Search My Blog

Friday, April 12, 2013

Microsoft announced that MS13-036 security update patch is causing some PC's to Blue Screen BSOD

Watch out for this Windows 7 Update!:O Microsoft announced that MS13-036 the security update patch has stopped pushing a security update originally released on Patch Tuesday because the fix is causing some PCs to Blue Screen BSOD

Don

MS13-036: Description of the security update for the Windows file system kernel-mode driver (ntfs.sys): April 9, 2013

Article ID: 2823324 - View products that this article applies to.

On This Page

INTRODUCTION

Microsoft has released security bulletin MS13-036. To view the complete security bulletin, go to one of the following Microsoft websites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

Back to the top | Give Feedback

More information

Known issues with this security update

  • Microsoft is investigating behavior wherein systems may fail to recover from a reboot or applications fails to load after security update 2823324 is applied. Microsoft recommends that customers uninstall this update. As an added precaution, Microsoft has removed the download links to the 2823324 update while we investigate. For information about how to uninstall this update, click the following article number to view the article in the Microsoft Knowledge Base:
    2839011 You receive an Event ID 55 or a 0xc000021a Stop error in Windows 7 after you install security update 2823324
Back to the top | Give Feedback

FILE INFORMATION

Read More
http://support.microsoft.com/kb/2823324


You receive an Event ID 55 or a 0xc000021a Stop error in Windows 7 after you install security update 2823324

Article ID: 2839011 - View products that this article applies to.

On This Page

Symptoms

Microsoft is investigating behavior where systems may not recover from a restart, or applications cannot load, after security update 2823324 is applied. We recommend that customers uninstall this update. As an added precaution, Microsoft has removed the download links to the 2823324 update while we investigate.

Examples of symptoms

Language Error message text
Any The System Event log shows the following event ID:

Event Type: Error
Event Source: Ntfs
Event Category: Disk
Event ID: 55
Date: Date
Time: Time
User: N/A
Computer: Computer_name
Description:
The file system structure on the disk is corrupt and unusable. Please run the Chkdsk utility on the volume E:.


Note The volume letter may vary. Chkdsk will run but will not find any issues to fix.
Any
STOP: c000021a {Fatal System Error}
The Session Manager Initialization system process terminated unexpectedly with a status of 0xC000003a (0x00000000 0x00000000).
The system has shutdown.


Note The status will always be 0xC000003a if you are experiencing the issue described here.
English Windows failed to start. A Recent hardware or software change might be the cause. To fix the problem, To do this, follow these steps:

1. Insert your windows installation disc and restart your computer.
2. Choose your language settings, and then click next.
3. Click "Repair your computer."

Status: 0xc000000e
Info: The boot selection failed because a required device is inaccessible.
Portuguese Mensagem de Erro 1

STOP: c000021a {Fatal System Error}
The Session Manager Initialization system process terminated unexpectedly with a status of 0xC000003a (0x00000000 0x00000000).
The system has shutdown.

Mensagem de Erro 2

O Windows não foi iniciado com êxito. Uma alteração recente de hardware ou software pode ter causado o problema. Para corrigir o problema:
1. Insira o disco de instalação do Windows w reinicie o computador.
2. Escolha as configurações do seu idioma e clique em "Avançar".
3. Clique em "Reparar o seu computador".
Se você não tiver o disco, entre em contato com o administrador do sistema ou fabricante do computador para obter assistência.

Status: 0xc000000e
Informações: A seleção da inicialização falhou porque um dispositivo necessário está inacessível.
This failure occurs very early in the startup process, and no Memory.dmp file is created. 

After you install security update 2823324, Kaspersky Anti-Virus for Windows Workstations or Kaspersky Anti-Virus for Windows Servers versions 6.0.4.1424 and 6.0.4.1611 may display an error message that resembles the following: 

Your license is not valid.


Therefore, some or all of Kaspersky protection components stop functioning.
Back to the top | Give Feedback

Status

Microsoft is researching this problem and will post more information in this article when the information becomes available. This includes issuing a new update that resolves the issues discussed in this article.
Back to the top | Give Feedback

Resolution

We recommend that customers uninstall update 2823324, which is provided in Microsoft Security bulletin MS13-036. This article provides multiple methods to uninstall the update. 

Scenario A: Recovery steps for computers that have installed security update 2823324 but have not yet restarted

For computers that have security update 2823324 installed but have not yet restarted, follow the steps in Microsoft Knowledge Base article 927392 to uninstall the hotfix by using the command line syntax that is described in the article.

Option 1: Manually uninstall the Security Update

  1. In Control Panel, open Programs, and then click View Installed updates.
  2. Select Security Update for Microsoft Windows (KB2823324), and then click Uninstall to uninstall the security update.

