The incident took thousands of users by surprise
Microsoft launched in recent days two software updates that, according to reports of experts in network security, would have bricked some Windows 7 computers by mistake.
The incident was presented after the implementation of the security update of January 9th, identified as Microsoft Monthly Rollup update KB4480970, in combination with the previous update, KB971033, launched in April 2018.
The two most recent updates introduced new security measures against the well-known Spectre and Meltdown side channel vulnerabilities; fixed a session isolation error that affected to PowerShell remote endpoints, as well as fixing other Windows bugs. The update corrected the activation and validation components in Windows Activating Technologies, helping users confirm that an original version of Windows 7 is running on their computers.
According to experts in network security, through a publication in Reddit a user commented: “This morning we found the news that some thousands of computers with Windows 7 reporting bugs. After investigating the incident, we discovered that KB971033 had been installed on these machines. Until today, having this KB installed had not been a problem, it seems that a change in the way Microsoft’s activation servers respond to a standard key management service that is sent to them can be responsible for the error”.
This Key Management Service (KSM) allows users to automatically enable Windows and Office Volume Licensing editions. Both Microsoft updates on January 8th also refer to the unexpected flaw in a sub-section titled “Known issues in this update”.
“After installing this update, some users report the non-legitimate KSM activation error 0xc004f200 on Windows 7 devices”, reported network security experts. On the other hand, Microsoft claimed though a statement: “We are aware of this incident and we are investigating it at the moment. We will provide an update when available”.
Through Reddit, some users commented that it was possible to solve this drawback by eliminating the update, eliminating the KMS cache and the PC activation data.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.