Microsoft's not so happy Valentine's Day

Spectacular Security Essentials false positives, an extensive Hotmail outage, and errors when installing a Black Tuesday patch made for a bad day in Redmond

If you work for Microsoft, yesterday was a very good day to go home sick.

It started out with a persistent report of problems with the MS12-016/KB 2668562 Silverlight security patch, part of this month's Black Tuesday crop. Both Windows 7 and Windows XP systems appeared to be installing the update, then crashed on Error code 80070643 -- one of the most common (and most frustrating!) installer error codes in the Microsoft collection.

After a great deal of wailing and gnashing of teeth from all over the globe, Doug Neal, on the Microsoft Update team, posted this message late Tuesday night:

Thanks to responses on this listserver, we've looked into the Silverlight update, have identified a metadata (logic) error and will be releasing a revision to correct this very soon.

Consider holding off on this update until a revision is published and visible in your WSUS/SCCM consoles -- or simply allow auto-approval to permit the revision to replace the original version. We have similarly 'down throttled' unmanaged (consumer) machines until the revision is released (throttled at 0% = no consumer machines will get this installed automatically -- but users who open WUApp and choose it, will still be able to run it -- even though it will fail).

As of this writing, the problem does not appear to be fixed. The appropriate Microsoft Knowledge Base articles have not been updated. The only notification I've found is on the Patchmanagement Listserv. (Thanks to SB for the heads-up.)

Then we started seeing reports of infected Google pages, coming from Microsoft Forefront and Microsoft Security Essentials users. The SANS Institute's Internet Storm Center (ISC) posted a screenshot of Microsoft's Forefront Threat Management Gateway 2010, declaring that the website (in Colombia) was blocked "due to a detected infection / Exploit:JS/Blacole.BW."

Brian Krebs provided more details, saying, "Not long after Microsoft released software security updates on Tuesday, the company's Technet support forums lit up with complaints about Internet Explorer sounding the malware alarm when users visited The alerts appear to be the result of a "false positive" detection shipped to users of Microsoft's antivirus and security products."

It turns out that none of the Google sites were infected. The updates to Forefront and Security Essenetials distributed on Valentine's Day had a signature that matched many Google sites. ISC says that Microsoft has confirmed the error, and it will be corrected in update 1.119.1986.0. If you're getting the error right now, it would behoove you to manually update Forefront or Security Essentials.

Then Hotmail went down -- again. Very late Tuesday night, Hotmail went down all over the United States. Microsoft hasn't yet published details about the outage, and we don't know how many Hotmail users were affected or precisely when. We also don't know what caused the problem. But we do know that Microsoft tweeted a heads-up on its @hotmail account: "We're aware of sign-in issues -- we're investigating and working to get them fixed." And it posted a "Some people might be experiencing sign-in issues" indicator on

Kind of makes you feel all warm and fuzzy about Office 365 and Windows 8's automatic updating and built-in antivirus, doesn't it?

This story, "Microsoft's not so happy Valentine's Day," was originally published at Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest developments in business technology news, follow on Twitter.