Microsoft plans to re-issue a security patch for its Windows operating system that caused serious headaches for some Hewlett Packard users last week.
Microsoft customers had said its MS06-015 security update was causing their applications to crash thanks to a conflict between the patch, NVidia's video drivers and Hewlett-Packard's Share-to-Web photo-sharing software.
The new update is presently being tested, and is due to be released early in the week, alongside Microsoft’s April non-security updates. It will also provide an automated way of fixing the Windows registry configuration database on affected systems, a work-around that had been previously suggested by Microsoft.
MS06-015 fixes a critical vulnerability in the way Windows Explorer handles Component Object Model objects, and could be used by attackers to target and seize control of an unpatched machine, and though some users have resolved their problems by simply uninstalling the previous update, against Microsoft’s advice.
Hewlett-Packard's (HP's) Share-to-Web software is no longer distributed, but was originally included with a variety of HP products including the company's scanners, cameras, CD and DVD devices, PhotoSmart software and DeskJet printers.
Users have also reported problems with Sunbelt Software's Kerio Personal Firewall, which tries to stop the MS06-015 update from running an application called Verclsid.exe. Users who have this problem should configure Kerio so that it allows Versclid.exe to run, Microsoft said.
There are so many interactions with .exe files, it’s surprising that there aren’t more conflicts like this. Perhaps that’s why patches always seem to be delayed, late, or being checked to avoid problems such as those experienced by HP and Kerio users.