Feeds

MS finally patches IE patch

If at first you don't succeed...

Boost IT visibility and business value

Microsoft released a hotfix for a previous IE patch on Thursday after it emerged its initial security update caused almost as many problems as it was intended to solve. The software giant's MS06-042 patch, a cumulative update for Internet Explorer, first issued as part of Redmond's regular Patch Tuesday Update cycle, unwittingly introduced new security problems. Users running IE 6 Service Pack 1 for Windows XP Service Pack 1 and all versions of Windows 2000 were affected. Windows XP SP2 were safe from harm.

Soon after the update was released on 8 August, users began complaining that patched versions of IE on those systems began crashing when visiting web sites that use HTTP 1.1 compression. That's bad enough in itself but a closer investigation of the issue by security experts revealed the bug could be used to inject hostile code into critical systems. Worse still, Microsoft's original advisory gave hackers handy clues on how to exploit the problem.

Microsoft accelerated the development of a fix for its misbehaving patch, which was still worth applying because it resolved more issue than it created. This hotfix, original promised for Tuesday, was eventually released on Thursday. So the time has come for sys-admins to re-apply the patch.

"The revised version of MS06-042 released on 24 August fully resolves the security vulnerability discussed in Microsoft Security Advisory 923762 and addresses the issues discovered prior to release," Microsoft said in a statement accompanying the release. "Microsoft is not aware of any active attacks against customers using any of the vulnerabilities associated with MS06-042." ®

Gartner critical capabilities for enterprise endpoint backup

More from The Register

next story
Microsoft: We plan to CLEAN UP this here Windows Store town
Paid-for apps that provide free downloads? Really
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Hear ye, young cyber warriors of the realm: GCHQ wants you
Get involved, get a job and then never discuss work ever again
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
BYOD's dark side: Data protection
An endpoint data protection solution that adds value to the user and the organization so it can protect itself from data loss as well as leverage corporate data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?