Microsoft Patch Causing Lockups, Crashes - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

02:06 PM

Microsoft Patch Causing Lockups, Crashes

Some IT administrators and partners said one of Microsoft latest critical security patches, MS06-015, is causing IE lock ups, Windows hangs and crashes after installation. Microsoft said MS06-015's new Verclsid.exe file conflicts with HP printers, scanner and cameras

One Microsoft security patch released this week is causing Internet Explorer lockups, Windows hangs and system crashes for some IT administrators and partners.

MS06-015 is one of five patches Microsoft released Tuesday to correct, among other things, a "critical" Windows Explorer vulnerability that hackers could use to execute code remotely.

But that security patch contains a new file — named Verclsid.exe — that conflicts with Hewlett-Packard printers, scanners and cameras, one Microsoft security official acknowledged on Microsoft's online technical support site.

"We've determined that the majority of the issues people are having with MS06-015/KB908531 are due to a bad interaction between the security update and a software component included with various HP hardware devices, including but not limited to printers, scanners and cameras," wrote Steven Hui, a Microsoft spokesperson on TechNet who fielded questions Thursday from numerous irritated customers and IT administrators on its online technical help site.

A myriad of users flocked to Microsoft's online technical support site for help late this week regarding numerous problems including systems IE lockups that occurred after installing the MS06-015 patch. The issues did not clear up even after rebooting, some said.

Some claimed the issues were not isolated to systems connected to HP hardware.

In many cases, the problem required users and partners to uninstall the patch or perform system restores to get systems back up and running.

"Customers are reporting that IE stops working and numerous instances of Verclsid.exe show up,'" said Brian Bergin, president of Terabyte Computers. "To fix yet another security issue with IE, [Microsoft] has Verclsid.exe they've introduced but obviously didn't test."

"If you right click on the desktop now it freezes," said another source, who asked not to be named.

Microsoft's Hui suggested customers modify the registry or shut down the hardware process to avoid the conflict, but later noted that the second option would only work for users currently logged-in.

It remains unclear how widespread the problem is for business users and consumers that downloaded the security update.

At least four Microsoft solution providers contacted by CRN could not identify any problems in their user bases. One security ISV close to Microsoft speculated that the problems may be traced back to the non-security changes made to the ActiveX controls in the IE cumulative patch [MS06-013], but he could not confirm that.

Microsoft did not comment on this story as of press time. As the software giant investigates the problem, however, some customers have taken Microsoft's initial advice and some have come up with their own workarounds.

On the TechNet Web site, for example, one user suggested simply renaming the "Verclsid.exe" file before installation to prevent problems.

Microsoft said the Verclsid.exe file in MS06-015 is used to verify a COM object before it is instantiated by Windows Explorer. The security patch is for Windows 2000 SP4, Windows XP, Windows Server 2003.

Yet another user suggested turning off all processes using the Windows Task Manager or the Auto Update (AU) process altogether and waiting a week before installing patches.

Microsoft disagreed with that suggestion and said it is important to re-install MS06-015 because it fixes a critical security vulnerability, and pointed out that disabling Auto Update leaves computers unprotected.

One solution provider said he is following that advice but noted that some customers are thinking about shutting off Microsoft's Auto Update feature to prevent downloading security patches that disable their systems.

"We're recommending they leave AU enabled but they're understandably frustrated. For some customers this is the second time in the past year an update from Microsoft has left them unable to work," said Terabyte's Bergin. "Some have said they're done with Auto Updates and want it disabled to let others beta test Microsoft fixes before they install them.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
The State of IT & Cybersecurity Operations 2020
The State of IT & Cybersecurity Operations 2020
Download this report from InformationWeek, in partnership with Dark Reading, to learn more about how today's IT operations teams work with cybersecurity operations, what technologies they are using, and how they communicate and share responsibility--or create risk by failing to do so. Get it now!
The Best Way to Get Started with Data Analytics
John Edwards, Technology Journalist & Author,  7/8/2020
10 Cyberattacks on the Rise During the Pandemic
Cynthia Harvey, Freelance Journalist, InformationWeek,  6/24/2020
IT Trade Shows Go Virtual: Your 2020 List of Events
Jessica Davis, Senior Editor, Enterprise Apps,  5/29/2020
Register for InformationWeek Newsletters
Current Issue
Key to Cloud Success: The Right Management
This IT Trend highlights some of the steps IT teams can take to keep their cloud environments running in a safe, efficient manner.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll