Jump to content

Welcome to MSFN Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account



Photo

WUpdate: KB2930275

Critical_Process_Died

  • Please log in to reply
6 replies to this topic

#1
epic

epic

    Advanced Member

  • Member
  • PipPipPip
  • 395 posts
  • Joined 13-January 05

It seems that KB2930275 is causing a Critical_Process_Died in Windows 8.1 Professional, as well Server(?)

 

In my case I'm operating Windows 8.1 Professional W/MC. The update initially installed as a "Install WUpdates automatically," cycled the system this evening and come to find out that I was in an endless loop of Critical_Process_Died. Safe mode wasn't an option either, the error displayed there as well. A freakin nightmare, everything was running fine prior to the update, messing around for a good 1.5 hrs trying to solve it.

 

Finally caved after 1.5 hrs and restored a TIB image, without the update. Yet, everything worked like a charm, up until the point I installed the updates again. Having to experience the same problems, troubleshooting did not work, could not enter safe mode either - same problem! Even tried sfc /scannow in advanced startup, after Windows failed to repair the system, but the command wouldn't work as there was some mysterious reboot needing to take place, failed every time. I even tore apart the computer, having been led it's a GPU driver issue, which I know for a fact it is not. Took everything apart anyway and reset all the hardware and cables, but the error persisted. Restored the previous TIB image, back up and running with no problems, WITHOUT KB2930275. Disabled WUpdates completely, for now.

 

Anyone else experience this problem, or opted to not install it?

 

http://technet.micro...lletin/ms14-015


Edited by epic, 14 March 2014 - 03:28 AM.



How to remove advertisement from MSFN

#2
jaclaz

jaclaz

    The Finder

  • Developer
  • 14,677 posts
  • Joined 23-July 04
  • OS:none specified
  • Country: Country Flag

It seems like a large number of people have had issues with this update, which has been defined as "dodgy".

A couple examples:

http://social.techne...m=winserver8gen

https://forums.whirl...archive/2234454

 

According to this:

http://www.gfi.com/b...tuesday-roundup

 

MS14-015 (KB2930275) This update addresses two vulnerabilities in the Windows kernel-mode driver, one of which could be used by an attacker to elevate privileges on the machine while the other could allow information disclosure. This update affects all supported versions of Windows (XP, Vista, Windows 7, Windows 8/8.1, Windows RT, Server 2003, 2008/2008 R2, and 2012/2012 R2), including the server core installations.

The important rating applies to all operating systems across the board and is based on the fact that in order to exploit the vulnerabilities, the attacker first has to have valid credentials to log onto the targeted system and must be on site to log on locally, so this would have to be perpetuated by an insider (someone with access to the premises where the computer is physically located).

Both vulnerabilities stem from the way the kernel-mode driver handles objects in memory and the update corrects the improper handling issues to fix the problem.

it is also seemingly  a patch for a non-issue :w00t:.

 

I mean, valid credentials + local log on, if an attacker has those he ALREADY pwns all your bases. :ph34r:

 

jaclaz



#3
epic

epic

    Advanced Member

  • Member
  • PipPipPip
  • 395 posts
  • Joined 13-January 05

I mean, valid credentials + local log on, if an attacker has those he ALREADY pwns all your bases. :ph34r:

 

jaclaz

 

Who needs valid credentials when there is a simple linux tool to reset Windows credentials. USB+Brain. 

 

Yeah, I noticed those offsite posts as well, but not many people have reported it, and was quite surprised no information was on msfn.



#4
jaclaz

jaclaz

    The Finder

  • Developer
  • 14,677 posts
  • Joined 23-July 04
  • OS:none specified
  • Country: Country Flag

 

Who needs valid credentials when there is a simple linux tool to reset Windows credentials. USB+Brain. 

 

Well, if it comes to this, JFYI, there are also several suitable non-linux tools.

 

jaclaz



#5
NoelC

NoelC

    Software Engineer

  • Member
  • PipPipPipPipPipPip
  • 1,329 posts
  • Joined 08-April 13
  • OS:Windows 8.1 x64
  • Country: Country Flag

For what it's worth I've been using my system pretty heavily since that update went in and it seems fine so far.  So it's not a universal fail.

 

Is there a particular activity that seems to net problems?

 

-Noel



#6
jaclaz

jaclaz

    The Finder

  • Developer
  • 14,677 posts
  • Joined 23-July 04
  • OS:none specified
  • Country: Country Flag

Is there a particular activity that seems to net problems?

Are you joking? :unsure:

NO activity at all.

 

What epic clearly reported is that (for whatever reasons) this machine entered an endless (Wupdate induced) loop that forced him to restore a previous image, which is exactly what is reported in the two threads I posted a link to.

 

 

It is IMHO very possible that this happens on a limited number of installs/machines, as it has happened in the past, with people mad :realmad:  at a given update/fix/KB and other ones very happy :) bout that same thing.

 

jaclaz



#7
Soukyuu

Soukyuu

    Member

  • Member
  • PipPip
  • 187 posts
  • Joined 25-April 13
  • OS:none specified
  • Country: Country Flag
Interesting... I'm usually the one who attracts buggy updates, but even though I have this one installed, nothing abnormal happened yet... well, except for the usual win8.1 quirks.
AMD Phenom II X4 970BE | 12GB DDR3 | nVidia 260GTX | Windows 8.1u1 x64 Pro | Primary
Intel C2D T7250 | 4GB DDR2 | nVidia 8600m GT | Windows 7 x64 Pro | Secondary




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users