Print this article  |  E-mail this article  |  Comment on this article

Microsoft to Patch its Security Patch

By Nate Mook, BetaNews

April 21, 2006, 1:37 PM

In response to problems experienced by some customers after installing the MS06-015 security update last week, Microsoft is planning to issue a new patch that includes a workaround for the compatibility issues. Only users who have not installed MS06-015 and those having trouble will receive the fix.

Microsoft explained earlier this week that the MS06-015 update installs a new executable to validate shell extensions before they are loaded into Windows. However, Hewlett Packard's Share-to-Web software, which ships with HP printers, scanners and cameras, causes this program to stop responding.

Older video drivers from Nvidia are also incompatible with the change, leading to similar lock-ups and crashes. Microsoft recommended that users upgrade to the latest drivers and HP software, in addition to providing instructions to fix the problem with a manual registry key update.

However, because the solutions required action from the user, Microsoft has opted to re-engineer the patch and release it to customers on Tuesday, April 25.

"What the new update essentially does is simply add the affected third party software to an "exception list" so that the problem does not occur. The revised update automates the manual registry key fix," says Stephen Toulouse from the Microsoft Security Response Center.

Toulouse notes that the fixed patch will be specially targeted. "Windows Update, Microsoft Update, and Automatic Update will have detection logic built into them to only offer the revised update (which essentially includes the reg key fix) to those customers who either don't have MS06-015 or are having the problem."

Even with the potential compatibility issues, security experts are urging customers to install the update as soon as possible.

Add a Comment (24 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By Pegusis2

edited Apr 24, 2006 - 7:30 AM

I work with a help desk and last week we had a ton of calls regarding this particular update. After installation on some users computers they either couldn't access the internet or had to start putting the http:// in front of the www.someplace.com to make it work. It took awhile to figure out what was happening because they could ping IP's and domains, but when typing just the www.someplace.com it would not open the site... add the http:// in front and all of a sudden it starts working.

Strange update M$... Running the Winsock Fix will fix this problem.

Score: 0

By rsvejkosky

posted Apr 23, 2006 - 8:32 PM

Just think about it people for one minute if there were tougher laws to tighten the noose around these GOONs who sit at their computers thinking of ways to hack yours then microsoft would not have so many problems and we would all have great running systems.

Score: 0

By mjm01010101

posted Apr 24, 2006 - 3:20 PM

Sure you would. Good luck enforcing those laws in countries that actually make a profit from these "goons" doing their thing. Good luck catching the thousands of people that own thousands of zombie networks. You get one crook and 20 show up to replace him.

Again: Good luck with that.

Alternative: Practice safe computing. It's not terribly hard to do.

Score: 0

By CHAS0702

posted Apr 23, 2006 - 11:24 AM

Perplexed:
Why did you do it?! Novice users have enough problems just using their machines,never mind trying to troubleshoot a troublesome Windows Update. Canon tech support finally got me back up and running!! They had me remove KB908531 update and all was normal again. The software program ZoomBrowser EX stopped working, which prompted me to contact Canon. They have some very helpful people working there. If anyone is having Canon software problems, you should give them a call or uninstall KB908531. Good Luck!
Chas

Score: 0

By mfarmilo

posted Apr 22, 2006 - 12:48 PM

I saw this one for the first time today. A customer had an NForce-2 chipset motherboard with onboard NVidia graphics. Been running quite happily until this last week. He said all of a sudden it was locking up every time he tried opening My Documents. Installing latest graphics drivers fixed it. I know folks on here have argued people should update their drivers. But really, probably most typical home users are like this guy - don't even know what the graphics driver is let alone always looking for the latest one.

