Patch blues-day: Microsoft yanks code after some PCs are rendered super secure (and unbootable) following update

Sophos, Avast users left wailing as update borks older OSes

technician holding a toolbox
I got me a toolbox of boot disks and I'm ready for patching

A bunch of PCs running the wares of Sophos or Avast have been freezing or failing to start following the installation of patches emitted by Microsoft on 9 April.

The afflicted are those running Windows 8.1, 7, Server 2008 R2 and Server 2012. Avast for Business and Cloudcare have been hit by the problem, as have PCs running Endpoint Protection managed by Sophos Central or Sophos Enterprise Console (SEC).

Microsoft said this morning that it had "temporarily blocked devices from receiving this update if the Sophos Endpoint is installed", a move which, sadly, had come a bit late for those afflicted.

While Microsoft has yet to mention it, Avast has published an advisory to the effect that it is researching the problem, which it reckoned was mainly hitting Windows 7 users.

For its part, Sophos strongly advises users not to take the update, and if an unfortunate user has downloaded the thing, to uninstall it without hesitation.

According to Sophos, Windows users hit by the problem must boot their machines into safe mode, disable Sophos, reboot and uninstall the borked update. Then the antivirus service can be reenabled.

However, one Reg reader told us that in his case he was forced to boot from a Windows 7 recovery disk and rename the Sophos program folder to stop the service from vomiting over the operating system on startup. He went on to tell us that his office IT staff had been "inundated" as users found themselves at the sharp, pointy end of the mess.

It's all a bit unfortunate, since the patches include security fixes that administrators should really install sooner rather than later. And yes, both the security-only updates and monthly roll-ups are affected.

But, alas, the now legendary Microsoft quality control has struck once again.

Back in January the software giant was forced to remove an Office 2010 update after some versions of Excel fell over. In March, Windows 10 gamers were instructed to uninstall KB4482887 after the patch left some games unplayable.

And we'll draw a discreet veil over the Windows 10 October 2018 Update debacle.

Still, on the plus side, Windows 10 will soon be able to have go at uninstalling broken updates itself. The older operating systems will, alas, remain subject to the firehose of whiffy code sprayed from deep within the bowels of Redmond.

As with most updates these days, it's best to try them on a test machine before allowing them anywhere near production. However, some users do not have that luxury.

And of course Windows 10, to which Microsoft would dearly like users to upgrade, is not affected by the borkening.

Thanks to all the Reg readers who got in touch about this. We feel your pain. ®




Biting the hand that feeds IT © 1998–2019