Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft .NET Patch May Make PCs Go "Haywire"

Posted by ryuzaki0 on from the danger-will-robinson-danger dept.

yuna49 writes "Various people are reporting that the MS07-040 patch for .NET released on Tuesday can cause a variety of seemingly unrelated problems. According to the SANS Internet Storm Center 'the reports we got so far seem not to lead to any specific thing that happens in many cases, just various things going haywire.' Some commentators on The Register's report of this story indicate that the patch failed to install at all, while others report things like the mouse suddenly failing to work or long periods of hard drive thrashing. In some cases a hard reboot seems to fix the problem, but other reports suggest that a reinstallation of the .NET framework itself is required. The problems may be related to the MSCORSVW.EXE process which recompiles all the .NET assemblies when the patch is downloaded. While the recompilations are supposed to run as a background task, in some instances the recompilation will drive the processor to 100% usage."

36 of 212 comments (clear)

  1. Nickname for the Patch by Anonymous Coward · · Score: 5, Funny

    the MS07-040 patch May Make PCs Go "Haywire" Considering that "Haywire" is a way to describe chair throwing monkey dances, I propose we nickname this patch "The Ballmer Patch" maybe even tag it theballmerpatch since it could make your computer DEVELOPERSDEVELOPERSDEVELOPERSDEVELOPERS.
  2. Re:Sonofa... by Rob+T+Firefly · · Score: 2, Funny

    Same here. I imagine this story has inspired many a resounding "d'oh!"

    --
    Slashdot Burying Stories About Slashdot Media Owned
  3. Re:Sonofa... by Macthorpe · · Score: 4, Insightful

    Well, I can't admit to seeing any issues here, not that it denies the existence of them elsewhere.

    I'm quite surprised that this doesn't happen more often, actually. The last time I remember a problem with a Windows Update that made the news was sometime towards the end of last year. Someone can correct me, though, if they feel the need.

    --
    "It does not do to leave a live dragon out of your calculations, if you live near him." - Tolkien
  4. Sit on it... by Heem · · Score: 4, Insightful

    And this is why I sit on patches for at least a couple of weeks.

    "Declined"

    --
    Don't Tread on Me
    1. Re:Sit on it... by Bacon+Bits · · Score: 5, Insightful

      It's a remote code execution fix. It is irresponsible to dismiss it out of hand. If you're not applying the patch, you have up to three workarounds per system to apply. The workaround, by the way, is basically to disable Active Scripting. That is, no Java Script and no ActiveX controls. That's typically not satisfactory. The IIS ASP.NET fix is to strip NULLs from input. That's not going to happen very easily for proprietary web app software.

      Are you also "sitting on" MS07-039? Denial of service on AD is bad. Every admin I know applied this patch on Tuesday.

      You also, you know, could be testing the patch in your environment before deployment to see if any issues arise.

      The issue is also fairly uncommon from what I've seen. The majority of admins I've heard from have experienced no issues. If it's actually an issue with the patch and not just a AV scanner file locking issue due to the patch being 15 MB (which it has been for at least two people I've heard from) then MS will issue a revision.

      A far, far worse bug is the fact that can break recent versions of Sharepoint.

      --
      The road to tyranny has always been paved with claims of necessity.
    2. Re:Sit on it... by Heem · · Score: 4, Insightful

      A week or so isn't going to be the end of the world. I'll wait for you guys to break your environments. I mean, if they are patching something - it HAS been broken all this time - since I installed the box. it didn't just break yesterday and then the patch came right out.

      And plus, all my boxes are only on the internal network. Sure, they say your worst enemy is your own employees - I say my worst enemy is broken Microsoft Patches.

      So go ahead, upgrade your boxes on patch tuesday. I've just had way to many experiences where that has caused me serious grief.

      --
      Don't Tread on Me
    3. Re:Sit on it... by idontgno · · Score: 3, Funny
      So go ahead, upgrade your boxes on patch tuesday. I've just had way to many experiences where that has caused me serious grief.

      I'm picturing the classic "Far Side" cartoon depicting the herd of lemmings (herd? is that what they group in?) rushing down the beach and into the sea with singleminded determination, except for one smartass lemming wearing an inner tube flotation thingie and smiling knowingly at the viewer.

