Microsoft Recommends to Uninstall Windows 7 Update 2823324

Remember those Microsoft Security updates that were automatically installed last Tuesday? Well, it turns out that there’s a problem with one of them …

Microsoft released a total of nine security bulletins last Tuesday fixing two critical security vulnerabilities and several lesser rated security vulnerabilities in the Windows operating system and several other Microsoft products.

It turns out that one of the updates related that day, update 2823323, is causing issues for some users of the Windows 7 operating system. The update, part of the bulletin MS13-036 is a security update for the Windows file system kernel-mode driver ntsf.sys. The vulnerability received a maximum severity rating of important, the second highest rating available to classify the severity of vulnerabilities.

The Microsoft Knowledgebase article acknowledges the issue and confirms that Microsoft is currently investigating reports of systems failing to boot into Windows 7 or applications after the security update has been installed on the computer system. Microsoft has removed the download link for the patch as a precaution and recommends that customers that have installed the update on their systems uninstall it.

Uninstalling the update

To uninstall the update do the following:

  • Click on the start button and select Control Panel when the menu opens up.
  • Click on uninstall a program on the Control Panel’s home screen.
  • Select view installed updates on the left sidebar to display the installed Windows updates.
  • Increase the size of the window until you see the installed on column in the interface. Click on its header to sort by installation date.
  • Locate Security Update for Microsoft Windows (KB2823324) under Microsoft Windows.
  • Right-click on it and select uninstall.

security update kb2823324

You can alternatively run the following command from an elevated command prompt:

  • wusa.exe /uninstall /kb:2823324 /norestart

The removal script can also be run using PSEXEC:

  • Psexec -d -s \\remotemachine wusa.exe /uninstall /kb:2823324 /quiet /norestart

A prompt should come up asking you if you really want to uninstall the update from the computer. You can cancel here with a click on no, or go ahead and uninstall it with a click on yes.

Users affected by the issue may receive one or multiple of the following error messages:

Windows failed to start. A Recent hardware or software change might be the cause. To fix the problem, To do this, follow these steps:

1. Insert your windows installation disc and restart your computer.
2. Choose your language settings, and then click next.
3. Click “Repair your computer.”

Status: 0xc000000e
Info: The boot selection failed because a required device is inaccessible.

—————————

STOP: c000021a {Fatal System Error}
The Session Manager Initialization system process terminated unexpectedly with a status of 0xC000003a (0x00000000 0x00000000).
The system has shutdown.

Microsoft notes that the error occurs early in the boot process so that no memory.dmp file gets created. Users of Kaspersky Anti-Virus for Windows Workstations or Windows Servers may receive a “Your license is not valid” error message after installing the update.

Systems that fail to start may use the recovery options (by pressing F8 after BIOS repeatedly) to use system restore to roll back the update.

Additional information about the issue are available under KB 2839011.

Link to Original Content

Tags: , , ,

Comments are closed.