Comments on: Microsoft patch can cause IE trouble

Latest security update can make the Web browser crash. Microsoft plans to release a revamped patch.

[robot999]

Let the...

bashing begin! Just another example of a failing company with
failing software showing their incompetency. Wake up world, and
dump M$...there are much better alternatives.

[richleick]

Alternatives

How about keeping your computer up to date? That's an alternative. There are alternatives. Much better? Maybe they would be if the Linux community would get off its high horse, stop sticking it's nose out at those who aren't computer geeks, and actually try to promote their alternatives. Instead they say things like RTFM (read the f*** manual) which, by the way, don't really exist because everything is open source and consists of very little and very technical documentation. Then they cry foul every time Microsoft tries to move forward and blast them when they have errors. But you don't here much when a product like Firefox wipes out one's bookmarks after an update (which seem to have been increasing lately) or when a new development tool like Ruby on Rails has a MAJOR security hole. These are simply labeled growing pains. This dead horse has been beaten over and over again. Use what works for you and whatever it is, keep it up to date.

A patch that causes more problems?

You have to love a company that puts out a security
http://www.techknowcafe.com/content/view/603/43/
breaching patch. So they build this patch to breach millions of computers and they feel it's a good idea to release it. Good one.

[john55440]

Microsoft has a temporary fix...

>Microsoft has a temporary fix available for the problems caused by MS06-042. However, this fix is not available for download; people have to call Microsoft's support line.<

Is the fix Download Firefox?:-)

Good grief. This kind of problem damages security, by discouraging people from keeping their systems patched and up to date.

[Llib Setag]

MS IS a temporary fix...

oooooooo "snap"!

[PCCRomeo]

TYPICAL...

Each Microsoft update fixes one thing but screws up another...

[Llib Setag]

NOW you're getting it...

It keeps the IT people in business & makes more sales for the "new
& improved" MS Security Software.

"idiot"...

[Karl Viklund]

Crashed

Yes, it's true. Internet Explorer have crashed about 5 times for me since last update. You don't recive any error message after, it just exit.

[Karl Viklund]

Crashed for me

Yes, it's true. Internet Explorer have crashed about 5 times for me since last update. You don't recive any error message after, it just exit.

[Llib Setag]

It's BSOD Day!

IS it Blue Screen Of Death Day already?

My how time flies when your WintelDell has crashed & burned...

[Llib Setag]

Patch TUESDAY?

MS has SOOOOOO many viruses, worms, trojen horses, security
swiss cheese OS that they have to name a day of the week after
their endless stream of patches....?

LOL!

Patch Tuesday?
How about Patch EVERYDAY?
Microsoft...where do you want to go to today?

TGINPT!
(Thank God It's Not Patch Tuesday!

HAHAHAHAHAHAHA! losers...

[OneWithTech]

This is what happens...

....when you sway away from the standards that are set forth for
creating a web browser to meat your own needs. Take AOL for
instance; merely a "candy bar" wrapper around the preverbal
Microsoft Snickers!

A client asks me the other day: what is the difference between
AOL and IE (The blue E, or Internet Explorer)? I said nothing. It's
a little known fact that AOL is just a shiny wrapper around a
messed up IE6. Don't believe me, try to clear the history in your
AOL or up the security on the cookies, AOL will steer you to IE!

There are set standards into which a web browser are to be
built, these standards have been laid in stone for years now. The
security issues come when people like Microsoft find the need to
tweak the web browser to better fit there need's. This in turn
leaves the needs of the client hanging in identity theft land just
waiting to be exploited or hacked.

You know it's not just identity theft either. Poor programming
techniques and lax management leave both the Public and
Private Technology Sectors at risk to worse things like
Government hacking and loss of Confidential Information.

It's about time to start making these tech companies like
Microsoft and AOL and Cisco responsible for there programming
regardless of there own EULA's (End User License Agreements).

You know, it's one thing to **** up a railing on a porch and to
fix it, it's another thing to **** up the whole house while
continuing to try and fix it!

J Gund
Tech01
www.Tech01.net

[OneWithTech]

This is what happens...

....when you sway away from the standards that are set forth for
creating a web browser to meat your own needs. Take AOL for
instance; merely a "candy bar" wrapper around the preverbal
Microsoft Snickers!

A client asks me the other day: what is the difference between
AOL and IE (The blue E, or Internet Explorer)? I said nothing. It's
a little known fact that AOL is just a shiny wrapper around a
messed up IE6. Don't believe me, try to clear the history in your
AOL or up the security on the cookies, AOL will steer you to IE!

There are set standards into which a web browser are to be
built, these standards have been laid in stone for years now. The
security issues come when people like Microsoft find the need to
tweak the web browser to better fit there need's. This in turn
leaves the needs of the client hanging in identity theft land just
waiting to be exploited or hacked.

You know it's not just identity theft either. Poor programming
techniques and lax management leave both the Public and
Private Technology Sectors at risk to worse things like
Government hacking and loss of Confidential Information.

It's about time to start making these tech companies like
Microsoft and AOL and Cisco responsible for there programming
regardless of there own EULA's (End User License Agreements).

You know, it's one thing to **** up a railing on a porch and to
fix it, it's another thing to **** up the whole house while
continuing to try and fix it!

J Gund
Tech01
www.Tech01.net

[ejevo]

Should change name to "3 with Tech"

Triple posting? C'mon.

[OneWithTech]

This is what happens...

....when you sway away from the standards that are set forth for
creating a web browser to meat your own needs. Take AOL for
instance; merely a "candy bar" wrapper around the preverbal
Microsoft Snickers!

A client asks me the other day: what is the difference between
AOL and IE (The blue E, or Internet Explorer)? I said nothing. It's
a little known fact that AOL is just a shiny wrapper around a
messed up IE6. Don't believe me, try to clear the history in your
AOL or up the security on the cookies, AOL will steer you to IE!

There are set standards into which a web browser are to be
built, these standards have been laid in stone for years now. The
security issues come when people like Microsoft find the need to
tweak the web browser to better fit there need's. This in turn
leaves the needs of the client hanging in identity theft land just
waiting to be exploited or hacked.

You know it's not just identity theft either. Poor programming
techniques and lax management leave both the Public and
Private Technology Sectors at risk to worse things like
Government hacking and loss of Confidential Information.

It's about time to start making these tech companies like
Microsoft and AOL and Cisco responsible for there programming
regardless of there own EULA's (End User License Agreements).

You know, it's one thing to **** up a railing on a porch and to
fix it, it's another thing to **** up the whole house while
continuing to try and fix it!

J Gund
Tech01
www.Tech01.net

[OneWithTech]

This is what happens...

....when you sway away from the standards that are set forth for
creating a web browser to meat your own needs. Take AOL for
instance; merely a "candy bar" wrapper around the preverbal
Microsoft Snickers!

A client asks me the other day: what is the difference between
AOL and IE (The blue E, or Internet Explorer)? I said nothing. It's
a little known fact that AOL is just a shiny wrapper around a
messed up IE6. Don't believe me, try to clear the history in your
AOL or up the security on the cookies, AOL will steer you to IE!

There are set standards into which a web browser are to be
built, these standards have been laid in stone for years now. The
security issues come when people like Microsoft find the need to
tweak the web browser to better fit there need's. This in turn
leaves the needs of the client hanging in identity theft land just
waiting to be exploited or hacked.

You know it's not just identity theft either. Poor programming
techniques and lax management leave both the Public and
Private Technology Sectors at risk to worse things like
Government hacking and loss of Confidential Information.

It's about time to start making these tech companies like
Microsoft and AOL and Cisco responsible for there programming
regardless of there own EULA's (End User License Agreements).

You know, it's one thing to **** up a railing on a porch and to
fix it, it's another thing to **** up the whole house while
continuing to try and fix it!

J Gund
Tech01
www.Tech01.net

[richleick]

Here's an idea...

Why not move on to Service Pack 2? No, instead we complain and bash Microsoft for people that are running systems like Windows 2000 (it's 2006 for crying out loud), or running service pack 1 for XP which won't be supported in 2 months. Come on! Stop blaming MS for everything. Keep your computer up to date. PLEASE!

[hyperion127]

I got news for you...

...the same problem occurs on SP2 systems as well. A client found the solution for us and that was to apply MS06-023 (KB917344).

[extinctone]

Here's why...

Businesses and home users alike invest $'s in to IT that can be used, not be constantly patched. How would you like it if your cell phone is patched every month, 2-5 times a year an issue comes up where you get dropped calls or no service at all until the patch for the patch is released?

[BruceLawrence]

That is not true

I apply Microsoft patches every month to many client computers via WSUS which is a service provided by Microsoft.

I have yet to see a solution by any other vendor that comes even close to the efficiency and dependability of this process.

And, it is not very often they release a patch that has to be re-issued because of a widely known problem the patch can create. In the scope of things, it happens rarely.

You guys are going to have to dig deeper.

[BruceLawrence]

sorry....wrong location

This post was to go under the "Now you're getting it" comments.