      Of course, I did the singleminded-lemming thing Tuesday at home, and nothing's puking visibly yet. But on the gripping hand, the military network environment I work with tends to very carefully evaluate these Microsoft patches before letting them loose on their systems. I guess the network admins want to be the sole authority on unplanned outages, rather than outsourcing to the vendor.

      --
      Welcome to the Panopticon. Used to be a prison, now it's your home.
    4. Re:Sit on it... by myxiplx · · Score: 2, Interesting

      We typically sit on patches for a couple of months. Then we roll them out to IT, if it doesn't crash those computers we'll roll them out further. In the last two years we've only been vulnerable to a single MS advisory, and needed to patch more quickly.

      How? We use group policy and IE security zones so that only sites IT have authorised can run scripts. It's about ten minutes work a week to maintain now, and while there's still some risk that a trusted site could host a vulnerability, the risk is small enough we can sleep soundly at night despite having a hundred or so workstations in an unpatched state.

      The upside: Haven't had a security breach, or problem with a MS patch in two years.

    5. Re:Sit on it... by hobo+sapiens · · Score: 2, Interesting

      "I also would never be dumb enough to expose any microsoft machines to the internets."
      Not a huge MSFT fan here, but that is a bit of an overblown statement. Just use common sense. I have a dual boot PC (XP, Feisty) and my wife uses the web all the time using XP, and I have never (I mean NEVER) had a problem.

      Get a good firewall. Or, an OK firewall for that matter (I use Zonealarm). Don't use IE. You cannot uninstall it, but you can hide it pretty well so that nobody can use it. Use legitimate F/OSS (with GPL, Mozilla, BSD licenses), otherwise, grabbing all the latest "free" software is risky. If you install software and it tells you that in order for it to be installed, it also needs to install its "friends", halt the installation unless you know those friends. Stay away from warez sites, those are the dark alleys of the intarwebs.

      Like I said, use common sense and you will be fine.

      The biggest danger to your XP computer is not malware (assuming a certain level of proficiency here, see above). It is all of the retarded software that leaves system cruft (I call them roaches) whenever you upgrade that will slow you down to a crawl. Yes, looking at you, iTunes (about ready to roll back to version 6 here), and your stupid inbred cousin named Quicktime (must you reinstate your automatic startup every time I upgrade you? curses!). And let's not forget Office or Visual Studio, with its myriad of mostly useless startup services. I'd say it takes more knowhow to clean all that crap because retarded MSFT provides all kinds of nooks and crannies for all the damn roaches to hide in (like the registry!). That's why using Windows is a pain, not because of security problems.

      --
      blah blah blah
  5. ProcessExplorer task manager replacement by StickInTheMud94 · · Score: 3, Informative

    When this 100% cpu utilization was happening I called up Process Explorer http://www.microsoft.com/technet/sysinternals/util ities/ProcessExplorer.mspx

  6. 100% CPU ? by herve_masson · · Score: 5, Insightful

    in some instances the recompilation will drive the processor to 100% usage

    No, kidding ? You mean the background task don't deliberately leave CPU cycles for the sake of increasing idle time ? Amazing.
    This kind of summary don't push me hard to RTFA.

    1. Re:100% CPU ? by weicco · · Score: 2, Funny

      Remember kids, saving clock cycles is like putting money in the bank.

      Hmh. That sound funnier in finnish.

      --
      You don't know what you don't know.
  7. Win 2k not affected? by andrewd18 · · Score: 2, Informative

    I installed this on my Windows 2000 box yesterday and I haven't seen any problems so far. *shrug* Maybe it's just a Win XP thing.

    1. Re:Win 2k not affected? by Bacon+Bits · · Score: 4, Interesting

      No, it's just an uncommon issue. On the NT admin mailing lists I'm on, only a handful of people have reported problems. Most responses to the thread have been "1000 systems patched here, no problems reported" and the like.

      The patch is also nearly 15 MB, which is huge for a patch. Some people have just been having problems with their AV scanners locking the file to scan while Automatic Updates wants to begin installing it (see MS KB 883825). That's not a MS issue. It's arguably not even an AV vendor issue. Mostly it's an issue with admins not excluding the updates download directory.

