Desktop Bridge-Powered Apps Can Crash Windows, Stay Away For Now

bugcheckMicrosoft acknowledged a bug in its Desktop Bridge technology last night that could crash Windows 10 with the error KERNEL_SECURITY_CHECK_FAILURE and potentially put your machine into an endless boot loop.

Yikes.

You may recall that Desktop Bridge (previously Project Centennial) is a new feature in Windows 10 Anniversary Update that allows developers to take Win32 and .NET apps and plug them into the Universal Windows Platform and ship them via the Windows Store.

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday — and get free copies of Paul Thurrott's Windows 11 and Windows 10 Field Guides (normally $9.99) as a special welcome gift!

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

I used this technology to get handy utility EarTrumpet into the Windows Store last month. It’s fantastic stuff.

But it’ll be even better when it’s safer to use.

Right now, simply launching an affected app – like EarTrumpet, Kodi, Tweeten, Arduino IDE, or Evernote – could crash your machine. Or they could work for a while and crash the machine later. Worse, if any of those apps are configured to start at boot, you could end up in an endless reboot-crash-reboot cycle.

Users running Windows 10 and the latest AMD Catalyst drivers represent the popular class of folks having the issue. But the problem isn’t specific to AMD customers. It could snag you via another driver that Microsoft hasn’t seen yet.

Looking at the crash dumps I’ve received from EarTrumpet users, it seems the issue boils down to some bad assumptions made by both driver makers and Microsoft surrounding registry access from kernel space.

Driver makers, for example, are still accessing the registry (via RtlQueryRegistryValues) in a manner that hasn’t been safe for several years. But that dusty code may not have been updated because the operating system wasn’t moving around the registry cheese, so to speak. Assumptions held true and everything worked great until now.

Microsoft should have found this in its testing. But the feature didn’t get a lot of attention because it shipped non-functional Desktop Bridge tooling in many of its Windows Insider builds, and apps built on the stuff weren’t allowed in the Store until last month. (Though, it’s not clear Windows Insider testing would have caught this issue due to the low variability of machine configurations. Ars Technica’s Peter Bright has written about this topic great length and it is worth a read.)

Hindsight is 20/20, of course. And there is some good news to be had here: Microsoft already fixed the issue internally. You should see a fix go out to Windows Insiders very soon and, barring any issues, to everyone else this month.

I’ll follow up with an all-clear when that happens.

Tagged with

Share post

Please check our Community Guidelines before commenting

Conversation 38 comments

  • 5394

    05 October, 2016 - 10:29 am

    <p>"<strong>Microsoft already fixed this issue."&nbsp; </strong>That’s not what you should be saying… <strong>"They are fixing this issue."</strong></p>

    • 5643

      05 October, 2016 - 10:40 am

      <blockquote><em><a href="#18688">In reply to glenn8878:</a></em></blockquote>
      <p>Unless, as it seems to suggest, they have a patch that fixes the problem, but it’s moving through the various test rings to ensure that it doesn’t break anything else in the process.</p>

      • 5394

        05 October, 2016 - 10:44 am

        <blockquote><em><a href="#18692">In reply to darth3pio:</a></em></blockquote>
        <p>Until it is out, it’s not fixed.</p>

        • 96

          Premium Member
          05 October, 2016 - 11:01 am

          <blockquote><em><a href="#18693">In reply to glenn8878:</a></em></blockquote>
          <p>If a kid gives you a toy to fix and you repair it but missed an opportunity to return it, is it then not fixed?</p>

          • 5394

            05 October, 2016 - 11:38 am

            <blockquote><em><a href="#18700">In reply to WithinRafael:</a></em></blockquote>
            <p>I guess not because it wasn’t returned. Do you also tell your teacher the dog ate your homework? Many software fixes are buggy that can crash a computer. So are they fixed? Not until they fix the buggy fix.</p>

            • 96

              Premium Member
              05 October, 2016 - 2:48 pm

              <blockquote><em><a href="#18754">In reply to glenn8878:</a></em></blockquote>
              <p>That’s fair.</p>

            • 5234

              05 October, 2016 - 10:28 pm

              <blockquote><em><a href="#18754">In reply to glenn8878:</a></em></blockquote>
              <p>And there are more and more buggy "fixes" coming out of Redmond every day.</p>

          • 180

            05 October, 2016 - 11:54 am

            <blockquote><em><a href="#18700">In reply to WithinRafael:</a></em></blockquote>
            <p>I think it’s fair to say it wasn’t as clear as it could be, although perhaps a little pedantic. "Microsoft is currently testing a fix. You should see it go out to Windows Insiders…" might be a bit better. And get these folks off your back, more importantly.</p>

            • 96

              Premium Member
              05 October, 2016 - 2:43 pm

              <blockquote><em><a href="#18759">In reply to Polycrastinator:</a></em></blockquote>
              <p>Yup, good feedback from all.</p>

