The patch was causing reboots on some systems

Oct 18, 2014 06:49 GMT  ·  By

Installing the monthly Patch Tuesday updates released by Microsoft slowly becomes a very risky job for every Windows user out there, as many of the fixes that are shipped to computers actually cause more harm than good.

The same happened this month with KB2952664, an update that was only supposed to help Windows 7 users upgrade to a newer operating system, but it turns out that another patch was the source of even bigger issues.

So big that Microsoft itself acknowledged the problems and even decided to pull the update completely.

Redmond this morning decided to withdraw KB2949927 and remove download links from its official Download Center, admitting that some users are indeed experiencing issues after installing the patch.

The company's Community forums are full of complaints pointing to this update as the source of the problems, but at this point it appears that Windows 7 is the only OS version that's impacted.

What's in KB2949927

According to Microsoft's very own advisory on KB2949927, this particular patch adds support for SHA-2 signing and verification functionality on Windows 7 and Windows Server 2008 R2 only.

Newer Windows releases, such as Windows 8, Windows 8.1, Windows RT, Windows Server 2012 and Windows Server 2012 R2 already have such functionality, so there's no need for such an update, while older OS versions, such as Vista and Server 2003, do not get it.

The patch was automatically shipped to the two aforementioned platforms automatically via Windows Update, so many of those who received the October 2014 Patch Tuesday fixes were involuntarily impacted by the buggy KB2949927.

Unexpected system reboots

Some of the users who installed the patch claimed that their computers reboot all of a sudden and despite a number of workarounds that have been published online, removing the update from the system seems to be the only way to fix it.

Microsoft already confirmed the issue in a statement published in the advisory but didn't provide a statement on when it might re-release the patch for affected users.

“Removed Download Center links for Microsoft security update 2949927. Microsoft recommends that customers experiencing issues uninstall this update. Microsoft is investigating behavior associated with this update, and will update the advisory when more information becomes available,” it says.

Customers whose computers are affected by this buggy patch are recommended to remove it completely from their systems by launching Control Panel, clicking on “Uninstall a Program” and selecting the “View installed updates” in the left sidebar. Search for KB2949927, right-click it and hit “Uninstall.”