If you haven’t yet, do not install Patch Tuesday’s MS13-036 bulletin

“We are aware,” warned Microsoft’s Dustin Childs, “that some of our customers may be experiencing difficulties after applying security update 2823324, which we provided in security bulletin MS13-036 on Tuesday, April 9.” The issue arises when the user has certain third-party software installed – specifically G-Buster, a Brazilian banking security plug-in widely used in Brazil.

“The plug-in, which provides a virtualized and hardened operating environment for safer banking and one of its security measures, is interfering with the Windows kernel patch contained in MS13-036,” notes Wolfgang Kandek, CTO of Qualys, in a Friday blog post. He explains that, “In order to provide the additional security functions, G-Buster has to interfere with low level functions of the Windows Operating System, similar to software such as anti-virus and host intrusion detection systems.”

Microsoft also warns about an issue for Kaspersky users, in which certain products may display a ‘license not valid’ warning. “Therefore,” says Microsoft, “some or all of Kaspersky protection components stop functioning.” Kaspersky makes no mention of its own products on its own blog, saying simply, “Microsoft recommends users uninstall the patch, which is also causing compatibility with some endpoint security software.”

Microsoft users who have already received the MS13-036 bulletin are advised not to install security update 2823324. User who have already installed the update are advised to remove it, following guidance provided here. “The other security update provided in security bulletin MS13-036, 2808735, continues to be available for download for all affected platforms and is being pushed via updates to help protect customers against other issues - the bulletin no longer contains the affected update,” said Childs.

What’s Hot on Infosecurity Magazine?