Option 2: Incorporate a command line uninstall in a custom script


If multiple computers are affected, and you want to run a script remotely to remove the update, you can use the following command to remove the security update silently: 
wusa.exe /uninstall /kb:2823324 /quiet /norestart


Option 3: Run removal script remotely by using PSEXEC


If multiple computers are affected, and you want to run a script remotely to remove the update, you can use the following command to remove the security update silently:  
Psexec -d -s \\remotemachine wusa.exe /uninstall /kb:2823324 /quiet /norestart


Scenario B: Recovery steps for computers that have installed security update 2823324 and are now failing to start

Option 1: Recover the last Restore Point

  1. Restart by using the F8 key.
  2. Select Repair your Computer.
  3. Select the language, and then log on to the computer.

    Note If you do not know the local password, you must start by using a Windows 7 DVD or USB bootable media. Then, access System Recovery Options.
  4. Select System Restore from the menu: 
  5. Restore the last restore point. This uninstalls security update 2823324.
  6. Restart the computer into normal mode.

Option 2: Recover the last Restore Point

  1. Restart by using the F8 key.
  2. Select Repair your Computer.
  3. Select the language, and then log on to the computer.

    Note If you do not know the local password, you must start by using a Windows 7 DVD or USB bootable media. Then, access System Recovery Options
  4. Select Command Prompt from the menu:
  5. At the command prompt, run the following command:
    dism /image:C:\ /cleanup-image /revertpendingactions
  6. Restart the computer into normal mode.

Option 3: Uninstall security update 2823324 at the command prompt

  1. Restart by using the F8 key.
  2. Select Repair your Computer.
  3. Select the language, and then log on to the computer.

    Note If you do not know the local password, you must start by using a Windows 7 DVD or USB bootable media. Then, access System Recovery Options
  4. Select Command Prompt from the menu:
  5. At the command prompt, run the following command:
    dism /image:C:\ /get-packages
  6. Search the results for security update 2823324.
  7. Copy the package name, and paste it as shown:
    dism /image:C:\ /remove-package /PackageName:Package_for_KB2823324~31bf3856ad364e35~x86~~6.1.1.1
    Expand this image
  8. You receive a message that states that the uninstallation was successful. 
  9. Restart the computer into normal mode.
Back to the top | Give Feedback

More information

While Microsoft is investigating the issues that are described in this article, the MS13-036 security update (KB 2823324) is no longer being offered by Windows Update. 
Back to the top | Give Feedback

Properties

Article ID: 2839011 - Last Review: April 12, 2013 - Revision: 2.0
Applies to
  • Windows 7 Service Pack 1, when used with:
    • Windows 7 Enterprise
    • Windows 7 Professional
    • Windows 7 Ultimate
    • Windows 7 Home Premium
    • Windows 7 Home Basic
  • Windows 7 Enterprise
  • Windows 7 Professional
  • Windows 7 Ultimate
  • Windows 7 Home Premium
  • Windows 7 Home Basic
  • Windows Server 2008 R2 Service Pack 1, when used with:
    • Windows Server 2008 R2 Standard
    • Windows Server 2008 R2 Enterprise
    • Windows Server 2008 R2 Datacenter
  • Windows Server 2008 R2 Standard
  • Windows Server 2008 R2 Enterprise
  • Windows Server 2008 R2 Datacenter
  • Windows Server 2008 Service Pack 2, when used with:
    • Windows Server 2008 for Itanium-Based Systems
    • Windows Server 2008 Datacenter
    • Windows Server 2008 Enterprise
    • Windows Server 2008 Standard
    • Windows Web Server 2008
Keywords: 
atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability KB2839011
Back to the top | Give Feedback

Give Feedback



Read More...
http://support.microsoft.com/kb/2839011/en-us

Microsoft announced that MS13-036 the security update patch has stopped pushing a security update originally released on Patch Tuesday because the fix is causing some PCs to Blue Screen BSOD
MS13-036 Blue Screen Fix - Google Search
Microsoft Yanks Faulty Update from April Patch Tuesday
Microsoft: Uninstall Faulty Patch Tuesday Security Update | threatpost
Microsoft urges Windows 7 users to uninstall 'Blue Screen of Death' patch - Computerworld
MS13-036: Description of the security update for the Windows file system kernel-mode driver (ntfs.sys): April 9, 2013
The chkdsk utility is launched after the computer is restarted upon KB2823324 update installation
You receive an Event ID 55 or a 0xc000021a Stop error in Windows 7 after you install security update 2823324
You receive an Event ID 55 or a 0xc000021a Stop error in Windows 7 after you install security update 2823324
Vista SP1 prerequisite updates send some PCs into endless reboot - Computerworld
Microsoft says malware causing blue screen crashes - Computerworld
Microsoft says rootkit caused Windows blue screens - Computerworld


No comments: