Microsoft halts Windows Update distribution of security fix after blue-screen reports
Microsoft has removed one group of patches it released as part of this week's Patch Tuesday -- MS10-015 (KB977165) -- from its Windows Update service until it can investigate reports by some users that it is causing havoc with their PCs.
Microsoft provided an update on the Microsoft Security Response Center (MSRC) blog on February 11 about its actions, after a day of reports by users with problems, including some XP users claiming blue-screen-of-death (BSOD) issues seemingly resulting from application of the KB977165 patch.
Microsoft claimed the number of users experiencing problems as a result of the path were "limited." More from the blog post by Jerry Bryant, Senior Security Communications Manager Lead:
"(W)e have not confirmed that the issue is specific to MS10-015 or if it is an interoperability problem with another component or third-party software. Our teams are working to resolve this as quickly as possible. We also stopped offering this update through Windows Update as soon as we discovered the restart issues. However, those using enterprise deployment systems such as SMS or WSUS will still see and be able to deploy these packages."
Microsoft is advising customers to apply the other patches it released this week, as there have been no reported problems with them, according to Bryant.
My ZDNet colleague Adrian Kingsley-Hughes, earlier today offered a fix for those attempting to apply KB977165. Microsoft advised users who decide not to install the update to implement a workaround outlined in one of its security bulletins (CVE-2010-0232) in the interim. There are more details about this workaround in Microsoft's blog post.
On a related note, I asked Microsoft today whether the company had any new information or update for those users who've reported various Windows 7 startup and shutdown problems which some believe are the result of a reliability update that Microsoft pushed to Windows 7 users in late January. A Microsoft spokesperson said Microsoft had nothing new to say about the matter, other than the company would continue to monitor the situation.
Update (February 12): Microsoft security experts say that some of the problems may be due to prior malware infestations on Windows users' machines, as my colleague Ed Bott notes. The Softies are continuing their investigation.