Security Advisor

Broken Microsoft Security Bulletin Gets Fixed

Microsoft yesterday reissued an April security bulletin that was quickly pulled after it was discovered the item was flawed.

The "important" patch item, bulletin MS13-036, was pulled days after its April 9 release due to an error Windows 7 users  were experiencing. According to Microsoft, after the installation of the update, many users reported receiving a "STOP: c000021a {Fatal System Error}" message, coupled with the infamous blue screen of death.

While Microsoft has given no info on what caused the error, it's been rumored that the error message was due to bulletin incompatibility issues with Kaspersky Anti-Virus for Windows Workstations / Servers software.

"Today we released a new update to replace KB2823324, which was originally made available through MS13-036," said Microsoft Trustworthy Computing's Dustin Childs. "As we previously discussed, we stopped distributing this update when we learned some customers were having issues. The new update, KB2840149, still addresses the Moderate security issue described in MS13-036, and should not cause these issues."

Bulletin MS13-036 was originally released to fix three privately reported and one publically known flaw in Windows XP, Vista, Windows 7 and every version of Windows Server as far back as Windows Server 2003. According to Microsoft, the most severe flaw could lead to an elevation of privilege. However, due to a potential attacker needing physical access to the targeted system, the threat of exploitation has been relatively low.

Microsoft recommends those that installed the flawed bulletin to uninstall it before applying this week's updated item. Those with automatic updating will have the fixed bulletin pushed through.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Microsoft 365 Business To Get Azure Active Directory Premium P1 Perks

    Subscribers to Microsoft 365 Business (which is being renamed this month to "Microsoft 365 Business Premium") will be getting Azure Active Directory Premium P1 licensing at no additional cost.

  • How To Use .CSV Files with PowerShell, Part 1

    When it comes to bulk administration, few things are handier than .CSV files. In this two-part series, Brien demos his top techniques for working with .CSV files in PowerShell. First up: How to create a .CSV file.

  • SameSite Cookie Changes Rolled Back Until Summer

    The Chromium Project announced on Friday that it's delaying enforcement of SameSite cookie changes, and is temporarily rolling back those changes, because of the COVID-19 turmoil.

  • Basic Authentication Extended to 2H 2021 for Exchange Online Users

    Microsoft is now planning to disable Basic Authentication use with its Exchange Online service sometime in the "second half of 2021," according to a Friday announcement.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.