Microsoft Investigates Windows Blue Screen of Death Reports

Microsoft is looking into user reports of a problem that causes the so-called Blue Screen of Death. The initial investigation suggests a link to a Windows security update issued as part of Patch Tuesday.

Microsoft is investigating reports that users are experiencing the infamous "Blue Screen of Death" after installing one of Microsoft's Patch Tuesday security updates.

According to Microsoft, the problem appears to be related to MS10-015, but the company has not determined if the problem is specific to MS10-015 or if it is an interoperability problem with another component or third-party software. The bulletin addresses two Windows Kernel privilege escalation bugs, and was among 13 issued Feb. 9 to plug a total of 26 security holes.

Reports of the issue began trickling in on Windows support forums after the Patch Tuesday updates were rolled out. The claims mostly involve Windows XP. One of the user-proposed solutions is to boot from the XP installation CD, launch the recovery console and enter a series of commands detailed here.

"Our teams are working to resolve this as quickly as possible," Jerry Bryant, senior security communications manager lead at Microsoft, wrote on the Microsoft Security Response Center blog. "We also stopped offering this update through Windows Update as soon as we discovered the restart issues. However, those using enterprise deployment systems such as SMS or WSUS will still see and be able to deploy these packages."

Bryant added, "At this time, we are not aware of any issues with the other updates that were released this month and we continue to encourage customers to install them as soon as possible in order to help ensure that they [are] protected from the vulnerabilities they address."

If users choose not to install MS10-015, they can disable the NTVDM subsystem as a workaround for CVE-2010-0232. Exploitation requires the attacker to have valid log-on credentials and be able to log on locally, according to Microsoft's advisory.