      --
      The road to tyranny has always been paved with claims of necessity.
  8. Familiar symptoms? by griffjon · · Score: 2, Insightful

    others report things like the mouse suddenly failing to work or long periods of hard drive thrashing. In some cases a hard reboot seems to fix the problem, but other reports suggest that a reinstallation of the .NET framework itself is required

    Wait; so, random failures, hard drive thrashing, rebooting and/or reinstalling works? Isn't that the normal user experience in Windows anyhow?

    DUPE! ;)

    --
    Returned Peace Corps IT Volunteer
  9. emerge --pv dev-lang/dotnet-runtime-1.1 by MrNemesis · · Score: 2

    For a minute there, it sounded like Microsoft had moved to Gentoo for their package management... ;)

    Disclaimer: I use and like Gentoo, for all its misgivings, so no flames please!

    --
    Moderation Total: -1 Troll, +3 Goat
  10. CPU usage by Rik+Sweeney · · Score: 4, Funny

    While the recompilations are supposed to run as a background task, in some instances the recompilation will drive the processor to 100% usage.

    Sounds like Microsoft are Secretly Monopolizing the CPU Without Being Root

    They'd better not have nicked my code or they're in trouble. It's GPL 3 I'll have you know...

    --
    Summation 2
  11. background task & 100% CPU by oliverthered · · Score: 4, Interesting

    A background task that's taking 100% cpu is perfectly fine, so long as it is a background task and is running on a below normal priority.

    I frequently make processes that run at 100% CPU run as a background task.

    --
    thank God the internet isn't a human right.
  12. Re:Win2003 by LurkerXXX · · Score: 4, Insightful

    Wed morning? The day before was patch tuesday. Why is your company installing patches on production servers they day they come out?

    You should have a test machine set up and run ALL new patches on it for at least a few days to make sure they don't hork anything up before rolling them out to production machines.

  13. Shit on it... by Anonymous Coward · · Score: 4, Funny

    And this is why I sit on patches for at least a couple of weeks. What's your IP address, my perpetually vulnerable friend?
    1. Re:Shit on it... by michrech · · Score: 4, Funny

      And this is why I sit on patches for at least a couple of weeks. What's your IP address, my perpetually vulnerable friend? 127.0.0.1
      --
      bork bork bork!
    2. Re:Shit on it... by utnapistim · · Score: 5, Funny

      And this is why I sit on patches for at least a couple of weeks.

      What's your IP address, my perpetually vulnerable friend?

      127.0.0.1

      Aha! Any second now your system will be shutti

      --
      Tie two birds together: although they have four wings, they cannot fly. (The blind man)
  14. Re:Sonofa... by duguk · · Score: 2, Interesting

    Mine's been trying to install the same patch on shutdown for about 3 days now... is it related? How can I find out what its trying to install? Should I just install Gentoo again!?!

  15. Simple solution to the problem... (Funny) by tgatliff · · Score: 4, Funny

    Come on... We all know the routine here on M$ boxes... Reboot it a couple times until we realize it is shot... Stick in the repair cd so that it can finish the job of killing it... Then wax the whole thing and reinstall... Explain to the user that all their data is gone and when they get that "deer caught in headlights" look, tell them they should have backed up to their data... Hm... Missing anything here??

    Just a typical day in windows land...

  16. Re:Sonofa... by Opportunist · · Score: 5, Funny

    Should I just install Gentoo again!?!

    Didn't read the rest of your note, but yes.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  17. Re:So That's It by TheLink · · Score: 3, Funny
    Come on, give the Microsofties some credit - there are many things they can attempt:


    1) Retry
    2) Restart
    3) Reboot
    4) Reconfigure
    5) Repatch
    6) Reinstall (app)
    7) Reformat
    8) Rebuild (os + app)
    9) Retry (everything from 1-8)
    10) Relinquish/Reassign/Reject (project/task)
    11) Resign
    12) Resume/Resumé ;)

    --
  18. Re:Win2003 by cnettel · · Score: 4, Informative

    On the other hand, a broken partition table due to a random hardware error (or any other bug causing a write there) would probably not be detected until the next reboot anyway.

