CIS CYBERSECURITY ADVISORIES

MS-ISAC ADVISORY NUMBER:
2015-027

DATE(S) ISSUED:
03/12/2015

SUBJECT:
Microsoft Security Advisory 3033929 Causing Issues in Windows 7

OVERVIEW:

The Microsoft Security Advisory 3033929 has been reported to cause a reboot loop for Windows 7 users. This update takes the place of Microsoft Security Update 2949927, which was rescinded on October 17, 2014 after it caused similar issues.

SYSTEM AFFECTED:

  • Windows 7 for 32-bit Systems Service Pack 1
  • Windows 7 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core Installation)

RISK:

Government:

  • Large and medium government entities: High
  • Small government entities: High

Businesses:

  • Large and medium business entities: High
  • Small business entities: High

Home users: High

TECHNICAL SUMMARY:

The Microsoft Security Advisory 3033929 has been reported to cause a reboot loop for Windows 7 users. This update takes the place of Microsoft Security Update 2949927, which was rescinded on October 17, 2014 after it caused similar issues. This update is related to the patch released on March 10, 2015, MS15-025, because they share binaries. However, if you patch for MS15-025 (3035131), it does not mean that you have patched 3033929, which would supersede MS15-025.

The update in question does not appear to address a pressing security vulnerability, so it is recommended not to apply this update until the issues have been corrected.

RECOMMENDATIONS:

We recommend the following actions be taken:

  • Do not apply Microsoft Update 3033929 until this issue has been corrected, or a supported work around is available.

REFERENCES:

Microsoft:

https://technet.microsoft.com/en-us/library/security/3033929.aspx

Brian Krebs:

http://krebsonsecurity.com/2015/03/ms-update-3033929-causing-reboot-loop/