Microsoft on Black Screen of Death: Don't Look at Us
We in the software world get so used to blaming Microsoft for these types of things that when news broke of a "black screen of death" (oddly abbreviated KSoD in some places) plaguing multiple versions of Windows, lots of observers, including RCPU, instinctively pointed a finger of blame at Redmond.
Well, as your editor's second-grade teacher used to say, "Every time you point at somebody, there are three fingers pointing back at you." (This led, of course, to kids pointing with all five fingers at presumed guilty parties, which was pretty funny now that we think about it.) Anyway, we're acknowledging here the three fingers pointed back at us and offering Microsoft's side of the story, which is, essentially, "It's not our fault." Wrote a blogger from Microsoft's Security Response Center:
"We've conducted a comprehensive review of the November Security Updates, the Windows Malicious Software Removal Tool, and the non-security updates we released through Windows Update in November. That investigation has shown that none of these updates make any changes to the permissions in the registry. Thus, we don't believe the updates are related to the 'black screen' behavior described in these reports."
The rest of the short blog entry is here. Generally speaking, when Microsoft has a security flaw, it acknowledges it and eventually gets around to fixing it. So, we're inclined to believe Redmond's pleas of innocence here and conclude that the KSoD problem is coming from somewhere else.
Not that it matters, of course, because a problem's a problem, and somebody has to fix it. Security firm Prevx says it has a fix, but the fact is that it might be better if this flaw did come from Microsoft because then, at least, Microsoft could get to the bottom of it and issue a fix for it. If it's really not Redmond's problem, and we don't know whose it is...then we're not sure who's going to fix it (or whether Prevx's fix really works). For what it's worth, Prevx thinks it knows what the problem is, and is working with Microsoft on the matter.
But we also don't know how big a deal this flaw really is, and Microsoft is saying that it doesn't seem to be a broad customer issue. So, maybe this whole story is a whole lot of nothing, or at least not as exciting and significant as some of us in the press and blogosphere (we hate that word, by the way) would like it to be during a slow time for news. In fact, now might be a good time to stop talking about it altogether.
Have you experienced the black screen of death? If so, have you found a fix for it, and where? Share your information at firstname.lastname@example.org.
Posted by Lee Pender on 12/02/2009 at 1:22 PM