  19. Duh. Cared to look at the date? by Opportunist · · Score: 3, Funny

    Friday 13th, anyone?

    How anyone would install an MS patch without first performing some exocism and have a Voodoo priest sacrifice a chicken is beyond me anyway. I have been doing this for years now and so far, no incompatibilities.

    Ok, using Ubuntu and Gentoo might have something to do with it, too, but I'm fairly confident of my chicken patching technique.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  20. Technical term: "Haywire?" by dpbsmith · · Score: 2, Funny

    You know things are getting bad when even supposedly technical types start to use this kind of language. In a few years we can expect to see serious techie-to-techie channels postings saying things like "The CPU went kerblooie" and "The disk became discombobulated" and "Don't apply this patch if you're not a real computer genius..."

    --

    "How to Do Nothing," kids activities, back in print!

  21. Re:Sonofa... by J0nne · · Score: 5, Funny

    If your processor is going to be recompiling stuff constantly anyway, you might aswell use Gentoo ;).

  22. Knowing won't help by Ropati · · Score: 2, Informative

    If you follow the update KB article, you'll find MS has already found issues with the update.

    See:
    http://support.microsoft.com/kb/928365/

    Which leads to:

    http://support.microsoft.com/kb/923100/
    and
    http://support.microsoft.com/kb/934711/
    and
    http://support.microsoft.com/kb/923101/
    and
    http://support.microsoft.com/kb/934793/
    and
    http://support.microsoft.com/kb/931846/

    923100 says if you get hosed doing the update, uninstall .NET 2.0, reinstall .NET 2.0 and try to update again. Sounds kind of cyclical to me.

    --
    machinator omnis sine licentia
  23. Re:Sonofa... by PopeRatzo · · Score: 3, Funny

    I'm another victim, I think. On Wednesday I noticed that several of my applications that use the .NET framework stopped working, such as avi.net, paint.net and Audacity. Then, when I tried to update iTunes I got a message about the .NET installations being "incomplete".

    I tried reinstalling the apps, which didn't work, then I tried to "repair" the .NET framwork(s) and finally had to uninstall/reinstall all the .NET stuff. I had to reboot several times during the process. Then it really got weird.

    I've been thinking that MS would come up with something that would make XP less useful - some sort of bug or new type of unpatchable vulnerability to force Windows users to adopt Vista. Maybe this is the beginning of the end of XP.

    --
    You are welcome on my lawn.
  24. Re:So That's It by laffer1 · · Score: 2, Funny

    This seems stupid. If you're going to suggest Linux, at least tell him to install it.

    Upon installing patches on wednesday in vista, my system BSOD'd. I was happy to see the familiar screen in vista. It brought back so many memories.

    --
    MidnightBSD: The BSD for Everyone
  25. Question: Are the problems deliberate in some way? by Futurepower(R) · · Score: 4, Insightful

    Possibly this is all part of a drive to get people with no technical experience to buy new computers. If you apply patches, Microsoft has control over how fast your computer runs.

    For example, Problems with an important Windows component, svchost.exe, can consume up to 100% of CPU time.

    On one computer with which I am familiar, the RPC service takes 30%-70% of the CPU time.

    I'm not saying Microsoft managers deliberately slow computers. I'm saying that maybe they are not particularly intense about fixing bugs that slow computers.

    I'm not the only person who thinks that may be an issue. See this quote from the parent comment: "I've been thinking that MS would come up with something that would make XP less useful - some sort of bug or new type of unpatchable vulnerability to force Windows users to adopt Vista. Maybe this is the beginning of the end of XP."

    For a lot of us, using Microsoft software has the feeling of partnering with an enemy.

    The person who wrote the parent comment could fix the problem himself. Most people, maybe 99% of Windows XP users, could not. Most people who find that there computer is running very slow will buy another computer. The New York Times article Corrupted PC's Find New Home makes that point.

  26. Re:JOHNNY 5 by Anonymous Coward · · Score: 2, Funny

    Not if he installs this patch.

  27. Re:Sonofa... by icepick72 · · Score: 3, Funny

    My refridgerator has been leaking and not catching water in the drip pan ... is it related? How can I find out what its doing? Should I just install Gentoo again!?!