MS13-036 causes problems in certain Windows 7 installations
Last updated on: September 7, 2020
MS13-036, one of the bulletins released last Patch Tuesday, has caused hangs during reboot for a number of Windows 7 users. The problem is mostly confined to users in Brazil that have the banking security plugin "G-Buster" installed. G-Buster is locally developed in Brazil by the company "GAS Tecnologia" and is widely installed in Brazil. Some of the major banks require their customers to install it to secure Internet banking. The plug-in which provides a virtualized and hardened operating environment for safer banking and one of its security measures is interfering with the Windows kernel patch contained in MS13-036.
MS13-063 contains two updates: KB2808735, rated "important" and KB2823324, rated "moderate". The second update KB2823324 is the one causing the issue and Microsoft is recommending uninstalling that particular update. Instructions for that process can be found in KB2839011
Users of Windows XP and Windows 8 users are not affected, as the update does not apply to these machines.
Given the number of complaints in Brazil it is clear that Microsoft does not have this particular combination of Windows 7 and G-Buster plugin in its QA setup. In order to provide the additional security functions, G-Buster has to interfere with low level functions of the Windows Operating System, similar to software such as anti-virus and host intrusion detection systems. It will be interesting to read the post-mortem to see G-Plugin uses any undocumented features that caused the problem or whether all APIs used to provide the additional security functions.
For users who have not installed the Patch Tuesday bulletins yet, Microsoft continues to recommend the installation of MS13-036, as they have modified the bulletin to excluded the offending update KB2823324. However at this point, given the circumstances and the lower criticality of the update I recommend not installing MS13-036 and review the available options next week.
For a better insight into the problem, see the English version of a Brazilian analysis of the issue.