On The Insider: Matthew McConaughey Welcomes Son
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack

By Joris Evers, News.com
Posted on ZDNet News: Apr 4, 2007 10:01:00 PM

Installing Microsoft's Tuesday patch for a "critical" Windows vulnerability is causing trouble for some users.

Microsoft broke with its monthly patch cycle Tuesday to repair a bug in the way Windows handles animated cursors. Cybercrooks had been using the hole since last week to attack Windows PCs. But the fix is not compatible with software that runs audio and networking components from Realtek Semiconductor, some Windows users have found.

Click here to Play

Video: Hacking a Vista PC
Determina experts explain how to exploit animated-cursor flaw.

"Apparently the update is not compatible with Realtek," CNET News.com reader Dave House wrote in an e-mail. "We lost all Ethernet and audio functions. Removing the update and doing system restores brought the systems back."

Microsoft is aware of problems with Realtek's audio software. In fact, it knew about them before releasing the fix and published a support article with the security bulletin. An additional update is available from Microsoft to remedy the problem, according to the company's Web site. Microsoft is not aware of networking issues, a representative said.

The audio problem occurs on Windows XP PCs that have the Realtek HD Audio Control Panel installed, Microsoft said. The application may not start after the patch is applied and Windows may display an error message, the company said.

Microsoft consciously released the cursor flaw patch despite the compatibility problem, Mike Reavey, a Microsoft Security Response Center staffer, wrote on a corporate blog. The company tested the fix throughout February and March and eliminated many problems, he wrote.

"At one point our testing had uncovered over 80 potential issues with the update that were investigated and resolved...at the time of release, only one minor quality issue was known," Reavey wrote.

The cursor vulnerability is one of seven flaws addressed by Microsoft's Tuesday patch--three of them also affect Vista. Cybercrooks moved quickly to exploit the cursor hole. Security firm Websense has spotted hundreds of Web sites that try to use the bug to compromise PCs, as well as an e-mail spam campaign with links to the malicious sites.

Microsoft plans to issue additional fixes next week on its regular monthly patch day, the company said.

