Microsoft is contending that the reports circulating of a Black Screen of Death are not due to the security updates the company issued in November. Meanwhile, security vendor Prevx is offering users a solution to fix the problem.
The so-called Black Screen of Death condition striking some Windows
users is not caused by bugs in November's Patch Tuesday updates, Microsoft stated
Dec. 1.
Security vendor
Prevx
reported on its blog Nov. 27 that Windows users were experiencing a black
screen "due to a change in the Windows operating system's lockdown of
registry keys." According to Prevx, the Windows patches most commonly tied
to the issue are
KB915597
and
KB976098.
"The conditions under which the actual black screen is
triggered are spasmodic," explained David Kennerley, malware researcher at
Prevx. "Some test systems always trigger the condition, others are less
consistent ... When the issue occurs the WinLogon Shell entry for Explorer.Exe
becomes invalidated. The entry exists perfectly in the registry but is unusable
[or] inaccessible and is therefore ignored by the OS, resulting in the desktop
and task bar not being loaded.
"This entry is frequently the target of malware, so
tightening access to it is probably a good thing," Kennerley continued. "However,
the black screen condition is the only sign of the problem, leaving nontechnical
users with a major challenge."
Microsoft did not offer an explanation for the problem, but
stated that it had investigated the matter and found none of its
November
updates were causing the situation.
"Our comprehensive investigation has shown that the
November security updates, the Microsoft Malicious Software Removal Tool, and
the nonsecurity updates we released through Windows Update in November do not
make any changes to the registry as claimed," a Microsoft spokesperson
said. "We do not believe Microsoft Updates are related to the behavior
described in these reports.
"Based on our investigation so far, we can say that we're
not seeing this as an issue from our support organization," the
spokesperson added. "The issues as described also do not match any known
issues that have been documented in the security bulletins or KB articles."
Prevx released a free tool to fix the most common causes of
the issue the company has seen.
"In researching this issue we have identified at least
10 different scenarios [that] will trigger the same black screen conditions,"
Kennerley blogged. "These appear to have been around for years now. But
our advice is, try our tool first. If it works, great. If it doesn't, you are
no worse off."
Customers concerned about the issue can also contact Microsoft's
Customer
Service and Support for free assistance.
Email
Print
