Still Insecure After All These Years

It’s nearly the end of 2005, and Microsoft is still having trouble securing Windows XP, Windows 2000, and Windows Server 2003. This time the company actually hurt the ones it loves: power users who’ve tightened the security features of their systems by changing folder permissions.

According to CNET, “Windows patch backfires on the security-minded“:

Microsoft has acknowledged that a patch released last week can cause trouble for some users. It could lock them out of their PC, prevent the Windows Firewall from starting, block certain applications from running or installing, and empty the network connections folder, among other things, the software maker said in an advisory on Friday.

The trouble occurs when default permission settings on a Windows folder have been changed, according to Microsoft. Those changes aren’t common, but have been applied by some people to add extra security to their systems, experts said.

It’s not like Windows users could ignore this patch. It was released to fix four Windows vulnerabilities that Microsoft tagged “critical,” and experts warned that a worm attack linked to the issue could be imminent. But the patch simply didn’t take into account all the possible Windows user configurations.

But you have to admire Microsoft for putting this spin on it:

Even if users experience PC trouble after installing the patch, they will still be protected against any attack exploiting the Windows flaw, a Microsoft representative said.

Well, that’s certainly true if your PC has locked you out or can’t access the Internet.


Leave a Reply

Your email address will not be published. Required fields are marked *