back to article Patch Tuesday update is causing some Windows 10 systems to blue screen

Some users running Windows 10 who installed the KB5021233 cumulative update this month are seeing their operating system crash with the Blue Screen of Death, Microsoft is warning. In an entry over the weekend in its Windows Health Dashboard, the company wrote that the update might cause "a mismatch between the file versions of …

  1. jake Silver badge

    It's nearly 2023 and still ...

    ... the fine folks in Redmond don't properly test patches before rolling them out.

    I'm absolutely astonished that the Corporate World keeps falling for it, year after year, decade after decade. You'd think they'd have learned by now.

    I wonder how many tens of billions of dollars have been lost in man-hours alone due to Microsoft incompetence. And the Corporate Lawyers allow this crap in the building? Still? Mind boggling.

    1. Joe W Silver badge

      Re: It's nearly 2023 and still ...

      I think this year was worse than others, but that might just be me.

      Thing is, you buy the software subscription from MS and this comes without any guarantee on their side that the stuff actually works. This means you are stuck. Sure, you can mope and moan, and being a valued customer you can open tickets and get some special support. Much good will this do.

      1. Roland6 Silver badge

        Re: It's nearly 2023 and still ...

        >I think this year was worse than others

        Well given the trend and many MS products in common business usage going EoL, 2023 is going to be a bumper year ...

    2. redpawn

      Re: It's nearly 2023 and still ...

      Beta testers can't be choosers. Now suck it up.

      1. Totally not a Cylon

        Re: It's nearly 2023 and still ...

        Beta? that'd be nice windows often feels more like an early alpha....

    3. Piro Silver badge

      Re: It's nearly 2023 and still ...

      That's by design. It's very public knowledge that they gutted their testing team back in 2014.

      They don't care. They know everything can be patched quickly online these days, so testing isn't their focus.

      Fact is, they could keep screwing up and nothing would change. It would take significant issues over an extended period of time to even get the needle to twitch. Companies aren't in a rush to move away from what they know.

      1. Mike 137 Silver badge

        Re: It's nearly 2023 and still ...

        "It would take significant issues over an extended period of time to even get the needle to twitch"

        Ultimately, it will take legislation. We need globally coordinated statutory liability with significant mandatory recompense (not just penalties).

    4. Snapper

      Re: It's nearly 2023 and still ...

      Yeah, but then the IT support people and the IT directors jobs would be less well paid and influential, so THEY keep on buying the damn thing.

    5. G2

      Re: It's nearly 2023 and still ...

      you cannot test ALL 3rd party softtware and drivers ever made.

      none of my windows systems have a "hidparse.sys" file directly under System32, they are under 'System32\drivers\'

      If some systems have it there it probably was placed there by a third party software... (or that O.S. is so old that is missing a ton of updates?)

      1. Roland6 Silver badge

        Re: It's nearly 2023 and still ...

        >If some systems have it there it probably was placed there by a third party software...

        Alternatively, MS messed up and a fix uses an incorrect filepath and thus expects the file to be there.

        1. DJV Silver badge

          Re: Alternatively, MS messed up

          No, Shirley not!

          Microsoft - guaranteed never to mess up in any month that has a ξ in the English version of the name.


    6. AndrueC Silver badge

      Re: It's nearly 2023 and still ...

      Nothing is without cost. Presumably Windows works out cheaper than the alternatives.

  2. Anonymous Coward
    Anonymous Coward

    Blue Screen

    isn't there a song for something like that?

    1. that one in the corner Silver badge

      Re: Blue Screen

      Blue screens smilin' at me

      Nothin' but blue screens do I see

      Blue screens singin' a song

      Nothin' but blue screens from now on

    2. that one in the corner Silver badge

      Re: Blue Screen

      Hey there, Mr Blue,

      Look around, see what you foo

      (Mr Blue Screen, Mis-ter Blue Screee-eeen)

      Mr Blue, please tell us why

      You had to hide away those icons

  3. drankinatty

    Typo in the worst place?

    Maybe I'm just not up with the latest cannonical path names, but the destination path given for the xcopy command seems like it has one too many "\\"? The article says "C:\windows\\system32\hidparse.sys" -- was that intended?

    1. Aleph0

      Re: Typo in the worst place?

      Noticed that too, that typo is in the original Windows advisory however it should be harmless, cmd.exe doesn't escape backslashes the same way as a Unix shell.

