Crash on Program Start: Windows Update KB2533623

Faulting application bpftpserver-2011.exe, version 2011.1.0.71, time stamp 0x4e8f8103, faulting module unknown, version, time stamp 0x00000000, exception code 0xc000001d, fault offset 0x03094c99, process id 0x818, application start time 0x01cc9567a0e85aad

We’ve experienced some random crashes, at start-up in the program that have been found to be related to a patch from Microsoft Update with Microsoft Security Advisory: Insecure library loading could allow remote code execution (KB 2533623).

Technically, this patch prevents the loading of external DLL’s without a fully-qualified-path to the DLL. Unfortunately, we utilize a virtualized DLL that is loaded at program start that does not load a DLL-file on the system, so it can fail when KB2533623 is applied to this system.

Is KB2533623 installed on my installation of Windows?

Windows GUI: You can list all of the updates for your installation of Windows from the following location:

Alternatively, Internet Explorer can take you there with the following:

Windows CLI: Alternatively you can execute the following at a command-line:

C:\Users\myusername> wmic qfe list | find "2533623" MYCOMPUTERNAME Update KB2533623 MYCOMPUTERNAME\myusername 7/15/2011

How do I uninstall KB2533623?

Windows GUI: You can uninstall individual updates from Microsoft by loading the following:

Right-Click and select "Uninstall"

Windows CLI: If you are using Windows 2008 R2, you can then uninstall it from the command line using the WUSA.EXE command. (If you aren’t using Windows 2008 R2, you’ll need to use the above GUI method).

C:\Users\myusername> wusa /uninstall /kb:2533623