Network News

X My Profile
View More Activity

Windows "Icon and Cursor Bug" Patch Problems Persist

An astute reader called me to say Security Fix should mention a problem that many users of Windows 98, Windows 98SE and Windows ME are experiencing with a patch that Microsoft issued in January.  That patch plugged a serious security flaw for most Windows versions, except users who already deployed the SP2 upgrade to Windows XP.

According to a memo from Microsoft's Security Response Center, the company has been hearing from users of those earlier Windows versions who installed the patch.  They complained that their computer operated sluggishly or failed to boot at all.

The patch in question fixes a "critical" flaw that resides in Windows icon and mouse cursor files that could allow attackers to seize control of vulnerable PCs. Microsoft says the company is working on fixing the patch so it doesn't cause problems for Windows 98 users.  In the meantime, users having problems with the fix can either grin and bear it or uninstall the update.

Uninstalling the update, Microsoft reminds users, creates its own problems.  The company issued this warning: "Please note that by uninstalling the current update, the machine will return to a vulnerable state. At this point, we are currently not aware of customers being exploited by way of the vulnerability fixed in [this patch] on Windows 98, Windows 98 SE and Windows ME."

Microsoft is urging people experiencing trouble with this patch to call the company's Product Support Services line at 1-866-PCSAFETY.

Symantec has catalogued no fewer than seven viruses that try to infect Windows PCs using this flaw. The latest, dubbed "Trojan.Anicmoo.c," surfaced just yesterday, details of which are displayed prominently on Symantec's home page.

If you are using one of these Windows versions and are experiencing problems after installing this patch, three factors should influence any decision you make to uninstall the patch:  Are you using a hardware or software firewall? Do you have up-to-date anti-virus software installed? Do you and those who use your computer refrain from clicking on random e-mail attachments? If the answer to all three questions is "yes," then it is probably safe to remove this patch until Microsoft issues a fixed version, which could be as early as April 12, the next time the company is slated to release a batch of security fixes.

DSL Reports has an interesting thread about this patch problem in their "security" forum (keep in mind that DSL reports displays the earliest posts first. If you're looking for the latest commentary on this issue, visit the last page in the comments - at this writing page 4.)

By Brian Krebs  |  March 31, 2005; 11:30 AM ET
Categories:  New Patches  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Would You Care for a Virus with Your Phish?
Next: Don't Be an April Phool - FTC

No comments have been posted to this entry.

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company