April, 2006

  • Information regarding MS06-015

    Hi everyone, Mike Reavey here. I wanted to quickly let you know about some things related to MS06-015 that we’ve gotten some customer questions on. First, we’re currently tracking an issue involving the interaction of the security update with some components related to some Hewlett Packard devices that so far appear to be consumer level. The scope is limited at the moment but the impact might be that an application could hang when conducting certain operations, like opening a file from the “File...
  • More information on the MS06-015 issue

    Hi everyone, Stephen Toulouse here. We've been continually examining the best way to assist the customers who may have been impacted by the interaction of MS06-015 with the software Mike mentioned before. We wanted to check in and let you know the current plan. Up until now there have been several solutions: Upgrade to the newest version of the affected software, a manual registry key fix, uninstall the third party software (NVIDIA Drivers versions 61.94 and prior or the Hewlett Packard Share-to...
  • Update to the MS06-015 issue.

    Hi everyone, Mike Reavey here again. I wanted to follow up with the results of our investigation into some issues with security update MS06-015. Turns out that under certain circumstances, changes introduced in MS06-015 could cause an application to stop responding during specific interactions with older versions of Hewlett Packard’s “Share-to-web” software utility, or older NVIDIA video card drivers. In the case of the Hewlett Packard software, their new version known as “HP Image Zone Version 5...
  • April 2006 Advance Notification

    Hi everyone, Stephen Toulouse here. As we do each month I wanted to post about the Advance Notification for the Security Bulletin release for April. This coming Tuesday, the 11th, we’re planning to release five security bulletins, 4 for Windows and 1 that affects both Windows and Office. One of the Windows bulletins will be the cumulative Internet Explorer update that will address the "CreateTextRange" vulnerability. Our test and engineering plan for that update that we began two weeks ago is...
  • NVIDIA driver versions affected by the MS06-015 issue

    Hi everyone, Stephen Toulouse here. I've gotten some customer questions regarding the NVIDIA drivers affected by the issue so I wanted to provide some more detail on that. In working with NVIDIA we have narrowed the issue to a subset of their Release 60 drivers, which means version-wise all driver versions 60.00 - 64.99. These drivers have not been publicly available for close to 2 years. According to NVIDIA, each of these versions went to different OEMs and add-in card manufacturers as well as being...
  • MS06-015 targeted re-release now available. And so is IE7 Beta 2

    Hi everyone, Stephen Toulouse here again. The targeted re-release of MS06-015 is ready. If you are configured for Automatic Update, no need to take any actions. It will detect if you have the problem and deliver the update to you. If you have not yet installed MS06-015, the revised version will be offered to you. If you have already installed MS06-015 and are not having the problem, you need take no action. I also wanted to take a moment and congratulate the Internet Explorer team on...
  • April 2006 Bulletins and TechNet Radio

    Hey, it’s Craig Gehre. Well today the MSRC released five new security updates. Four of the updates affect Windows, while the fifth affects Windows and Office. For those of you that are wondering, the first Windows update addresses the “createTextRange” issue you may have been following via our security advisory 917077. The complete list of updates is below: * MS06-013 applies to Microsoft Windows and is rated critical. * MS06-014 applies to Microsoft Windows and is rated critical. * MS06...