Slashdot Mirror
Microsoft Black Tuesday Patches Bring Blue Screens of Death
snydeq (1272828) writes "Two of Microsoft's kernel-mode driver updates — which often cause problems — are triggering a BSOD error message on some Windows systems, InfoWorld reports. 'Details at this point are sparse, but it looks like three different patches from this week's Black Tuesday crop are causing Blue Screens with a Stop 0x50 error on some systems. If you're hitting a BSOD, you can help diagnose the problem (and perhaps prod Microsoft to find a solution) by adding your voice to the Microsoft Answers Forum thread on the subject.'"
Someone right now is looking at that error and figuring out how to exploit it.
"If any question why we died, Tell them because our fathers lied."
I work in schools, preparing for a huge summer deployment, just re-imaged every PC on-site.
Fortunately, although I pushed the updates out over WSUS, my image was taken BEFORE patch Tuesday. Anything that hasn't been out for a least a month is in beta testing, as far as I'm concerned, and after a month it either "works" (for some definition) or something like this will come to my attention.
Have all the PC's imaged in my rooms, but only have a handful actually deployed at the moment while I test. The very first blue-screen I see, any kernel-mode patch this month will be changed to "Declined" so no further PC's get it.
Yet again, those people who get all stroppy about "you should install updates the SECOND they come out".... real life hits you again. And the downtime from a potential "zero-day" that I'll probably never witeness is nothing compared to potentially rolling out faulty updates to hundreds of PC's that would then have to be re-imaged, and/or having a faulty update inside your images forcing you to reverse changes (in my case, to pre-summer images which is a HUGE step backwards) and re-deploy.
So it looks like certain video drivers are barfing the system (itching the gdi32.dll the wrong way). If you can, roll back to an earlier system restore point, update the video drivers, then re-apply the updates again.
Life is not for the lazy.
so funny ... if you were competent enough to review all the patches and keep your server secure enough to be a good Internet citizen, unchecking 'automatic ' would not be a hurdle.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
if you only have one computer you're not the kind of person who will be helpful in diagnosing a kernel driver bug (sorry if that stings).
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
Gee, I don't like Micro$oft as much as the next Linux Zealot, but let's be fair here...
M$ is darned if they do and darned if they don't. When they hold up patching stuff they get pillaged in the press for not getting the gaping security holes in their OS fixed soon enough. When they release stuff too soon and stuff like this happens, they get racked over the coals for not knowing what they are doing, cannot develop/test/integrate their software. M$ has ebbed and flowed on the quality of their patches in the past, they've been slow, they've released some really disruptive software. Being fair, they don't do too bad on either responsiveness or on the introduction of new bugs.
So lighten up on Micro$oft, at least on this front. Now Windows 8 metro and removing the 'start' button? Fire away at that garbage....
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
This rollback procedure got my Win7 x64 system booting again:
From another system with the same bit width and service pack level, grab the files C:\Windows\System32\gdi32.dll and C:\Windows\System32\Win32k.sys.
Using HBCD or a similar boot disc, boot your defunct system. You can also snag the hard drive and plug it into another working computer.
BACK UP the gdi32.dll and win32k.sys files from System32 to another location just in case. Overwrite those two files in System32 with the ones you grabbed from the other system.
Your system is now bootable, having effectively rolled back the KB2982791 update. This is a quick and dirty procedure and leaves the update itself in an indeterminate state.
Oh wait, I'm on Linux.
Which distribution? I have had issues with Linux patches too.. Not as often as with Microsoft patches, but problems none the less.
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
On my private machines, I have been using Linux and *BSD for more than ten years, and I only once had a problem with an update (and that was on a Gentoo box that had not been updated for more than a year - in other words, it was to be expected). About one and a half years ago, I started working as a sysadmin at a Windows shop, and I have been enraged, shocked, scared, and surprised more or less continuously ever since.
On the one hand, you want to keep your systems up to date. On the other hand, installing updates on Windows is like Russian roulette with five out of six chambers loaded. I am constantly torn between my deply ingrained reflex, acquired on Linux/BSD, to install any update as soon as it becomes available, and painful experiences I've had on Windows.
Can't Microsoft just get their act together and do some freaking *TESTING* before shoveling their crap out of the door, instead of having their customers do it for them?
So happy I'm running XP right now. No patch for me.
I think the criticism isn't so much that they're too responsive to consumers or not -- they obviously listen. The criticism is that there are so many holes to begin with and that their attempts to fix things that are obviously broken -- things that their competitors seem to be able to make work just fine -- often don't work or cause other problems. Knowing the Microsoft engineering culture, their stuff is mostly a patchwork of different groups not talking to each other. In the Windows API, there are something like 17 different representations of strings depending on which engineer/department wrote the code!
When you're disorganized like that in a giant company with a giant piece of software, it's easy to see how bugs can get out of hand.
I prefer to play Russian Roulette with a semi-auto with 3 out of 6 rounds loaded. The odds are better.
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Oh, and if you are allowed a 15 round magazine, 3 out of 15 is even better!
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
On the other hand, Apple, Debian and Redhat manage to release timely security patches that don't cause crashing en-masse.
... Throwback Tuesday!
Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
That's because it broke through normal wear and tear. If someone from Ford came out to your house one night and swapped parts and as a result your formerly running car wouldn't start in the morning, you would certainly be entitled to compensation for your time and trouble as well as a fix fro your car.
If it doesn't work right because of something MS did and they then leave him to fix it, why not?
