Windows president tries to calm fears of Win 7 critical bug

Bug gobbles up memory, can crash system

Microsoft's Windows Division president Steven Sinofsky tried Wednesday to tamp down a growing roar that Windows 7 RTM has a critical flaw that can shut down the OS by running a simple command.

"Sorry to get dragged into this," wrote Sinofsky, taking the unusual step of responding via the comments section of an industry blog called Chris123NT's blog.  Monday, the blog posted a recipe to execute the crash and included a picture of the results.

Other testers also reported errors.

"Of course [we] always want to investigate each and every report of any unexpected behavior," he wrote [Microsoft confirmed it was indeed him]. But Sinofsky, who is leading Windows 7 development, said Microsoft has not reproduced the crash, which is triggered by the Windows "CHKDSK /r" command.

"We are certainly going to continue to look for, monitor, and address issues as they arise if required. So far this is not one of those issues," he wrote. "While we appreciate the drama of 'critical bug' and then the pickup of 'showstopper' that I've seen, we might take a step back and realize that this might not have that defcon level," Sinofsky wrote.

"Bugs that are so severe as to require immediate patches and attention would have to have no workarounds and would generally be such that a large set of people would run across them in the normal course of using their PC."

Reports of a potential critical bug come a day before Microsoft is set to make Windows 7 available to MSDN subscribers. General availability is slated for Oct. 22.

Testers report that the bug only works on PCs that have a second hard disk or multiple hard disks. The bug, which gobbles up memory and leads to a "blue screen" crash, does not affect the main drive where the OS is installed.

"We're not seeing any crashes with CHKDSK on the stack reported in any measurable number that we could find," Sinofsky wrote. "We had one beta report on the memory usage, but that was resolved by design since we actually did design it to use more memory."

The memory usage is intended to speed up checking the disk for damage and errors, but, Sinofsky said, memory usage was not intended to be "unbounded."

He said the command is intended to leave at least "50M of physical memory. Our assumption was that using /r means your disk is such that you would prefer to get the repair done and over with rather than keep working."

Users on blogs and discussion sites are reporting consistently that they see a jump in memory usage, but reports of outright crashes of the OS have been spotty.

One post on the Windows SevenForum from a user named "Everlong18" said, It's not *that* much of a concern for me. It's not like I'm going to be running chkdsk on my D drive every day, but it would be nice if it got sorted."

On the Chris123NT's blog, a user name FireRX, who appears to be a Microsoft MVP, said, "the chkdsk /r tool is not at fault here. It was simply a chipset controller issue. Please update [your] chipset drivers to the current driver from your motherboard manufacturer. I did mine, and this fixed the issue. Yes, it still uses a lot of physical memory, because [you're] checking for physical damage, and errors on the Harddrive [you're] testing... Again, there is no Bug." FireRX also said he was sure a hotfix would be issued today.

The Microsoft official acknowledged FireRX's post in his comments, and said "some have reported that this specific issue [reproduces] and then goes away with updated drivers. We haven't yet confirmed that either but continue to try."

Sinofsky did not say anything about a hotfix.

Sinofsky, who posted his response at 7 pm Tuesday night, said Microsoft had started overnight stress testing of 40 machines of variants "as reported by FireRx."Microsoft has not made public results of those tests.

The Microsoft official ended his post saying. "Let's see if we can work on this one and future issues together. Deep breath -Steven."

Join the CSO newsletter!

Error: Please check your email address.

Tags MicrosoftWindows 7

More about MicrosoftMVPSK

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John Fontana

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts