Earlier today we reported that security vendor Prevx had fingered Microsoft patches as the culprit of a “black screen of death” issue which left users of several Windows products stuck at a blank, black desktop. According to Prevx’s report, Microsoft’s November patches altered the permissions of several key registry entries, making them unreadable to the logon process. Microsoft has since investigated these allegations, however, and has responded by asserting that Prevx’s findings are unfounded.
“Microsoft has investigated reports that its November security updates made changes to permissions in the registry that that are resulting in system issues for some customers,” said Microsoft’s Security Response Communications Lead Christopher Budd in statement to InformationWeek. “The company has found those reports to be inaccurate and our comprehensive investigation has shown that none of the recently released updates are related to the behavior described in the reports. While we were not contacted by the organization [that] originally made these reports, we have proactively contacted them with our findings.”
Microsoft additionally confirmed with its worldwide customer service and support organization that the black screen issue was not broadly prevalent.
“We’ve also checked with our worldwide Customer Service and Support organization, and they’ve told us they’re not seeing ‘black screen’ behavior as a broad customer issue. Because these reports were not brought to us directly, it’s impossible to know conclusively what might be causing a ‘black screen’ in those limited instances where customers have seen it. However, we do know that ‘black screen’ behavior is associated with some malware families such as Daonol,” Budd said.
Budd continued by saying that the November patches Prevx found to be “responsible” for the issue don’t “make any changes to the permissions in the registry” as the security firm has alleged.
In short, Prevx’s implications on the scope and cause of the so-called issue appear to be unfounded. Microsoft, in the interim, has pledged to work with Prevx to identify and detail the real story behind the false accusations.
Articles RSS