On CHOW: This beer is perfect
BNET Business Network:
BNET
TechRepublic
ZDNet
198 TalkBacks

By Joris Evers
Posted on ZDNet News: Nov 3, 2005 5:50:00 AM

Two Microsoft security updates for Internet Explorer can break the functionality of Web sites that use certain custom applications.

The problems occur after installing the patches Microsoft delivered with security bulletins MS05-038 and MS05-052, Microsoft said in two advisories posted on its Web site Wednesday. The bulletins were issued in August and October, respectively.

Both patches can cause problems with ActiveX controls, small programs designed to perform simple tasks that can make a Web site more interactive. The MS05-038 patch can also hinder Java applications. After the patches are installed, applications that are programmed in specific ways will no longer work in Internet Explorer, Microsoft said.

Any problems caused by MS05-038 and MS05-052 affect only a few users, Stephen Toulouse, a program manager in Microsoft's Security Response Center, wrote on the MSRC blog late Wednesday. "As a result of these changes that we made for security sake, for a limited amount of customers some pages may not load as expected," he wrote.

The issue of broken Web sites is the latest problem with Microsoft patches. One recent fix wreaked havoc on systems of users who had changed certain settings on their PCs to be more secure, while Windows 2000 users had trouble finding the right patch for another security problem.

The MS05-052 patch causes the problem because it makes several changes to Windows meant to increase the security of the IE Web browser. After installing the patch, IE will check for a special security setting called on ActiveX controls. If the control does not have the setting, IE will block it, according to a Microsoft advisory.

To resolve this issue, Microsoft advises developers to recompile an affected ActiveX control and mark it as safe when run in an Internet browser, according to the advisory. As a workaround, users of sites with ActiveX controls that no longer work can lower their IE security settings, the company said, although it does not recommend doing so.

Changes made for the benefit of security with the MS05-038 patch mean trouble for ActiveX controls and Java applications. The problems occur if so-called "custom monikers" are used, Microsoft said in a second advisory. To solve the issue, the applications should be converted.

Microsoft's advisories offer technical tips on resolving any issues. The company did not say how many customers have experienced trouble.

