Browser Security News

Microsoft Corp. acknowledged late yesterday that security patches issued last week for Internet Explorer (IE) crippled the browser for some users, but rather than rework the fix, the company offered up a registry hack work-around.

The confirmation and work-around came a week after users installed Security Update MS07-069 on Dec. 11, and users immediately began reporting that they were unable to connect to the Internet with IE or that the browser kept crashing. MS07-069, one of seven bulletins issued on December’s "Patch Tuesday," fixed four critical vulnerabilities in IE 5.01, IE6 and IE7. Although Microsoft had said on Monday that it was investigating the reports, yesterday the company owned up to the problem. "On a Windows XP Service Pack 2-based computer, Internet Explorer 6 may stop responding when you try to a visit a Web site," said Kieron Shorrock, the program manager responsible for IE at the Microsoft Security Response Center (MSRC). Microsoft confirms IE update snafu, offers work-around