Latest Microsoft patches cause black screen of death

kemical

Windows Forum Admin
Staff member
Premium Supporter
Microsoft MVP
#1
IDG News Service - Microsoft's latest round of security patches appears to be causing some PCs to seize up and display a black screen, rendering the computer useless.
The problem affects Microsoft products including Windows 7, Vista and XP operating systems, said Mel Morris , the CEO and CTO for the U.K. security company Prevx.
Prevx was alerted to the problem by users of its security software last week, Morris said. Microsoft apparently made changes to the Access Control List (ACL), a list of permissions for a logged-on user. The ACL interacts with registry keys, creating visible desktop features such as a sidebar.
However, the latest patches appear to make some changes to those registry keys. The effect is that some installed applications aren't aware of the changes and don't run properly, causing a black screen, Morris said.
Security applications seem to be particularly affected. Morris said users of other security products have also complained about the issue, even going so far as trying to reinstall the operating system to fix it.
"If you've got this problem, it's massively debilitating," Morris said.
Prevx has released software that fixes the registry to match the ACL settings, which should resolve the problem, Morris said. Users could do this on their own by modifying their registry settings, but making alterations to those settings is risky since it can severely affect how the operating system runs.
On Nov. 10, Microsoft released 15 patches for vulnerabilities in Windows, Windows Server, Excel and Word.
Morris said Microsoft was likely just trying to fortify the security of the operating systems when it inadvertently made the error in its patches. "It's one of those things that happens from time to time when you have a dynamic operating system," he said.
Morris said his company hasn't contacted Microsoft yet but will send the company a copy of the software fix.
Prevx has more detail on the issue on its blog and posted the software fix, which is free.
Windows has at least 10 different issues that could potentially cause a black screen, wrote Dave Kennerley who works in support for Prevx.
"Our advice is try our tool first," Kennerley said. "If it works, great. If it doesn't, you are no worse off."
Microsoft officials could not be immediately reached for comment.

Latest Microsoft patches cause black screen of death
 


kemical

Windows Forum Admin
Staff member
Premium Supporter
Microsoft MVP
#3
I know it's weird... I've not had any problems at all and I'm pretty sure it hasn't been cropping up in the forum?
 


whoosh

Cooler King
Staff member
Premium Supporter
#4
I know it's weird... I've not had any problems at all and I'm pretty sure it hasn't been cropping up in the forum?
I have installed all updates without any problems this way ?
 


kemical

Windows Forum Admin
Staff member
Premium Supporter
Microsoft MVP
#5
I have installed all updates without any problems this way ?
Same here Whoosh.. Perhaps it's just the Apple boys spreading 'fud'..;)
 


whoosh

Cooler King
Staff member
Premium Supporter
#6
Same here Whoosh.. Perhaps it's just the Apple boys spreading 'fud'..;)
Would not surprise me :)
 


#7
Same here. All updates applied as they are released. Not had any problems
 


#8
Updates will overwrite drivers, check your update history.. this is from mine: (when it applies the new drivers I get a warning message in my Event Viewer/administrative logs that says there is a problem with atikdmag every time the system boots... I roll back the drivers and the warning goes away... until windows update messes with it again. There should be some kind of LOCK to prevent this.)

ATI Technologies Inc. driver update for ATI Radeon HD 4800 Series
Installation date: ‎11/‎11/‎2009 11:07 AM
Installation status: Successful
Update type: Important
This driver was provided by ATI Technologies Inc. for support of ATI Radeon HD 4800 Series
 


kemical

Windows Forum Admin
Staff member
Premium Supporter
Microsoft MVP
#9
I have my updates set to 'check for updates but allow me to choose whether to download and install them'.. This way I can keep an eye on most of the updates.. (they do slip the odd secret one in now and again)
 


#10
It doesn't make sense that you can lock your tool bar and lock your browser and lock folders on your hard drive.. yet you can't lock working drivers. Even if you could export the drivers details from registry ... so that you could easily import them back after an update screwed them up.... the .sys files that have been replaced would have to also be rolled back.

Even if you were to try to move the driver locations there would still need to be a pointer in the registry... then the updates would still track them down. As for now it seems the only solution is to manually update and be cautious and selective. How could regular users be expected to do that?

Microsoft needs to change this part of the updating to make it crystal clear that you WANT new drivers. How can they assume it's broken... if it's not broken, don't fix it.
 


kemical

Windows Forum Admin
Staff member
Premium Supporter
Microsoft MVP
#11
I guess, like you say, that it's trying to make life easier for the end user but as we both know, life just isn't that simple and rarely works out as it should.. Mind you, I feel that if you run something whether it be a computer, car or whatever, then simply using it without knowing how to maintain it is asking for trouble....
 


reghakr

Essential Member
#12
tblount,.

