News

Microsoft Admits Problem with Blockbuster Patch

Microsoft on Wednesday night acknowledged that its massive April 13 security patch was causing serious problems in some Windows 2000 systems.

The company issued a Knowledge Base Article (841382) on the issue Wednesday with the lengthy title: "Your computer stops responding, you cannot log on to Windows, or your CPU usage for the System process approaches 100 percent after you install the security update that is described in Microsoft Security Bulletin MS04-011."

Some users who installed the bulletin had their systems appear to stop responding at startup, could not log on to Windows or saw CPU usage for System processes approach 100 percent.

Microsoft blamed the problem on an issue in the patch that causes Windows 2000 to try repeatedly to load drivers that will not load. Microsoft said the issue arises if any of these three drivers are installed: Ipsecw2k.sys, Imcide.sys and Dlttape.sys. "For example, Microsoft has confirmed that this problem occurs if you have the Nortel Networks VPN client installed and if the IPSec Policy Agent is set to Manual or Automatic for the startup type," the KB article states.

The Windows 2000 installation problems have presented a Catch 22 for users, who have been trying to heed dire warnings from Microsoft and others about exploit code and worms being developed for some of the 14 vulnerabilities fixed by the patch.

Microsoft's KB article provided a workaround for users with the Nortel Networks VPN client. But the document admits that the problem may occur if other drivers or services do not load successfully. "Microsoft is researching this problem and will post more information in this article when the information becomes available," according to the KB article.

Security bulletin MS04-011 contained fixes for 14 vulnerabilities. Five of those vulnerabilities were rated as "critical" problems for Windows 2000 systems. MS04-011 was one of four security bulletins released by Microsoft on April 13. In all, the four bulletins patched 20 distinct vulnerabilities.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • FTC Expands Microsoft Antitrust Investigation Under Trump Administration

    The Federal Trade Commission (FTC) is pressing ahead with a broad investigation into Microsoft's business practices, an inquiry that began in the final weeks of the Biden administration.

  • An image of planes flying around a globe

    2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Microsoft to Shut Down Skype Services

    Microsoft will discontinue its Skype telecommunications and video calling services on May 5, 2025, marking the end of the platform's decades-long run.

  • Big Blue To Acquire Datastax in Enterprise AI Play

    In a bid to bolster its enterprise-aimed AI capabilities, IBM is planning to acquire Datastax, a leading AI and data solutions provider, for an undisclosed amount.