Score: 0

By cranbers

posted Apr 22, 2006 - 3:00 AM

I remember reading an article from a former Ms developer for directx in CPU magazine. He basically said that if Ms was hired to build the walls to keep the water out of New Orleans’s that right now the entire city would be under 30 feet of water, people would be rowing about in boats. The people in the boats would be saying "it could be worse we could have no umbrellas."
The developers at Ms would be trying to figure out how to build a dome over New Orleans to keep the water out to fix the problem. They would be selling/giving away umbrellas in the mean time to help out the situation. After it was built the dome would be water proof and completely isolated from the outside, no cell phones or telephones because those would all be cut off and broken, but the equivalent would be a neat feature that requires a hammer and banging on the wall in mores code. Ms would still be busy selling umbrellas in the mean time to the people to keep from getting wet because the roof is still not finished yet and is about 5 years delayed. But in the mean time the dome builders/developers would be congratulating each other that they fixed the problem. The people would be just happy they are no longer in the rain. But unaware that Ms was supposed to and was paid to build the walls that kept the water out in the first place. I am sure I forgot a few points. But supposedly Ms is so internally focused and oblivious to what the world needs or wants. They are completely missing the point on what makes a good product good and makes a good loyal customer base, this patch problem is a perfect example not unlike the next versions of windows which is a complete shadow of its former self which was promised to us and instead of all the great features that were promised, we are given eye candy and features which is copied directly off of os x. Some great wonderful games like chess and a new anti spyware program that was bought and a new version of IE that also copied every feature from Firefox, gee I am so proud of MS they are doing such great wonderful things with all of our money we gave them.

Where is the competition I.T. industry!

Score: 0

By superdragonpoop

posted Apr 23, 2006 - 4:30 PM

Is something stopping you from migrating to Linux or Mac? There's your competition. Let's cut straight to the chase here. Microsoft does test it's patches extensively. The problem is that Microsoft is still providing legacy support. It is impossible to have an O/S that runs bug free on every system with every conceivable hardware setup, but they try anyways.

If you really wanted a computer to be bug free, you'd switch to Mac....oh wait...they're not bug free either.

So what if Vista doesn't have all the features you were promised. At least they don't try to push Vista live with half of it's features half-assed just so they can say it's in there.

As for your points of copying ideas from other software (e.g. Firefox, OS-x)...would you drive a car with square wheels? I know I wouldn't. So why would Microsoft keep running IE with square wheels? Products evolve and change all the time, they're just keeping up.

Microsoft is maintaining its product viable and thus maintains its customer base. Not everyone wants to run firefox. Not everyone wants to run Linux. Why run either of those when you can just install one product and be done with it? That's what keeps most people glued to Microsoft, the ease of it all.

P.S. I run both XP and Linux. I also use Firefox and a slew of other open source programs. IMHO Microsoft has things well in hand, but I still won't use ALL of its products.

Score: 0

By cranbers

edited Apr 22, 2006 - 2:37 AM

All these patches seem to sound the same anyway. Why in the world wouldn't you test a patch that will be rolled out live to every computer connected to the net? Talk about ammo for a PR nightmare. It really isn't surprising though, the sad thing is 5 years late on your next os, security patches on top of security patches, no new IE release in over 5 years. Yet no affect on revenue stream or amount of your products being sold, some would say your product is so great and that's why you aren't affected but truth be told, it's lack of a real alternative os that actually has all hardware/software developers behind it. Linux is getting there and I hope it catches on by the millions in the next few years, but the only thing holding it back is what I mentioned above. Because Ms needs the competition, they don't deserve the support or profits they reap every quarter. Heck Linux would be my primary os if it wasn't for Ms lock on the gaming market with Directx. More support needs to happen for Linux to get more developers behind it, more developers/hardware vendors need to get behind it for more support. So what can you do?

Score: 0

By SBMongoos

posted Apr 21, 2006 - 4:29 PM

hmm...may explain why I'm now having issues with my Brother MFC on the network. Was fine before.

Score: 0

By pc.pain

edited Apr 22, 2006 - 9:36 AM

The thing crashed my computer and I had to remove it. This is a vintage Microsoft screw-up, so now I will turn off automatic updates again. I'd rather update manually than have them mess up my machine.

Score: 0

By CMSTech

posted Apr 21, 2006 - 4:20 PM

Well isn't Vista a patch for Windows XP? :)

Score: 0

By kholdstare

posted Apr 21, 2006 - 3:13 PM

well at least MS fixed it and didn't leave it up to the 3rd patrties and got it out quickly

Score: 0

By cranbers

posted Apr 22, 2006 - 2:33 AM

Way to show your support! Yaay ms makes more money then many small countries put together for their products yet they are phucked up and a security nightmare, they can't fix their products, but they are human right? They screwed up and didn't leave it up to 3rd party companies like symantec to fix it wooo good job ms and thank you kholdstare for letting us know that. Truth is Ms was careless, screwed up and well it doesn't even matter they will make another 300 million today and life goes on.

Score: 0

By sophist_dreams

edited Apr 21, 2006 - 3:16 PM

This is like an old time inner tube.....pretty soon nothing will be left of the original, it will all be patches.

Score: 0

By FlAshdobe

posted Apr 21, 2006 - 2:53 PM

It's understandable that nothing is perfect but this is just ridiculously funny. A patch for a patch!!

Score: 0

By mjm01010101

posted Apr 21, 2006 - 3:11 PM

Don't blame MS. They had only a month to test this, surely they couldn't forsee millions of people using one of the most popular printer manufacturer's products and software.

Score: 0

By ZenWarrior

posted Apr 21, 2006 - 10:45 PM

Don't blame Microsoft?! Thanks for the laugh!

But seriously, just a few more of those billions and billions of dollars should produce better initially and prevent such as this. I'm certain a million monkeys on a million old machines could be had for a couple of billion $$$s.

I, for one, do not like being a Microsoft guinea pig--time after time. Clearly, however, others think differently. (Or, might they work for Microsoft?)

Score: 0

By sophist_dreams

posted Apr 21, 2006 - 3:18 PM

Or one of the most popular video cards?

Score: 0

By bourgeoisdude

edited Apr 25, 2006 - 12:23 PM

Well--with ancient (nvidia forceware 4X.XX versions people!) video drivers anyway. The share-to-web will get lots of home users, but most networks and such are smart enough to uninstall the hp 'extras' on the systems to avoid having constant network congestion...

...Granted, this was a bad move for MS. Lots of ways to get that Share-to-Web stuff. Remember though: it is only on OLDER versions, so it isn't as horrifying as it could have been. Then again if it happened on all HP systems with that Share-to-web stuff, MS would have found the glitch and fixed it first.

EDIT: Had a few calls in regards to this--seems to only happen with "RIVA" drivers in Windows XP, NOT "GeForce" or "ForceWare" drivers. Yeah, so those 2001 TNT2 RIVA cards running at AGP 2X may have an out-dated driver...

Score: 0

By PC_Tool

posted Apr 21, 2006 - 2:44 PM

This oughtta be fun...

Score: 0

By pc.pain

posted Apr 23, 2006 - 12:09 PM

I thought so, too, but it's surprisingly quiet.

Score: 0

By Das mod

posted Apr 21, 2006 - 2:03 PM

so theres a

"patch tuesday" ....

will this be followed by a

"patch friday for your patch tuesday" ????

Score: 0

By joeshmoe7

edited Apr 21, 2006 - 2:20 PM

pretty soon we will patch the patch that patches the patch that patched the patch last friday.

Score: 0

By itanshi

posted Apr 21, 2006 - 2:20 PM

that'd be the next month's patch tuesday, or next year....

Score: 0

Dec 5 - 1:45 AM ET Shazam: eight million songs of the eternal Now

Dec 4 - 7:30 PM ET Comcast to offer bandwidth consumption monitor

Dec 4 - 5:37 PM ET Counterfeiters sing the 'Blue' as Microsoft lawyers up

Dec 4 - 4:40 PM ET Opera 10 alpha shows off new Presto rendering engine

Dec 4 - 2:29 PM ET Apple: Psystar clone-maker is working with unnamed collaborators

Dec 4 - 2:21 PM ET Windows Live rollout sketchy, team apologizes

Dec 4 - 2:20 PM ET Stinging from a revenue shortfall, Adobe to shed workers

Dec 4 - 11:47 AM ET The storm hits AT&T, with a five-digit headcount reduction

Dec 4 - 11:42 AM ET TV sports adopts Web coverage, plays with iPhones

Dec 4 - 11:24 AM ET Microsoft seeks 'community' help to make IE8 Standards Mode work out