Security patch crashes IE

Posted on 17 Aug 2006 at 11:55

A security patch issued that is meant to fix a number security vulnerabilities in Internet Explorer may in fact cause the browser to crash in certain circumstances, Microsoft has admitted. The company says that Internet Explorer crashes when you view a Web site that uses the HTTP 1.1 protocol and compression.

According to Microsoft, the problem occurs when running Internet Explorer 6 SP1 on either Windows XP or Windows 2000.

An advisory issued by Microsoft explains that when certain controls are loaded on a Web page, the controls are not correctly masked by the patch. As a result, if Windows decides that the control is inactive, it will ignore the control prompts before it is fully loaded. Among the controls that are involved are those used in Macromedia Shockwave Director, in Apple QuickTime Player, and in Virtools Web Player.

Microsoft promises that a new version of the security update is currently under development and will be released to all Internet Explorer 6 Service Pack 1 users through the usual channels by 22 August, 2006. In the meantime, Microsoft recommends that anyone who is not affected by the issue should continue to apply the patches as they offer protection against the vulnerabilities revealed in the security updates.

Author: Steve Malone