Security Advisor

Microsoft Pulls Security Update After Reported Crashes

The issues could ultimately lead to a system being caught in a crash/reboot loop.

A bulletin that was included in Microsoft's August Security Update has been has been removed after many online said the item led to system crashes.

The security bulletin in question was MS014-045 -- an "important" item that was aimed at resolving three privately reported security issues in the Windows kernel. All versions of Windows 7, 8 and 8.1 were affected by this update. On Friday Microsoft said it was pulling the item from the Download Center.

"Microsoft is investigating behavior associated with the installation of this update, and will update this bulletin when more information becomes available," wrote the company in its updated security bulletin summary. "Microsoft recommends that customers uninstall this update. As an added precaution, Microsoft has removed the download links to the 2982791 security update."

According to the company's investigation, the update could cause one of three different issues. The first involves a font incompatibility that would lead to a "File in use" error if fonts not stored in the default font file were modified or delegated. Secondly, fonts may also not display correctly if the updated had been applied. Finally, and more severe, the update could lead to a crash "with a 0x50 Stop error message (bugcheck)," according to Microsoft.  In some extreme situations, the third issue could lead to a system being stuck in a crash loop where the computer fails to properly start up every time the computer experiences a "Blue Screen of Death" crash associated with the error.

For those who have already installed the update, instructions on how to remove it can be found here.

For Microsoft, this marks the second month in a row that its monthly patch had to either be removed or updated due to errors not caught during internal testing. Issues with its July patch popped up after its cumulative IE security update was causing compatibility issues with InstallShiled and encryption errors on Dell systems.

The recent patch woes could be pointed to the recent leadership changes and massive layoffs at Microsoft, said Microsoft MVP Aidan Finn. In a blog post on Petri IT Knowledgebase, he argues that Nadella has brought a culture of poor quality testing with him when he made the move from the Servers and Tools group to CEO. Coupled with the 18,000 layoffs announced last month, including many from engineering and testing positions, Microsoft has positioned itself away from a strict commitment to quality control, Finn argues.

"Those of us who have seen, helped troubleshoot, or covered the issues of the past two years of update rollups coming out of the Server & Tools group understand what this might mean for a greater Microsoft: products will be of a poor quality," wrote Finn. "Maybe Satya Nadella should ask Detroit what that did for the US car industry when they let quality drop after the Japanese auto industry moved in the opposite direction."

What's your take? Did you experience any issues with last week's security update release?  Also, have you seen a dip in quality control when it comes to Microsoft products and services? Share your thoughts in the comments below.


About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.


comments powered by Disqus

Subscribe on YouTube