No reason to get so upset.

There is a very good utility that will backup Microsoft drivers and 3rd party drivers,.

It's called Double Driver;

You can download it here:

|MG| Double Driver 3.0 Download
 


#13
IDG News Service - Microsoft's latest round of security patches appears to be causing some PCs to seize up and display a black screen, rendering the computer useless.
The problem affects Microsoft products including Windows 7, Vista and XP operating systems, said Mel Morris , the CEO and CTO for the U.K. security company Prevx.
Prevx was alerted to the problem by users of its security software last week, Morris said. Microsoft apparently made changes to the Access Control List (ACL), a list of permissions for a logged-on user. The ACL interacts with registry keys, creating visible desktop features such as a sidebar.
However, the latest patches appear to make some changes to those registry keys. The effect is that some installed applications aren't aware of the changes and don't run properly, causing a black screen, Morris said.
Security applications seem to be particularly affected. Morris said users of other security products have also complained about the issue, even going so far as trying to reinstall the operating system to fix it.
\"If you've got this problem, it's massively debilitating,\" Morris said.
Prevx has released software that fixes the registry to match the ACL settings, which should resolve the problem, Morris said. Users could do this on their own by modifying their registry settings, but making alterations to those settings is risky since it can severely affect how the operating system runs.
On Nov. 10, Microsoft released 15 patches for vulnerabilities in Windows, Windows Server, Excel and Word.
Morris said Microsoft was likely just trying to fortify the security of the operating systems when it inadvertently made the error in its patches. \"It's one of those things that happens from time to time when you have a dynamic operating system,\" he said.
Morris said his company hasn't contacted Microsoft yet but will send the company a copy of the software fix.
Prevx has more detail on the issue on its blog and posted the software fix, which is free.
Windows has at least 10 different issues that could potentially cause a black screen, wrote Dave Kennerley who works in support for Prevx.
\"Our advice is try our tool first,\" Kennerley said. \"If it works, great. If it doesn't, you are no worse off.\"
Microsoft officials could not be immediately reached for comment.

Latest Microsoft patches cause black screen of death

Try this at our own risk if ou are have the above problem
If anybody wants their fix here is the website. It may be better to let Microsoft issue one. If you need it now here is a link

Black Screen woes could affect millions on Windows 7, Vista and XP

The fix can also be downloaded from here

?Black screen of death? for some Windows users - Security- msnbc.com/

The windows patches which seem common to the issue arising are listed below:
KB915597 and KB976098
 


#14
tblount,.No reason to get so upset.
WHAT? I'M NOT UPSET !!!!

Ok.. that was a joke. I know I sometimes write with passion but I don't need to be medicated... not yet anyway.

There is a very good utility that will backup Microsoft drivers and 3rd party drivers,.
It's called Double Driver; You can download it here:
|MG| Double Driver 3.0 Download
Thanks.. but I'll say the same thing that someone said about the first Apple computers that came out and had a problem ejecting the floppy disk. The solution someone offered was that it was easy to use a paperclip and jiggle it out.... then someone replied asking "Why don't they include the paperclip when they sell the machine?"

They were pointing out the obvious.... it should have been fixed, done right, the first time... or Double Driver should be included in the install.

For an update to automatically overwrite drivers is major blunder by design. As we see, when updates change drivers, they often "fix" something that wasn't broken by breaking it. They aren't making an omelet here so they shouldn't be cracking any eggs.
 


#16
Editor's note: This article has been updated to reflect Microsoft's latest statement regarding possible causes of the problem.

