Microsoft Patches "Blue Screen Of Death" In Windows XP SP2 - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

01:44 PM

Microsoft Patches "Blue Screen Of Death" In Windows XP SP2

Microsoft has posted a critical fix to Windows XP Service Pack 2 (SP2) on its Windows Update site, and pushed it to users relying on Automatic Update.

It may not be the second Tuesday of the month -- Microsoft's normal day to release security bulletins and patches -- but the Redmond, Wash.-based developer has posted a critical fix to Windows XP Service Pack 2 (SP2) on its Windows Update site, and pushed it to users relying on Automatic Update.

The problem, which has actually been public since December 2004, also affects Windows Server 2003 and Windows XP Tablet PC Edition 2005. In some cases, installing third-party anti-virus or firewall software -- Microsoft didn't name makers or package titles -- can bring down the operating system in a Blue Screen of Death with a cryptic error that reads "Stop 0x05 (INVALID_PROCESS_ATTACH_ATTEMPT)."

Ironically, the last time a Blue Screen of Death made the news, Microsoft Chairman Bill Gates was on the stage at January's Consumer Electronics Show in Las Vegas, demonstrating Windows Media Center.

According to Microsoft's advisory, the problem's not really a vulnerability, but is due to "a coding error in the Http.sys file [that] causes stack corruption."

Unlike some other hot fixes, however, this one was quietly elevated Tuesday, and placed on the Windows Update service site and entered into Automatic Update, which automatically retrieves patches and installs them on Windows systems.

Although the alert got some attention last week on several security mailing lists, Microsoft held off on a general announcement until this week.

"It's surmised that this is because the patch is not exactly a security patch [but] instead was more of a hot fix for the stop condition/blue screen scenario, and is not covered by the standard security bulletins," said Joshua Wright of the Internet Storm Center.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
2021 State of ITOps and SecOps Report
2021 State of ITOps and SecOps Report
This new report from InformationWeek explores what we've learned over the past year, critical trends around ITOps and SecOps, and where leaders are focusing their time and efforts to support a growing digital economy. Download it today!
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Pandemic Responses Make Room for More Data Opportunities
Jessica Davis, Senior Editor, Enterprise Apps,  5/4/2021
10 Things Your Artificial Intelligence Initiative Needs to Succeed
Lisa Morgan, Freelance Writer,  4/20/2021
Transformation, Disruption, and Gender Diversity in Tech
Joao-Pierre S. Ruth, Senior Writer,  5/6/2021
Register for InformationWeek Newsletters
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll