Microsoft Amends Security Update After Reports of System Errors

Microsoft has amended a security update containing a patch that reportedly caused errors in some third-party software.

Microsoft has amended a security update containing a patch that reportedly caused errors in some third-party software.

The update, number 2823324, was distributed on Tuesday as part of MS13-036, a batch of patches that fix three Windows vulnerabilities in a kernel-mode driver.

"We've determined that the update, when paired with certain third-party software, can cause system errors," wrote Dustin Childs, a group manager in Microsoft's Trustworthy Computing division, on a company blog. "As a precaution, we stopped pushing 2823324 as an update when we began investigating the error reports and have since removed it from the download center."

Contrary to some reports, the system errors do not cause data to be lost and also do not necessarily affect all computers that applied the patch, Childs wrote. Microsoft published instructions for how to uninstall the security update.

Microsoft has removed the particular patch from MS13-036, which is still being pushed to its customers, Childs added.

The most severe of the three vulnerabilities that MS13-036 addresses could allow an attacker elevated privileges if the person runs a specially crafted application. But the attacker would need to have valid login credential and physical access to the computer.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

To comment on this article and other CIO content, visit us on Facebook, LinkedIn or Twitter.
Related:
Download the CIO October 2016 Digital Magazine
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.