          • 5234

            05 October, 2016 - 1:11 pm

            <blockquote><em><a href="#18700">In reply to WithinRafael:</a></em></blockquote>
            <p>Welcome to the world of computer repair. &nbsp;People leave computers all the time at my shop that they don’t pick up after they’ve been fixed (or in some cases can’t be fixed). &nbsp;I figure they go out and see something on sale somewhere else to replace it with, and stand me up, rather than facing the diagnostic and/or repair bill – which I might add, is cheaper than ALL of the other computer shops in the area, especially the big box electronics stores nearby (but I’m not tooting my own horn here).</p>

          • 5484

            Premium Member
            06 October, 2016 - 2:38 am

            <blockquote><em><a href="#18700">In reply to WithinRafael:</a></em></blockquote>
            <p>Philosophically, I guess that depends on whether you have a copy of the toy, and promise to fix the kid’s toy when you’re done. :-)</p>
            <p>Sure MS might have a fix, but for ~400 million customers, their computers aren’t fixed.&nbsp; (Obviously it’s only affecting a subset..)</p>

  • 5234

    05 October, 2016 - 11:02 am

    <p>Just another point of contention:</p>
    <p>Windows 10 AU build 222 is crashing on boot with the Chinese IME installed.</p>
    <p>"Software problems are hard" can be heard echoing through the now-empty QA lab halls in Redmond.</p>

    • 1377

      Premium Member
      05 October, 2016 - 3:31 pm

      <p><em><a href="#18706">In reply to Waethorn:</a></em></p>
      <p>Dunno how empty the former QA labs are. MSFT had to store all the unsold Surface RTs somewhere.</p>

      • 5234

        05 October, 2016 - 5:44 pm

        <blockquote><em><a href="#18848">In reply to hrlngrv:</a></em></blockquote>
        <p>And Surface 2’s.&nbsp; And Surface 3’s.&nbsp; And Lumia’s.&nbsp; And Band’s.</p>

        • 1377

          Premium Member
          05 October, 2016 - 6:56 pm

          <p><em><a href="#18871">In reply to Waethorn:</a></em></p>
          <p>You forgot Kins and Zunes.</p>

  • 5504

    05 October, 2016 - 12:11 pm

    <p>To me this problem is evidence that Desktop Bridge is just a kludge. I don’t think there’s much reason to port Win32 apps to UWP, but if you want to do it better to just rewrite the application as core UWP app. You can probably still reuse&nbsp;existing "business logic" code when you rewrite. Also if you really need those few capabilities that are unique to UWP, it makes more sense to exploit those features in your first UWP version than just deliver a UWP version that duplicates the Win32 functionality.</p>

    • 5592

      05 October, 2016 - 1:08 pm

      <blockquote><em><a href="#18774">In reply to skane:</a></em></blockquote>
      <p>More realistically, it could have been put as "Microsoft has found a rare condition where a small number of very specific computer configurations&nbsp;may experience a system failure running Desktop Bridge software. A fix is in place and will go out soon."<br /><br />As Paul pointed out this is a bug that only hits in very specific hardware configurations. Hardly the mark of a "kludge". Just a mark of a vastly rich ecosystem. </p>

      • 5530

        05 October, 2016 - 1:34 pm

        <blockquote><em><a href="#18800">In reply to MikeGalos:</a></em></blockquote>
        <p>The author of this post is not Paul, it’s Rafael Rivera. See above</p>

        • 5592

          05 October, 2016 - 2:31 pm

          <blockquote><em><a href="#18810">In reply to FalseAgent:</a></em></blockquote>
          <p>Sorry about that. Of course the point remains. I’d edit the post but, of course, that’s not an option with the site’s current software.</p>

      • 5504

        05 October, 2016 - 2:45 pm

        <blockquote><em><a href="#18800">In reply to MikeGalos:</a></em></blockquote>
        <p>Perhaps it’s best go read what MS actually said about it: http://bit.ly/2dSCVQc</p&gt;
        <p>I don’t see anything there that suggests a "very specific hardware&nbsp;configuration", a rare condition, or a compreshensive&nbsp;list of affected apps. It’s the first time I’ve ever heard that a bug establishes the existence of "a vastlhy rich ecosystem".</p>

      • 96

        Premium Member
        05 October, 2016 - 2:47 pm

        <blockquote><em><a href="#18800">In reply to MikeGalos:</a></em></blockquote>
        <p>That’s not quite right. They currently aware of 1 condition in which this fails but the bug is generic and can affect anyone and everyone. This is why I’m sounding the alarm.</p>
        <p>re: lack of edit, I totally feel your pain. I pinged the web guys and that feature is rolling out shortly.</p>

        • 5592

          06 October, 2016 - 5:35 am

          <blockquote><em><a href="#18839">In reply to WithinRafael:</a></em></blockquote>
          <p>Thanks for nagging them for us.</p>
          <p>On the upside, the lack of an edit is making me&nbsp;work on my spelling…</p>