I'm pretty sure MS insists on being paid for each and every install of Windows.
Since you were perfectly free to not reply at all, you're an unpaid volunteer.
Android Linux moved a billion hardware units last year and this year surpassed the Windows all-time installed base. It is selling above 6x Windows. People using Android have never seen an update mangling this severe, but on Windows it seems a quarterly thing. This whole "Windows rules the world" thing is becoming absurd. Windows rules a small and shrinking backwater - the realm where people are willing to tolerate stuff like this.
Help stamp out iliturcy.
You have 40+ Windows servers and aren't using WSUS? Deploy WSUS, pull the patches down on Tuesday, push them on Monday night. Gives nearly a whole week for the rest of the world to figure out they're not working for you.
If it was a M$ gun it would lock up, or empty the entire magazine.
No, they'd just hide the trigger and require you to hit three separate buttons requiring at least two hands to fire it, then totally disassemble and reassemble it between shots... ([Ctl][Alt][Del] followed by reboot)
Yea, I know, OLD NT joke.....But it's still funny.
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Yes, but that is because the developers are now required to test their own code before it goes to testing, so that things don't break as much during each sprint of coding.
Microsoft gets no pass! I generally give Microsoft the benefit of the doubt, but there are too many instances of this. I am going to go off on a bit of a tangent here, but the fail to eat their own dog food. They come up with Best Practices, and they do not even follow them internally. There is not an internal body at Microsoft that enforces uniform standards. They have it setup that way to mitigate risk to the company. If they had a single body responsible for maintaining order, they open themselves up to the risks associated with the failure of that body. So instead, they just compartmentalize and each team ends up doing their own thing. Therefore the inevitable fallout is contained.
That organization strategy causes problems like this. They restrict their ability to test patches across the groups. They have damned themselves. And they have done it to cover their own asses. Therefore, they get zero sympathy.
It is never going to happen, but they need to modify their business model. Instead of forcing people onto the upgrade treadmill, they should move over to a maintenance subscription model. Doing that would allow them to continue to improve the products, and stop focusing on pushing out new features all the time. For the most part, Windows, Office, Exchange and SQL server are "good enough" in terms of feature set. Now they just need to focus on making them stable, and improving the tooling that is already there.
Yes, but that is because the developers are now required to test their own code before it goes to testing,
Well that explains things. Apparently prior to this, developers would just deploy their code without ever testing it. No wonder they had so many bugs!
Out in the real world, developers test their code before submitting it to source control. They write unit tests to verify the functionality. QA verifies that the functionality works after that, still finding bugs that weren't obvious to the developers. For example, what happens when you run code on a variety of chipsets. If you're really lucky, a SDE-T might write some of the unit tests for you.
A BSOD that only happens to some people is a great example of something that rigorous QA should catch but that developers are likely to miss. Developer testing is not a replacement for QA. They should be doing both.
here, http://www.ultimatebootcd.com/ download, put to usb media... use BIOS to set usb and/or dvd to boot before the hdd. then boot and fix MBR then roll back updates. you can ever use the boot cd to replace the bad files using the copy on your boot dvd (just google the guides i'm lazy)
https://www.gnu.org/philosophy/free-sw.html
The upgrades come in Google Play Services now, so OEMS and carriers can't block them. 85% of Android devices are updated by Google now.
Help stamp out iliturcy.
The way to fix this is to delete \Windows\System32\FNTCACHE.DAT. The file will automatically be regenerated on the next boot.
(Information found on Microsoft Support Forum and used to successfully fix my own system.)
How do you delete the file if you can't boot?
(1) Press F8 during boot to get to the Windows boot manager advanced options screen.
(2) Select "Repair".
(3) Provide password for a local account that's a member of the Administrator group.
(4) Select "Command Prompt".
(5) Find drive letter assigned to Windows partition (may not be C: in the repair environment!).
(6) Delete \Windows\System32\FNTCACHE.DAT.
(7) Exit command prompt and reboot system.
(8) Fixed!
----------
And now, since this is /., here is the required Windows bashing...
This bug demonstrates the danger of running your GUI in kernel mode (win32k.sys). One stray pointer can ruin your whole day. In this case the pointer was sufficiently invalid to cause a bugcheck. A stray pointer that silently scribbles on other kernel data structures is even worse.
"Those who would give up essential Safety, to purchase a little temporary Performance, deserve neither Performance nor Safety."
The key sequence to access my Slashdot bookmark in Firefox is Alt-B-S. I don't believe this is a coincidence.
Jesus Christ, you fuck up your computer like that, and still try to blame MS?
Hello,
I know that Slashdot loves to bash Microsoft, but calling it's monthly patching cycle "Black Tuesday" is pushing it. Black Tuesday was the name for the stock market crash that preceded the Great Depression, and for all the negativism about Microsoft, I have yet to hear of someone committing suicide over a Microsoft patch.
Frankly, using Woody "I'm a Windows victim" Leonhard as a source of information about Microsoft patches isn't a good idea, at least until he stops grinding whatever axe it is he has against Microsoft. Go read Microsoft's Security TechCenter if you want to know the patches are for, or at least blogs like ComputerWorld o ZDNet's r>Ed Bott, both of whom are more likely to put facts ahead of opinions. Even Paul Thurrott provides some good coverage, although I think he often is the opposite of Woody Leonhard, e.g.doesn't critical enough coverage.
Regards,
Aryeh Goretsky
Dexter is a good dog.