Microsoft Refutes Vulnerability of Patch

Microsoft has acknowledged that a small number of users who installed a security patch issued in January have experienced technical problems that may degrade system performance or cause unexpected behavior. Despite published reports, however, those who applied the patch are not subject to attacks stemming from the vulnerability.

The patch, KB891711 update corrects an issue with Windows cursor and icon format handling that could lead to remote code execution. KB891711 is a critical update.

A Microsoft spokesperson told BetaNews that the quality control issues associated with the patch were, "No big deal," saying, "Microsoft has received reports of a small subset of Windows 98 and ME users that have experienced problems after installing MS05-002."

"We are currently investigating these customer cases and working to provide a solution. Microsoft continues to encourage users to install this update to be protected from the vulnerability."

Microsoft also stated that reports claiming the patch does not protect users are factually incorrect.

But whether or the number of affected users is a small subset of customers, support newsgroups were abuzz with comments from customers discussing their own tribulations.

"With a company like Microsoft with all of the external testing and customers you would think that they would not have quality control issues," said Andrew Jaquith, senior analyst with Yankee Group, a research and consulting firm.

"This shouldn't happen but it is the nature of the beast. With the myriad of supported devices and pedigree of Windows, etc, it is impossible not to have hiccups from time to time. This points to the importance of thorough beta testing before production."