Why the Black Screen of Death is cause for serious concern for consumers and the
enterprise alike.
1. It affects all Windows installations
Those who operate older versions of Windows might think that they won't be
affected by the Black Screen of Death, but, unfortunately, they're wrong. The
issue affects just about everyone using a Windows PC today, which means millions
of users are potentially in danger.
2. The system is crippled
When the Black Screen of Death strikes, users lose all ability to control
Windows. According to Prevx, a security company that has been monitoring the
outbreak, users experiencing the problem lose the taskbar, sidebar, system tray
and desktop. In other words, users won't be able to do anything with their
systems when trouble strikes.
3. Some fixes don't even work
Prevx currently has a fix on its site to help those impacted by the Black Screen
of Death. But after further investigation, the security company found that there
are several causes, so its solution will not work for everyone. Worst of all,
there's no easy way to know what the direct cause is, making fixing it even more
difficult.
4. It might come from Microsoft Prevx has done significant research to determine
what the cause of the latest outbreak of Black Screen of Death came from.
According to the company, some Black Screen of Death issues may possibly be
caused by installing two security updates from Microsoft. For its part,
Microsoft contends that its updates haven't caused any issues. Regardless,
Microsoft is on shaky ground when it comes to security. To potentially cause a
problem through a software update does not instill confidence.
5. Microsoft is still moving slowly
Although Microsoft said it investigated the problem, there's currently no
indication that a fix to the Black Screen of Death will be coming any time soon.
The longer it takes for Microsoft to address the problem, the more cause for
concern there will be. We can also probably expect to see more people affected
in that time. Microsoft needs to do something soon.
6. It's more widespread than you think
Although news of the Black Screen of Death is still fresh, the issue is
affecting a slew of Windows users. Due to the fact that it can potentially
impact just about every Windows PC in operation today, there are millions of
users that could potentially see the deadly black screen. Prevx wrote on its
site the week of Nov. 23 that it found millions of Google results relating to
the Black Screen of Death with several results featuring pleas for help from
Windows users.
7. Trust is a key component in software security
Without trust, software security means nothing. Now that some users believe that
the latest cause of the Black Screen of Death is downloading a Windows update,
what are the chances that they will fully trust any other update Microsoft
pushes to their systems? PC users don't like losing all their content over
something they didn't do. They might stop downloading any Microsoft updates. The
software giant needs to address this issue as soon as possible—especially if it
didn't cause it.
8. The domino effect
Following that, it's important to note that a domino effect could result from
the Black Screen of Death. If users decide to not download patches from
Microsoft until they know that they're safe, it will not only make their systems
less secure, but it could also impact the entire Windows ecosystem. Each Windows
PC's security relies upon the security of other PCs to some extent. If users
decide against patching Windows, their computers will be unsafe, leading to an
easier transfer of malicious files from one computer to another.
9. Nontechnical users are in deep trouble
According to Prevx, nontechnical users who attempt to repair their systems will
have a difficult time of it. Although the company's fix is somewhat
straightforward, it's not so simple for those less advanced users. Plus, if that
doesn't fix the problem, the vast majority of nontechnical users will likely be
lost.
10. The future is in doubt
At the moment, we just don't know what to expect from the Black Screen of Death.
Will it simply go away after Microsoft addresses the problem or will it continue
to plague Windows PCs? For now, we do know that it can easily impact computers,
more and more users are being affected each day, and Microsoft has yet to
release a fix. It's a scary time.
 


#17
I have concluded that it's in my best interest to turn OFF automatic updating. Then be very informed and selective about what updates I allow.

Is that a good idea?
 


#18
Even the company that reported the problem has apologized to MS

Link

QUOTE

"The issue appears to be related to a characteristic of the Windows Registry related to the storage of string data. In parsing the Shell value in the registry, Windows requires a null terminated "REG_SZ" string. However, if malware or indeed any other program modifies the shell entry to not include null terminating characters, the shell will no longer load properly, resulting in the infamous Black Screen with the PC showing only the My Computer folder.

SysInternals was one of the first companies to discover this characteristic of the registry a number of years ago in their utility: RegHide Systems Internals Tips and Trivia which modifies registry entries to prevent them from being accessible within the operating system. This technique is frequently used by malware authors which is why it is recommended to first query the length of a registry value, and then read it into a buffer, forcing the null termination of strings whether or not null terminated by their content.

Having narrowed down a specific trigger for this condition we've done quite a bit of testing and re-testing on the recent Windows patches including KB976098 and KB915597 as referred to in our previous blog. Since more specifically narrowing down the cause we have been able to exonerate these patches from being a contributory factor.

We have not analyzed further whether a change occurred in the OS interpretation of this or other registry values. In any case, we believe there are significant benefits in the OS using the length of the value as recommended by the SysInternals article.

We have always strongly recommended keeping Windows and all other software up-to-date to reduce the window for exploitation by new threats. We'll keep you updated with further progress if we find anything new.

We apologize to Microsoft for any inconvenience our blog may have caused. This has been a challenging issue to identify. Users who have the black screen issue referred to can still safely use our free fix tool to restore their desktop icons and task bar."

END OF QUOTE
 


reghakr

Essential Member
#19
Drew,. never noticed it at all.

OOOPPPs, I told a lie
 


RAK

Extraordinary Member
#20
Seems likely that the problem is mostly connected with hardware. I have, on three very different computers, updates to "check for updates but let me choose whether to download and install them" So far, apart from disallowing some updates, for which I have no use (Built in Camera, Modem etc) I have had no problems. This includes many installs on other computers. I have not put any restrictions,in every instance, on driver updates.
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.
Top