Kortech Services » security update

Whoops! Windows XP Update Causes BSOD, Here’s A Fix

okorioth — Tue, 16 Feb 2010 16:19:59 +0000

If you’ve been noticing that your Windows XP machine has stopped working as of last week, there is a very good chance I know why. I ran into this issue this week with a clients computer, and after much investigation into a cause it was a fairly simple fix. As per usual, Microsoft releases security patches every second Tuesday of the month, and there were several for February. One of them, KB977165 specifically, is causing some installations of Windows XP to have the dreaded BSOD (Blue Screen Of Death) and renders the system unbootable, even in safe mode. Channelweb has posted instructions on how to remove the update and fix the problem. I followed this procedure and it worked like a charm! Microsoft has since pulled the patch to investigate these issues.

1. Boot from your Windows XP CD or DVD and start the recovery console.

2. Once you are in the Repair Screen, type this command: CHDIR $NtUninstallKB977165$\spuninst.

3. Type this command: BATCH spuninst.txt.

4. When complete, type this command: exit.

Update: According to the Microsoft Security Response Center, they have updated information on this problem. They are currently claiming this BSOD is caused by a rootkit that is present on the system before the update is applied. So, once the procedure to remove the update is performed, it is imperative the computer is checked for this infection. The investigation is still on going.

Update #2: After some investigation the sample computer I have was in fact infected with the suspected rootkit Rootkit.Win32.TDSS . After recovering of the system outlined above, download this program TDSSKiller.zip from Kaspersky. Run it on the system and it should detect and clean it right away. Then after reboot the computer can finally be properly updated. As added bonus you can try this program as well Hitmanpro 3.5, this program found all kinds of nasties. Its free for 30 days.

Important Patch For Internet Explorer, Update Immediately!

okorioth — Sat, 23 Jan 2010 20:09:17 +0000

If you have not heard the news this month, theres a little spat going on between Google and China over hacking and such. Turns out one of the techniques used to hack Google and other companies was through a security exploit in all versions of Internet Explorer, known as the Aurora exploit. Microsoft has since issued an out of band patch to plug this hole, so please run a Windows update! This pretty much affects all versions of Windows and Internet Explorer. At this point I would like to encourage everyone to choose another browser, how about Firefox or Chrome? Much safer at the moment to use these.

Microsoft Releases Massive Batch of Security Updates For October

okorioth — Wed, 14 Oct 2009 02:32:24 +0000

Its the second Tuesday of the month, and that of course means in the Microsoft camp its patch Tuesday. And what a whopper this one is, in fact its the largest amount of patches ever released at one time. The range of patches pretty much covers almost every major product line, from Windows, Server, SQL, Office and even the yet unreleased Windows 7. So I strongly urge everyone to take the time to install these updates. More info on these flaws can be found here.

Unprecedented response to major DNS flaw

okorioth — Wed, 09 Jul 2008 16:28:56 +0000

Wow, this is simply unheard of. Yesterday it was publicly revealed that a major design flaw in the DNS protocol was simultaneously patched by vendors across the entire spectrum of the computer and technology world. The fact that they were able to keep this a secret for six months while they worked to plug the hole is simply amazing. The idea being of course to let the good guys fix the problem before the bad guys could take advantage of a critical function that runs the Internet. Details of how the exploit works is still forthcoming, but not until after everyone has patched. From what I understand this flaw will allow an attacker to poison the DNS cache which could potentially wreck havoc all over the Internets, causing unwitting users to think they are logging into a certain website only to actually be going somewhere else malicious for example.

DNS, or Domain Name System is what runs the internet. It is the main service that keeps track of the names to numbers so it is easy for you and me to go find a particular web site. In reality, all sites are just a bunch of IP addresses. Instead of having to remember 69.147.76.15 as a web site, we know to go to Yahoo.com, go ahead and paste that number in the address bar of your browser. Wow, magic! Through the hard work of DNS, this is how we keep our web addresses straight, simply speaking.

This flaw affects software and hardware vendors from a wide spectrum, including Sun, Cisco, Microsoft, Linux, Windows, Apple and a whole host of others out there. Needless to say, its time to start patching your machines pronto! Windows users should perform a Windows Update now, the patch is out there.

Microsoft Security Updates for March

okorioth — Tue, 11 Mar 2008 03:51:10 +0000

Its getting to be that time of the month again, and as usual there are a whole bunch of updates coming out for March. As posted on CERT, MS will have patches for a whole range of products including ones for Office which will patch some serious holes, ones that will plug a remote code execution type of threat. More info here. Go get those patches!