Microsoft fixes patchy patch

Microsoft late on Tuesday updated a critical security patch to address the network connection trouble some people had with the first version of the fix.

The first patch, delivered in security bulletin MS06-025, was one of the dozen released by Microsoft on this month's Patch Tuesday. It repairs two high-risk security flaws in a Windows routing and remote access component which could allow an attacker to commandeer a vulnerable PC.

However, the fix can interfere with certain dial-up networking connections. Problems occur only with dial-up connections that use a terminal window, or dial-up scripting, Microsoft said. This type of connection may stop responding after the patch is applied, it added.

Microsoft had advised people who use those types of connections not to install the security update until it released a revised patch. That revision is now available.

While Microsoft was working on the updated fix, computer code that exploits the flaw in question was released on the internet. That raises the urgency to patch and prompted Microsoft to issue a security advisory earlier this week. However, the company said it is not aware of any attacks using this exploit.

The MS06-025 update was one of a dozen security bulletins sent out by Microsoft two weeks ago. At least one patch came after the vulnerability it addressed had already been used in a cyber attack. Exploits for some other flaws have also been published, further increasing the urgency to patch.

Joris Evers writes for CNET News.com