Forgot your password?
typodupeerror
Microsoft Security IT

Black Screen of Death Not Microsoft's Fault 583

Posted by CmdrTaco
from the well-not-directly-anyway dept.
Barence follows up to the ongoing Black Screen of Death Saga by saying "Microsoft says reports of 'Black Screen of Death' errors aren't caused by Windows Updates, as claimed by a British security firm. The software giant claims November's Windows Updates didn't alter registry keys in the way described by Prevx, which said that the Microsoft Patches caused PCs to boot with just a black screen and a Windows Explorer window. Microsoft is now blaming the problem on malware. Prevx has issued a grovelling apology on its own blog."
This discussion has been archived. No new comments can be posted.

Black Screen of Death Not Microsoft's Fault

Comments Filter:
  • malware... (Score:5, Funny)

    by lorenzo.boccaccia (1263310) on Wednesday December 02, 2009 @01:00PM (#30298860)
    malware? there is no malware on windows 7! microsoft promised!
  • by halcyon1234 (834388) <halcyon1234@hotmail.com> on Wednesday December 02, 2009 @01:03PM (#30298902) Journal

    TFA says a piece of malware can knock out the null-terminator in a required string, which Explorer relies on to load properly.

    While it's good to know that a simple problem can be solved quickly (and the root cause discovered, damn you malware), and it's also good to see that Prevx can apologize when the make a mistake-- but I have to wonder if Microsoft would have been attended to as quickly as they had had Prevx not complained as loudly as they did.

    • by geekoid (135745) <dadinportland@ya[ ].com ['hoo' in gap]> on Wednesday December 02, 2009 @01:19PM (#30299152) Homepage Journal

      Historically speaking? no.
      That said, MS is actually changing.

      Of course, the root of this problem is the registry.

      • Re: (Score:2, Informative)

        It's not really the registry per se; it's the fact that the Win32 API uses NULL-terminated strings while the underlying NT API uses Pascal strings. You can run into similar problems with the file system for the same reason. This dilemma can't really be fixed due to backward compatibility concerns, so this problem will continue to exist in all versions of Windows into the foreseeable future.

      • Re: (Score:2, Insightful)

        by plague3106 (71849)

        How would this be any different if the configuration settings were stored in a flat file?

      • Re: (Score:3, Interesting)

        by BitZtream (692029)

        Citation needed.

        There is no problem with the registry in principal. Acting like their is just shows your ignorance.

        There have certainly been implementation issues with the libraries to access it. There almost certainly will be more in the future.

        This is no different than any library that provides the same sort of functionality.

        The problem could be the same if we used ini files, or xml files, or some random file format.

        The only thing the 'registry' actually is, is a set of defined API calls to access data.

  • So, Windows 7 is much more susceptible to malware than previously claimed? This is the big win for Microsoft? Sorry, but if that large enough of a percentage of folks are experiencing the problem, then it's a real issue that MS needs to address. It sounds like they are just saying "not my problem", and forgetting about it. Meantime Windows 7 will be completely destroyed by the time it gets decent marketshare.

    Maybe MS turned their attention to Windows 8 a little sooner than claimed.

    • by anthonyfk (1394881) on Wednesday December 02, 2009 @01:14PM (#30299062)
      You assume that accepting blame and fixing the problem aren't mutually exclusive. Just because Microsoft said "that's not our fault" doesn't mean they won't fix it.
    • by shutdown -p now (807394) on Wednesday December 02, 2009 @01:15PM (#30299078) Journal

      Any OS is susceptible to malware. Malware is what users explicitly run, and then it does bad things to their system. You can't secure against that, and no OS on the market today does that. You can pop up tons of prompts, but then it's the "dancing bunnies" problem - depending on how enticing the malware author can make it sound, the user can be convinced to click "Yes" on each and every prompt.

      • by ShieldW0lf (601553) on Wednesday December 02, 2009 @01:30PM (#30299310) Journal
        Any OS is susceptible to malware. Malware is what users explicitly run, and then it does bad things to their system. You can't secure against that, and no OS on the market today does that.