      That said, I'm much more surprised by the fact that some people at Microsoft are writing file paths with forward slashes instead of backslashes... Spend too much time in WSL (hence icon) these days?

      1. Richard 12 Silver badge

        Re: Typo in the worst place?

        cmd.exe has supported both slashes for a very long time.

        That said, there are a lot of other things which will fail in really interesting ways if you use forward slash, as it's the traditional command line switch prefix

      2. John H Woods Silver badge

        Re: Typo in the worst place?

        The backslash always was an abomination. So are spaces in filenames :-)

    2. Nobby_uk

      Re: Typo in the worst place?

      It's to go with the other typo of "If the device doesn't automatically star up"

      1. DJV Silver badge

        Re: Typo in the worst place?

        Yeah, I noticed that one as well. I used to send in corrections and someone at El Reg used to thank me by email reply. Now they don't bother to thank you so I no longer bother to send in the corrections.

  4. Anonymous Coward
    Anonymous Coward

    Ploy to make you upgrade to Win 11

    This normally happens when new operating system is nor selling or not being upgraded.

    1. Stephen McLaughlin

      Re: Ploy to make you upgrade to Win 11

      Was thinking the exact same thing. Not happy with the slow Windows 11 "upgrade" rate from Window 10 users, they are very aggressively pushing 11.

      1. John H Woods Silver badge

        Re: Ploy to make you upgrade to Win 11

        People would be more likely to update to Win 11 if it didn't specifically stop itself from running on almost any hardware that wasn't sold with Win 11 on it.

        1. Dacarlo

          Re: Ploy to make you upgrade to Win 11

          Where there's a will, there's a hack.

          1. Hubert Cumberdale Silver badge

            Re: Ploy to make you upgrade to Win 11

            I suspect many people will have a greater interest in the opposite kind of hack.

        2. Fred Goldstein

          Re: Ploy to make you upgrade to Win 11

          Windows 11 follows a fairly stable Windows 10. Since MS alternates between usable and garbage releases, 11 is likely to be like 8, Vista, and ME before it. I'll wait.

      2. Hubert Cumberdale Silver badge

        Re: Ploy to make you upgrade to Win 11

        Personally, I'm a fan of Hanlon's razor, and I suspect it applies here.

    2. Anonymous Coward
      Anonymous Coward

      Re: Ploy to make you upgrade to Win 11

      Yep, hard to forget the endless hours attempting to update Windows 7 SP1 with no luck, that happened just as Windows 10 was released.

      It physically wasn't possible to update Windows 7 SP1 using the manual update method ("Check for Updates but let me choose when to download and install them") without having failed updates.

      Using this method while attempting to avoid the dreaded Windows 10 reservation update KB3035583 a recurring update that kept getting modified, so it showed in the update list at least 8 times, even when it had been hidden multiple times.

      Windows 7 was borked more than once, with endless checking for updates unless you had the correct servicing stack update manually installed. Pretty sure too (certainly felt like it), Microsoft prioritized downloads in terms of updates for Win10 Update Servers, over Win7 Update Servers, at the time - in terms of overall throughput.

      Anyone would think it was deliberate. Get ready for the same with Windows 11.

    3. Swordfish1

      Re: Ploy to make you upgrade to Win 11

      Err I've had the occasional daily BSOD since the last updates, and I'm running Windows 11 Pro

  5. Pirate Dave Silver badge

    First time

    'This is by no means the first time Microsoft has had to address an issue caused by a Patch Tuesday update"

    Well, to be fair, it IS the first time THIS WEEK that Microsoft has had to address such an issue. Although the week is still young, so may not be the LAST time this week, either. Have a little faith...

  6. Anonymous Coward
    Anonymous Coward

    Since Nadella laid off the QA workers in 2014, Windows owes the detection of Windows bugs to Insiders to a large extent, and it is obvious that patches that do not go through Insiders will have bugs, but MSFT does not try to remedy the situation in any way.

  7. G2
    Black Helicopters

    but how do they even have a hidparse.sys file directly under System32?

    i checked a few computers around me...

    ... ZERO of them have a file located at C:\Windows\System32\hidparse.sys

    and all of them have the normal C:\Windows\System32\drivers\hidparse.sys

    from what i can tell if you have a hidparse.sys directly under System32 that means it's an older version, likely planted there on purpose by a piece of malware so that they can exploit vulnerabilities present in those versions of the file / operating systems.

