Don
MS13-036: Description of the security update for the Windows file system kernel-mode driver (ntfs.sys): April 9, 2013
Article ID: 2823324 - View products that this article applies to.
On This Page
INTRODUCTION
Microsoft has released security bulletin MS13-036. To view the complete security bulletin, go to one of the following Microsoft websites:
Security solutions for IT professionals: TechNet Security Troubleshooting and Support
Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center
Local support according to your country: International Support
- Home users: Skip the details: Download the updates for your home computer or laptop from the Microsoft Update website now:
- IT professionals:
How to obtain help and support for this security update
Help installing updates: Support for Microsoft UpdateSecurity solutions for IT professionals: TechNet Security Troubleshooting and Support
Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center
Local support according to your country: International Support
More information
Known issues with this security update
- Microsoft is investigating behavior wherein systems may fail to recover from a reboot or applications fails to load after security update 2823324 is applied. Microsoft recommends that customers uninstall this update. As an added precaution, Microsoft has removed the download links to the 2823324 update while we investigate. For information about how to uninstall this update, click the following article number to view the article in the Microsoft Knowledge Base: 2839011 You receive an Event ID 55 or a 0xc000021a Stop error in Windows 7 after you install security update 2823324
FILE INFORMATION
Read More
http://support.microsoft.com/kb/2823324
You receive an Event ID 55 or a 0xc000021a Stop error in Windows 7 after you install security update 2823324
Article ID: 2839011 - View products that this article applies to.
On This Page
Symptoms
Microsoft is investigating behavior where systems may not recover from a restart, or applications cannot load, after security update 2823324 is applied. We recommend that customers uninstall this update. As an added precaution, Microsoft has removed the download links to the 2823324 update while we investigate.
This failure occurs very early in the startup process, and no Memory.dmp file is created.
After you install security update 2823324, Kaspersky Anti-Virus for Windows Workstations or Kaspersky Anti-Virus for Windows Servers versions 6.0.4.1424 and 6.0.4.1611 may display an error message that resembles the following:
Therefore, some or all of Kaspersky protection components stop functioning.
Examples of symptoms
| Language | Error message text |
|---|---|
| Any | The System Event log shows the following event ID: Event Type: Error Event Source: Ntfs Event Category: Disk Event ID: 55 Date: Date Time: Time User: N/A Computer: Computer_name Description: The file system structure on the disk is corrupt and unusable. Please run the Chkdsk utility on the volume E:. Note The volume letter may vary. Chkdsk will run but will not find any issues to fix. |
| Any | STOP: c000021a {Fatal System Error} The Session Manager Initialization system process terminated unexpectedly with a status of 0xC000003a (0x00000000 0x00000000). The system has shutdown. Note The status will always be 0xC000003a if you are experiencing the issue described here. |
| English | Windows failed to start. A Recent hardware or software change might be the cause. To fix the problem, To do this, follow these steps: 1. Insert your windows installation disc and restart your computer. 2. Choose your language settings, and then click next. 3. Click "Repair your computer." Status: 0xc000000e Info: The boot selection failed because a required device is inaccessible. |
| Portuguese | Mensagem de Erro 1 STOP: c000021a {Fatal System Error} The Session Manager Initialization system process terminated unexpectedly with a status of 0xC000003a (0x00000000 0x00000000). The system has shutdown. Mensagem de Erro 2 O Windows não foi iniciado com êxito. Uma alteração recente de hardware ou software pode ter causado o problema. Para corrigir o problema: 1. Insira o disco de instalação do Windows w reinicie o computador. 2. Escolha as configurações do seu idioma e clique em "Avançar". 3. Clique em "Reparar o seu computador". Se você não tiver o disco, entre em contato com o administrador do sistema ou fabricante do computador para obter assistência. Status: 0xc000000e Informações: A seleção da inicialização falhou porque um dispositivo necessário está inacessível. |
After you install security update 2823324, Kaspersky Anti-Virus for Windows Workstations or Kaspersky Anti-Virus for Windows Servers versions 6.0.4.1424 and 6.0.4.1611 may display an error message that resembles the following:
Your license is not valid.
Therefore, some or all of Kaspersky protection components stop functioning.
Status
Microsoft is researching this problem and will post more information in this article when the information becomes available. This includes issuing a new update that resolves the issues discussed in this article.
Resolution
We recommend that customers uninstall update 2823324, which is provided in Microsoft Security bulletin MS13-036. This article provides multiple methods to uninstall the update.
If multiple computers are affected, and you want to run a script remotely to remove the update, you can use the following command to remove the security update silently:
If multiple computers are affected, and you want to run a script remotely to remove the update, you can use the following command to remove the security update silently:
Scenario A: Recovery steps for computers that have installed security update 2823324 but have not yet restarted
For computers that have security update 2823324 installed but have not yet restarted, follow the steps in Microsoft Knowledge Base article 927392 to uninstall the hotfix by using the command line syntax that is described in the article.Option 1: Manually uninstall the Security Update
- In Control Panel, open Programs, and then click View Installed updates.
