Quantcast
Subscribe to magazine
Bugs and Fixes
Bugs and Fixes
Contributing Editor Stuart J. Johnston advises you on how to fix the latest problems affecting your operating system, your browser, your other software, and your hardware.
Show article:

Microsoft Glitches Hamper Critical Fixes

Crucial patches for IE and Office hit snags; a fix for a Norton security hole.

Stuart J. Johnston

  • 0 Yes
  • 0 No

With HP wireless printers, you could have printed this from any room in the house. Live wirelessly. Print wirelessly.

image

Illustration: Headcase Design
You know that patches are essential, but the download/install/reboot cycle gets old fast. And it doesn't help when the patches themselves have problems, as some from Microsoft recently did.

Take the latest cumulative update for Internet Explorer. Two of its corrections sealed significant holes in IE 7 for both Vista and XP, starting with COM objects (precursors to ActiveX controls). Viewing a site with a poisoned COM object could allow an attacker to take control of your system, although you would have to okay an IE 7 dialog box first.

The second flaw exists in an internal IE function, the property method. An attacker could target the flaw with a specially crafted Web page and hit you with a drive-by download.

The same cumulative update addressed four crucial issues with ActiveX and Active Scripting in IE 6 on Windows XP SP2. When you factor in fixes for critical flaws in IE 5.01 and 6 on Windows 2000 SP4, as well as in IE 6 on Windows XP SP1, it's a patch you'll want from Microsoft Support, if you haven't already received it through Automatic Updates.

Broken IE

It's clear these are must-have patches. But a nasty post-patch surprise awaits some Vista users: IE may fail to start. Here's the problem: If you've changed the location of Vista's Temporary Internet Files folder and employ the antiphishing filter, IE might not be able to use that new folder location. The workaround, described at Microsoft Support Article ID 937409, involves moving the folder back to its original location or changing the permissions on its new location.

On top of that, some Windows XP SP2, Windows 2000 SP4, and Windows Server 2003 users had trouble with Windows Update and Microsoft Update: When Windows scanned automatically for updates, or when the user went to the update site, the PC's CPU sometimes bogged down and became unresponsive.

Bad problem, so Microsoft released a patch. But in some PCs, the hotfix not only failed to work, it caused important system tasks to crash. So Redmond released a second patch that supersedes the first and will be distributed via Automatic Updates through the end of June; it's also available at Microsoft Support Article ID 927891 . We'll see if the second hotfix fully cures the problem.

  • Recommend this story?
  • 0 Yes
    0 No

"Microsoft Glitches Hamper Critical Fixes" Comments

Related Security Articles

More Related Security Articles
  • PC World Webcast: Going Green Wondering how to make your business greener? These tips will help your business save money, and save the environment.
  • Myth of the Million Dollar Database Think only the big boys can afford the best database solutions? Think again. Learn about low cost systems that have proven time and time again to outperform legacy UNIX vendors on a dollar for dollar basis.
  • The Future Sales Force - A Consultative Approach This white paper discusses the challenges of selling complex products and services, and the new skill sets sales professionals must employ in today's evolving market.

PC World's Marketplace

PC World's Free Whitepapers

Name City
Address 1 State Zip
Address 2 E-mail (optional)