    The steps indicated by Microsoft to xcopy the newest version from the drivers folder back to overwrite the old one in System32 mean the system remains functional but the attack/HID problem is most likely prevented from then on. (If you just delete the old one you risk getting blue screens)

    This story about hidparse.sys starts to smell like NSA's EternalBlue + DoublePulsar all over again, especially since it involves HID parsing.

    Maybe they were trying to hide USB keyboard/mouse/etc. interceptors/injectors disguised as extension cables or hubs?

    /(black helicopter icon, because NSA, of course)

  8. Anonymous Coward
    Anonymous Coward

    WSUS - update declined again

    This is now something like the fifth CU I've declined in WSUS for my clients. I don't think they've had a patch for months now. I'd have been better staying on Windows 7

  9. call-me-mark

    Is it just me?

    I can't stop seeing "hidp arse".

    1. David 132 Silver badge

      Re: Is it just me?

      In the voice of Father Jack?

    2. AndrueC Silver badge

      Re: Is it just me?

      Microsoft have form for that.

  10. Reginald O.

    This is one reason...

    I quit MS Windows after many, many years of loyal subservience: BSOD-Updates. Why do they use us as beta testers?

    Not often, but several times beta-updates caused me to lose tons of data while trying to fake a fix. And, so I appreciate Reg including the workaround in their article since I do have one Windows machine off in the corner running an offline app I can't duplicate with MacOS.

    The OTHER reason I quit Windows was that it has become nothing more than a corporate/government mass surveillance tool. The TOS allows MS to literally capture every mouse stroke, every mistyped keystroke, anything, everything. Also, it really steamed me when they started ERASING the HOSTS file so as to give themselves better access. Even though I tried to block it, MS was connecting thousands of times every day to the machine for whatever purpose they see fit. And, still tries, offline.

    That's bullshit. So are BSOD-updates.

    1. NewModelArmy

      Re: This is one reason...

      Under the Microsoft Terms of Service for Windows 10, they detailed the capability of retrieving a file from your PC which had caused a fault in an application. It stated only specialised personnel had the authorisation for this.

      Those Terms of Service have disappeared - they were there in 2015, but now gone. I did spot something similar for Server 20XX, but cannot find that now either.

      Does anyone have the link on wayback machine for the old Terms of Service detailing the file transfer from your PC to their systems without your knowledge etc. ?


      1. Dacarlo

        Re: This is one reason...

        Have you discovered a new kind of geekery akin to train spotting. Reading old T&C's from wayback machine.

        I'll get my duffle coat.

        1. NewModelArmy

          Re: This is one reason...

          The best i could find is this one :

          If you expand all, then it is quite worrying on what they do with your data, but still could not find the terms for where they can retrieve a file from your PC.

  11. AJ MacLeod

    So that was it

    Saw this on a system yesterday and figured out it was something to do with driver signature verification failing. Disabling signature verification got the machine to boot, at least for now.

  12. Paul Hovnanian Silver badge

    On a positive note ...

    ... this should provide material for a few months of entertaining "Bork" articles.

    1. Boris the Cockroach Silver badge

      Re: On a positive note ...

      m$ have been providing 'bork' articles for YEARS !

      1. John Brown (no body) Silver badge

        Re: On a positive note ...


        1. jake Silver badge

          Re: On a positive note ...

          Nearly half a century.

          And STILL people defend this ...

  13. Ken Moorhouse Silver badge

    ...aimed at fixing a problem with the Camera app

    How is it that an update for an ancillary part of the OS can crash the whole system?

    Didn't there used to be some kind of "ring" system where functionality within the "high reliability" (inverted commas because we're talking Windows here) ring cannot be brought down by vulnerabilities in the outer rings?

    1. Fred Goldstein

      Re: ...aimed at fixing a problem with the Camera app

      I wondered about that too. MS puts too much into kernel space. Of course so does Linux, so don't tell me to switch my desktops and laptops over, not that fat kernels matter from most user perspectives. Things like cameras shouldn't impact system stability. Nor sound, which has kernel drivers.

  14. Kev99 Silver badge

    Another patch that breaks windows. When wlll mictosoft learn to test their code and understand what "if it ain't broke, don't "fix" it" means.

    1. sten2012

      But.. It is broke.

      Just the fixes slightly more so.

  15. FlamingDeath Silver badge

    Maybe if.....

    People stopped supporting this god awful company and their shitcode, companies would struggle to operate using M$ products, and would thus be forced to find alternatives.

    You know what needs to be done

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like