Categories: PCSecurityWorkspace

Microsoft Repairs Botched Patch Tuesday Update

Microsoft has been forced into a humiliating repair of its own security update in order to fix reports that the patch was causing system errors for customers.

The problem lies in security update 2823324, which was pushed out 9 April as part of security bulletin MS13-036. This update was meant to address four vulnerabilities in the Windows kernel-mode driver. For some users, however, it only caused problems.

System Errors

“We’ve determined that the update, when paired with certain third-party software, can cause system errors,” blogged Dustin Childs, a group manager of response communications in Microsoft’s Trustworthy Computing Group. “As a precaution, we stopped pushing 2823324 as an update when we began investigating the error reports and have since removed it from the download centre.”

The system errors do not cause any data loss, and they do not affect all Windows customers, Childs wrote. Still, he added, all customers should follow the guidance in KB2839011 to uninstall security update 2823324 if it is already installed.

“Update 2823324 addresses a moderate-level vulnerability that requires an attacker to have physical computer access to exploit,” blogged Childs. “MS13-036 remains available for download and is being pushed via updates to help protect customers against the other issues documented in the security bulletin – it no longer contains the affected update.”

The issue appears to be mostly confined to users in Brazil that have a banking security plug-in called ‘G-Buster’ installed, blogged Wolfgang Kandek, CTO of Qualys.

G-Buster is locally developed in Brazil by the company GAS Tecnologia and is widely installed in Brazil,” he wrote. “Some of the major banks require their customers to install it to secure Internet banking. The plug-in, which provides a virtualised and hardened operating environment for safer banking, and one of its security measures is interfering with the Windows kernel patch contained in MS13-036.”

Kandeck noted that “given the number of complaints in Brazil it is clear that Microsoft does not have this particular combination of Windows 7 and G-Buster plug-in in its QA setup.” Furthermore, in order to “provide the additional security functions, G-Buster has to interfere with low-level functions of the Windows operating system, similar to software such as antivirus and host intrusion detection systems. It will be interesting to read the post-mortem to see [whether] G-Plugin uses any undocumented features that caused the problem or whether all APIs used to provide the additional security functions.”

Kaspersky Issue

Microsoft’s knowledgebase article on the issue explains that one symptom of the bug can be that Kaspersky Anti-Virus for Windows may display a message claiming its licence is invalid and that it cannot provide anti-malware protection, noted Graham Cluley, senior technology consultant at Sophos, in a blog post.

MS13-036 was designed to address four vulnerabilities, the most serious of which could be exploited to escalate privileges if an attacker logs onto the system and runs a specially-crafted application. Though the bulletin is ranked “important,” Microsoft gave it an Exploitability Index rating of 1, its highest classification.

All totalled, Microsoft released nine security bulletins this month as part of Patch Tuesday. The bulletins address 14 security vulnerabilities across Windows, Internet Explorer and a number of other products.

What do you know about Internet security? Find out with our quiz!

Originally published on eWeek.

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago