Microsoft in a fix over cursor patch

Installing Microsoft's Tuesday patch for a "critical" Windows vulnerability is causing trouble for some users.

Microsoft broke with its monthly patch cycle on Tuesday to repair a bug in the way Windows handles animated cursors. Cyber crooks had been using the hole since last week to attack Windows PCs. But the fix is not compatible with software that runs audio and networking components from Realtek Semiconductor, some Windows users have found.

Dave House, a reader of silicon.com sister site CNET News.com, wrote in an email: "Apparently the update is not compatible with Realtek. We lost all Ethernet and audio functions. Removing the update and doing system restores brought the systems back."

Microsoft is aware of problems with Realtek's audio software. In fact, it knew about them before releasing the fix and published a support article with the security bulletin. An additional update is available from Microsoft to remedy the problem, according to the company's website. Microsoft is not aware of networking issues, a representative said.

The audio problem occurs on Windows XP PCs that have the Realtek HD Audio Control Panel installed, Microsoft said. The application may not start after the patch is applied and Windows may display an error message, the company said.

Microsoft consciously released the cursor flaw patch despite the compatibility problem, Mike Reavey, a Microsoft Security Response Center staffer, wrote on a corporate blog. The company tested the fix throughout February and March and eliminated many problems, he wrote.

He added: "At one point our testing had uncovered over 80 potential issues with the update that were investigated and resolved... at the time of release, only one minor quality issue was known."

The cursor vulnerability is one of seven flaws addressed by Microsoft's Tuesday patch - three of them also affect Vista. Cyber crooks moved quickly to exploit the cursor hole. Security company Websense has spotted hundreds of websites that try to use the bug to compromise PCs, as well as an email spam campaign with links to the malicious sites.

Microsoft plans to issue additional fixes next week on its regular monthly patch day, the company said.

Joris Evers writes for CNET News.com