A standalone security update released as part of the February Patch Tuesday cycle has created headaches for some owners of PCs running Windows 10. After investigating reports of those issues, Microsoft has yanked KB4524244 from its update servers.
The mess gets messier: Judging from a series of cryptic tweets by security experts, this update and its revocation are tied to a situation involving Kaspersky Rescue Disk and a signed bootloader that can circumvent the Secure Boot feature that is the bedrock of security on modern PCs. I’m still trying to figure out the sequence of events here. Stay tuned,
Microsoft has removed a standalone security update from its Windows Update servers and enterprise update channels after acknowledging reports of “an issue affecting a sub-set of devices.” The company says it’s “working on an improved version of this update in coordination with our partners and will release it in a future update.”
The security update, KB4524244, was released on February 11, 2020, as part of the normal Patch Tuesday release cycle, and was targeted for all Windows 10 versions via Windows Update. It was intended to address a security vulnerability affecting third-party Unified Extensible Firmware Interface (UEFI) boot managers.
In its documentation for the update, Microsoft says its engineers have confirmed at least two known issues:
- You might encounter issues trying to install or after installing KB4524244.
- Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to desktop and receive the error “There was a problem resetting your PC.”
According to reports from users on Microsoft’s support forums, some users encountered problems restarting after the update attempted to install, while others were signed in using a temporary user profile.
An update to the KB article documenting this update notes that Microsoft has removed the defective patch from all supported channels:
This standalone security update has been removed due to an issue affecting a sub-set of devices. It will not be re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note Removal of this standalone security update does not affect successful installation or any changes within any other February 11, 2020 security updates, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update.
Microsoft says customers who have successfully installed the update don’t need to take any further steps. Those who have configured PCs to defer installation of updates by at least four days should also be unaffected.
For those who are experiencing issues related to this update, Microsoft recommends uninstalling the update.
- In the Windows 10 search box, type update history and then select View Your Update History.
- On the View Update History page, click Uninstall Updates. That action opens the Control Panel Uninstall An Update dialog box.
- Under the Microsoft Windows heading, select the KB4524244 entry and then click the Uninstall button (above the list of updates).
- After completing those steps, restart to complete the uninstall process. Because this update has been pulled from the Windows Update servers, it’s not necessary to take any additional steps to block it.