Security updates not to blame for Windows crashes
'Black Screen of Death' likely caused by malware, not regular security updates says Microsoft,
Microsoft says that malware is to blame for recent reports of ‘Black Screen of Death' effecting the Windows operating system, not its own security updates.
British security firm Prevx backed down and issued an apology to Microsoft for earlier claiming that Microsoft's November security updates were causing some users to see a blank, black screen when logging on to Windows.
Prevx has since continued testing and confirmed that the patches were not responsible for the crash, which was named after the ‘Blue Screen of Death' that was familiar to many users of older versions of Windows.
Microsoft says that the crash has not been reported in significant numbers, and advises users to report any problems directly to its customer support organization.
A statement posted on the Microsoft Security Response Centre blog said: "We've conducted a comprehensive review of the November Security Updates, the Windows Malicious Software Removal Tool, and the non-security updates we released through Windows Update in November. That investigation has shown that none of these updates make any changes to the permissions in the registry. Thus, we don't believe the updates are related to the ‘black screen' behaviour described in these reports.
"We've also checked with our worldwide Customer Service and Support organization, and they've told us they're not seeing ‘black screen' behaviour as a broad customer issue. Because these reports were not brought to us directly, it's impossible to know conclusively what might be causing a ‘black screen' in those limited instances where customers have seen it. However, we do know that ‘black screen' behaviour is associated with some malware families such as Daonol."
According to the Microsoft Malware Protection Centre, Win32/Daonol is a family of trojans capable of monitoring network traffic, stealing FTP credentials, preventing access to security Web sites, disabling access to system programs, and redirecting Web searches to sites hosting other malware.