  • Talkback
  • Most Recent of 93 Talkback(s)
roxio support?
did you post your question on the roxio support forums?
Read the rest)
Posted by: kara_whittington@... Posted on: 09/05/07 You are currently: Logged In | Log out
Windows cursor patch causing trouble Loverock Davidson   | 04/04/07
Typical Loverock response Zeppo9191   | 04/05/07
How nice for you jlongino@...   | 04/05/07
Doesn't like ZyXel either XXXLDOG   | 04/06/07
Because Realtek didn't anticipate what hadn't happened yet... deleweye   | 04/09/07
Sorry LR TonyMcS   | 04/09/07
Name Change maybe? mv520   | 04/09/07
This is definitely Microsoft's problem . Betond the vista , a Leopard is stalking .   | 04/11/07
Problem is in RealTek's code PB_z   | 04/04/07
I have to agree CobraA1   | 04/04/07
You don't even need their control panel georgeou   | 04/04/07
Not surprising at all PB_z   | 04/04/07
George and PB_z, sometimes you DO need the Realtek junk. OButterball   | 04/04/07
Here's what I mean, in a nutshell: OButterball   | 04/04/07
What the heck does that have to do with RealTek? PB_z   | 04/05/07
Ever hear of "an interesting aside," PB_z? OButterball   | 04/11/07
I love it... jasonp@...   | 04/05/07
Oh, Joy... John Zern   | 04/04/07
Think about an engineering firm I consult to: OButterball   | 04/04/07
RE: RealTek Control Panel KopaKryptik   | 04/09/07
More power to ya, teknohed333. OButterball   | 04/11/07
It doesn't matter, though GonePhishing   | 04/09/07
Is the entire problem in RealTek's code? tf2RI52WC873   | 04/10/07
New Realtek driver available PRSchwob   | 04/04/07
Thank You PRSchwob RichC3@...   | 04/06/07
Windows Update Problem RuralWisp   | 04/04/07
Microsoft must have contacted RealTek PB_z   | 04/04/07
I have to agree that communicating Leria   | 04/10/07
Why just Realtec? GuidingLight   | 04/04/07
Who to Blame RuralWisp   | 04/04/07
Was that the question you asked? GuidingLight   | 04/04/07
Who's to blame RuralWisp   | 04/05/07
"The needs of the many" John Zern   | 04/05/07
You're right, because they are sloppy PB_z   | 04/04/07
You guys are really missing the point! OButterball   | 04/04/07
RealTek's software was broken and never should have worked to begin with PB_z   | 04/05/07
Updates that break.. JCitizen   | 04/09/07
Flawed statement there, PB_z... Raymond Danner   | 04/10/07
it's not just realtek. geoffr@...   | 04/05/07
Not Just Realtek geoffr@...   | 04/05/07
Not Realtek problem AMS-Ray   | 04/05/07
Don't feel bad , Betond the vista , a Leopard is stalking .   | 04/11/07
Ahem... droby10   | 04/09/07
TugZIP crashes because of changed loading of .dlls issue Patanjali   | 04/04/07
Use different ZIP software; plus, what TugZIP does wrong PB_z   | 04/05/07
roll back till its fixed? TG2   | 04/09/07
But him getting owned means... KWierso   | 04/09/07
Now let's wait for the patch that patches the patch that galileon   | 04/05/07
it is already out there geoffr@...   | 04/05/07
As much as I'm loathe to admit it, KWierso   | 04/09/07
Finger tappin' good whisperycat   | 04/05/07
If only you weren't completely Wrong xuniL_z   | 04/07/07
I see evidence of 3 camps here all the time. Raymond Danner   | 04/10/07
It's what happens when you spread all your resources across the table . Betond the vista , a Leopard is stalking .   | 04/11/07
It's what happens when you spread all your resources across the table . Betond the vista , a Leopard is stalking .   | 04/11/07
Patches can do that, break 3rd party apps Boot_Agnostic   | 04/05/07
ANI Patch problems AMS-Ray   | 04/05/07
ZyXel Wireless Net Adapter stops working XXXLDOG   | 04/06/07
reinstall the drivers Master Guru   | 04/06/07
Oooo...you so smart (nt) djt0711   | 04/06/07
Patchwork witan   | 04/06/07
Print Spooler Issues Too wswingleNOSPAM@...   | 04/06/07
Microsoft Patch rwdrisk@...   | 04/06/07
XP Bloatware jonvesi   | 04/06/07
YUP!!! bigjohnl@...   | 04/09/07
That's why I dual boot Linux Bloatware Boot_Agnostic   | 04/06/07
At least in Linux/Xunil you won't have the .ani issue . <NT> Betond the vista , a Leopard is stalking .   | 04/11/07
Yep Boot_Agnostic   | 04/12/07
My Realtek driver tried to relocate system drivers. djy.business@...   | 04/06/07
Roxio 8 DVD Creator Not Working r.heat@...   | 04/06/07
roxio support? kara_whittington@...   | 09/05/07
Problem is more than RealTek and listed software raylward@...   | 04/09/07
Microsoft had Months on This One tschrock   | 04/09/07
So Are They Colluding with Hackers? bcroner   | 04/09/07
The real culprit here is the modern corporate fuzzy2k   | 04/09/07
Cursor Patch Making .dlls share same address jasprey   | 04/09/07
Windows cursor patch causing trouble cberk   | 04/09/07
anicursor problems curlymon@...   | 04/09/07
java stung by cursor patch gmarriott@...   | 04/10/07
Cursor Patch problem made worse by inane Automatic Updates Dasec   | 04/10/07
Microsoft james1701_d   | 04/10/07
Link to FIX KyBluegrassBoy   | 04/10/07
.. wherein M$ admits their error and adds 935488 to autoupdate tf2RI52WC873   | 04/11/07
Where's the Linix droids message? done@...   | 04/10/07
Unless I missed their posting(s)... Dr. John   | 04/10/07
No they aren't John Zern ,,, Betond the vista , a Leopard is stalking .   | 04/11/07
Weird Post TripleII   | 04/10/07
... because it's unnecessary tf2RI52WC873   | 04/11/07
They aren't sleeping at the helm ,,, Betond the vista , a Leopard is stalking .   | 04/11/07
Maybe no one gives a flying leap? jacarter3   | 04/11/07
Safe Windows in the future. joe.smetona@...   | 04/11/07
Loverock wjkahlssmd@...   | 04/10/07
Hardware incompatible with software??? jolumoar   | 04/10/07

What do you think?

advertisement

The Green Enterprise

advertisement
Click Here