        Since switching to Ubuntu, I have had no need to install weird things off the internet. I just go to Ubuntu's software repositories, and I can download thousands and thousands of pieces of software that have been tested just for my operating system. No malware, no viruses, no attention seeking software that wants to embed a brand in my brain, no nagging to buy additional products, nothing.

        I consider it to be the case that my free OS does indeed protect me against malware, where proprietary offerings that cost hundreds of dollars more do not.
        • by MojoRilla (591502)
          I think this is a key strength of open source. You can have a single organization package all the software you might ever need, and if they don't do a good job, you can switch to another. As opposed to closed source, where everyone jealously compiles their own binaries because they are afraid of anyone seeing the holy source code. Even Apple, which controls the IPhone with an iron fist and has a choke hold on app distribution doesn't have source level access to the applications on its platform.
        • by Anonymous Coward on Wednesday December 02, 2009 @02:02PM (#30299744)

          Ubuntu protects you from malware in the same way that a Geo protects you from carjackers.

          • by natehoy (1608657)

            And here I was thinking that a post could never be simultaneously Flamebait, Insightful, AND Funny at the same time. Bravo, sir!

        • Re: (Score:2, Insightful)

          by AlfredZhang (1423421)
          You are right. There is almost no malware on Ubuntu. But again it does not need a malware to be rendered completely unusable. A mindless update to a buggy version of anything from the repositories will do.
        • Re: (Score:2, Insightful)

          by e2d2 (115622)

          So you're saying that because you go to Ubuntu's repositories and download applications that you are secure from malware?

          Pass the pipe sir, I think I need a toke to make sense of that.

        • by rabbit994 (686936)

          Microsoft could create a repository of software that users could download but I can only imagine the screaming that would develop from all the 3rd party developers. When you have less the 1% of desktop market share and 3rd party companies don't have any money tied up in your OS, you can make repositories. Microsoft does give away free Anti Virus and Anti Malware and put in UAC. There is probably little else they can do.

        • by Like2Byte (542992)

          I agree with the sentiment of your post; however, you and other Linux-distro users are fairly savvy when it come to the installation of software devoid of malicious intent. However, as soon as Linux is "ready-for-the-desktop" and being used regularly and widespread by female teenagers and grandmas alike, things will steadily go down hill from that point forward for Linux' rather clean history of being malware free.

          Do I really need to point out that great adoption of any one OS will yield malware targeting t

        • Since switching to Ubuntu, I have had no need to install weird things off the internet. I just go to Ubuntu's software repositories, and I can download thousands and thousands of pieces of software that have been tested just for my operating system. No malware, no viruses, no attention seeking software that wants to embed a brand in my brain, no nagging to buy additional products, nothing.

          On the other hand, this makes you susceptible to the "Google syndrome" - if it's not in your repositories, then it doesn't exist. That's a fairly limited world view, don't you think?

          Also, while we're speaking about Ubuntu... I'm glad that they finally found the time to update the package for Eclipse to 3.5 in 9.10, but for the previous 5 (!) major Ubuntu releases it was stuck at 3.2 [launchpad.net] (so in 9.04, it was 2 versions behind upstream out of the box). The result was that virtually everyone who needed Eclipse on U

        • by Ogive17 (691899)
          Wow, congratulations. I've been running XP for around 5 years and have never had a virus, malware or attention seeking software installed on my computer unless I specifically installed it myself.

          Don't blame the software for stupid users.
        • by zullnero (833754) on Wednesday December 02, 2009 @02:29PM (#30300092) Homepage
          The real question there is really a matter of user freedom vs. turning your choice over to whomever manages those repositories as a gatekeeper. It's an easier choice to make on a smartphone since people are going to generally use it for the same major reasons, but on a laptop or desktop, it depends more on what you want to get out of it.

          Some folks don't mind being given the freedom to determine what is going to be bad for them and what is going to be good for them...and some folks want their hands held for them. Linux does give you both options, it just makes it a PITA for "ordinary folks" to do it one way and thus, guides them into the repos.

