Feeds

PrevX U-turn on Windows update Black screen of Death claim

Paint IT black

Securing Web Applications Made Simple and Scalable

Updated PrevX has backtracked on earlier claims that a Windows update caused Windows machines to lock up with a so-called "Black Screen of Death".

An updated blog post from the UK-based software security firm withdraws earlier claims that a recent Microsoft update caused a glitch that resulted in affected PCs displaying only the My Computer folder on a blank screen. PrevX's new line is that changes in the Windows Registry that trigger the behaviour might be caused by malware or some other factor, which it is yet to pin down, but not the Windows update that it earlier held culpable.

Having narrowed down a specific trigger for this condition we've done quite a bit of testing and re-testing on the recent Windows patches including KB976098 and KB915597 as referred to in our previous blog. Since more specifically narrowing down the cause we have been able to exonerate these patches from being a contributory factor.

PrevX apologised for earlier pointing the finger of blame towards Redmond, adding that whatever the cause of the problem it has a fix.

We apologize to Microsoft for any inconvenience our blog may have caused. This has been a challenging issue to identify. Users who have the black screen issue referred to can still safely use our free fix tool to restore their desktop icons and task bar.

A blog posting by Microsoft Security Response, about research in Redmond that appears to have contributed to PrevX's volte-face, clearly states that the "Black Screen" reported by PrevX was not caused by Microsoft's updates.

We’ve conducted a comprehensive review of the November Security Updates, the Windows Malicious Software Removal Tool, and the non-security updates we released through Windows Update in November. That investigation has shown that none of these updates make any changes to the permissions in the registry. Thus, we don’t believe the updates are related to the "black screen" behaviour described in these reports.

Redmond adds that it hadn't received many reports of users getting clobbered by the problem, adding that previous instances of "black screen" behaviour have been associated with some malware families such as Daonol.

PrevX wasn't able to supply a screengrab illustrating the latest outbreak of "black screen" lock-ups in response to our request on Wednesday morning. PrevX's initial warning about the "Black Screen of Death" was widely reported by El Reg and many other media outlets, however it's unclear how many people have actually been affected.

No other security firm we're aware of bar PrevX has issued and advisory on the issue and several others have privately expressed skepticism about a least the extent of the problem. ®

Update

In an updated blog post on Tuesday, PrevX fought back against suggestions that it had overstated the scope of the Black Screen of Death glitch. Mel Morris, PrevX chief exec, said it's free Black Screen fix tool had been downloaded more than 50,000 downloads times since its publication last Friday.

Morris also criticised the media for misinterpreting PrevX's original warning by taking material out of context and causing "inconvenience for Microsoft".

However PrevX's original advisory is pretty clear is pointing blame towards recent Microsoft patches, KB915597 and KB976098, now ruled as blameless. Malware or problems between Windows and third-party software don't get a mention.

Mobile application security vulnerability report

More from The Register

next story
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
prev story

Whitepapers

Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.