Black screens caused by November patches?

This may or may not be a Big Deal. It’s still too early to tell.

According to Prevx, a company that makes antimalware programs, something in the last set of Black Tuesday patches is causing some PCs to show a “black screen of death” – which Prevx describes thusly:

After starting your Windows 7, Vista, XP, NT, W2K, W2K3 or W2K8 PC or server the system appears normal. However, after logging on there is no desktop, task bar, system tray or side bar. Instead you are left with a totally black screen and a single My Computer Explorer window. Even this window might be minimized making it hard to see.

Prevx posted a blog provocatively entitled “Black Screen woes could affect millions on Windows 7, Vista and XP.” Sorry, but the minute I see a headline like that on an AV company’s blog, red flags start bouncing all over my brain.

Gregg Keizer has a much more balanced report in Computerworld. Gregg says that Microsoft has acknowledged that they’re looking into the Prevx reports. But millions? Here’s what Gregg found:

Searches of Microsoft’s support forums today, for example, turned up only one “black screen” thread with posts after the Nov. 10 security updates had been released. Four different users on that Windows 7-specific thread said that they faced a blank screen.

Anyway, there’s clearly a problem with the November Black Tuesday patches. Nobody seems to know which patch is causing the problem. And we need to wait until MS figures out what went wrong and how to fix it.

If you happen to be the victim of the “black screen” problem, apparently the free fix posted by Prevx (see the aforementioned blog) will put things right.

Stay tuned. There’s a reason why we’re at MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.

November 2009 Black Tuesday

Microsoft just released the November 2009 crop of Black Tuesday patches, with an announcement festooned with color graphs and detailed explanations.

Golly, patching never looked so good. Six Security Bulletins covering something like 15 separately identified holes.

As usual, I look to SANS Internet Storm Center’s Black Tuesday post for insight and KB numbers.

There’s a big bunch of Excel patches all rolled into one Security Bulletin, and a Word patch, in addition to the usual crop. The only one that looks menacing to me right now is MS09-065, and it doesn’t affect Windows 7 systems.

Stay tuned. Let’s see what got screwed up this month.

We remain at MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.

MS-DEFCON 2: Make sure automatic updates is turned off

With Patch Tuesday just around the corner, and a whole bunch of patches coming, now’s a good time to make sure that Automatic Updates is turned off.

Follow the instructions in any of my books to disable automatic updating, or click Start | Control Panel | Security Center (in Windows 7, Start | Control Panel | System and Security | Windows Update) and take it from there. I choose to Notify but don’t Download.

Note that turning off Automatic Updates does NOT turn off Microsoft Security Essentials updating.

I’m moving us up to MS-DEFCON 2: Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don’t do it.