TechTarget

Microsoft delays reissue of critical patch

Microsoft has postponed the release of an updated version of a critical security patch that was found to crash the Internet Explorer browser, despite admitting that the crash was “exploitable”.

Microsoft has postponed the release of an updated version of a critical security patch that was found to crash...

the Internet Explorer browser, despite admitting that the crash was “exploitable”.

The software giant released its MS06-042 security update earlier this month to fix a bug that could let hackers use the Internet Explorer browser to take over users’ machines.

But Microsoft was later forced to issue an advisory admitting that the patch could crash the browser when some websites are visited. The problem affects IE 6 with Service Pack 1 on Windows XP and Windows 2000 systems.

It pledged to re-release the patch on 22 August. But in a post on Microsoft’s security response centre blog, security programme manager Stephen Toulouse said, “Late last night we discovered an issue that led us to the difficult but necessary decision to not release this update today. Providing the update in its current state would have resulted in customers being unable to deploy the update.”

The post did not give a new date for the release.
 
Toulouse added that independent security researchers had warned Microsoft that the crash was exploitable – and that this knowledge had been made public.

No attacks exploiting the vulnerability had been seen, but Microsoft admitted there was “certainly increased risk of attack”. The company has issued a security advisory detailing workarounds until a new version of the patch is released.


Vote for your IT greats

Who have been the most influential people in IT in the past 40 years? The greatest organisations? The best hardware and software technologies? As part of Computer Weekly’s 40th anniversary celebrations, we are asking our readers who and what has really made a difference?

Vote now at: www.computerweekly.com/ITgreats

 

 

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

This Content Component encountered an error

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close