Microsoft Windows XP Update Can Hang Your PC
The Microsoft Windows XP Updates which were distributed on Tuesday, July 8, 2008, to all users with their Automatic Update option turned "on" seem to have a rather serious and disconcerting flaw.
That day's updates are installed automatically over the internet through the Windows Update system and then you are asked to reboot your system. That much is normal, as any Windows user is certainly accustomed to that drill by now. However, when your PC is supposed to get back to the desktop, some users are staring at a black screen!
When it happened to my desktop system running XP SP3, I wondered if it was just some strange, individual flaw with my graphics subsystem or maybe something had gone wacky through the bootup process. So I didn't think much of it, and waited and waited and waited and... several minutes later I finally got tired of staring at a black screen and hit the Reset button. Guess what? Still nothing. The PC was not rebooting and the screen was still black. The computer had gone through its BIOS routine but nothing had shown on the screen since.
I had to reach around and physically unplug the PC power supply and then plug it back in to complete a successful boot to the desktop. I'd rarely had problems with the Windows Update system so I wanted to confirm what was going on. I pulled out a laptop which is also running XP SP3, turned it on, booted to the desktop, then watched as the update installed itself on the system. I then rebooted and... guess what? Black screen! Again!
This time I had to turn the laptop off by the power button and reboot, again normally to the desktop.
It was early in the morning so I could hardly start waking up everyone I knew who runs XP SP3, but I did manage to contact three people. Two of them had the same problem! One of them had their PC on the blank screen for over an hour and hadn't thought of pulling out the AC plug, thus believed that their system had fried!
This is not exactly a scientific survey, but it is an indication that something might be very wrong in that series of Windows Updates. The updates MS08-037 through MS08-040 are listed as "important" thus Microsoft recommended that they be installed as soon as possible.
MS08-037 is designed to resolve two problems in the Windows Domain Name System (DNS) which if unpatched could theoretically allow a remote hacker to redirect traffic to their own servers which is instead intended to go to a DNS you've specified. MS08-038 is a fix for a flaw in Windows Explorer which presents the possibility that a hacker to could take control of your system if you opened and saved a "specially crafted saved-search file".
The other two patches are more directed towards enterprise computing than most home users will be concerned with. MS08-039 fixes a problem in Outlook Web Access (OWA) for Microsoft Exchange Server, that currently could let a hacker gain access to the session data of your OWA client. The last one is MS08-040 which fixes the most recent four vulnerabilities in the implementation of Microsoft's SQL language.
Out of all of them, I would most likely suspect MS08-038 which is a Windows Explorer patch. However, it certainly does beg the question about the multi-zillion dollar software company's testing of their Windows Updates. If in an albeit unscientific survey 4 out of 5 users are experiencing a serious problem that hangs the system in the middle of bootup and requires the power to be physically disconnected to the PC before it functions correctly, wouldn't Microsoft's much vaunted squadrons of programmers have discovered that before they foisted it on the unsuspecting public?