Skip navigation

Problems with Microsoft's October Security Updates

Earlier this month Microsoft published Security Update MS05-050 as part of its regular monthly security patch release schedule. The update corrects a flaw in DirectX where DirectShow might allow remote code execution, which represents a critical vulnerability.

However, if the patch associated with MS05-050 is applied on Windows 2000 systems with DirectX 8.0 or 9.0 installed then the system is still vulnerable and administrators might not be aware of that fact. Microsoft published an article (909596) regarding this matter . The article explains that the "dxdiag" tool can be used to show which version of DirectX is installed on a given system. Then by comparing DLL versions a determination can be made whether a system is truly patched.

Problems were also discovered with Security Update MS05-051 . Among those problems are situations where the Windows Installer and Windows Firewall services might not start, along with problems in IIS, COM+, user logon attempts, and other issues. Microsoft published an article (909444) which explains that the problems are related to access control list (ACL) issues and gives information on how to correct the ACLs.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.