Warning on recent Windows update.

Discussion in 'other anti-virus software' started by nine9s, Dec 10, 2014.

  1. nine9s

    nine9s Registered Member

    Joined:
    Feb 8, 2013
    Posts:
    265
    Location:
    USA
    This is just a guess of potential problem with antivirus software.

    One of the recent (~12-09-14) Windows Update, specifically KB3004394 seems to be causing a host of problems (I noticed it because I run SFC scan after all WIndows Update, and it created false corrupt files.)

    Anyway it is causing a host of problems because it basically had a bug in changing root certificate of Windows system files.

    As someone wrote in response to https://answers.microsoft.com/en-us...4-issues/ace25277-7f65-4486-bc44-c1b106907a18

    "Same thing here: KB3004394 removes/corrupted Windows Certificates so all windows system files are now found as unsigned. This is the reason why UAC comes into play and asks if you want to run an unknown program or file even when running the admin account, but only for system files.

    Seems this update corrupted the catalog folder/files within so windows now thinks all system files are unsigned"


    Based on that, the first thing that popped into my mind is that some antivirus programs might start finding Windows system files as threats and quarantine/delete them.

    And worst part is that with that update installed, a Windows system cannot get Windows Update - up have to uninstall that specific update to get additional updates (so how will MicroSoft fix this.)

    What do other think? Assuming that poster is correct, and this update made all WIndows system files unsigned, do you think some Antivirus programs might start treating WIndows files as malware threats until this is fixed?
     
    Last edited: Dec 10, 2014
  2. Lagavulin16

    Lagavulin16 Registered Member

    Joined:
    Nov 26, 2014
    Posts:
    83
    Location:
    Emerald City
    Just ran a scan complete with Emsisoft and Malwarebytes-- no problems.
     
  3. Windows_Security

    Windows_Security Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    3,066
    Location:
    Netherlands
    Same problem here: :mad:
     
  4. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    1,954
    Location:
    DC Metro Area
    "Restarted Window 8.1 today, Tues Dec 10 to install updates. PC is now locked up on "keep your PC on until this done. Installing update 19 of 22... Locked up for over 2 hours. Anybody know what I can do. Can I turn off PC and then turn back on? Thanks for any help you can give."

    "I don't know if its Silverlight or windows. I did the updates and now the whole metro page is blank, only have desktop. Also all restore points are gone and icons are all over the desktop page."

    http://answers.microsoft.com/en-us/...-bb71-4307-b5ef-5625f041a4a4?tm=1418221106903
     
  5. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Haha wow.
    Quality Control does that even exist these days at Microsoft, or is that not important at all anymore?
    "Its time to release the updates"..."but they are not tested Sir ? "..."I said release them!!!"
     
  6. nine9s

    nine9s Registered Member

    Joined:
    Feb 8, 2013
    Posts:
    265
    Location:
    USA
    Even though I uninstalled the specific update, I decided to reinstall my last image. During its update, KB3004394 was no longer offered, but the same amount of Windows Security updates for x64 were offered. So I assume MicroSOft replaced the bad update with a different one (but if people cannot update with the bad one, I am not sure what will happen to people who did get the update and do not know to uninstall it.)
     
  7. Carver

    Carver Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    1,827
    Location:
    USA
    Once I Crashed so bad all I could get was the desktop, I used the Documents folder to maneuver to system32 and rstrui.exe and put a shortcut on the desktop, when clicked on produces the dialog box for system restore. After that I got acronis TI, now I have Macrium Reflect
     
  8. nine9s

    nine9s Registered Member

    Joined:
    Feb 8, 2013
    Posts:
    265
    Location:
    USA
    Anyone know if it is causing problems with any antivirus programs?
     
  9. zfactor

    zfactor Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    6,012
    Location:
    on my zx10-r
    seems this round of updates in general caused issues for some people. i even got a call today from a client telling me there office 2013 says its not activated anymore and this was a store bought boxed version they had me install for them. but on a few forums i saw people complaining about these updates.
     
  10. oliverjia

    oliverjia Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    1,517
    I said from teh very beginning when stupid MS decided to push out updates with large file sizes to not only fix issues but also implement new features. My instinct told me it was a bad idea, because you don't want to patch a system heavily unless absolutely necessary. Now look at what happens.
    Shame on MS. these stupid programmers got high pay for such lousy work. Really a disgrace. Puke.
     
  11. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    No problems of any kind on my end
     
  12. Rakanisheu

    Rakanisheu Guest

    We have had a number of support tickets about this, its causing quite a few people headaches.
     
  13. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,257
    I guess you're locked out thanks to ValidateAdminCodeSignature as now you can't run regedit.exe elevated, right? It' my case. lol:D
    I wondered whether I should fix it via boot CD, but it seems I had better to rollback my system and don't install kb3004394 if it still displayed. (-。-)=3
     
  14. Banzi

    Banzi Registered Member

    Joined:
    Oct 21, 2013
    Posts:
    368
    Location:
    Scotland
    No issues here with the Windows 8.1 x64 updates yesterday :)
     
  15. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,047
    Location:
    USA
    I have a VM that took 18 hours to update with patches for Windows, Office and Visual Studio. You just have to wait for it to finish. And I would not install KB3004394.
     
  16. badsector

    badsector Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    51
    18 hour.... 18 hours 18 hours... :eek:
     
  17. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,191
    Location:
    USA,IA
    No problems here either.
     
  18. FOXP2

    FOXP2 Guest

  19. nine9s

    nine9s Registered Member

    Joined:
    Feb 8, 2013
    Posts:
    265
    Location:
    USA

    KB3004394 got remove from WIndows Updates yesterday afternoon. I refreshed to recent image and it was no longer offered.
     
  20. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,047
    Location:
    USA
    I'm still seeing it on a Windows 8.1 machine... but not on some Windows 7 machines.
     
  21. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    1,617
    Location:
    Canada
    Same for me.
     
  22. Windows_Security

    Windows_Security Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    3,066
    Location:
    Netherlands
    F8 >> Restore >> hide >> update >> back to normal


    Untitled.png
     
    Last edited: Dec 11, 2014
  23. Tarantula

    Tarantula Registered Member

    Joined:
    Jul 23, 2010
    Posts:
    357
    Try the Windows troubleshooter. Stopped working here after this update. Uninstalled it and voila - working again.
     
  24. zfactor

    zfactor Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    6,012
    Location:
    on my zx10-r
  25. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,257
    If F8 means safe mode, it wouldn't help me, but anyway I restored from boot CD.
    And good to know you restored, hide the corrupted update and could update OS w/out problem:thumb:
    As already mentioned it seems that update was removed so maybe you can unhide that again.
     
Loading...