experts, like InfoWorld's Woody Leonhard, believe the problem shows that Microsoft needs to implement a "Patch Monday" program that allows volunteers to help identify potential issues before security updates are made available to a wider audience through the Patch Tuesday release.
"Microsoft should invite anybody and everybody to participate in a voluntary day of testing for new patches before they're released through Windows Update," Leonhard says. "This is yet another example of a bad patch ... that could've been caught with enough outside testing." (Source: infoworld.com)
What's Your Opinion?
Have you encountered any Blue Screens of Death caused by last week's Microsoft security updates? Have you ever had any issues in the past with Microsoft's updates? Do you agree that Microsoft needs to do more testing before releasing its Patch Tuesday updates? If so, would you participate in a Patch Monday program?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.
Comments
Windows need cleaning
It is no wonder more and more people are switching to Mac or a Linux distro. Microsoft is giving the microshaft to it's users by being careless with the os that runs millions of peoples lives and businesses. I feel that they will not survive if they don't get their act together soon.
When it's Mission Critical, disable automatic updates
Automatic updates are great for helping to deploy updates to the masses - but when things go wrong, it can be a nightmare. For mission critical environments, I recommend disabling automatic updates. In such a case, manually installing and downloading updates is done only after (a) the system is backed up using disk imaging, and (b) the system is rigorously tested to ensure that the updates don't cause issues (though, this can be tricky). Lucky for me, I waited until late Saturday night to apply the patches to our web server and KB2982791 wasn't downloaded or installed. That said, I also had a disk image backup to use just in case (using IPMI protocol). Managing an entire web server / system by remote is not fun if something goes wrong.
Simpler
I use a simpler process that has avoided the serious problem patches.
1 - turn on notify but don't install for Win Updates
2 - subscribe to Windows Secrets newsletter. On the Thursday after Patch Tuesday, they make install recommendations, based on whats happened after others have patched.
3 - install the ones they suggest and hold on the others.
For example, they recommended we not install any of the 3 patches for Win7 that have now been withdrawn. Bacon saved, without having to have a test platform or do all the research. I've had smooth sailing since I began taking their advice some years ago.
Here, see if this works.
There is absolutely no excuse for this. Don't they do any testing before they release patches and fixes? Its embarrassing enough that they have to release 37 patches but to release "fixes" that give users problems they never had before is ludicrous. I sure wish Google Chrome had been a full implementation of Linux rather than a subset.
Patch of death
If I knew how to help I would- but do not. Will there be help for people like me to have help -maybe an uninstall for this bad stuff? I do not trust myself to do it even with instructions. Hopefully someone can help.
Your site is so helpful and this answers the recent problems. Now what to do.
thank you
sunlite
RE: "bad 'patches'" . . .
Is this what caused my M$ Solitaire to stop working?
Is this what caused System Properties to stop working?
How can I tell what caused these problems?
*IF* I could tell what caused it, I could "UNINSTALL" it.
**IF**—the biggest word in the English language.
Compensation
It is expensive for companies and individuals, let alone stressful when there just isn't enough time to deal with these problems caused by microsoft, so some recompense is certainly in order especially as, considering the economies of scale, Microsoft software is so over priced. They know the IP addresses of all the computers who downloaded the dodgy updates so all should receive a digital voucher for say $40 for next purchase on Microsoft software at very least...but ideally payment direct into bank account as the cost of the trouble is experienced immediately. By heck Microsoft can afford it easily. Some of us though can't afford the trouble caused by their incompetence or neglect.
Fine
Lets hope some big pocket company or government successfully sues them for loadsa money as this will disincentivise their lacksical attitude.
Patch Tuesday
In the real estate business "patch don't fix" is a saying of really cheap landlords that don't care about tenants as long as they can collect the rent. It appears that Microsoft has fallen into that category.
I avoid the mess by subscribing to "Windows Secrets", a terrific on line magazine. If you follow the advice of Susan Brady on the Thursday after each patch Tuesday you will avoid the crashes and other similar problems. It is well worth reading and having far fewer problems.