Windows security patch comes back to haunt IT managers
October 18, 2005
Security experts have said yesterday that Windows PC users that are increasingly worried about Internet security and that have adjusted their Windows operating systems in an effort to better protect themselves are getting hit even harder by a flawed Microsoft patch issued last week.
Microsoft has publicly acknowledged that the patch released last week can cause trouble for some users. It could lock them out of their PC, prevent the Windows Firewall from starting, block certain applications from running or installing, and empty the network connections folder, among other things, the software maker said in an advisory on Friday.
The trouble occurs when default permission settings on a Windows folder have been changed, according to Microsoft. Those changes aren't common, but have been applied by some people to add extra security to their systems, experts said.
Get the best Linux or Windows Web hosting plan for your website.
This "critical" patch could lock people out of their PCs"The flaw in the patch affects users who tightened down access lists," said Johannes Ullrich, the chief research officer at the SANS Institute. "These are typically more-advanced, security-conscious users."
The settings are also likely to be used by businesses with strict access requirements, such as those in the financial services or health care industries, said Vijay Adusumilli, a senior product manager at security software vendor St. Bernard Software. "They tighten settings for security purposes," he said.
The patch was released on Tuesday to fix four Windows vulnerabilities. Microsoft tagged the combined vulnerabilities "critical," and experts warned that a worm attack linked to the issue could be imminent. The software maker urged all users to immediately apply the update, delivered in security bulletin MS05-051.
"If users made changes to their security settings and tightened them, this patch is going to break a whole lot of software," Adusumilli said. The update simply didn't take into account all the possible Windows user configurations, he said.
The problem may result in more apprehension among users when it comes to applying Windows patches, he noted. "Microsoft's patch quality reputation just started to improve, but I think this is going to dent that a bit," Adusumilli said.
That is worrying, especially with a narrowing amount of time between the release of a software fix and a malicious code attack that exploits the vulnerability related to it, Ullrich said. The narrowing "patch window" has moved people to apply remedies faster.
"Many companies have come to rely on high patch quality to use accelerated deployment procedures for critical patches. But the problems with MS05-051 will make people think twice next time around," Ullrich said.
The flawed update delivered "two strikes against good security," Ullrich said. "First, you get penalized for running an enhanced security template. Next, you get penalized for patching quickly."
Microsoft had no immediate comment for this story.
Source: The Register
Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.
You can link to the
Internet Security web site as
much as you like. Read our section on how your company can participate in our
reciprocal link exchange program
and increase your rankings
in the major search engines such as
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing