Fix Windows 7 BSOD 0x000000c4 after installing KB4056894
Microsoft published security updates for all supported versions of Windows recently that protect systems running Windows from Meltdown and Spectre attacks.
The company released updates for Windows 10 via Windows Update. Cumulative update patches for all supported operating systems are available on the Microsoft Update Catalog website as well.
Tip: you can find out if your Windows PC is affected by Meltdown or Spectre.
Windows 7 users and administrators who install KB4056894 on machines running the operating system may run into Blue Screen of Death issues after doing so.
The update does not appear to be distributed via Windows Update right now, but system administrators can download it from Microsoft's Update Catalog website and install it manually. Microsoft announced plans to release it tomorrow on the January 2018 Patch Day.
KB4056894 causing Bluescreen on Windows 7 PCs
It appears that the patch does not play well with specific AMD configurations. Reports suggest that the bug affects a wide range of AMD processors including AMD Athlon X2, Opteron, and Turion models.
Systems affected by the issue throw the BSOD error Stop: 0x000000c4 followed by additional information. Admins and users who did not install the patch already on AMD systems should hide the update for the time being to block it from installation.
The situation is different if the update is installed already on the system. Windows won't boot anymore thanks to the Blue Screen of Death error. This means that the main method of removing updates from a Windows machine does not work.
A user on Reddit came up with a solution that should work on the majority of devices affected by the Blue Screen of Death:
- Use the F8-key during the boot sequence and select Repair Your Computer in the menu that pops up. If you have difficulties opening the menu hammer on the F8-key repeatedly until the menu appears.
- Open a command prompt window.
- Run dir d: to check that the Windows drive is mapped.
- Run dism /image:d:\ /remove-package /packagename:Package_for_RollupFix~31bf3856ad364e35~amd64~~7601.24002.1.4 /norestart
You should get a processing message and a progress bar. The command removes the package from the Windows system. Doing so should resolve the BSOD issue, and Windows should boot normally.
Note that you cannot get into SafeMode, as SafeMode throws a BlueScreen as well. The only option that you have to resolve the issue is to open the startup repair prompt and run the command mentioned above.
You do need to hide the update as it will be picked up by Windows Update and installed if automatic updating is configured. (via Deskmodder)
Yes Raul, only AMD products!
where is my comment?
I have an Intel Core i7 on Windows 7 64 bit, the update was installed on 1/06/18, so far no issues have been detected.
Is this issue affecting only Windows 7 and AMD products?
Thanks!
Log Name: System Source: Microsoft-Windows-WER-SystemErrorReporting
Date: 9/01/2018 3:50:48 PM
Event ID: 1001
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: fred-PC
Description:
The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f4 (0x0000000000000003, 0xfffffa8007c0ab00, 0xfffffa8007c0ade0, 0xfffff800033c3010). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 010918-58703-01.
Event Xml:
1001
0
2
0
0
0x80000000000000
452599
0x000000f4 (0x0000000000000003, 0xfffffa8007c0ab00, 0xfffffa8007c0ade0, 0xfffff800033c3010)
C:\Windows\MEMORY.DMP 010918-58703-01
have update to the new patch and had one blue screen of death after coming out of sleep and i have a intel core duo 2 E7500 6gb ram
Downloaded KB4056894 from windows update catalog and installed. 64 bit Windows 10 Home with Phantom IIx4 820 quad core AMD processor. No problems.
Thanks! Changed the d to c and it worked perfectly.
Intel still haven’t any solution when it comes to ‘Spectre’. Experts say that patching is IMPOSSIBLE due to that ‘Spectre’ can only be fixed if Intel manufacture a new CPU with another hardware architechture.
Some even say that both ‘Meltdown’ and ‘Spectre’ are done on purpose by Intel after huge pressure from NSA.
One can only surmise that these ‘experts’ are spreading FUD, which is rather unhelpful given that there is already enough confusion to go around. The reality is that at least one variant of Spectre – and possibly both – can be addressed in one of two ways:
1) By adding support for Indirect Branch Restricted Speculation and Indirect Branch Prediction Barriers to the operating system’s kernel. For this to be effective, microcode updates will be required.
2) By adding support for retpolines. This approach does not require microcode updates. Alas, it does require changes to the toolchains that are used to build applications and for said applications to be rebuilt.
The second approach seems unfeasible outside of of the world of open-source and, therefore, I would expect for proprietary operating system vendors to go exclusively with the first option. Indeed, it appears that Microsoft has elected to do just that in Windows 10 build 16299.192.
The real problem here is that, while it is possible to load microcode from the kernel, the normal way in which most obtain microcode updates is to update their BIOS/UEFI firmware and it’s by no means clear that all affected systems and/or processors will ever receive these updates, or that a majority of users would even know how to update their systems in the event that they do. Not to mention that those running legacy or EOL operating systems will be very much out of luck.
Another issue is that there appears to be little in the way of industry-wide interest in mitigating the problem for 32-bit x86 operating systems (so far).
https://twitter.com/grsecurity/status/949794658720337920
So, only grsecurity has it covered for Linux and I expect that the *BSDs will attempt to do likewise. Indeed, Matt Dillon has recently committed some experimental patches to the master branch of DragonFlyBSD.
Finally, keep in mind that Spectre, unlike Meltdown, affects a wide range of x86 processors, not only those manufactured by Intel. However, Meltdown is, by far, the most pressing issue.
Stefan: “Experts say that patching is IMPOSSIBLE due to that ‘Spectre’ can only be fixed if Intel manufacture a new CPU with another hardware architechture.”
On 04 Jan 2018, the said experts (CERT/CC) quietly deleted their earlier-published advisory that the only way to resolve the Meltdown-Spectre bugs is to replace the affected CPUs.
http://www.businessinsider.com/intel-chip-bug-cert-says-replacement-is-the-only-way-2018-1
QUOTE: {{{ The Computer Emergency Response Team Coordination Center (CERT/CC) issued a security update that said the only way to protect against Spectre in particular would be to replace affected processors.
But on Thursday, the group deleted that recommendation. Its newly updated security bulletin simply says that “operating system and some application updates mitigate these attacks”, and provides a list of vendors that have updated their software to help guard against Meltdown and Spectre.
The word of CERT/CC carries a lot of weight. It’s a part of the Software Engineering Institute, which is itself a non-profit that’s largely funded by grants from the US Department of Defense. Indeed, CERT/CC regularly consults with the Department of Defense, Department of Homeland Security, and the FBI on cybersecurity issues. }}}
This affects systems with AMD processors…
Recovery:
From system recovery run
DISM /image:C:\ /cleanup-image /revertpendingactions
and then once the system is recovered hide the KB4056894 update
Thnx – this did the trick for me! Had downloaded the update, and installed it, but not re-booted until I did by mistake yesterday. At first try the laptop didn’t manage to log in to my user account when I logged, only a temporary, and when I tried to restore system it obviousely re-installed the faulty package, but after re-doing the dism-line I closed down laptop, and then on re-start everything was back to normal.
Thanks Scott!
That seemed to do the trick! Right after I’ve tried to remove the specific package, without success (specified package not found) the next thing worked!
DISM /image:C:\ /cleanup-image /revertpendingactions
I have Intel processor and KB4056894 installed. No such issue so far.
Not my case unfortunately. My Win 7 x64 on an Intel processor went down with a BSOD a little time after installing this “patchâ€. Thanks to MS…
I don’t install updates on my Windows 7 and it’s working flawlessly, just SP1 is all I have.
Thanks for the info, though.
Yes, I haven’t updated Win 7 on three of my PCs since ~2014.
Me too.
I don’t either, since October 2016 when I did until then. I hesitated and still do concerning this very patch but when I discover that apparently it makes no exception to the now legendary Microsoft Updates’ reputation of insanity (mainly with Win10 but not only), I feel sort of a relief and an enforcement of my choice to let the company’s approximations behind me.
Does the Core 2 Duo series is affected by the Meltdown?
Yes
KB4056892 is locking windows 10 PCs with AMD in an endless loop.
Is windows 8.1 affected?
I only saw reports that Windows 7 devices are affected. I would not rule it out though.
Thanks. I’ve heard Microsoft has yet to release a patch for Win 8.1. I’m not sure if it’s accurate though.
is AMD Radeon affected?
There is a report on AskWoody by a user who claimed that the Radeon driver would not load on the system (W7) after installing the update: https://www.askwoody.com/forums/topic/multiple-reports-of-blue-screens-bsods-0x000000c4-when-installing-the-january-win7-monthly-rollup-kb-4056894/#post-157348