Skip to main content

Microsoft Pulls August Update Over BSOD Crashes

Microsoft released a security bulletin on Monday reporting that it is currently investigating system crashes associated with four updates released on August 12: 2982791, 2970228, 2975719 and 2975331. The bulletin said that any of these four will cause a 0x50 Stop error, which may prevent the system from starting correctly. For now, Microsoft has removed the download links.

There are actually three known issues stemming from these four updates. For starters, if fonts are installed somewhere other than the default directory, then they cannot be changed when loaded into an active session. The bulletin said Windows customers will get a "File in use" message when they attempt to delete, replace or change the fonts. The second known issue is also font-related; when these updates are installed, fonts will not render correctly.

Until Microsoft finds out what is going on, customers can uninstall these updates. Instructions include booting into Safe Mode, deleting the fntcache.dat file, and editing the registry. Of course, if you've never edited the registry, then don't try this yourself.

Microsoft began receiving complaints on August 13. According to one user named "Frank," he updated his notebook, shut it down, and then restarted, only to be greeted by the Blue Screen of Death. The error, he said, was a Stop 0x50 in Win32k.sys. He couldn't even boot into safe mode.

After restoring his laptop, he decided to download the updates again. He had the same problem as before.

"I went through the updates and found update KB2982791 which relates to Win32k.sys and fonts," he wrote. "I also found this KB article (Stop error 0x50 in Win32k.sys) which says that a Stop 0x50 occurs because Win32k.sys crashes when the font cache is not correctly maintained. Quite a bizarre behavior to crash the whole operating system because a cache seems to be invalid. A decent programmer would have just cleared the cache and continued."

Update 2982791, the most important of the four, addresses MS14-045. According to the bulletin, it fixes three privately reported vulnerabilities in Windows. One of them could allow a hacker to log into the system and run a malicious program to elevate his/her privilege. However, the hacker would need the valid credentials and have hands-on access to the system.

"The security update addresses the vulnerabilities by correcting the way that Windows handles thread-owned objects, by correcting the way in which specially crafted font files are handled in memory by Windows, and by correcting the way in which memory is allocated," the bulletin said.

To uninstall the updates, head here for the instructions. Again, if you're not comfortable with editing the registry, then wait until Microsoft provides a fix via Windows Update.

Follow Kevin Parrish @exfileme. Follow us @tomshardware, on Facebook and on Google+.