In a blast from the past, software giant Microsoft has had to replace a security update that had crashed customers’ PCs and crippled the machines with endless reboots.
The MS13-036 update was first issued April 9, but pulled three days later from distribution. Reports started to spread that the fix was generating the “Blue Screen of Death” (BSOD) error message and forcing PCs to reboot.
Microsoft never explained what happened. It claimed that the update, when paired with certain third-party software caused system errors.
Microsoft spokesperson Dustin Childs told Computerworld that only some customers experienced any problems.
Customers and experts thought that combinations of the security update and “G-Buster,” a browser security plug-in widely used in Brazil for online banking and on the Microsoft patch and Kaspersky Lab security software were responsible.
In a support document, Microsoft had posted several error messages that were symptoms of the patch failure, and recommended that Windows 7 users uninstall the update.
Childs said that the new update, KB2840149, still addresses the Moderate security problem described in MS13-036, and should not cause the rebooting problems.
The revised MS13-036 update has been restored to the Windows Update service, and will be downloaded and installed by machines with Automatic Updates enabled.
Still, it is rare these days that Microsoft makes a cock-up like this or that security patches react badly with third party software. It reminds us of the 1990s when updates were delivered slowly by system admins who appeared to stick their fingers in their ears and hide under the desk when they installed them.