February 11, 2010

If you use Windows XP and haven’t yet updated your system with the applicable security updates that Microsoft issued Tuesday, you might want to hold off for a bit. Turns out, a non-trivial number of XP users are reporting that their systems suffer from the dreaded Blue Screen of Death (BSoD) and fall into an interminable reboot loop after installing the latest batch of patches from Redmond.

The problem seems to be affecting only some XP systems. This thread on a Microsoft.com answers forum seems to include a fix that works. However, the fix requires users to have their XP install CD handy (in a practice that should be outlawed, many computer makers get away with shipping systems without an install/reinstall disc)

According to the support forum threads I’ve seen on this, affected users noticed the problem on the reboot following the installation of Tuesday’s patch batch. The folks who complained of the bootup problem said the BSOD error page is accompanied by the message “PAGE_FAULT_IN_NONPAGED_AREA”.

If you’re experiencing the above-described problems after installing Tuesday’s bundle of updates, follow these steps, which a number of affected users have said seem to fix the problem:

1. Boot from your Windows XP CD or DVD and start the recovery console (see this link on how to use recovery console)

Once you are in the Repair Screen..

2. Type this command: CHDIR $NtUninstallKB977165$\spuninst

3. Type this command: BATCH spuninst.txt

4. Type this command: systemroot

5. When complete, type this command: exit

Unfortunately, there is an entire subset of users who might be in for a whole mess more work to fix this kind of problem: Netbook users. One of the things that makes netbooks so light and small is that they do not have optical (CD/DVD-ROM) drives. If you’re a netbook user who has this problem AND a copy of a Windows XP install CD handy and a computer with a CD drive, you may still be able to rescue your system by building a custom XP install/bootup disc on a USB drive.

If all of that sounds like too much work, home users are eligible for no-charge support by calling 1-866-PCSAFETY (and/or 1-866-234-6020 and/or 1-800-936-5700) in the United States and in Canada. Microsoft says there is no-charge for support calls that are associated with security updates.

Update, 8:34 a.m. ET: Based on a review of various help forums discussing this problem, it appears that the problematic update is KB977165 (MS010–15:Vulnerabilities in Windows kernel could allow elevation of privilege”). Note that systems experiencing a BSoD may do so or hang in Safe Mode when loading the system driver “mups.sys”.

The help instructions above have been modified to specify the removal of just this one patch. A previous version of this blog post included instructions for removing all of the patches Microsoft shipped for XP systems on Tuesday.

Update, Feb. 12, 10:09 a.m. ET: Microsoft has a blog post up acknowledging this problem, saying that it stopped shipping the problematic update via Windows Update as soon as it recognized the issue. Redmond says it is still investigating the cause of the conflict. Microsoft notes that in lieu of applying the patch, XP users can use Microsoft’s click+install “Fix it” tool, which disables the vulnerable Windows component. That workaround is available here.