Microsoft withdraws KB 2823324, second botched automatic update this year

If rebooting your Windows 7 PC brings up a blue screen or chkdsk, you may be victim of latest botched Microsoft patch

Automatic Update strikes again! For the second time so far this year, Microsoft has released a patch, MS13-036/KB 2823324, that causes widespread blue screens of death (BSODs) on Windows 7 systems when the computers reboot.

Details are very sketchy, but it appears that the BSODs appear when a Win7 PC runs the KB 2823324 patch and is then rebooted. At that point, some people report BSODs. Others -- particularly those who run Kaspersky Antivirus -- say the machine immediately launches chkdsk upon every system start. While most of the reports at this time are from Brazil on machines running the Brazilian version of Win7 x86 and possibly x64, there are additional reports of conflicts with Kaspersky Antivirus, even on a MacBook running Win7 on VMware.

Late Thursday -- two days after the KB 2823324 release -- Microsoft acknowledged the problem, said it was investigating, and pulled the update.

The last time we had widespread BSODs caused by an automatic update patch, a little over a month ago, Microsoft didn't acknowledge the problem for more than a week, didn't give any sort of description of the cause or potential solutions, and didn't pull the patch in a timely fashion -- although the company did yank it out of the automatic update chute rapidly. This time, it's déjà vu all over again.

Until Microsoft finally acknowledged the issue late Thursday, the Microsoft Answers site had five complaints, four of them in Portuguese. With the last botched patch, the MVPs answering the questions (volunteers who are not Microsoft employees) had a tough time getting a straight response out of Microsoft.

Kaspersky, on the other hand, had a detailed description of the problem on systems running Kaspersky AV and a proposed solution: "We recommend not to install KB2823324 update or uninstall it before restarting the computer." At this point, it appears as if you can solve the Kaspersky issue by letting the chkdsk run to completion, then uninstalling the patch.

Poster MarceloPereira2B reports that the BSOD can be repaired by copying the NTFS.SYS file from a good system (or an installation CD) by booting from a repair CD, going into the recovery console, and running the copy from a command prompt. The Portuguese instructions from Microsoft are similar, but specify that you should copy NTFS.SYS from the %windir%\winsxs folder to the %windir%\system32\drivers folder.

This article, "Microsoft withdraws KB 2823324, second botched automatic update this year," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest business technology news, follow InfoWorld.com on Twitter.

Mobile Security Insider: iOS vs. Android vs. BlackBerry vs. Windows Phone
Recommended
Join the discussion
Be the first to comment on this article. Our Commenting Policies