Friday, 12 April 2013 15:02

Microsoft Screws Up Security Fix While Bing Takes You to More Malicious Sites...

Written by

Reading time is around minutes.

At times it seems that the words Microsoft and Malware go hand-in-hand. I do not think that a day goes by that we do not hear about a new malware threat (often simply an old threat that has been modified). This has put Microsoft in an interesting position. They are always working to shore up holes in their operating systems we can see this by the continuous patches and hotfixes that are in existence for Windows (all versions). Of course it is not an easy task to develop an OS that is safe(er) or secure(ish) and still make it easy to operate. However recently we have seen Microsoft go to some extremes in trying to keep up with things… sometimes they appear to go way too far.

When Microsoft was preparing Windows 8 and Windows RT there were concerns about the way the OS was locked down. Many existing anti-malware applications would not work properly with Windows 8 and not at all on Windows RT. If these applications would install at all they all too often did not have access to critical parts of the OS (and file system) and were not capable of removing threats they did find there. Microsoft claimed that simply enabling this extra security on the core parts of the OS and file system would server to mitigate many threats. Unfortunately it seems they did not learn their lesson when they tried this with both Vista and Windows 7. Those protected areas became primary targets for malware writers. Fortunately the anti-malware companies were able to find a way to work within the new framework and we have options to scan for and remove malware on x86 versions of Windows 8 (Windows RT is still another matter).

However is looks like Microsoft is not content with just locking down Windows 8, they have released two security patches that fix issues with the way that applications can elevate privileges. The two fixes were intended to prevent third-party applications (Malware) from being able to run with elevated privileges and install malware or compromise the security of the system. The patches were part of MS13-036; unfortunately Microsoft appears to have gotten the patch half right. It seems that one of the fixes (2823324) causes havoc with the file system and certain anti-virus software (Kaspersky). Some of the symptoms that this patch did not work as planned are errors on boot, application errors, applications failing to launch, Kasperrky showing that there is no valid license, and according to some reports a continuous boot loop.

Microsoft is aware of the issue and has released a statement and instructions on how to remove the patch if things have gone bad. According to Microsoft you do not have to worry about data loss, but you should uninstall patch 2823324 by following their instructions;

“Contrary to some reports, the system errors do not result in any data loss nor affect all Windows customers. However, all customers should follow the guidance that we have provided in KB2839011 to uninstall security update 2823324 if it is already installed.”

All of this on top of the news that Microsoft’s Bing returns 5 times more malicious sites in their search results than Google. Like we said sometimes it seems like Microsoft and Malware go hand-in-hand…

Tell us your thoughts in our Forum

Read 2854 times Last modified on Sunday, 21 April 2013 19:38

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.