Microsoft issues new version of patch pulled on Patch Tuesday

Summary:Microsoft has issued a new version of a patch after an earlier version caused some users' machines to suffer the blue screen of death.

Microsoft has reissued a patch for Windows after an earlier version led to some machines crashing and suffering the 'blue screen of death'.

The first patch, security update 2823324, which fixed flaws in the NTFS kernel-mode driver of Windows, was pulled earlier this month after some users reported getting a "STOP: c000021a {Fatal System Error}" error message after installation.

A new version of the patch was made available by Microsoft yesterday.

Windows users with automatic updating enabled will receive the new patch, while those with it disabled will need to install the fix manually.

Microsoft recommends that customers uninstall the earlier security update 2823324 that triggered the initial error message. Instructions for how to uninstall the update and recover affected machines are available here.

The patch fixes three privately disclosed and one publicly disclosed flaw in an NTFS kernel-mode driver that could allow a user to elevate their privilege level. An attacker would need valid logon credentials and be able to log on locally to "exploit the most severe vulnerabilities", according to Microsoft.

The flaws affect versions of Windows XP, Vista, 7, 8 and RT, as well as versions of Windows Server 2003, 2008 and 2012. A full list of the affected versions is available here.

The security update addresses the vulnerabilities by correcting the way that the Windows kernel-mode driver handles objects in memory.

Topics: Security, Microsoft

About

Nick Heath is chief reporter for TechRepublic UK. He writes about the technology that IT-decision makers need to know about, and the latest happenings in the European tech scene.

Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.