[inachu]

IE with peoplesoft problem bug possible work around

Was with a user this mornign and IE kept crashing.
Went into advanced and turned off http 1.1

exited IE then opened I back up to error page but this time no error but the site prompted to download a file. opened up file with notepad then exited IE. Then I opened it back up but not within peoplesoft but some other site like google.com then went back to advanced settings and turned http 1.1 back on then back to people soft in IE. so far no crash. not saying this is a fix but it worked for this user to complete their job.

[Richard G.]

Have to reset all internet options to defaults

Our primary application we support is a PeopleSoft HR and PeopleSoft Portal system. We patched our own servers with MS06-042 last weekend, and noticed that IE running locally on the server had a problem using the PeopleSoft apps.

Our solution was to go into Internet Options and reset all default settings. (There's button that resets ALL settings for IE.) It won't change any proxy settings, just the properties.

We were then able to access all the PeopleSoft apps without problems. After we verified everything worked, we went back into Internet Settings and put the security settings back to where they originally were.

We had to inform all our user base of this same procedure.

[kderoche]

Medical Impact

I work in a large Instuitional Health environment. The doctors and other health care professionals use a proprietary Web based application, for patient information, prescriptions, etc. This application is effected the same way Peoplesoft is. The users are all on automatic updates, and are on XP SP2. Microsoft should think through these security patches a little more thoroughly. Peoples medical care is being affected by this now.

[rcrusoe]

Re: think through these security patches

You said " Microsoft should think through these security patches a
little more thoroughly. " The problem is Microsoft is doing the very
best that they can. And it isn't good enough.

IMO, until Microsoft can copy Apple one more time, dump the
entire Windows code base, and start from scratch. It isn't likely
Windows can ever be made reasonably secure.

[extinctone]

Re: Medical Impact - MS products are not HIPAA compliant.

In my opinion, Microsoft products are not HIPAA compliant. They are insecure and unstable. Not something I want my doctor using to handle my medical records, affecting my care.

[qwerty75]

agree

Important functions with potentially life threating situations if it fails, should never be trusted to MS.

[HandGlad2]

MS software has caused deaths?

It isn't only medical systems, but didn't a Microsoft worm cause or contribute to the blackout in the NE US and Canada in 2003? I know there is great debate, as to how much a part the MS worm actually played in to the blackout. But from what I read; 1) If the monitoring systems that were brought down by a Microsoft virus were functional, technicians may have been able to take action before the collapse of the grid. And 2) There sure seems to be a concerted effort in to burying or significantly downplaying the role of the Microsoft worm in the event. In either case it more than highlights the harm that low quality software from a monopolist can cause to society.

[Llib Setag]

An Apple A Day...

keeps the viruses away.

That's why most University Med + public medical departments use UNIX / LINUX / Mac OSX / Web based applications on their secured server networks.

Much more secure & efficient to use a HIPA compliant medical program designed for the medical profession, than the WintelDell Hell full of swiss cheese holes in the security of medical records & hospital operations.

[fred dunn]

HIPAA is So Ambiguous, More to worry about...

Don't worry so much about your doctor using Microsoft products as much as PDAs, Wireless networking, USB thumb drives, lack of perimeter firewalls, lack of network access controls, and unencrypted data.
It doesn't matter what platform you are on, data is data is data. It is generally easier to get data via one of the aforementioned means than hacking into an OS.
Just look at the newspapaers on any given day, it's not that that stolen laptop was compromised because it was Windows it was STOLEN.
The rule of thumb is that if I have physical possession of the device then I have your data whether it takes minutes or weeks, I'll have your data. The same holds true for a wireless network, CDs, old disk drives, usb flash drives, smartphones, etc, etc, etc.

HIPAA just mandates that you make a best effort within affordable measures to ensure data integrity and security. So what does that mean? Ask 1000 different security people and CIOs and you'll get 1000 different answers.

Not Quite

The only reason why windows is the OS with the most viruses is because:

a) It's the super majority.
b) It's the easiest platform to program on.

And before you go spouting off about B, yes for some it is easier to program on other platforms, but all in all crappy vb is king of simple, and almost all platforms can run on windows.

If all computers wither linux or mac, there would still be security and virus problems, just the methods used would differ.

[broken_halo]

IE6 crashing

A temporary fix is to go into IE options >> advanced >> disable third party browser extensions. Uninstall any toolbars you use.
This will help keep IE open longer, but won't
actually fix it. Call microsoft security while
it's still free. 1-866-727-2338 for the how to correct it. Apparently they won't release a fix until Oct 10 2006. The same day they stop support for XP SP1. Hmmm... coincidence? Yah right! Thanks M.S. for making us have to upgrade to SP2. And funny how Windows Genuine check came out right before this...