Welcome to MSFN

Register now to gain access to all of our features. Once registered and logged in, you will be able to contribute to this site by submitting your own content or replying to existing content. You'll be able to customize your profile, receive reputation points as a reward for submitting content, while also communicating with other members via your own private inbox, plus much more! This message will be removed once you have signed in.


Sign in to follow this  
Followers 0
epic

WUpdate: KB2930275

7 posts in this topic

It seems that KB2930275 is causing a Critical_Process_Died in Windows 8.1 Professional, as well Server(?).

In my case I'm operating Windows 8.1 Professional W/MC. The update initially installed as a "Install WUpdates automatically," cycled the system this evening and come to find out that I was in an endless loop of Critical_Process_Died. Safe mode wasn't an option either, the error displayed there as well. A freakin nightmare, everything was running fine prior to the update, messing around for a good 1.5 hrs trying to solve it.

Finally caved after 1.5 hrs and restored a TIB image, without the update. Yet, everything worked like a charm, up until the point I installed the updates again. Having to experience the same problems, troubleshooting did not work, could not enter safe mode either - same problem! Even tried sfc /scannow in advanced startup, after Windows failed to repair the system, but the command wouldn't work as there was some mysterious reboot needing to take place, failed every time. I even tore apart the computer, having been led it's a GPU driver issue, which I know for a fact it is not. Took everything apart anyway and reset all the hardware and cables, but the error persisted. Restored the previous TIB image, back up and running with no problems, WITHOUT KB2930275. Disabled WUpdates completely, for now.

Anyone else experience this problem, or opted to not install it?

http://technet.microsoft.com/en-us/security/bulletin/ms14-015

Edited by epic
0

Share this post


Link to post
Share on other sites

It seems like a large number of people have had issues with this update, which has been defined as "dodgy".

A couple examples:

http://social.technet.microsoft.com/Forums/en-US/ccb4eb16-6eff-4622-86d8-c262ca85b9d1/kb2930275-dodgy-?forum=winserver8gen

https://forums.whirlpool.net.au/archive/2234454

According to this:

http://www.gfi.com/blog/march-patch-tuesday-roundup/?utm_source=rss&utm_medium=rss&utm_campaign=march-patch-tuesday-roundup

MS14-015 (KB2930275) This update addresses two vulnerabilities in the Windows kernel-mode driver, one of which could be used by an attacker to elevate privileges on the machine while the other could allow information disclosure. This update affects all supported versions of Windows (XP, Vista, Windows 7, Windows 8/8.1, Windows RT, Server 2003, 2008/2008 R2, and 2012/2012 R2), including the server core installations.

The important rating applies to all operating systems across the board and is based on the fact that in order to exploit the vulnerabilities, the attacker first has to have valid credentials to log onto the targeted system and must be on site to log on locally, so this would have to be perpetuated by an insider (someone with access to the premises where the computer is physically located).

Both vulnerabilities stem from the way the kernel-mode driver handles objects in memory and the update corrects the improper handling issues to fix the problem.

it is also seemingly a patch for a non-issue :w00t:.

I mean, valid credentials + local log on, if an attacker has those he ALREADY pwns all your bases. :ph34r:

jaclaz

0

Share this post


Link to post
Share on other sites

I mean, valid credentials + local log on, if an attacker has those he ALREADY pwns all your bases. :ph34r:

jaclaz

Who needs valid credentials when there is a simple linux tool to reset Windows credentials. USB+Brain.

Yeah, I noticed those offsite posts as well, but not many people have reported it, and was quite surprised no information was on msfn.

0

Share this post


Link to post
Share on other sites

Who needs valid credentials when there is a simple linux tool to reset Windows credentials. USB+Brain.

Well, if it comes to this, JFYI, there are also several suitable non-linux tools.

jaclaz

0

Share this post


Link to post
Share on other sites

For what it's worth I've been using my system pretty heavily since that update went in and it seems fine so far. So it's not a universal fail.

Is there a particular activity that seems to net problems?

-Noel

0

Share this post


Link to post
Share on other sites

Is there a particular activity that seems to net problems?

Are you joking? :unsure:

NO activity at all.

What epic clearly reported is that (for whatever reasons) this machine entered an endless (Wupdate induced) loop that forced him to restore a previous image, which is exactly what is reported in the two threads I posted a link to.

It is IMHO very possible that this happens on a limited number of installs/machines, as it has happened in the past, with people mad :realmad: at a given update/fix/KB and other ones very happy :) bout that same thing.

jaclaz

0

Share this post


Link to post
Share on other sites

Interesting... I'm usually the one who attracts buggy updates, but even though I have this one installed, nothing abnormal happened yet... well, except for the usual win8.1 quirks.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.