Microsoft Offers Registry Fix to Patch IE, Office

o_deadly furby · 04-19-2006, 02:20 PM

Microsoft Offers Registry Fix to Patch IE, Office

By Gregg Keizer, TechWeb.com
1:49 PM EDT Mon. Apr. 17, 2006

Microsoft this weekend released a support document outlining lockup and unresponsive software problems that an April 11 security fix causes, but the only workaround involves editing Windows' registry, a chore usually left to advanced users.

Initial reports Friday of crashes and lockups caused by the MS06-015 security bulletin ranged from lockups of third-party software to Internet Explorer going dead.

MS06-015 was one of five bulletins released Tuesday, April 11. The critical patch was deployed to fix a flaw in Windows Explorer, the operating system's file navigation application, that could let an attack hijack a PC.

In the document posted to Microsoft's Knowledgebase support database, Microsoft acknowledged a slew of additional problems, including an inability to open Office documents from the "My Documents" folder, applications crashing when attempts to open files through the File/Open command are made, and inaccessible "My Documents" and "My Pictures" folders.

Microsoft blamed the problems on Hewlett-Packard software for scanners, cameras, and printers, but also said that Sunbelt Software's Kerio Personal Firewall prevented a recrafted Verclsid.exe file from executing.

It also downplayed the difficulties. "Our information at this time leads us to believe that this is having little to no impact on corporate networks," wrote Mike Reavey, operations manager of the Microsoft Security Response Center, on the group's blog.

To correct the conflict, Microsoft only offered a workaround that required users to dive into the Windows registry, then add an entry there. If the registry becomes corrupted or is improperly edited, the affected PC may not boot into Windows.

Microsoft didn't promise that the HP issue was the end of the trouble. "It has not been determined if there are other third-party COM controls or shell extensions that may also cause this problem," the company said in the document.

Past security bulletins have had to be reissued. In October 2005, for example, the company revised two different patches.

o_|404|innoc-tpf- · 04-19-2006, 03:41 PM

It's a pity that we continue to see such breaks but I don't see how it can be avoided when you're patching an application that violates the AP/OS layers. Wanna place any bets that this type of nonsense continues in Vista?

o_nezumi · 04-19-2006, 11:45 PM

This shit will still be going on in Blackcomb.

04-19-2006, 02:20 PM	#1
o_deadly furby Join Date: Feb 2005 Location: Cell Block 17 Posts Rated Helpful 0 Times	Microsoft Offers Registry Fix to Patch IE, Office Microsoft Offers Registry Fix to Patch IE, Office By Gregg Keizer, TechWeb.com 1:49 PM EDT Mon. Apr. 17, 2006 Microsoft this weekend released a support document outlining lockup and unresponsive software problems that an April 11 security fix causes, but the only workaround involves editing Windows' registry, a chore usually left to advanced users. Initial reports Friday of crashes and lockups caused by the MS06-015 security bulletin ranged from lockups of third-party software to Internet Explorer going dead. MS06-015 was one of five bulletins released Tuesday, April 11. The critical patch was deployed to fix a flaw in Windows Explorer, the operating system's file navigation application, that could let an attack hijack a PC. In the document posted to Microsoft's Knowledgebase support database, Microsoft acknowledged a slew of additional problems, including an inability to open Office documents from the "My Documents" folder, applications crashing when attempts to open files through the File/Open command are made, and inaccessible "My Documents" and "My Pictures" folders. Microsoft blamed the problems on Hewlett-Packard software for scanners, cameras, and printers, but also said that Sunbelt Software's Kerio Personal Firewall prevented a recrafted Verclsid.exe file from executing. It also downplayed the difficulties. "Our information at this time leads us to believe that this is having little to no impact on corporate networks," wrote Mike Reavey, operations manager of the Microsoft Security Response Center, on the group's blog. To correct the conflict, Microsoft only offered a workaround that required users to dive into the Windows registry, then add an entry there. If the registry becomes corrupted or is improperly edited, the affected PC may not boot into Windows. Microsoft didn't promise that the HP issue was the end of the trouble. "It has not been determined if there are other third-party COM controls or shell extensions that may also cause this problem," the company said in the document. Past security bulletins have had to be reissued. In October 2005, for example, the company revised two different patches.

04-19-2006, 03:41 PM	#2
o_\|404\|innoc-tpf- Join Date: Jan 2005 Location: The Midtown Express Posts Rated Helpful 0 Times	It's a pity that we continue to see such breaks but I don't see how it can be avoided when you're patching an application that violates the AP/OS layers. Wanna place any bets that this type of nonsense continues in Vista?

04-19-2006, 11:45 PM	#3
o_nezumi Join Date: Mar 2005 Location: The Peoples Republic of Harmfull Free Radicals Posts Rated Helpful 0 Times	This shit will still be going on in Blackcomb.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)