          Microsoft announcing that they'd be the absolute gatekeeper for software installs would probably be like dropping an atom bomb on a lot of legitimate software companies along with a lot of illegitimate companies that produce badware. They had a little experience with this already, what with Palladium and Trustworthy Computing. Didn't go over too well, did it?
    • by geekoid (135745) <dadinportland@ya[ ].com ['hoo' in gap]> on Wednesday December 02, 2009 @01:20PM (#30299172) Homepage Journal

      DId you rad the link? this is not being reported by very many people at all.

      And in fact, it isn't their problem.

    • Re: (Score:3, Insightful)

      This is a completely bullshi** statement. How does the article in any way suggest that Windows 7 is more susceptible to malware? And more susceptible compared to what? And where exactly are you getting the data that suggests a large percentage is suffering from this? I know this is Slashdot but could you at least make an effort to provide some evidence of statements you are making.
  • We have a bunch of machines that can't properly shut down after this update (time zone update) is applied. It takes me few hours to isolate this thanks to some instant recovery software.

    • Prevx had pointed the finger at, but then exonerated, KB976098 and KB915597. Are you sure that you mean 976036? MS' site doesn't seem to know about it.

  • Groveling? (Score:5, Insightful)

    by PCM2 (4486) on Wednesday December 02, 2009 @01:06PM (#30298946) Homepage

    Since when does apologizing to someone for your own baseless accusations amount to "groveling"?

    From the post in question:

    Having narrowed down a specific trigger for this condition we've done quite a bit of testing and re-testing on the recent Windows patches including KB976098 and KB915597 as referred to in our previous blog. Since more specifically narrowing down the cause we have been able to exonerate these patches from being a contributory factor
    . . .
    We apologize to Microsoft for any inconvenience our blog may have caused.

    Wow. Way to kiss ass.

    You know what would be even more pathetic and embarrassing than this kind of "groveling"? Standing behind claims that you know to be false.

  • by Eevee (535658) on Wednesday December 02, 2009 @01:07PM (#30298964)

    Prevx has issued a grovelling apology on its own blog.

    Grovelling? How sad it is that an honest apology gets an insult. If you find "We apologize to Microsoft for any inconvenience our blog may have caused." as grovelling, then I feel very sad for you and your vision of how people should relate to each other.

  • System Registry (Score:5, Insightful)

    by C_Kode (102755) on Wednesday December 02, 2009 @01:14PM (#30299070) Journal

    Maybe one day Microsoft will get rid of the Windows Registry. It's like putting port holes on the bottom of your boat. Sure, they let you see the fish, but sooner or later one is going to break and sink your ship.

    The Windows registry has always been a bane of Windows use since it's inception.

    • Re:System Registry (Score:5, Insightful)

      by BradleyUffner (103496) on Wednesday December 02, 2009 @01:18PM (#30299132) Homepage

      What do you want them to replace it with? hundreds of .conf files scattered randomly about the filesystem, with no standard format? That will be much easier for the user than a centralized, standardized configuration system.

      • by SuperKendall (25149) on Wednesday December 02, 2009 @01:31PM (#30299320)

        What do you want them to replace it with? hundreds of .conf files scattered randomly about the filesystem, with no standard format?

        After having used Linux and Windows and OS X systems for years, OS X does this right.

        Yes there are "hundreds of conf files". But they are not scattered around, they are all in ~/Library/Preferences.

        And they are usually named via the company name + app convention, like com.apple.mail.

        And as opposed to being in "no standard format", they are all plist files (which are basically XML).

        So it's easy to find where they are, easy to figure out what plist file belongs to what, and easy to edit or remove them as needed. If there is corruption (which I have never actually seen in practice) it would be limited to a single file - and an app encountering a preference file it could not read would simply replace it with a new default version. You would at worst lose a few custom settings for one app - and even then only as long as it took you to pull a backup of that single file out of Time Machine, since it's easy to restore the preferences for a single application from any backup.

        However, I have to add that even if you went with a Linux system where the conf files are scattered all over in many different forms, I can say with confidence it is still 100% better than the nightmare of the registry. In practice the files are very easy to edit regardless of format, it's really only the question of the location that gets annoying.

