2005 - 1,763 views, 10 Comments

Summary: A recent security update to Microsoft Windows, MS05-002 KB891711, is causing crashes for a lot of Windows 98 and Windows ME users, leading to issues with IE, blue screens of death and even, some are reporting, a black screen of death. The MS05-002 KB891711 ...

Previous Article « Brad Pitt, Angelina Jolie, Sex, and the Unsuspecting Windows User
Read Next Article » A TIP Exclusive: Man with RFID in Hand Takes Your Questions!

A recent security update to Microsoft Windows, MS05-002 KB891711, is causing crashes for a lot of Windows 98 and Windows ME users, leading to issues with IE, blue screens of death and even, some are reporting, a black screen of death.

The MS05-002 KB891711 security patch, released in January, was supposed to address a Windows vulnerability with “Cursor and Icon Format Handling” which could, according to Microsoft, allow remoted code execution.

But almost as soon as the KB891711 patch was disseminated, people started reporting issues with their Windows 98 and Windows ME systems resulting from the patch. Said one user, posting in a public forum, “I just had to remove it from a customer’s machine as it was originally causing it to Blue Screen with an fatal exception.”

KB891711 is unusual in that rather than just updating the Windows program, it actually runs as a resident program in the background, being started every time the computer is started up. This may, some think, be what is leading to the unusual amount of issues being brought on by the installation of the patch.

Nearly two months after the release of the KB891711 patch, Microsoft has this week released a brief statement:

Microsoft has received reports about issues with KB891711 on Windows 98,
Windows 98 SE and Windows ME. At this point, we have been able to confirm
these reports and are currently working on a resolution.

Please note that by uninstalling the current update, the machine will return
to a vulnerable state. At this point, we are currently not aware of
customer’s being exploited by way of the vulnerability fixed in MS05-002 on
Windows 98, Windows 98 SE and Windows ME.

Which is, Aunty believes, Microsoftese for “You’re screwed if you do…”, well, you know the rest.

Email the link for this page to a friend!

» 3G iPhone Rush and iPhone Firmware Update Leads to Long Lines (Again) and Takes Apple Servers Offline

» 0×800a0007 Windows Update Error

» Microsoft Releases Update for XP x64 Audio Problem (KB901105)

For additional similar stories check out our archives on Security, Windows

10 Comments »

For any one having any issues with the above windows update, here is a temp fix until Microsoft gets around to fixing it right. Go to misconfig, and uncheck the update KB891711 listed in the startup list. It sure has been working for me for the last few months on all the ME machines I have been working with. It also kills Sygate firewall which I use a lot in my reformats.

Comment by mdn7779 — 4/1/2005 @ 12:17 am
I just got around to patching an “old” 98SE computer and it gave me Black Screens Of Death about every 2 seconds… thank you for the tip with msconfig… I will have to try that… and I’d say that M$ does everything to discourage the use of older OS… whether the puter can take XP or not doesn’t make any difference, now, does it? :-S

Comment by Brigitte — 4/1/2005 @ 1:31 am
Nice to know I’m not the only one whose computer didn’t like this “update.”

My older version of Zone Alarm had trouble with it. Updated to a more recent version, and that seemed to solve that problem.

I didn’t realize that the other problems shared the same cause. Before reading this column, I thought all the BSODs were a message from my machine that it was time (after almost 4 years) to reformat c: and reinstall Windows.

What a relief. BTW, MS config isn’t the only tool out there for controling startups. I personally prefer one that is built in to Spybot S&D, for example.

Comment by Ken — 4/1/2005 @ 2:48 pm
I too get the blue death screen and already unchecked it in startup at msconfig. It took awhile to find out what was causing my windows ME to crash. I will be looking for the fix.

Comment by Josephine Bralley — 4/1/2005 @ 4:38 pm
When I downloaded this update, I immediately began having problems. Internet Explorer refused to start, the blue screen of death, etc. I simply went to Add\Remove Programs and removed KB891711. Microsoft and some others might shake their finger at me, but to heck with it; anything that causes system instablities isn’t staying on my machine.

Comment by echo — 4/2/2005 @ 5:10 am
My problems from this don’t seem to be as bad as some, but I am having a lot of freezes in IE and have so far had one shut down freeze. I also wonder if it is the cause of the MS icon that appears on my desktop sometimes when I close a program - either OE or IE, not sure which. When opened in Wordpad, it only shows hieroglyphics.

Comment by Carol — 4/2/2005 @ 11:15 am
I installed the file like Microsoft recommended and computer crashed. After shuting it down, always came back with blue screen when restaring. Had to start in safe mode to find the problem. When it installed it placed the file in the start up menu which was causing this problem, I use Win98se and plan to continue using this version with the old reliable Netscape 7.1. Microsoft keep sending this file to upgrade, Think they did this on purpose. They should be made fix the windows program where you would have an option to install or not install the IE program.

Comment by wooten — 6/8/2005 @ 8:08 am
How do you fix this problem using the command prompt which seems to be all that I can access? Help!

Comment by Bill T. — 7/28/2005 @ 4:42 am
MS packages were re-released on April 12, 2005.

MS05-002: Vulnerability in cursor and icon format handling could allow remote code execution
Last Review : September 9, 2005
Revision : 2.1
http://support.microsoft.com/kb/891711
“Known issues” heading deals with matters remaining after the above date.

Further updates 22 Dec. ‘05,
“it has changed my system files. After unchecking it in [msconfig S]tartup and rebooting I go and check my [S]tartup menu only to find that it rechecks itself back on”
[…]
“I chose to remove all instances of this Microsoft Virus and have had no further problems of the magnitude of the crashes caused by KB891711. It has been out of my machines since July”, at
http://www.annoyances.org/exec/forum/win98/t1135258774

An alternate solutions path, 10 Apr. - 11 Dec. ‘05, has
unofficial SPs, Tihiy’s TI891711 (W98SE only), and U891711
http://www.msfn.org/board/index.php?showtopic=43566

-DG

Comment by Dirk Gently — 1/5/2006 @ 10:32 am
PS: “Which is, Aunty believes, Microsoftese for”; as you may know, Windows before NT versions has been ever-increasingly cobbles of kludges built on the original DOS that got Mr. Bill started ‘way back in the earliest days of PCs. So of course it’s all gotten rickety. This could lead into several further articles. Or Linux.
For now,
Dear webmaster, this article “http://www.theinternetpatrol.com/screwed-if-[…]crashes-kb891711/”
is significantly in need of updating.
Your article does appear near the top of search engine results : )

Comment by Dirk Gently — 1/5/2006 @ 10:48 am

RSS feed for comments on this post.

Warning! All comments which contain URLs and are clearly just spam to generate a link back to the URL will be deleted on sight. Don't bother wasting your time!
If you are going to include a URL in your comment,
please keep it under 25 characters in length,
or use TinyURL to shorten it before including it in your comment.
Line and paragraph breaks are automatic, your email address is never displayed.
HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>