Content

Microsoft warns of flaw in latest Windows patch

Microsoft has issued a warning that flaws in its latest Windows patch designed to protect against newly discovered critical Windows vulnerabilities have been causing “various problems” for an as yet unknown number of users.

The Microsoft security advisory MS05-051 details how the critical MSDTC (CAN-2005-2119) and COM+ (CAN-2005-1978) vulnerabilities can potentially be exploited by malicious cyber criminals to cause remote code execution and local elevation of privileges.

But companies installing the patch against these flaws have reported a range of issues including users being locked out of systems, antivirus security updates failing to complete and PCs just displaying a blank screen without any desktop icons after the update has been rolled out.

"Microsoft is aware of reports of isolated issues after deployment with Microsoft Security Bulletin MS05-051. We are working with a limited number of affected customers to help resolve these issues," the Redmond firm said.
The issue affects systems that do not have the default Access Control List (ACL) settings in the %Windir%Registration folder. These systems "may experience various problems after installing MS05-051. The update helps protect against attacks seeking to exploit MS05-051, however this isolated set of issues might impact systems after installation of the update", according to Microsoft.
Based on feedback from customers, Microsoft said it has published Microsoft Knowledge Base Article 909444, which tackles the problem.
"We continue to urge customers to deploy MS05-051 and all recent security updates. For additional information about security updates, please visit the following website," the company advised.
Customers who experience installation problems should contact Microsoft Product Support Services. Product Support Services in North America can be contacted for help with security update problems or viruses at no charge by using the PC Safety line (1-866-PCSAFETY).
.
https://support.microsoft.com/
https://www.microsoft.com/technet/security/advisory/909444.mspx
https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2119
https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1978
https://www.microsoft.com/technet/security/bulletin/MS05-051.mspx
https://support.microsoft.com/kb/909444

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.