      • Re: (Score:3, Insightful)

        by DaveV1.0 (203135)

        Yes! Because that is the *nix way! It has been around for 30+ years so we know it is the best way evar! /sarcasm

      • by ZorinLynx (31751)

        Do it the Mac way. Standardized XML format (property lists) stored in a standard location (~/Library/Application Support/ApplicationName). Each app has its own file to work with, and completely removing an app and its detritus is as simple as trashing the folders.

        The registry was a bad idea from the start. I imagine MS wants to get rid of it, but it has become too entrenched and backwards compatibility requires it to still be around.

      • Re: (Score:3, Insightful)

        by klui (457783)
        Yes. Instead of relying on a hidden file system where all the configurations are stored, rewrite the API so those calls write values on the file system as a bunch of folders and files. This alone should mitigate the case where a single byte written incorrectly into the registry file will cause the entire contents to be unavailable.
      • Re:System Registry (Score:5, Interesting)

        by McNihil (612243) on Wednesday December 02, 2009 @01:49PM (#30299570)

        The reason why the registry exist is that the filesystems on Windows OS' have historically been lock on read (more than one program using the same file at the same time is a no-no.) Meaning that having a place where this was not the case was VERY meaningful to lessen access bottlenecks, thus enter the registry.

        Having hundereds of conf files in /etc or having them in a registry "hive" is "same same but different" that's ALL. Gnome has a form of registry hive as well... organizing data whether being direct in the filesystem or special filesystem (DB or what have you) is the same.

        I have to say that it is easier to edit a config file with vi/edit/ed/sed IF one knows where to go. Regedit command line tools sure... GUI... not efficient... Gnome registry either conf-editor or command line... I personally stick to CLI.

        I agree that Windows should "drop the registry..." but only because they should drop the ancient approach of their locking behavior on the filesystem... this would also cure the reboot till you drop at update times. Later OS-X versions have started to reboot machinery after updates just to be more like Windows because that's what users EXPECT. It is painful!
         

      • hundreds of .conf files scattered randomly about the filesystem, with no standard format?

        False dichotomy. Why did you present the conf scenario as files with no standard format? They could be, and most likely would if it was presented as a replacement for the registry. Be intellectually honest, and present the option of a *de*centralized, standardized configuration system.

      • by Ilgaz (86384)

        /etc
        ($HOME)/Library/Preferences

        Please, enough really... Especially on Mac. Mac _always_ had Preferences in some sensible place, even in Pre OS X times.

        If you want to trust your entire settings to a single bulky file which is also known to fragment&get redundant over time, it is fine but please stop this "random files" bullshit... No, nothing is at random place. Especially on OS X. Put your .plist file to some "random" place and see what happens.

    • Re: (Score:3, Insightful)

      by geekoid (135745)

      Agreed. I have been saying this since it was announced.

      Yes, they need a place to put shared data, but nothing that is critical to the operation of an OS or application should ever be put there.

    • Re: (Score:3, Insightful)

      by HerculesMO (693085)

      Not to rain on your hate parade, but in addition to the comments about the CONF files, the registry also makes Windows much easier to manage on an enterprise scale.

      I can create an application, put its settings in the registry, and boom -- I can manage it through an MMC for thousands of computers with only the creation of a policy template to change settings.

      The misunderstanding of the registry's use is always what people hated about it, sadly.

      • Same difference (Score:4, Insightful)

        by SuperKendall (25149) on Wednesday December 02, 2009 @01:48PM (#30299538)

        I can create an application, put its settings in the registry, and boom -- I can manage it through an MMC for thousands of computers...

        If you can control one file, you can control many. Which is why a separate preference file per app would work just as well. Only moreseo because a user HAS to be able to write to the registry, where you can totally lock down a single file. Yes I know you can theoretically lock down sections of the registry but that to me seems like a weaker system, not to mention the danger of registry merges corrupting something.

      • by CoJoNEs (73698)

        Not to rain on your hate parade, but in addition to the comments about the CONF files, the registry also makes Windows much easier to manage on an enterprise scale.

        I can create an application, put its settings in the registry, and boom -- I can manage it through an MMC for thousands of computers with only the creation of a policy template to change settings.

        The misunderstanding of the registry's use is always what people hated about it, sadly.

        Because its nearly impossible to edit a file remotely through scripting. Right..

        Besides if Microsoft went this route they would modify the interface so you could still use policys to edit it just as you always did.

    • Re:System Registry (Score:5, Informative)

      by BarryJacobsen (526926) on Wednesday December 02, 2009 @01:37PM (#30299388) Homepage

      Maybe one day Microsoft will get rid of the Windows Registry. It's like putting port holes on the bottom of your boat. Sure, they let you see the fish, but sooner or later one is going to break and sink your ship.

      The Windows registry has always been a bane of Windows use since it's inception.

      Because Malware would clearly have trouble modifying the config files that would be used instead?

    • by Animats (122034) on Wednesday December 02, 2009 @02:53PM (#30300398) Homepage

      Actually, the Registry is a good concept. The Registry is just a file system for little data items. The trouble is that any application can write to any part of it. It lacks a security model. (Yes, you can attach security restrictions to registry keys, but nobody does this, because Windows 95 didn't have that, [microsoft.com] and applications didn't have support for it.)

      The big problem with Windows security is Microsoft never put a security model in place under the concept of program installation. The way this ought to work is that there should be several classes of things one can install. Call them "applications", "plugins", "middleware", and "system modifications".

      Installers of "applications" should be limited to writing to the application's subtrees in Program Files, Documents and Settings, and the Registry. Uninstalling an application consists of removing those subtrees. Applications cannot install anything that runs at startup or runs periodically. Most programs (especially games and entertainment apps) should be applications. Under these restrictions, installation of applications is relatively safe, and should be allowed with Power User privileges.

      "Plugins" are sub-applications which affect one application. They go in their own subtree under the appropriate application. The application controls their installation, and they can't do anything the application can't do. Browser plug-ins fall in this category if the browser is an "application". If the browser is "middleware" (IE is, but Firefox is not), more privileges are required.

      "Middleware" is programs run by other programs, like Java. Changing middleware can affect multiple applications, so that requires more privileges. Code signing is appropriate.

      "System modifications", which modify the OS itself and may require a reboot, should require both code signing by a clearly identified party and administrator privileges to install.

      Of course, if we had something like that, app developers would bitch that they couldn't load their "phone home for update" service or "prelauncher". Tough. You don't really need to know if ZowieApp needs an update until you run ZowieApp again. And if your app needs to be "prelaunched" because it loads slowly, maybe the problem is that it loads slowly.

  • I suspect that the windows users are probably still insisting on logging into their new windows 7 systems with full administrator rights. From what I have seen, >90% of malware is completely useless when it tries to deploy on a system where the logged in user has user access instead of administrator rights.

    In other words, this problem will never be solved until people finally get over the baseless notion that they need administrator rights to check their email and read the news online.
    • Re:Malware, still? (Score:5, Insightful)

      by Jawn98685 (687784) on Wednesday December 02, 2009 @01:34PM (#30299350)

      In other words, this problem will never be solved until people finally get over the baseless notion that they need administrator rights to check their email and read the news online.

      Not quite...
      Were those the only applications required, the notion would indeed be baseless, but...
      There is still a huge raft of Windows software that will not perform properly without admin rights. Until that is fixed, the problem will never be solved.

    • Two reasons:

      1) Malware can be plenty problematic on just a single user's account. After all most people aren't running multi-user systems. For them, the system is their data, their account. As such even if the malware can't infect the whole system, infecting their account is all it needs to do. The only consolation to that is that virus scanners could remove it easier, but then that presumes they'll bother to run one.

      2) People will give the malware admin permission. By default, Windows Vista and 7 make nobo

  • Crock of shit (Score:2, Interesting)

    by plague911 (1292006)
    After after downloading microsofts update I had to do a system restore to get my computer to boot. Over the years of using windows the single program operation that ive found most risky to use is windows update...
  • Perhaps if their operating system properly separated and sandboxed applications, malware
    would have a harder time crashing the whole OS?

    Just a thought. Last time I checked my watch, it was 2009, and we've known how to do
    that sort of OS design for probably two decades now.

From Sharp minds come... pointed heads. -- Bryan Sparrowhawk

Working...