If you’ve been following some of the more recent news on Windows – you’ll have come across stories about a “recent” patch from Microsoft causing what is called a “Black screen of death”. The fix to this seemingly unknown problem comes from a security firm name Prevx. This stuff is problematic on so many levels.
#1 – The problem is VERY poorly defined. The patch that supposedly causes this problem may have been released on Nov 10th, but no one seems to know what patch that is or can site the name/kb number of the patch itself.
#2 – This problem is not a new or unique issue – the supposed “Black screen of death” can be cause by forms of malware and certainly other applications that may not have been installed properly. For Prevx to say “If you have these symptoms you can safely try our free Black Screen Fix” is inviting problems and fixes to problems that may not exist.
#3 – It’s inviting poor users to act more poorly as users – Yes, I know that’s a bit of a mouthful – but the very purpose of malicious software is to take advantage of ambiguity to get the user to run THEIR executable on a user’s computer. In this case, a security firm is now describing an ambiguous problem, caused by an unknown patch and saying you can download THEIR executable to fix it. Suspect.
This may turn out to be a real issue – and it may be a well defined problem in the future (based on another Microsoft mess-up), but please, people, be skeptical before playing into this hype.
Update: I have found more details from Zdnet that seem to confirm the issue on Windows is real and related to the recent update numbered MS09-065.
Update 2: Prevx seems to no longer be around. it looks like Webroot has purchased the company and possibly taken this fix offline.