Microsoft Pulls Troublesome WinXP Patch, Continues Investigation

Microsoft seems to have quite the issue on their hands. Just a few days after the company began to receive complaints that a company-issued patch was causing seemingly random freezes and reboots on select Windows XP systems, there has been yet another update from the company to inform us all that malware may be to blame. Or maybe not. But it's still investigating.

It's kind of unsettling, particularly for those poor Windows XP netbook users who rely heavily on that as their main machine while on the road. As of now, the patch that started this whole mess has been removed while the company investigates further, and a quote from them notes that they "are not yet ruling out other potential causes at this time." We're thinking that the malware could have reacted negatively to the patch (which was aimed at fixing something else) and now that very exploit could be utilized by things other than malware. In other words, Microsoft may have just created a lot more trouble by attempting to patch up a 17-year old DOS exploit that was essentially not harmful in 2010.

The full statement is below, but the take away here is to but a manual hold on your Windows XP updates if you haven't already. You don't want an automated patch to crash your system, do you?

In our continuing investigation in to the restart issues related to MS10-015 that a limited number of customers are experiencing, we have determined that malware on the system can cause the behavior. We are not yet ruling out other potential causes at this time and are still investigating. Please review our blog post from yesterday for additional information.

One of the key components when investigating issues like this are obtaining memory dumps from computers experiencing the problem. In order to get the information we need to fully analyze the issue, some of our support engineers have actually driven to customer locations and picked up affected systems so we can get the needed crash data directly and help inform our investigation. For more information about memory dumps, please see: http://support.microsoft.com/kb/254649.

We encourage customers to follow our “Protect Your PC” best practices and always have up to date anti-virus software running on their systems to help prevent malware infections. For customers who do not have anti-virus software, you can either scan your system using our online tool at http://safety.live.com or you can install Microsoft Security Essentials for free.

This can be a difficult issue to solve once a computer is in an un-bootable state so we encourage customers who feel they have been impacted by this to contact our Customer Service and Support group by either going to https://consumersecuritysupport.microsoft.com or by calling 1-866-PCSafety (1-866-727-2338). International customers can find local support contact numbers here: http://support.microsoft.com/common/international.aspx.

Keep an eye on this blog for more updates as we have them.

Thanks,

Jerry Bryant
Sr. Security Communications Manager Lead