Microsoft issues new version of patch pulled on Patch Tuesday

Microsoft issues new version of patch pulled on Patch Tuesday

Summary: Microsoft has issued a new version of a patch after an earlier version caused some users' machines to suffer the blue screen of death.

TOPICS: Security, Microsoft

Microsoft has reissued a patch for Windows after an earlier version led to some machines crashing and suffering the 'blue screen of death'.

The first patch, security update 2823324, which fixed flaws in the NTFS kernel-mode driver of Windows, was pulled earlier this month after some users reported getting a "STOP: c000021a {Fatal System Error}" error message after installation.

A new version of the patch was made available by Microsoft yesterday.

Windows users with automatic updating enabled will receive the new patch, while those with it disabled will need to install the fix manually.

Microsoft recommends that customers uninstall the earlier security update 2823324 that triggered the initial error message. Instructions for how to uninstall the update and recover affected machines are available here.

The patch fixes three privately disclosed and one publicly disclosed flaw in an NTFS kernel-mode driver that could allow a user to elevate their privilege level. An attacker would need valid logon credentials and be able to log on locally to "exploit the most severe vulnerabilities", according to Microsoft.

The flaws affect versions of Windows XP, Vista, 7, 8 and RT, as well as versions of Windows Server 2003, 2008 and 2012. A full list of the affected versions is available here.

The security update addresses the vulnerabilities by correcting the way that the Windows kernel-mode driver handles objects in memory.

Topics: Security, Microsoft


Nick Heath is chief reporter for TechRepublic UK. He writes about the technology that IT-decision makers need to know about, and the latest happenings in the European tech scene.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • @ye

    Children, children, play nice in the sandbox.
  • Sooooooooooo.......

    So PC's and or laptops which were unaffected should not download this update then I take it?
    $64 question is next time MS issues a patch will this "problem patch fix" be included with the next update...... cumulative update? This could be quite interesting if it is. I think I'll hold off on any updates until the "Ginny Pigs" test this out first.
    • Naaa...

      The bug will just be reinstalled next month as part of a patch to something different.

      It seems to take MS about 4 tries before they actually fix something, and even then, it comes back the following year...
      • 4 tries.... really?

        Even if this were true, it still beats the heck out of Apple's standard practice of denying that there is an issue, e.g. "you're holding it wrong"
        • hmm

          Do you suggest that Apple is involved in the design of Microsoft software?
          • @danbi

            not at all - I'm stating that MS is doing a much better job at patching flaws than Apple
    • that's Guinea Pigs. Ginny pigs are pigs that have

      been at the Gordon's Dry Gin.
    • @rocketman67

      As far as the $64 question goes, This fix WILL be included the next time you do an update.

      While I was aware of the problem with update (KB2823324) I didn't uninstall it, as I had no problems.

      Sure enough (I have my auto-updates set to tell me when a new update is available but not download or install) I was notified about the new update and chose to install it, and so far, still no problems. So to clarify, my machine now has both (KB2840149) - the new one, and the old (KB2823324) installed, and I didn't go out of my way to install either of them, i.e. all Windows Updates doing.
  • Actually it was Kapersky that 'modified' the NT kernel...

    And Kapersky has updated their Anti-Virus as well.

    Learn to give credit to where credit is due. This fiasco is Kapersky's fault. As evidenced by zero issues at all with Windows 7 systems running something else than Kapersky.
  • I installed this update and......

  • Impossible!

    Windows never crashes with a blue screen. You must be making this up. :)
    Not even a buggy patch can cause this. Not from Microsoft.
  • Blush!

    How would you like to be the one that caused The dreaded Blue Screen on thousands of Computers. I know mistakes happen but can't it be prevented. Isn't R & D better than that?