- Select Security Update for Microsoft Windows (KB2823324), and then click Uninstall to uninstall the security update.
Option 2: Incorporate a command line uninstall in a custom script
If multiple computers are affected, and you want to run a script remotely to remove the update, you can use the following command to remove the security update silently:
wusa.exe /uninstall /kb:2823324 /quiet /norestart
Option 3: Run removal script remotely by using PSEXEC
If multiple computers are affected, and you want to run a script remotely to remove the update, you can use the following command to remove the security update silently:
Psexec -d -s \\remotemachine wusa.exe /uninstall /kb:2823324 /quiet /norestart
Scenario B: Recovery steps for computers that have installed security update 2823324 and are now failing to start
Option 1: Recover the last Restore Point
- Restart by using the F8 key.
- Select Repair your Computer.
- Select the language, and then log on to the computer.
Note If you do not know the local password, you must start by using a Windows 7 DVD or USB bootable media. Then, access System Recovery Options. - Select System Restore from the menu:
- Restore the last restore point. This uninstalls security update 2823324.
- Restart the computer into normal mode.
Option 2: Recover the last Restore Point
- Restart by using the F8 key.
- Select Repair your Computer.
- Select the language, and then log on to the computer.
Note If you do not know the local password, you must start by using a Windows 7 DVD or USB bootable media. Then, access System Recovery Options. - Select Command Prompt from the menu:
- At the command prompt, run the following command: dism /image:C:\ /cleanup-image /revertpendingactions
- Restart the computer into normal mode.
Option 3: Uninstall security update 2823324 at the command prompt
- Restart by using the F8 key.
- Select Repair your Computer.
- Select the language, and then log on to the computer.
Note If you do not know the local password, you must start by using a Windows 7 DVD or USB bootable media. Then, access System Recovery Options. - Select Command Prompt from the menu:
- At the command prompt, run the following command: dism /image:C:\ /get-packages
- Search the results for security update 2823324.
- Copy the package name, and paste it as shown: dism /image:C:\ /remove-package /PackageName:Package_for_KB2823324~31bf3856ad364e35~x86~~6.1.1.1
- You receive a message that states that the uninstallation was successful.
- Restart the computer into normal mode.
More information
While Microsoft is investigating the issues that are described in this article, the MS13-036 security update (KB 2823324) is no longer being offered by Windows Update.
Properties
Article ID: 2839011 - Last Review: April 12, 2013 - Revision: 2.0
Applies to
- Windows 7 Service Pack 1, when used with:
- Windows 7 Enterprise
- Windows 7 Professional
- Windows 7 Ultimate
- Windows 7 Home Premium
- Windows 7 Home Basic
- Windows 7 Enterprise
- Windows 7 Professional
- Windows 7 Ultimate
- Windows 7 Home Premium
- Windows 7 Home Basic
- Windows Server 2008 R2 Service Pack 1, when used with:
- Windows Server 2008 R2 Standard
- Windows Server 2008 R2 Enterprise
- Windows Server 2008 R2 Datacenter
- Windows Server 2008 R2 Standard
- Windows Server 2008 R2 Enterprise
- Windows Server 2008 R2 Datacenter
- Windows Server 2008 Service Pack 2, when used with:
- Windows Server 2008 for Itanium-Based Systems
- Windows Server 2008 Datacenter
- Windows Server 2008 Enterprise
- Windows Server 2008 Standard
- Windows Web Server 2008
Keywords: | atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability KB2839011 |
Give Feedback
Read More...
http://support.microsoft.com/kb/2839011/en-us
- Microsoft announced that MS13-036 the security update patch has stopped pushing a security update originally released on Patch Tuesday because the fix is causing some PCs to Blue Screen BSOD
- MS13-036 Blue Screen Fix - Google Search
- Microsoft Yanks Faulty Update from April Patch Tuesday
- Microsoft: Uninstall Faulty Patch Tuesday Security Update | threatpost
- Microsoft urges Windows 7 users to uninstall 'Blue Screen of Death' patch - Computerworld
- MS13-036: Description of the security update for the Windows file system kernel-mode driver (ntfs.sys): April 9, 2013
- The chkdsk utility is launched after the computer is restarted upon KB2823324 update installation
- You receive an Event ID 55 or a 0xc000021a Stop error in Windows 7 after you install security update 2823324
- You receive an Event ID 55 or a 0xc000021a Stop error in Windows 7 after you install security update 2823324
- Vista SP1 prerequisite updates send some PCs into endless reboot - Computerworld
- Microsoft says malware causing blue screen crashes - Computerworld
- Microsoft says rootkit caused Windows blue screens - Computerworld
No comments:
Post a Comment