Print this article | E-mail this article | Comment on this article

Microsoft Refutes Vulnerability of Patch

By David Worthington, BetaNews

March 31, 2005, 6:21 PM

Microsoft has acknowledged that a small number of users who installed a security patch issued in January have experienced technical problems that may degrade system performance or cause unexpected behavior. Despite published reports, however, those who applied the patch are not subject to attacks stemming from the vulnerability.

The patch, KB891711 update corrects an issue with Windows cursor and icon format handling that could lead to remote code execution. KB891711 is a critical update.

A Microsoft spokesperson told BetaNews that the quality control issues associated with the patch were, "No big deal," saying, "Microsoft has received reports of a small subset of Windows 98 and ME users that have experienced problems after installing MS05-002."

"We are currently investigating these customer cases and working to provide a solution. Microsoft continues to encourage users to install this update to be protected from the vulnerability."

Microsoft also stated that reports claiming the patch does not protect users are factually incorrect.

But whether or the number of affected users is a small subset of customers, support newsgroups were abuzz with comments from customers discussing their own tribulations.

"With a company like Microsoft with all of the external testing and customers you would think that they would not have quality control issues," said Andrew Jaquith, senior analyst with Yankee Group, a research and consulting firm.

"This shouldn't happen but it is the nature of the beast. With the myriad of supported devices and pedigree of Windows, etc, it is impossible not to have hiccups from time to time. This points to the importance of thorough beta testing before production."

Add a Comment (7 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

By complexity

posted Apr 2, 2005 - 3:00 AM

Only microsoft! I agree how retarted.

Score: 0

By bourgeoisdude

posted Apr 1, 2005 - 1:19 PM

...I have applied it on a few 98 systems and there are no apparent issues...hey guys! It's Windows 98, the oldest OS with support for critical updates. It supports more hardware and until just last year (when Win2k took the crown--that's right, windows 2000, not XP) more software than any other OS ever. MS is only supporting it because so many people would have gone nuts if they pulled the plug. MS has wanted to end support for 98 completely since June of 2003, and I imagine their programmers are beginning to get tired of supporting that aging OS. I can cut them some slack for this one, but then again if my network had the problem I may think differently...

Score: 0

By esh3

posted Apr 2, 2005 - 9:30 PM

Microsoft doesn't really care if anybody is using their previous software or not. For example, I have several WinCE machines (Jornada 680, Jornada 548) with OS's that they feel they don't need to support any longer. They should be made to support what they create. Just like OEM automobile parts they have to manufacture them and support them for a certain number of years.

Score: 0

By eunichman

posted Apr 1, 2005 - 2:24 AM

I had to uninstall this patch a week ago.. I cite multiple crashes, slower system performance and lack of stability as the reasons for the uninstall. Since I uninstalled it, system runs MUCH better

Score: 0

By GoodThings2Life

edited Apr 1, 2005 - 6:14 AM

I've also experienced problems on the few remaining Windows 98 machines here on my college campus.

We have found that the patch actually creates a "RunService" entry in the registry that runs C:\Windows\System\KB891711\KB891711.exe"... shutting down the program in the task list and then deleting the registry entry in HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices "disables" the patch from memory and seems to resolve crashing issues without the need for uninstalling... Also, WindowsUpdate will not attempt to reinstall it this way since it knows the patch is still there.

Score: 0

By horsecharles

posted Apr 1, 2005 - 11:06 PM

I removed it too-- how moronic to make a patch run as a service...

Score: 0

By Tenoq

posted Apr 3, 2005 - 8:59 PM

Issues on one of our machines in the office - I was considering wiping the thing until I read this. Quick disable of it in msconfig sorted all the issues!

Beforet that we were experience exception errors every 15 seconds or so, citing a crashed application (which I can only assume was this patch). Crazy thing.

Score: 0

Nov 21 - 9:29 PM ET Hurd's the word in Ballmer's e-mail nightmares

Nov 21 - 6:51 PM ET Coalition urges better laws for e-mail and cell phone privacy

Nov 21 - 6:42 PM ET How is Internet advertising faring in this bad economy?

Nov 21 - 6:15 PM ET From out of the Amazon Cloud, an AWS winner emerges

Nov 21 - 5:20 PM ET Mufin music finder enters public beta, adds widgets

Nov 21 - 5:01 PM ET Google launches its SearchWiki semantics plug-in

Nov 21 - 4:57 PM ET Asus previews a slimmer, less costly Eee PC

Nov 21 - 4:32 PM ET New Adobe Media Player ushers in AIR 1.5

Nov 21 - 2:11 PM ET AT&T to add Pantech's low-cost C630 phone to 3G lineup

Nov 21 - 1:11 PM ET iPhone gets firmware 2.2 update