By Joris Evers, 21 June 2006 08:50
NEWS
One of the dozen security updates Microsoft released last week is causing network connection trouble for some users, the company said.
The fix delivered with security bulletin MS06-025 - for routing and remote access vulnerabilities in Windows - can interfere with a certain types of dial-up networking connections, Microsoft said in an article on its support website published late on Monday. The patch repairs two "critical" security flaws in Windows that could allow an attacker to commandeer a vulnerable PC.
Problems occur only with dial-up connections that use a terminal window, or dial-up scripting, Microsoft said. This type of connection may stop responding after applying the patch, the software maker said.
Microsoft said in the support article: "This is an older technology that is rarely used by modern dial-up connections." The issue may affect direct-dial connections to a corporate network, to a university network or to some ISPs, it said.
Microsoft is working on a revised security patch to address the issue. Meanwhile, the company recommends that people who need to use dial-up scripting or terminal window features do not install the security update.
The MS06-025 patch is one of 12 security bulletins Microsoft released last week with fixes for 21 flaws. Attack code that exploits some of those flaws is already out, increasing the risk to users. There is no known public exploit for the flaws patched by MS06-025, however a private exploit is available to users of a tool made by security vendor Immunity, according to Symantec.
Patches cause trouble at times. In April, Microsoft released a second version of a Windows Explorer update because the original interfered with HP software and Nvidia drivers.
Joris Evers writes for CNET News.com
In order to post a comment you need to be registered and logged in.
Log in or create your silicon.com account below