Windows 7 users hit by 'black screen of death' (Daily Mail)
- Thread starter News
- Start date
Super Sarge
New Member
Here is a fix try at your own risk
If anybody wants their fix here is the website. It may be better to let Microsoft issue one. If you need it now here is a link
Link Removed due to 404 Error
The fix can also be downloaded from here
?Black screen of death? for some Windows users - Security- msnbc.com/
The windows patches which seem common to the issue arising are listed below:
KB915597 and KB976098
Below is also an apology from people who discoverd the problem, at first they blamed Microsoft
Even the company that reported the problem has apologized to MS
Link Removed due to 404 Error
QUOTE
"The issue appears to be related to a characteristic of the Windows Registry related to the storage of string data. In parsing the Shell value in the registry, Windows requires a null terminated "REG_SZ" string. However, if malware or indeed any other program modifies the shell entry to not include null terminating characters, the shell will no longer load properly, resulting in the infamous Black Screen with the PC showing only the My Computer folder.
SysInternals was one of the first companies to discover this characteristic of the registry a number of years ago in their utility: RegHide Systems Internals Tips and Trivia which modifies registry entries to prevent them from being accessible within the operating system. This technique is frequently used by malware authors which is why it is recommended to first query the length of a registry value, and then read it into a buffer, forcing the null termination of strings whether or not null terminated by their content.
Having narrowed down a specific trigger for this condition we've done quite a bit of testing and re-testing on the recent Windows patches including KB976098 and KB915597 as referred to in our previous blog. Since more specifically narrowing down the cause we have been able to exonerate these patches from being a contributory factor.
We have not analyzed further whether a change occurred in the OS interpretation of this or other registry values. In any case, we believe there are significant benefits in the OS using the length of the value as recommended by the SysInternals article.
We have always strongly recommended keeping Windows and all other software up-to-date to reduce the window for exploitation by new threats. We'll keep you updated with further progress if we find anything new.
We apologize to Microsoft for any inconvenience our blog may have caused. This has been a challenging issue to identify. Users who have the black screen issue referred to can still safely use our free fix tool to restore their desktop icons and task bar."
END OF QUOTE
If anybody wants their fix here is the website. It may be better to let Microsoft issue one. If you need it now here is a link
Link Removed due to 404 Error
The fix can also be downloaded from here
?Black screen of death? for some Windows users - Security- msnbc.com/
The windows patches which seem common to the issue arising are listed below:
KB915597 and KB976098
Below is also an apology from people who discoverd the problem, at first they blamed Microsoft
Even the company that reported the problem has apologized to MS
Link Removed due to 404 Error
QUOTE
"The issue appears to be related to a characteristic of the Windows Registry related to the storage of string data. In parsing the Shell value in the registry, Windows requires a null terminated "REG_SZ" string. However, if malware or indeed any other program modifies the shell entry to not include null terminating characters, the shell will no longer load properly, resulting in the infamous Black Screen with the PC showing only the My Computer folder.
SysInternals was one of the first companies to discover this characteristic of the registry a number of years ago in their utility: RegHide Systems Internals Tips and Trivia which modifies registry entries to prevent them from being accessible within the operating system. This technique is frequently used by malware authors which is why it is recommended to first query the length of a registry value, and then read it into a buffer, forcing the null termination of strings whether or not null terminated by their content.
Having narrowed down a specific trigger for this condition we've done quite a bit of testing and re-testing on the recent Windows patches including KB976098 and KB915597 as referred to in our previous blog. Since more specifically narrowing down the cause we have been able to exonerate these patches from being a contributory factor.
We have not analyzed further whether a change occurred in the OS interpretation of this or other registry values. In any case, we believe there are significant benefits in the OS using the length of the value as recommended by the SysInternals article.
We have always strongly recommended keeping Windows and all other software up-to-date to reduce the window for exploitation by new threats. We'll keep you updated with further progress if we find anything new.
We apologize to Microsoft for any inconvenience our blog may have caused. This has been a challenging issue to identify. Users who have the black screen issue referred to can still safely use our free fix tool to restore their desktop icons and task bar."
END OF QUOTE
