Microsoft issues patch for SP2 update
- 18 October, 2004 08:07
Microsoft has issued a patch for a compatibility problem between the recent Windows XP Service Pack 2 and an advertising application run on many user's machines.
The service pack was causing system crashes thanks to a conflict with the hidden app from Total Velocity Software (TVS), called TV Media.
When SP2 was released in August, a large number of users contacted Microsoft's technical support complaining that the update was causing their computer to repeatedly restart, according to the TVS. The problem was due to the hidden presence of TV Media, which is designed to be invisible to users except when it is displaying advertisements.
Affected computers shut down and restarted repeatedly, displaying the following message: "A problem has been detected and Windows has been shut down to prevent damage to your computer..."
In an attempt to alleviate the problem, Microsoft published a technical support item about the issue, and later distributed a tool for removing TV Media. However, the real problem was that many users weren't aware of TV Media's presence.
The new patch, published last week, will not allow users to install SP2 via the Windows Update website or Windows' automatic updating system if they have TV Media installed. Instead, it first offers them the patch, labelled Critical Update 885523. After this is installed, users are able to access SP2.
"Critical Update 885523 prevents this problem by addressing the compatibility issue," Microsoft said in an updated technical support briefing."This update is only offered through Windows Update and Automatic Update to users who have TV Media installed. This update is primarily intended for users of Windows Update and Automatic Updates who may not realize that they have TV Media installed on their computers."
The Critical Update is available for download at http://www.microsoft.com/downloads/details.aspx?amp;displaylang=en.&familyid=65875203-CF1B-4D32-8F32-E00D004659F6&displaylang=en. Microsoft is still distributing the TV Media removal tool at http://www.microsoft.com/downloads/details.aspx?amp;amp;amp;displaylang=en&familyid=f94e8b27-b656-45cd-9668-73134a18231b&displaylang=en.
Separately, industry observers warned that this week's avalanche of Windows security patches might cause confusion for IT managers over how secure SP2 really is.
Security experts noted that several of the security problems patched this week don't affect machines with SP2 installed. But this isn't due to SP2 making machines inherently more secure, according to experts - it is merely that Microsoft included "stealth patches" for some particular issues in SP2, which are only now being released as stand-alone fixes. The issues that don't affect SP2 include a critical hole in the handling of Zip files.
"It's important to realize that getting up to SP2 isn't the end of the road for security," said Sophos Anti-Virus senior technology consultant Graham Cluley. "They're going to keep on patching SP2 for years to come, as new problems are found. There's a danger people will get the impression that SP2 is the secure version, and that's not the case."
Danish security firm Secunia agreed. "While security has improved in many ways with SP2, there is no reason to believe that most of the future vulnerabilities discovered in other versions of Windows won't affect Windows XP SP2 as well," the company said in a statement. "The issues weren't eliminated by SP2 through change of security models and general review of code, but through traditional patching bundled in a Service Pack."
eEye Digital Security criticized Microsoft for taking its time on some of the patches, with a patch for the Zip issue taking 71 days from when Microsoft was notified of the problem. A less serious privilege-escalation issue took Microsoft 408 days to patch, eEye said. Both were fixed in the August release of SP2 before being released this week as stand-alone patches.
Sophos' Cluley responded that speed isn't always the most important concern with patching. "As long as information about how to exploit the problem doesn't get out, it's probably better for them to take the time to make sure the patch works properly," he said.
He noted that in the past some of Microsoft patches have required patches of their own because they haven't worked or have created new problems.