Below The Beltway

Microsoft issued a security patch this week that crashes Internet Exploder:

December 19, 2007 (Computerworld) — Microsoft Corp. acknowledged late yesterday that security patches issued last week for Internet Explorer (IE) crippled the browser for some users, but rather than rework the fix, the company offered up a registry hack work-around.

The confirmation and work-around came a week after users installed Security Update MS07-069 on Dec. 11, and users immediately began reporting that they were unable to connect to the Internet with IE or that the browser kept crashing. MS07-069, one of seven bulletins issued on December’s “Patch Tuesday,” fixed four critical vulnerabilities in IE 5.01, IE6 and IE7.

Although Microsoft had said on Monday that it was investigating the reports, yesterday the company owned up to the problem. “On a Windows XP Service Pack 2-based computer, Internet Explorer 6 may stop responding when you try to a visit a Web site,” said Kieron Shorrock, the program manager responsible for IE at the Microsoft Security Response Center (MSRC).

In a later post to the MSRC blog, however, Shorrock downplayed the problem, saying, “We have been working with a small number of customers that reported issues related to the installation of MS07-069.” He claimed that the bug appeared only in what he called “a customized installation.”

“This isn’t a widespread issue,” Shorrock added.

That would come as a surprise to users such as Harold Decker, who manages 35 Windows XP SP2 machines at San Diego-based Gold Peak Industries NA Inc. Even though Decker described his shop’s systems as “pretty plain,” 29% of the PCs that installed last week’s IE update had trouble accessing the Web.

Here’s a tip, switch to Firefox.