Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Pastimes : Things That Amuse Me -- Ignore unavailable to you. Want to Upgrade?

To: mr.mark who wrote (4596)	2/16/2002 1:36:02 AM
From: mr.mark	Read Replies (1) \| Respond to of 12669

fwiw, my machine, always rock-solid on a win2000 platform, crashed one time since installing the patch, and that was when i was updating antivirus definitions.... Admins left to fix Microsoft's browser mess By Joris Evers February 15, 2002 InfoWorld.com AMSTERDAM - MICROSOFT'S latest security patch for Internet Explorer (IE) causes the Web browser to crash when viewing Web pages that contain a certain VBScript directive, several IE users found. Microsoft has acknowledged the problem and says Web site administrators will need to take action. "This issue does not pose a security threat to users. This issue affects stability. Normal operation can be restored by restarting IE," Microsoft said in a statement Friday. "Microsoft Product Support Services has been working with customers to implement a workaround that addresses a problem in which patched IE browsers could crash when viewing certain pages containing a specific VBScript directive." The way to fix the problem in the short term will be to tweak the coding on Web pages that contain this directive, called the execScript directive, Microsoft said. However, Microsoft is working on an updated patch, but does not know when that will be released. In postings to Microsoft's discussion groups, users had earlier pinpointed the execScript directive as the culprit. "The workaround is one that site operators would implement on their ASP (Active Server Page) pages. End-users need not do anything," Microsoft said, adding that a knowledge base article explaining the issue and the workaround procedure will be posted to Microsoft.com shortly. One Dutch IE user on Friday told the IDG News Service that his patched Web browser crashed when accessing the Web JetAdmin remote management tool for Hewlett-Packard printers. "Sadly, the patch removes functionality in IE. I installed the patch on my IE 5 system, but removed it immediately by installing a complete new version of IE 6. The HP administrator page on our LAN did not work on the patched system, but did work on unpatched systems," said Jean van Laarhoven, systems manager for a part of Amsterdam's city government. Internet advertising company DoubleClick told its customers in an e-mail not to install Microsoft's patch, a German DoubleClick user who asked for anonymity said. DoubleClick's ad management system is accessed through the Web and relies on scripting. This user and another DoubleClick user, who also requested anonymity, confirmed that IE crashed when they tried to access the DoubleClick system after patching their browser. Nobody at DoubleClick was immediately available for comment. Microsoft released the "cumulative" patch that fixes six holes in IE versions 5.01, 5.5 and 6.0 on Monday. The software maker gave the patch a "critical" rating and urged all users to immediately install it. The set of patches fixes holes that could allow an attacker to take control over a user's computer. The patch can be found on Microsoft's TechNet Web site at: microsoft.com Joris Evers is an Amsterdam correspondent for the IDG News Service, an InfoWorld affiliate. infoworld.com