Microsoft has released a security update for Windows 7 that it recommends uninstall. The update, which is called “Windows 7 Security Update 2823324”, fixes a vulnerability that could allow remote attackers to execute arbitrary code. The vulnerability is located in the way that the Windows 7 kernel-mode driver handles objects in memory. If an attacker can access this memory, they can execute arbitrary code. Microsoft has not released a patch for this vulnerability yet, but it is possible to create one using the Microsoft Update Catalog. If you are running Windows 7 and have received this update, you should uninstall it and then install the updated version of Windows 7 from your Microsoft Update Catalog.
While it does not happen often, every once in a while a security update to patch Windows causes more problems than it solves. Case in point, security update 2823324 that was a part of this month’s Patch Tuesday release for Windows 7. Some users have been experiencing endless rebooting or a failure of their system to restart after installing the update. To counteract the problem Microsoft has published a KB article to help get affected systems up and running again.
Broken glass effect courtesy of Photofunia.
As a first preventative step Microsoft has pulled the patch from its automatic update service. They are also currently investigating the problem while working to correct the security update.
If you or someone you know has encountered problems due to 2823324, then you can use the instructions listed in the KB article linked below to remove the update and bring your system back to life.
KB2839011 – You receive an Event ID 55 or a 0xc000021a Stop error in Windows 7 after you install security update 2823324
[via BetaNews, The H Security, and Sophos Naked Security Blog]
