Saturday, February 28, 2015
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
New Draft Bill Focuses On Consumer Data Privacy
Uber Says Breach Affected 50K Drivers
Google Showcases Future Silicon Valley Headquarters
Lenovo Offers Free McAfee LiveSafe Following Superfish Security Concerns
Yahoo Gains Search Share
Twitter To Offer More User Safety Features
Google to Start Ranking Mobile-friendly Sites Higher
Qualcomm Extends LTE to Unlicensed Spectrum to Enhance Mobile Experiences
Active Discussions
Need serious help!!!!
burning
nvidia 6200 review
Hello
Burning Multimedia in track 0
I'm lazy. Please help.
sanyo e6 camera
need help on some cd burning...
 Home > News > General Computing > Microso...
Last 7 Days News : SU MO TU WE TH FR SA All News

Wednesday, December 02, 2009
Microsoft Denies "Black Screen" Security Issues


Microsoft denied that its November security updates were related to the "black screen" behavior of Windows 7 described in recent reports.

The problem, which has caused a small number of users to see a completely black screen after logging on, was identified by British software security firm Prevx last week.

According to the reports, after a user is starting a Windows 7, Vista, XP, NT, W2K, W2K3 or W2K8 PC or server system, it appears normal. However, after logging on there is no desktop, task bar, system tray or side bar. Instead users are left with a totally black screen and a single My Computer Explorer window.

Prevx had also issued a fix for the problem.

"We've received questions about public reports that customers might be experiencing system issues with the November Security Updates (which some are referring to "Black Screen" issues)," Microsoft wrote in a blog entry at Technet.

"We've investigated these reports and found that our November Security Updates are not making changes to the system that these reports say are responsible for these issues," Microsoft added.

While these reports weren?t brought to us directly, from our research into them, it appears they?re saying that our security updates are making permission changes in the registry to the value for the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell key.

"We've conducted a comprehensive review of the November Security Updates, the Windows Malicious Software Removal Tool, and the non-security updates we released through Windows Update in November. That investigation has shown that none of these updates make any changes to the permissions in the registry. Thus, we don?t believe the updates are related to the "black screen" behavior described in these reports."

We've also checked with our worldwide Customer Service and Support organization, and they've told us they're not seeing "black screen" behavior as a broad customer issue. Because these reports were not brought to us directly, it's impossible to know conclusively what might be causing a "black screen" in those limited instances where customers have seen it. However, we do know that "black screen" behavior is associated with some malware families such as Daonol.

Prevx also gave an update on the issue today.

"The issue appears to be related to a characteristic of the Windows Registry related to the storage of string data. In parsing the Shell value in the registry, Windows requires a null terminated "REG_SZ" string. However, if malware or indeed any other program modifies the shell entry to not include null terminating characters, the shell will no longer load properly, resulting in the infamous Black Screen with the PC showing only the My Computer folder," the company wrote at its blog.

SysInternals was one of the first companies to discover this characteristic of the registry a number of years ago in their utility: RegHide http://technet.microsoft.com/en-us/sysinternals/bb897446.aspx which modifies registry entries to prevent them from being accessible within the operating system. This technique is frequently used by malware authors which is why it is recommended to first query the length of a registry value, and then read it into a buffer, forcing the null termination of strings whether or not null terminated by their content.

"Having narrowed down a specific trigger for this condition we've done quite a bit of testing and re-testing on the recent Windows patches including KB976098 and KB915597 as referred to in our previous blog. Since more specifically narrowing down the cause we have been able to exonerate these patches from being a contributory factor," Prevx said.

"We apologize to Microsoft for any inconvenience our blog may have caused. This has been a challenging issue to identify," Prevx added.

Microsoft says it's not to blame for a problem that is causing a "limited" number of Windows computers to boot up to a blank black screen. The company says it hasn't identified the problem but says some malicious programs on the Internet are known to cause black screens.


Previous
Next
VIA Mobile-ITX Brings Further Miniaturization to Embedded Devices        All News        I-O Data Unveils The BRP-US6 Portablle 6x Blu-ray Disc Burner
Google Updates News Crawler To Allow Publishers Limit Free Access To Their News     General Computing News      Black Screen Woes Could Affect Millions on Windows 7

Get RSS feed Easy Print E-Mail this Message

Related News
Microsoft Band Gets New Features
Internet Explorer To Support HTTP Strict Transport Security Protocol
Microsoft Buys Sunrise In A Smartphone Push
Microsoft, Samsung Settle Patent Dispute
Bill Gates Sees Future In Robots
Microsoft Brings Office To iOS and Android Devices
Microsoft Offers Power BI Business Intelligence Tools For Free
Microsoft Reports Second Quarter Results
Microsoft Launches the Lumia 435 and Lumia 532 Smartphones
Mainstream Support For Windows 7 Ended
Microsoft Attacks Google Over Security Disclosures
Microsoft To Release Customer-centric Solutions This Spring

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2015 - All rights reserved -
Privacy policy - Contact Us .