    • 5664

      Premium Member
      06 October, 2016 - 12:22 am

      <blockquote><em><a href="#18774">In reply to skane:</a></em></blockquote>
      <p>I kinda think the bridge is going to be much more important for converting custom LoB apps designed and deployed within a business. Instead of having to start from the ground up wit ha UWP app, they can convert it and put it in the Store for Business, then lock the box down, allowing only Windows Store apps.</p>
      <p>Boom, suddenly that’s a more secure seat because the user can’t install their own crap.</p>

      • 5504

        06 October, 2016 - 9:59 am

        <blockquote><em><a href="#18906">In reply to jimchamplin:</a></em></blockquote>
        <p>IMO, it’s a lot of effort for very little return. Businesses already lock down PCs so that users can’t install unauthorized applications. And of course, most businesses aren’t even running Win10.&nbsp;</p>

  • 3216

    05 October, 2016 - 12:18 pm

    <p>Will this nonsense ever end?&nbsp; Everything coming out of Microsoft for the past 18 months has been at least partially broken.&nbsp; What little is left of their reputation is slowly spiraling down the flusher.</p>
    <p>&nbsp;</p>

  • 5530

    05 October, 2016 - 1:35 pm

    <p>Lol, such heightened stability and security from all these Modern ™ platforms.</p>

  • 1294

    05 October, 2016 - 2:06 pm

    <p>And here I was planning on switching from the deaktop Kodi to the App so it would automatically update as needed</p>

  • 1377

    Premium Member
    05 October, 2016 - 3:28 pm

    <p>If drivers are at fault, are those drivers included in Windows Store desktop apps, or are they part of the underlying Windows 10 in its fully driver-laden glory? If drivers included with apps, then deprecated Registry calls should have been caught by the Desktop Bridge. If drivers not included, that raises the more fundamental question whether Desktop Bridged desktop software may be fundamentally MORE DANGEROUS to run than standard desktop software which could work in Windows 7. Either way, this doesn’t look like hindsight to me. Rather it looks like MSFT just plain failed to test thoroughly.<br /><br />That leads to very awkward questions. Is Windows too big to test? Or is it just too expensive for a for-profit company to test Windows adequately?</p>

    • 5234

      05 October, 2016 - 5:42 pm

      <blockquote><em><a href="#18847">In reply to hrlngrv:</a></em></blockquote>
      <p>Drivers are often the problem of Windows – it doesn’t matter where they come from.</p>
      <p>&nbsp;</p>
      <p>In answer to your last question, Windows is too big for Microsoft to properly test.&nbsp; They obviously saw it as being too expensive to test, since they laid off all kinds of internal testers and aren’t contracting QA firms anymore – it’s all up to the public: a bunch of amateur users that have never been trained to be proper testers, don’t have access to internal API’s, don’t know how to document anything accurately, and aren’t being paid for any of their work….oh, and what Microsoft calls "Experience Data", which is essentially just logs of what your computer is doing – ANYTHING it’s doing.</p>

      • 1377

        Premium Member
        05 October, 2016 - 6:55 pm

        <p><em><a href="#18870">In reply to Waethorn:</a></em></p>
        <p>Re drivers, my concern is that Desktop Bridge might EXACERBATE driver problems precisely because the added security that Desktop Bridge is supposed to provide might actually be more fragile with drivers using deprecated system calls or approaches to interacting with the Windows kernel or registry. IOW, maybe Desktop Bridge makes desktop software less robust.</p>

      • 442

        06 October, 2016 - 6:12 am

        <blockquote><em><a href="#18870">In reply to Waethorn:</a></em></blockquote>
        <p>I’d think that people are the main problem of any computer system.&nbsp; PEBKAC &lt;- look it up.</p>
        <p>Also, keep in mind there is no such thing as bug free software (look that up too….)</p>

        • 1377

          Premium Member
          07 October, 2016 - 1:44 am

          <p><em><a href="#18937">In reply to Narg:</a></em></p>
          <p>Granted no such thing as bug-free software or error-free processes, but one hopes for improvement in software and processes over time. Little evidence of any improvements in MSFT’s Windows Update processes.</p>

  • 473

    05 October, 2016 - 5:15 pm

    <p>I really wish MS would get back to doing proper testing.&nbsp; This stuff is hurting Windows and Microsoft’s credibility. I am struggling with Windows 10 as it’s one disaster after another and businesses cannot afford the upheaval.</p>
    <p>MS please sort out your sh1t.</p>

    • 442

      06 October, 2016 - 6:11 am

      <blockquote><em><a href="#18865">In reply to Siv:</a></em></blockquote>
      <p>People used to complain that MS took too long testing and didn’t release stuff.&nbsp; Now they release it early and people gripe?&nbsp; Make you wonder doesn’t it?</p>

  • 5234

    05 October, 2016 - 5:45 pm

    <p>This thing still won’t convert iTunes.</p>
    <p>&nbsp;</p>
    <p>Just saying….</p>

  • 442

    06 October, 2016 - 6:10 am

    <p>Wait, a program crashes an OS?&nbsp; Wow, that’s never happened before… ;)</p>

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Thurrott © 2024 Thurrott LLC