[ISN] Microsoft patches break some Web sites

InfoSec News isn at c4i.org
Fri Nov 4 12:09:21 EST 2005


http://www.networkworld.com/news/2005/110305-microsoft-patches.html

By Jeremy Kirk
IDG News Service
11/03/05

Two patches released by Microsoft earlier this year for its Internet
Explorer browser may cause some Web sites not to load properly.

The bulletins, MS05-038 and MS05-052, removed "unsafe functionality"  
and change how the browser handles ActiveX controls for security
reasons, Stephen Toulouse, a program manager in Microsoft's security
unit, wrote on Thursday on the Microsoft Security Center Response
Blog.

After installing MS05-038, first published Aug. 9 on the Microsoft
Download Center, Web pages containing Component Object Model (COM)  
objects called monikers may not work as expected.

MS05-052, published Oct. 11, added an additional check for a specific
interface for ActiveX controls before allowing a COM object to run in
Internet Explorer. But it also blocks some Web pages containing
ActiveX controls, Microsoft said. Users who are missing certain
registry subkeys may also experience problems with this patch,
Microsoft said.

Microsoft has published instructions on how to resolve the MS05-038
issues [1].

Instructions for the two possible problems with MS05-052 can be found
here [2] and here [3].

[1] http://support.microsoft.com/kb/906294
[2] http://support.microsoft.com/kb/909889
[3] http://support.microsoft.com/kb/909738





More information about the ISN mailing list