Microsoft said on Wednesday that a recently released software patch for its Windows operating system is causing some Windows 2000 machines to stop responding after it is installed.
Some systems that use the security update, MS04-011, stop responding when they start up, prevent users from logging on to Windows, or bog down, Microsoft said in an article published Wednesday in its Knowledge Base online help database.
The security patch was released on April 13 and fixes a number of holes in Windows, including problems with Windows implementation of Secure Sockets Layer (SSL), a protocol that frequently used to secure communications between servers and clients on public networks and the Internet.
Included in the patch is a fix for a buffer overrun in the Private Communications Transport (PCT) protocol, which is part of Microsoft's SSL library. PCT is a protocol in that library that was developed by Microsoft and Visa International to conduct encrypted communication on the Internet, Microsoft said.
Shortly after Microsoft released that patch, malicious code that could be used to trigger the PCT buffer overflow and compromise Windows systems appeared on the Internet. In recent days, security companies warned of widespread attacks that use the exploit code, though the code hasn't yet been tied to a virus or Internet worm.
An attacker who could exploit the PCT hole could take complete control of affected systems, installing programs, viewing, modifying or deleting data or changing user access to the system, Microsoft said.
Since releasing the patch, Microsoft has encouraged customers to apply the it as soon as possible. However, now it appears that the patch comes with its own problems.
Microsoft's Knowledge Base article said that a software change in the patch causes Windows 2000 systems to repeatedly try to load drivers that cannot load successfully, causing the hangups. (See: http://support.microsoft.com/default.aspx?scid=kb;EN-US;841382.)
The company listed three software drivers that, if installed, make Windows 2000 systems susceptible to the slowdowns. The Knowledge Base article also described specific problems and a work-around procedure for Windows systems that have Nortel Networks' virtual private network client installed.
However, the company acknowledged that the slowdowns may occur with other combinations of drivers and services that don't load successfully.
Microsoft said it is researching the slowdown problem and will release more information when it is available.
Faulty patches are a frequent source of concern for Microsoft, which encourages its customers to install security patches as soon as possible to protect Windows systems from attack. Network administrators, on the other hand, are often reluctant to move quickly with software updates, fearing that, once installed, they will break critical systems.