MS update gives some XP boxes the Blue Screen Applying the latest patches from Microsoft can cause Windows XP machines to crash with the infamous blue screen of death. Updating systems with the MS10-015 bulletin, which addresses "important" vulnerabilities in Windows Kernel, can cause machines to lock up when restarted before falling into a never-ending reboot loop. The …
I always disable automatic updates, but I always manually apply updates when the notification comes up.... except today when I had a chance to read this (and other ) article and now I can wait for M$ to fix the problem.
Being up to date is very important, but it is even more important to make informed decisions on patch management. I don't have blind faith that every patch is safe.
Disabling them completely is not a good idea, but setting it to the option where it will notify you of the existence of updates without blindly installing them is sensible. Then you can install them when it's convenient for you.
I've had a machine doing something overnight before now that I hadn't realised was set to install updates. Along comes an update, machine reboots on its own in the middle of the night, goodbye to what it was doing and I lose time because it failed to complete the test run.
Around November, a patch was released that wouldn't bluescreen, but also put certain combinations of PC's in the never ending boot condition, making me a very busy person. Many people thought a "virus" broke their computers, and I'm somewhat tempted to agree. Haven't found a way out other than to revert the patch and stop windows updates altogether.
Just a couple of months ago, several of our Windows XP machines got screwed up by a false-positive antivirus alert which caused the antivirus service to delete critical system files. We couldn't believe it at first, all users login to limited accounts but the weak link was the antivirus service.
The machines wouldn't boot normally but did boot into safemode. Unfortunately, the System Restore facility failed so we couldn't just roll back to a restore point. While manually restoring the system, Microsoft's anti-piracy subsystem kicked in, rendering the system useless as it disallowed safemode logins.. and the system wouldn't boot normally. So we were locked out because Windows didn't think its licence had been activated, but we couldn't login to register/activate it!
Now just a couple of months later, this has happened.. an official Microsoft update has rendered the systems unusable again!
We're now looking at deploying a Debian-based Linux distribution on all our desktops. Microsoft Windows is a far too unstable for serious business use!
microsoft are doing this on purpose to get people away from xp altogether cause they know people wont move to vista or 7 because either they cant afford to move or there systems dont support the new os. chances are there system wont support it the drivers in particular my mothers laptop is over 4 5 years old it came preinstalled with xp home and ive tried 7 on it and straight away loads of features got disabled when i did so i solved buy moving back to xp using the recovery cd.
The linked MS thread has info here. Seems that the problem may be due to the TDSS rootkit. Replacing the infected atapi.sys that this POS puts in place with a kosher one on affected machines seems to fix the problem (as does uninstalling the "dodgy" patch - for which instructions are provided).
This would explain why those machines affected don't seem to have anything else in common by way of configuration.
If this does turn out to be the root (hah) cause, I don't think we can blame MS......well, not for this particular cockup anyway. I'll keep the flamethrower on standby 'til a definitive answer turns up.
I just got settled into my new place, internet just tuned up after 3 days of withdrawl...Good Ol Microsoft Update! I went into reboot cycling, tried fixing it, spent 4 hours on the phone (mostly on HOLD) intermittantly interrupted by some thick indian accented individual NEVER mentioning.."Ohh that...we know about that" Even after describing my problem.
Now they make the push to upgrade...the only thing I'm likely to upgrade to is LINUX (wonder how Mandrake is...haven't used that in a while). I just KNEW I was going to find this cheezy steamin pile of BAD NEWS!! I had a feelin this was the cause, now it's confirmed!
Wandering around the internet looking at this wonderful new achievement from Microsoft I think it may not be just Win XP.
Quote from "Ars Technica" dot com
"The majority of users who are complaining about the issue are on Windows XP, but some users in the thread mention this occurs for them on Windows Server 2003 and Windows Vista."
I've noticed other issues on some machines I've updated- including previously stable machines dropping wireless connections, and any previous installed clients for managing connections (such as the MSI manager) being disabled in favour of allowing Windows manage connections. I've had to reinstall drivers and apps on 3 different systems thus far. I'm far from happy.......
Once upon a time Windows XP SP2 when it first came out after installtion broke my firewire card driver from initialising properly. If you left the network enabled in windows it would not boot just a black screen. Had to pull the card out and disable it.
Then with vista I did one of those "hiigh priority updates" which cause the machine to be stuck in a reboot loop, and the only way of fixing it was to plug the drive into a linux machine and delete the pending.xml file. On installing the update a second time it was fine.
This is the crappiness you expect from Microsoft, learn to live with it.
Ahh... perfect. This solved a puzzle I had with a Toshiba laptop. After following the instructions in the Microsoft post, the BSOD has gone.
I had a different error number for the STOP, but fixed the same way by uninstalling that update.
(Good to see MS put the answer at the TOP of that thread instead of having to wade through a discussion)
My recipe: keep the Windows/applications system partition separate and small (15 GB plus hibernation file, page file 4000 MB on a separate volume), and back it up regularly, particularly before a Windows Update session. But do apply those updates promptly, because bad people examine them specifically to find out how to hack computers that haven't got 'em.
Maybe a failed update will work when applied a second time - for instance if the order of different updates matters. If you leave an update off, note the description of the risk that it addresses, and avoid doing the risky thing e.g. clicking on hyperlinks in e-mail.
I've been using Knoppix 6.2 Linux on bootable CD or USB stick, and specifically partimage, to make a single copy of volume C split into 333 MB files (which pack nicely onto CDs or DVD), but I'm planning to switch to ntfsclone because partimage apparently has a problem with volumes containing bad sectors(?) I had an unpleasant virus-type experience while using SystemRescueCD which may not have been its fault.
If you don't use hibernation or if you disable it before backing up, a hidden file C:\hiberfil.sys equal to your RAM size is NOT included in the backed-up volume. If something goes wrong with Windows (and it has), you can just boot Linux and restore C to the way it was. (We don't need no steenking restore points!)
Of course the saying applies "You only THINK you've got a backup" - it's better to have a fallback position in case your latest backup fails when you try to restore. Also, verify your CDs or DVDs, including by comparing files to the files on disk.
Keeping your backups away from nosy people is an exercise you can work out for yourself!
... (but it may not be true) that it seems to be tied to certain device drivers or even perhaps device firmware. If so then MS testing probably wasn't as thorough as it should be. However, if this does turn out to be the case I'm willing to bet MS will manage to spin it that the drivers concerned did not comply with Windows standards.
Of course it might not be the case at all, I don't think we've had a single BSoD reported out of over 4000 XP machines patched this week and that covers a huge variety of hardware.
I am dealing with this issue on a customers PC as I type. Having read many of the posts on this problem I would just give the following summary.
The most common trigger for this issue appears to be a pre-existing malware infection - especially a Rootkit infection of the ATAPI.SYS file. The key givaway for this infection is that the infected ATAPI.SYS file has no Version Tab when you look at its properties panel. Replacing this file with a clean copy can be the start of the cleanup and often allows you to boot the system. The following link may be helpfull:
https://patrickwbarnes.com/blog/2010/02/microsoft-update-kb977165-triggering-widespread-bsod/
"It's still unclear why affected systems throw a wobbler while other near-identical Win XP PCs chug along quite happily after the updates are applied."
If you can figure this one out, perhaps you can tell me why of 6 identical brand new XP latitudes we got in recently, two wouldn't run windows update and one was missing the 'RunOnce' reg key, meaning it wouldn't install VPN software.
This happened me before with Thinkpads. Booted two brand new identical ones up, one bluescreened straight away
It's not ones and zeros, it's blood and tears.
Simon
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
