Patches Are Good but Not Always Foolproof

By Sue Poremba | Feb 12, 2010 | Print this Page
http://www.enterprisenetworkingplanet.com/netsecur/patches-are-good-not-always-foolproof

Regular readers know that I'm a cheerleader for making sure your computer is protected with the latest patches available, and you probably know that Microsoft released a record number of patches this past week.

However, even the best plans can go awry, and that includes patches.

John Breeden at Government Computer News reported that a Microsoft security patch could result in the Blue Screen of Death for Windows XP users. Breeden wrote:

After the patch install, users are getting this message: "A problem has been detected and Windows has been shut down to prevent damage to your computer. PAGE_FAULT_IN_NONPAGED_AREA." Some users have also reported that once successfully booted into XP, the patch has caused their system to reboot, and then they get the aforementioned blue screen of death. The users with the problem also say that booting in safe mode is no help.

Microsoft has pulled the patch.

But is it the patch or something else causing the problem? Ed Bott at ZDNet pointed out that the culprit might be related to undetected malware infections:

I found an unrelated report with similar details in a thread at bleepingcomputer.com, where a user reported experiencing this issue and provided diagnostic reports showing infections by several rootkits and Trojan-horse programs (Rootkit.Win32.Agent and Backdoor.Tidserv, also known as TDDS), as well as the Koobface worm. One detail that caught my eye in that thread was the name of that Tidserv nasty, which is known to replace Atapi.sys with an infected version.

So should you patch? This might be one of those times to be patient, see what Microsoft has to say after it investigates the situation more, and in the meantime, run your anti-malware program.