You are here: silicon.com > Software > Security Strategy

Security Strategy

Microsoft fixes patchy patch

Let's hope this one doesn't come unstuck...

Tags: patch, flaw, security, microsoft

By Joris Evers

Published: 29 June 2006 09:15 BST

Microsoft late on Tuesday updated a critical security patch to address the network connection trouble some people had with the first version of the fix.

The first patch, delivered in security bulletin MS06-025, was one of the dozen released by Microsoft on this month's Patch Tuesday. It repairs two high-risk security flaws in a Windows routing and remote access component which could allow an attacker to commandeer a vulnerable PC.

However, the fix can interfere with certain dial-up networking connections. Problems occur only with dial-up connections that use a terminal window, or dial-up scripting, Microsoft said. This type of connection may stop responding after the patch is applied, it added.

Microsoft had advised people who use those types of connections not to install the security update until it released a revised patch. That revision is now available.

While Microsoft was working on the updated fix, computer code that exploits the flaw in question was released on the internet. That raises the urgency to patch and prompted Microsoft to issue a security advisory earlier this week. However, the company said it is not aware of any attacks using this exploit.

The MS06-025 update was one of a dozen security bulletins sent out by Microsoft two weeks ago. At least one patch came after the vulnerability it addressed had already been used in a cyber attack. Exploits for some other flaws have also been published, further increasing the urgency to patch.

Joris Evers writes for CNET News.com

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

  • Jobs
Performance Test Analyst

Defence Provides secure access to information, anywhere at any time Provides electronic document and records management Enables any corporate, ...

Websphere IT Specialist / Architect

Trouble shoot and fix technical problems, liaising with product management and technical support to organise a patch if necessary. Websphere IT ...

Swift Engineer -Banking - London - 400-450/day - *URGENT*

You will be able to liaise directly with business users to fix critical issues, and provide service enhancements and manage and own the delivery of ...

CIO50 2008
The silicon.com CIO50 2008 profiles the most influential and innovative tech chiefs in the UK across all industries and organisation size, from the biggest FTSE100 companies to high growth dot-com start ups and the public sector. The list was voted on by the UK CIO community and a panel of experts. Find out more in our latest special report.





Quick Sitemap Links: