Desktop Bridge-Powered Apps Can Crash Windows, Stay Away For Now

Posted on October 5, 2016 by Rafael Rivera in Windows, Windows 10 with 36 Comments

bugcheckMicrosoft acknowledged a bug in its Desktop Bridge technology last night that could crash Windows 10 with the error KERNEL_SECURITY_CHECK_FAILURE and potentially put your machine into an endless boot loop.

Yikes.

You may recall that Desktop Bridge (previously Project Centennial) is a new feature in Windows 10 Anniversary Update that allows developers to take Win32 and .NET apps and plug them into the Universal Windows Platform and ship them via the Windows Store.

I used this technology to get handy utility EarTrumpet into the Windows Store last month. It’s fantastic stuff.

But it’ll be even better when it’s safer to use.

Right now, simply launching an affected app – like EarTrumpet, Kodi, Tweeten, Arduino IDE, or Evernote – could crash your machine. Or they could work for a while and crash the machine later. Worse, if any of those apps are configured to start at boot, you could end up in an endless reboot-crash-reboot cycle.

Users running Windows 10 and the latest AMD Catalyst drivers represent the popular class of folks having the issue. But the problem isn’t specific to AMD customers. It could snag you via another driver that Microsoft hasn’t seen yet.

Looking at the crash dumps I’ve received from EarTrumpet users, it seems the issue boils down to some bad assumptions made by both driver makers and Microsoft surrounding registry access from kernel space.

Driver makers, for example, are still accessing the registry (via RtlQueryRegistryValues) in a manner that hasn’t been safe for several years. But that dusty code may not have been updated because the operating system wasn’t moving around the registry cheese, so to speak. Assumptions held true and everything worked great until now.

Microsoft should have found this in its testing. But the feature didn’t get a lot of attention because it shipped non-functional Desktop Bridge tooling in many of its Windows Insider builds, and apps built on the stuff weren’t allowed in the Store until last month. (Though, it’s not clear Windows Insider testing would have caught this issue due to the low variability of machine configurations. Ars Technica’s Peter Bright has written about this topic great length and it is worth a read.)

Hindsight is 20/20, of course. And there is some good news to be had here: Microsoft already fixed the issue internally. You should see a fix go out to Windows Insiders very soon and, barring any issues, to everyone else this month.

I’ll follow up with an all-clear when that happens.

Tagged with ,

Join the discussion!

BECOME A THURROTT MEMBER:

Don't have a login but want to join the conversation? Become a Thurrott Premium or Basic User to participate

Register
Comments (38)

38 responses to “Desktop Bridge-Powered Apps Can Crash Windows, Stay Away For Now”

  1. Avatar

    473

    I really wish MS would get back to doing proper testing.  This stuff is hurting Windows and Microsoft's credibility. I am struggling with Windows 10 as it's one disaster after another and businesses cannot afford the upheaval.

    MS please sort out your sh1t.

  2. Avatar

    5504

    To me this problem is evidence that Desktop Bridge is just a kludge. I don't think there's much reason to port Win32 apps to UWP, but if you want to do it better to just rewrite the application as core UWP app. You can probably still reuse existing "business logic" code when you rewrite. Also if you really need those few capabilities that are unique to UWP, it makes more sense to exploit those features in your first UWP version than just deliver a UWP version that duplicates the Win32 functionality.

    • Avatar

      5664

      In reply to skane:

      I kinda think the bridge is going to be much more important for converting custom LoB apps designed and deployed within a business. Instead of having to start from the ground up wit ha UWP app, they can convert it and put it in the Store for Business, then lock the box down, allowing only Windows Store apps.

      Boom, suddenly that's a more secure seat because the user can't install their own crap.

    • Avatar

      5592

      In reply to skane:

      More realistically, it could have been put as "Microsoft has found a rare condition where a small number of very specific computer configurations may experience a system failure running Desktop Bridge software. A fix is in place and will go out soon."

      As Paul pointed out this is a bug that only hits in very specific hardware configurations. Hardly the mark of a "kludge". Just a mark of a vastly rich ecosystem.

  3. Avatar

    5530

    Lol, such heightened stability and security from all these Modern (tm) platforms.

  4. Avatar

    442

    Wait, a program crashes an OS?  Wow, that's never happened before... ;)

  5. Avatar

    3216

    Will this nonsense ever end?  Everything coming out of Microsoft for the past 18 months has been at least partially broken.  What little is left of their reputation is slowly spiraling down the flusher.

     

  6. Avatar

    1377

    If drivers are at fault, are those drivers included in Windows Store desktop apps, or are they part of the underlying Windows 10 in its fully driver-laden glory? If drivers included with apps, then deprecated Registry calls should have been caught by the Desktop Bridge. If drivers not included, that raises the more fundamental question whether Desktop Bridged desktop software may be fundamentally MORE DANGEROUS to run than standard desktop software which could work in Windows 7. Either way, this doesn't look like hindsight to me. Rather it looks like MSFT just plain failed to test thoroughly.

    That leads to very awkward questions. Is Windows too big to test? Or is it just too expensive for a for-profit company to test Windows adequately?

    • Avatar

      5234

      In reply to hrlngrv:

      Drivers are often the problem of Windows - it doesn't matter where they come from.

       

      In answer to your last question, Windows is too big for Microsoft to properly test.  They obviously saw it as being too expensive to test, since they laid off all kinds of internal testers and aren't contracting QA firms anymore - it's all up to the public: a bunch of amateur users that have never been trained to be proper testers, don't have access to internal API's, don't know how to document anything accurately, and aren't being paid for any of their work....oh, and what Microsoft calls "Experience Data", which is essentially just logs of what your computer is doing - ANYTHING it's doing.

      • Avatar

        1377

        In reply to Waethorn:

        Re drivers, my concern is that Desktop Bridge might EXACERBATE driver problems precisely because the added security that Desktop Bridge is supposed to provide might actually be more fragile with drivers using deprecated system calls or approaches to interacting with the Windows kernel or registry. IOW, maybe Desktop Bridge makes desktop software less robust.

      • Avatar

        442

        In reply to Waethorn:

        I'd think that people are the main problem of any computer system.  PEBKAC <- look it up.

        Also, keep in mind there is no such thing as bug free software (look that up too....)

        • Avatar

          1377

          In reply to Narg:

          Granted no such thing as bug-free software or error-free processes, but one hopes for improvement in software and processes over time. Little evidence of any improvements in MSFT's Windows Update processes.

  7. Avatar

    1294

    And here I was planning on switching from the deaktop Kodi to the App so it would automatically update as needed

  8. Avatar

    5234

    This thing still won't convert iTunes.

     

    Just saying....

  9. Avatar

    5234

    Just another point of contention:

    Windows 10 AU build 222 is crashing on boot with the Chinese IME installed.

    "Software problems are hard" can be heard echoing through the now-empty QA lab halls in Redmond.

  10. Avatar

    5394

    "Microsoft already fixed this issue."  That's not what you should be saying... "They are fixing this issue."

Leave a Reply