SponsoredWhite Papers, Webcasts, and Downloads

  • Talkback
  • Most Recent of 198 Talkback(s)
MS should do it right
MSIE is not a bad browser, but Microsoft should rethink their policy for the browser. I believe they should make it as standards compliant and secure as possible and make a clean separation between th... (Read the rest)
Posted by: petit@... Posted on: 12/06/05 You are currently: a Guest | | Terms of Use
Doesn't effect me  zijiang | 11/02/05
Oh yea...  nucrash | 11/03/05
Ridiculous  PMC-CON | 11/03/05
wow man, lighten up  Monkey_MCSE | 11/03/05
doesnt affect me either  linuxoverwindows | 11/03/05
It dosnt affect me either....  Cayble | 11/04/05
Isn't a part of the 'web' broken after the Eolas ruling anyways  Boot_Agnostic | 11/03/05
GOOD  CobraA1 | 11/03/05
Agreed.  Twey | 11/03/05
You dont what???  Cayble | 11/04/05
Agreed  davedufour | 11/04/05
Except that...  psomerset@... | 11/03/05
A dying breed  geobeck | 11/03/05
"professional tools"  theo_durcan | 11/03/05
Yet Another Reason...  The Rifleman | 11/03/05
Linux  CodeBubba | 11/03/05
I guess it's OK  Ken_z | 11/03/05
Yep, they're already broken for FireFox users  PMC-CON | 11/03/05
Are you serious?  NonZealot | 11/03/05
Should have cut it cleanly  Twey | 11/03/05
Little used?  NonZealot | 11/03/05
Microsoft patches may break Web sites  Loverock Davidson | 11/03/05
And a few means...  zkiwi | 11/03/05
And a few means...Well  Jadal | 11/03/05
Well...  zkiwi | 11/03/05
Nothing is ever an issue...  jasonp@... | 11/03/05
Hold the phone...  K Anderson | 11/03/05
Also Agree  davedufour | 11/04/05
You're a whiner (NT)  Loverock Davidson | 11/03/05
Are you referring to me?  K Anderson | 11/03/05
No, him. (NT)  Loverock Davidson | 11/03/05
Media Reporting  CodeBubba | 11/03/05
LOL, Why would you think that  voska | 11/03/05
Fixing Web sites & code  andy@... | 11/03/05
I guess so  tslocum7 | 11/03/05
Was their code written with M$ tools? ... (NT)  Update victim | 11/03/05
Will Never Be Fixed BY Microsoft  PMC-CON | 11/03/05
It effected Me.. this time  ralphdb@... | 11/03/05
I wonder if this is my problem  voska | 11/03/05
did you yum??  nynetsec | 11/03/05
forgot to mention..  nynetsec | 11/03/05
Still using Internet Explorer...  Grayson Peddie | 11/03/05
I think it would cause problems for non-IE browsers too  voska | 11/03/05
No  Patrick Jones | 11/03/05
Thanx for the info  voska | 11/03/05
Unless it is M$'s JAVA VM that fails. ...(NT)  Update victim | 11/03/05
In which case  K Anderson | 11/03/05
Grayson I thought you no longer clicked on links  Squawkbox | 11/03/05
Active X  mbrierley | 11/03/05
All The AV Companies, Ancestry.com, Dell  PMC-CON | 11/03/05
All who I never use . . .  CobraA1 | 11/03/05
AV Sites Use ActiveX to DO Online Scans  PMC-CON | 11/03/05
re: AV Sites Use ActiveX to DO Online Scans  CobraA1 | 11/03/05
Which seems a bit odd  K Anderson | 11/03/05
Ironic too.  Immanuel Tranz-Mischen | 11/03/05
lmao  IT Scion | 11/03/05
Adobe Acrobat, Real, MacroMedia Flash, MrSID  PMC-CON | 11/03/05
Typical M$  tslocum7 | 11/03/05
Another Typically cleaver zealot  zdnet@... | 11/03/05
Microsoft deserves the bad comments  teckk@... | 11/03/05
Nope  tslocum7 | 11/03/05
I don't  tslocum7 | 11/03/05
blah blah blah  zdnet@... | 11/03/05
Could care less  tslocum7 | 11/03/05
.  longrider_z | 11/04/05
About as typical as the NBM zealots...  shawkins | 11/03/05
Zealots - in general  zdnet@... | 11/03/05
No not really.  Cardinal_Bill | 11/03/05
Then Grow UP  TxTopgun | 11/03/05
Bad hair day?  Cardinal_Bill | 11/03/05
So you must  K Anderson | 11/03/05
Another couple...  Cardinal_Bill | 11/03/05
You got it.  tslocum7 | 11/03/05
I took your advice about M$ in 1994. ... (NT)  Update victim | 11/03/05
Those sites were allready broken!!!  johnlb2002 | 11/03/05
No, they mean  K Anderson | 11/03/05
So let me get this straight...  johnay | 11/03/05
Apparently  CobraA1 | 11/03/05
Explain please,  Update victim | 11/03/05
In a word nothing  maldain | 11/03/05
Does it annoy you guys when...  NonZealot | 11/03/05
Whoa there  IT Scion | 11/03/05
Erm...  zkiwi | 11/03/05
Good question  NonZealot | 11/03/05
I see  CobraA1 | 11/03/05
Good question  NonZealot | 11/03/05
One other thing...  NonZealot | 11/03/05
RE: One other thing... by NonZealot  btljooz | 11/03/05
Linux is free  NonZealot | 11/03/05
Who is paying for this mess?  theo_durcan | 11/04/05
Scary  tslocum7 | 11/03/05
The really scary part is  IT Scion | 11/03/05
oops  IT Scion | 11/03/05
All the more reason.........  tslocum7 | 11/03/05
huh?  IT Scion | 11/03/05
Really?  tslocum7 | 11/03/05
Nice try but  IT Scion | 11/03/05
So?  tslocum7 | 11/03/05
You obviously  IT Scion | 11/03/05
Hey Not a Perfect World!  Santelli | 11/03/05
But not that bad  Ron@... | 11/07/05
"sever lack of intelligence"???  MarkieMark | 11/03/05
No  java.user | 11/03/05
Throwing Stones in Glass Houses  MarkieMark | 11/03/05
Well  java.user | 11/03/05
MarkieMark  IT Scion | 11/03/05
What a laugh  tslocum7 | 11/04/05
ts...  IT Scion | 11/05/05
Wow  IT Scion | 11/03/05
Would you like to correct this typo too?  MarkieMark | 11/03/05
Fish....hook....thanks  IT Scion | 11/03/05
Nice spin  MacCanuck | 11/04/05
So  tslocum7 | 11/04/05
ts  IT Scion | 11/05/05
Microsoft update problems  twiterbee | 11/08/05
Microsoft update problems  twiterbee | 11/08/05
Microsoft update problems  twiterbee | 11/08/05
I wouldn't want to  K Anderson | 11/03/05
What happened to the SunBelt follow-up  gsterner@... | 11/03/05
according to Sunbelt Software.  Henry_z | 11/03/05
re: sunbelt  u2in99 | 11/03/05
IE rendering is poor anyway  ivanii | 11/03/05
IE Patches  lhearn | 11/03/05
SOS, DD !!!  realitycheck101 | 11/03/05
AmiPro Just Now Broken?  PMC-CON | 11/03/05
Microsoft patches  abbacuss | 11/03/05
yum it up.. patch it up..  nynetsec | 11/03/05
yummi  linuxoverwindows | 11/03/05
patches, i don't need no stinkin patches...  u2in99 | 11/03/05
the devil made me do it  linuxoverwindows | 11/03/05
Car Recalls  MarkieMark | 11/03/05
Yet again  IT Scion | 11/03/05
thank you!  u2in99 | 11/03/05
Which one  IT Scion | 11/03/05
Maybe  tslocum7 | 11/04/05
A mistake?  tslocum7 | 11/03/05
Huh?  IT Scion | 11/03/05
Ignorance?  tslocum7 | 11/04/05
Exactly  tslocum7 | 11/04/05
He Admitted A Microsoft Security Patch  PMC-CON | 11/03/05
That's not the point  tslocum7 | 11/04/05
Wrong...again...as usual  IT Scion | 11/05/05
Perfect!  TxTopgun | 11/03/05
Microsoft Patches  expofan@... | 11/03/05
This happened to me  xilord@... | 11/03/05
Adobe reader 7.05  johnfordjr | 11/03/05
Microsoft really going down the drain?  linuxoverwindows | 11/03/05
I hope so  tslocum7 | 11/04/05
7.0.5 Update Working Fine on Couple Dozen PCs  PMC-CON | 11/03/05
adobe reader, try installing the older version 6  u2in99 | 11/03/05
RE: Adobe reader 7.05 by johnfordjr  btljooz | 11/03/05
THE WEBS NOT BROKEN!!!  DemonX | 11/03/05
Wrong. Sorry try again.  IT Scion | 11/03/05
but but  linuxoverwindows | 11/03/05
What I was  IT Scion | 11/03/05
Of Course  tslocum7 | 11/04/05
If you visit those sites with  K Anderson | 11/03/05
So  tslocum7 | 11/04/05
Patch from the begining?  IT Scion | 11/05/05
I have said it before and I'll say it again  TxTopgun | 11/03/05
Why use Linux? Just use Firefox!  Ratledge | 11/06/05
Yet another good reason not to use Active X  John L. Ries | 11/03/05
So this patch forces websites to practice better security.  osreinstall | 11/03/05
So, MS tightens security and the zealots still whine.  balsover | 11/03/05
Really?  tslocum7 | 11/04/05
Perfection only exists in your mind.  osreinstall | 11/04/05
We'll speak slower just for y o u  IT Scion | 11/05/05
Everybody! Let's say it all together now ---!  Reverend MacFellow | 11/03/05
Microsoft continues to get away  bjbrock | 11/03/05
market manipulation  johnfarnham@... | 11/03/05
Auto Updates  supersid@... | 11/03/05
All of this B$ about M$ is why  btljooz | 11/03/05
Microsoft patches may break Web sites  charles338 | 11/03/05
RE: Microsoft patches may break Web sites by charles3388  btljooz | 11/03/05
ZDNet Error...  K Anderson | 11/03/05
new updates may break web sites  diamondlyn | 11/03/05
Maybe My Problem As Well?  EBathory | 11/03/05
Surprise, Surprise, Surprise....  usc1801 | 11/03/05
Agreed  tslocum7 | 11/04/05
Message has been deleted.  verbeek_gerard@... | 11/03/05
Watch your language.  Grayson Peddie | 11/03/05
Web Page ActiveX problem.  george_hislop@... | 11/03/05
A true fix for the MS patches that will work  justinleecox | 11/03/05
A true fix for the MS patches that will work  justinleecox | 11/03/05
Linux  clh_z | 11/04/05
This is why....  thomp50 | 11/04/05
vista is coming  radams_z | 11/04/05
Not to be a conspiracy theorist...  newsletters@... | 11/04/05
My workaround is Netscape Navigator  Tom Swift | 11/04/05
Updates for the Updates...Mmm...  aadservices@... | 11/04/05
Sale of Goods Act (UK)  MarkieMark | 11/04/05
That is real easy Bloke.  osreinstall | 11/04/05
MS Patches  MarkieMark | 11/04/05
Curry  MarkieMark | 11/04/05
Does turning activeX prevent MS05-052 installation?  HatGuy | 12/02/05
its not a surprise  jesus_of_suburbia344 | 12/05/05
MS should do it right  petit@... | 12/06/05
MS should do it right  petit@... | 12/06/05

What do you think?

SmartPlanet

Click Here