Microsoft fixes flawed bug patch Aug 25, 2006
Microsoft has re-issued a security update after it was discovered that the patch introduced a bug of its own. The original patch was issued to close a loophole in Internet Explorer that could be used to hijack a PC. This patch was due to be updated because, in some circumstances, it caused Microsoft's browser to crash. Solving the problem became more acute when security researchers discovered that the crash could also be exploited to take control of a PC. The problems revolve around the MS06-042 security patch for Internet Explorer that Microsoft originally released on 8 August. This update had Microsoft's highest "critical" rating and fixed eight vulnerabilities in the popular browser. Soon after releasing the update Microsoft received reports that, in some circumstances, it was causing Internet Explorer to crash. The software giant pledged to fix the update but its efforts became more urgent when security firm EEye Digital Security discovered that the crash circumstances could be exploited to run malicious code on that machine. The re-issued patch was delayed because of incompatibilities with the distribution tools some firms were using to install it. Microsoft said the security problem introduced by its update would affect the relatively small number of users running Windows 2000. It said that group of people were most likely to be using the crash-prone version of Internet Explorer as that was the most recent version of the browser for that operating system. The crashes were seen on machine using Internet Explorer 6 with the Service Pack 1 update installed. http://news.bbc.co.uk/1/hi/technology/5284888.stm Vikas Kapoor, MSN ID: [EMAIL PROTECTED] Yahoo ID: [EMAIL PROTECTED] Skype ID: dl_vikas Mobile: (+91) 9891098137. To unsubscribe send a message to [EMAIL PROTECTED] with the subject unsubscribe. To change your subscription to digest mode or make any other changes, please visit the list home page at http://accessindia.org.in/mailman/listinfo/accessindia_accessindia.org.in
