February 04, 2003, 9:23 AM — Microsoft Corp. has pulled a security patch for Windows NT 4.0 because installing it can cause the operating system to crash, the software maker said Monday.
The patch, released on Dec. 11 last year, is to fix a privilege elevation vulnerability deemed "important" by Microsoft. A malicious user could gain administrative privileges on a system by exploiting a flaw in the WM_TIMER Windows function, Microsoft said in security bulletin MS02-071.
However, some system administrators were confronted with random crashes and reboots on their NT 4.0 systems after installing the patch. The problem was solved by removing the patch, according to postings about the issue in online discussion groups.
Also, one user complained of trouble using Windows NT 4.0 Terminal Server. When a user was signed off using Terminal Server Administrator, their processes showed as still running. This was also resolved by removing the security patch.
Regina Baker, a systems programmer at First Federal Bank in Charleston, South Carolina, stopped rolling out the patch after installing it on six machines.
"I quit installing after that. They started getting the blue screen of death. This would happen randomly, it didn't matter what application they were using," said Baker in an e-mail response to questions.
Baker contacted Microsoft via its Web site, but "never heard anything back." She then searched the Web and found other users having the same trouble and who also narrowed it down to the specific patch, she said.
"After I removed the patch, we stopped having the problem," she said.
Microsoft is investigating the issue and will release an updated patch shortly, the Redmond, Washington, company said in a revised version of its security bulletin.
There are no problems with the patches for Windows 2000 and Windows XP, also affected by the vulnerability detailed in the bulletin, Microsoft said.