Had an XP SP3 system show the dreaded hang. Rebooted into safe mode,
set the NOD32 service to not start. Couldn't remove updates in safe
mode (windows installer service can't start in safe mode.) Rebooted
into "start windows normally" and removed KB972260 update. Then
reinstalled NOD32. Set automatic updates to "notify me".
I guess I'll see how long it lasts. Interestingly, the system claims it
installed the KB972260 update yesterday, not today.
Andrew Hendrickson wrote:
> I'd say that those who reported such things didn't wait long enough.
> In every case thus far (and I've seen three), reinstalling NOD32
> eventually brought about the same symptoms if the KB was left in place.
> Quoting "J. Greg Mackinnon" <[log in to unmask]> Thu, 30 Jul 2009:
>> We have had reports that simply removing/reinstalling NOD32 made the
>> problem "go away", at least for the time being. This information
>> suggests that the problem is being caused by NOD32 on its own, not by
>> the KB hotfix list. Did you try simply reinstalling NOD32 on any of
>> the systems you visited?
>> If KB972260 is responsible, then we can block its distribution for
>> domain-joined systems. However, this is a patch for a remote code
>> execution vulnerability. Microsoft security felt it was urgent
>> enough that this patch needed to be released out-of-band (i.e. not on
>> "patch Tuesday"). Left unpatched, this vulnerability likely /will/
>> be exploited. Thus, I would prefer to avoid blocking this update
>> until we have a bit more evidence that it is responsible for system
>> Andrew Hendrickson wrote: Okay, tomorrow may just be a really really
>> bad day for everyone. Just fair warning.
>> I've had two reports of machines freezing up with a busy cursor, one
>> Vista SP2, ESET NOD32 version 4 and one Windows XP SP2, ESET NOD32
>> version 3.
>> On the Vista machine a "failure - security options: Login process has
>> failed to create the security options dialog" would appear.
>> On the XP machine, Windows Explorer simply freezes and no keystrokes
>> get a response, including the venerable control-alt-del.
>> On the Vista machine I discovered that KB972260 had just been
>> installed. When I removed that KB AND removed ESET NOD32, the
>> problem went away. If I tried to run the machine after just removing
>> the KB, the problem remained.
>> I confirmed that this was also the case on the Windows XP machine as
>> KB97260 appears to be a critical out of band update released to
>> rectify some serious security flaws in Internet Explorer and is an
>> update for all flavors of Windows currently supported and all flavors
>> of IE.
>> And, just to set my evening to "extra crispy" when I returned to my
>> office my own Vista desktop was waving it's "Failure - Security
>> Options" freaky flag. ;-)
>> So far the only thing that appears to work is to either remove the KB
>> and ESET, or remove both, block the KB in Windows Update and
>> reinstall ESET.
>> Perhaps we could block this particular KB at the update server until
>> ESET gets this cleared up?
>> I don't think that this is just a bad ESET definition file, because
>> the machine runs fine with the KB removed and blocked but ESET
>> Andrew Hendrickson
>> CAS, IT Administrator
>> UVM, College of Arts & Sciences
>> 438 College Street #402
>> Burlington, VT
>> 802-656-4529 (fax)
>> [log in to unmask]
>> To submit a request for service please use:
Systems Architecture & Administration
Enterprise Technology Services
University of Vermont
Burlington, VT USA