News

Microsoft Admits Problem with Blockbuster Patch

Microsoft on Wednesday night acknowledged that its massive April 13 security patch was causing serious problems in some Windows 2000 systems.

The company issued a Knowledge Base Article (841382) on the issue Wednesday with the lengthy title: "Your computer stops responding, you cannot log on to Windows, or your CPU usage for the System process approaches 100 percent after you install the security update that is described in Microsoft Security Bulletin MS04-011."

Some users who installed the bulletin had their systems appear to stop responding at startup, could not log on to Windows or saw CPU usage for System processes approach 100 percent.

Microsoft blamed the problem on an issue in the patch that causes Windows 2000 to try repeatedly to load drivers that will not load. Microsoft said the issue arises if any of these three drivers are installed: Ipsecw2k.sys, Imcide.sys and Dlttape.sys. "For example, Microsoft has confirmed that this problem occurs if you have the Nortel Networks VPN client installed and if the IPSec Policy Agent is set to Manual or Automatic for the startup type," the KB article states.

The Windows 2000 installation problems have presented a Catch 22 for users, who have been trying to heed dire warnings from Microsoft and others about exploit code and worms being developed for some of the 14 vulnerabilities fixed by the patch.

Microsoft's KB article provided a workaround for users with the Nortel Networks VPN client. But the document admits that the problem may occur if other drivers or services do not load successfully. "Microsoft is researching this problem and will post more information in this article when the information becomes available," according to the KB article.

Security bulletin MS04-011 contained fixes for 14 vulnerabilities. Five of those vulnerabilities were rated as "critical" problems for Windows 2000 systems. MS04-011 was one of four security bulletins released by Microsoft on April 13. In all, the four bulletins patched 20 distinct vulnerabilities.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Report: Cost, Sustainability Drive DaaS Adoption Beyond Remote Work

    Gartner's 2025 Magic Quadrant for Desktop as a Service reveals that while secure remote access remains a key driver of DaaS adoption, a growing number of deployments now focus on broader efficiency goals.

  • Windows 365 Reserve, Microsoft's Cloud PC Rental Service, Hits Preview

    Microsoft has launched a limited public preview of its new "Windows 365 Reserve" service, which lets organizations rent cloud PC instances in the event their Windows devices are stolen, lost or damaged.

  • Hands-On AI Skills Now Outshine Certs in Salary Stakes

    For AI-related roles, employers are prioritizing verifiable, hands-on abilities over framed certificates -- and they're paying a premium for it.

  • Roadblocks in Enterprise AI: Data and Skills Shortfalls Could Cost Millions

    Businesses risk losing up to $87 million a year if they fail to catch up with AI innovation, according to the Couchbase FY 2026 CIO AI Survey released this month.