Microsoft is actively asking for dead bodies -- systems that crash after MS13-063 / KB 2859537 gets applied. If you're seeing a blue screen or your system hangs at the sign-on screen after installing the patch, you can help trace down the source of the problem.
Last week I wrote about this month's six botched Automatic Update patches. At the time, Microsoft published a "Known issues" paragraph in the KB 2859537 Knowledge Base article, but it hadn't pulled the patch. As of this morning, the patch is no longer being offered (it's unchecked in the Automatic Update list), and the Known issues paragraph has been modified a bit:
Some users may experience issues with certain programs after they install security update 2859537. In some cases the programs may not successfully start. We are also aware of limited reports that certain users may encounter difficulties restarting their computers after applying this security update. Microsoft is researching this problem and will post more information in this article when the information becomes available.
Since MS13-063 is a Windows Kernel update -- always problematic, reaching into the inner sanctum -- a lot of people have reported problems. The most frequently reported problems, with Avast and the games Rift, Final Fantasy, and Defiance, seem to be related to developers hooking into the kernel in unexpected ways. Those are more-manageable problems. If you're still having trouble running the Rift game after authentication, install the latest patch from Rift (available since Aug. 15). Avast has solved the problem with an update, but no word yet on small game developers.
But that leaves us with unexplained blue screens 0x06B and frozen systems with 0xc0000005 errors. Jurgen Timmerman, on the Microsoft Answers forum, lists these reported problems:
- BSOD's with the same 05 error-code
- Application Errors by opening. Or Applications just don't start at all (no error shown)
- Rift / Final Fantasy / Defiance doesn't work anymore
- Not all Control Panel functionalities work
- IE / Chrome or even Firefox doesn't want to start or update
- Windows Profile gone corrupt (happened with a close friend his laptop)
- People cannot restart the machine
- People cannot install applications anymore
Several people have reported that the blue screens are caused by previously undetected rootkits. James Watt blogs that his machine was stuck at the Starting Windows screen. Further investigation with TDSSKiller found two rootkits: BackBoot.gen and Cidox.b. After cleaning up -- not an easy task -- he was able to successfully start his machine.
Susan Bradley, moderator on the Answers forum, says there are three current suspects for triggering the 0x06B and 0x05 errors: Hardware incompatibilities (of unknown type); a rootkit or rootkits; and people with modified kernels (for whatever reason). In particular, if you're seeing an 0xc0000005, you may be using a pirated copy of Windows, whether you know it or not.
Here's where you come in. If you have a machine with KB 2859537 problems -- you install the patch and your machine falls over, you uninstall the patch and it works just fine -- Microsoft needs your dead body, uh, it needs to diagnose why your machine turned belly up. Bradley has kindly offered to open a free support call for you and put you in touch with the folks at Microsoft who are looking into this problem. Get the process started by sending me email: firstname.lastname@example.org.
Yes, Microsoft is interested in 0xc0000005 crashes, even if (especially if) you thought you had a genuine copy of Windows 7 or Vista.
If you've already installed the patch and nothing weird is happening, no need to uninstall it. But if you're seeing any of the errors in Jurgen's list, uninstall the patch through Windows Add/Remove Programs. Most of all, if you are experiencing or have experienced one of the problems, take Bradley up on the offer to start a free incident report. You could help a whole lot of people nail down a very perplexing problem.
This story, "Microsoft needs your help to fix botched patch KB 2859537," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest developments in business technology news, follow InfoWorld.com on Twitter.