Black screen of death fix for Windows XP, Vista, 7 (updated)

Some Windows users are greeted with a black screen of death at login, ever since they installed this month's patches. One security company thought it had a solution. In IT Blogwatch, bloggers debate what's going on.

By Richi Jennings. December 1, 2009.
(Updated Dec 2 5.15am EST)
(MSFT)

Your humble blogwatcher selected these bloggy morsels for your enjoyment. Not to mention too much time on his hands...
 
 
Kelly Fiveash reports:

Microsoft’s most recent release of security patches is causing some computers to ... display a, er, black screen of death. ... [The] latest patches [are] causing havoc for some Windows fans. ... Redmond tweaked the Access Control List (ACL), which ... details individual object permissions for a logged-on user.
...
Microsoft’s latest modification to ACL registry keys have rendered some installed apps as useless, by preventing them from running and causing a black screen to appear.

Emil Protalinski adds:

Last week, a number of Windows users started complaining their computers were ... displaying a Black Screen of Death ... after the last Microsoft Patch Tuesday on November 10, 2009. ... Microsoft clearly wanted to improve the security of Windows, but for some users, the solution ended up breaking their installations.
...
Security company Prevx ... first noted the issue. ... Prevx released their own fix ... that makes the appropriate changes in the registry ... to match the ACL settings.

Prevx's David Kennerley offers help:

If you have these symptoms you can safely try our free Black Screen Fix. It will fix the most common cause we have seen of this issue. Running the fix program is easy under normal circumstances, simply download with your browser using the link above and run the program. However, if you are trying to do this from the PC which has the black screen it is a bit more tricky.
...
If your black screen woes began in the last 2 weeks after a Windows update or after running any security program (including Prevx) to remove malware during this time then this fix will have a high probability of working. ... The cause ... appears to be a change in the Windows Operating Systems lock down of registry keys. This change has the effect of invalidating several key registry entries if they are updated. ... The rule change does not appear to have been publicised adequately.

Zeljka Zorz has an alternative:

Another option for fixing the problem is to manually modify the registry settings, but this should be done only by people who know what they're doing.

Marc concludes it's careless programmers:

This is good to know because my test machine, equipped with Windows 7 Enterprise, had given BSODs twice in the past couple of weeks. This is a machine that has been rock solid with XP for over a year. The Windows XP machines around the house seem to have escaped the latest scourge from Microsoft, so XP problems must be hit or miss.
...
I suppose we’ll be seeing some more patches for the patches come next patch Tuesday.

Nick Eaton, in the interests of balance, got a statement from Microsoft:

• Microsoft is investigating reports that its latest release of security updates is resulting in system issues for some customers.
• Based on our investigation so far we can say that we're not seeing this as an issue from our support organization.
• The issues as described also do not match any known issues that have been documented in the security bulletins or KB articles.
• As always, we encourage customers to review the security bulletin and related KB articles and test and deploy security updates.
• If customers do encounter an issue with security updates, we encourage them to contact our Customer Service and Support group for no-charge assistance. Customers can contact CSS using the information at http://support.microsoft.com/security.

Update: Preston Gralla heaps scorn on Prevx:

The security company Prevx ... just admitted what much of the world already knew: They were absolutely wrong.
...
Director of research Jacques Erasmus admits that the Black Screen of Death is in fact caused by malware, not by the Microsoft security patch. He adds, "We apologize to Microsoft for any inconvenience."

So what's your take?
Get involved: leave a comment.
 
 
And finally...

• Automatic Mario vs. "Don't Stop Me Now" by Queen
  [hat tip: Adam Kempa]

Richi Jennings is an independent analyst/consultant, specializing in blogging, email, and security. A cross-functional IT geek since 1985, he is also an analyst at Ferris Research. You can follow him as @richi on Twitter, or richij on FriendFeed, pretend to be richij's friend on Facebook, or just use good old email: itblogwatch@richij.com.

 
 
Don't miss out on IT Blogwatch:

• Subscribe to the Computerworld Blogs and IT Blogwatch newsletters
• Catch up with posts from the previous few days