Windows users are continuing to experience problems with Microsoft's latest round of security patches. This time a problem with a critical patch relating to Microsoft's DirectShow streaming media software is leaving some Windows 2000 users unprotected, even after they've installed a patch.
Windows 2000 users who have installed Microsoft DirectX version 8.0 or 9.0 may not have actually fixed their software by installing Microsoft Security Update MS05-050, Microsoft said in a statement posted Thursday to the company's Web site.
The patch, called an "update" by Microsoft was released Oct. 11 as part of the company's monthly security software fixes. It addresses a problem in DirectShow that could allow an attacker to seize control of an unpatched system. The attacker would first need to trick a user into visiting a Web page with maliciously coded Web content -- a banner advertisement, for example -- in order for this to happen, Microsoft said.
The problem with the patch is that Microsoft DirectX 8.0 or 9.0 users who may have accidentally installed the patch written for DirectX 7.0 will still be vulnerable to the underlying vulnerability, and they will not be notified of this fact, the statement said.
Only a "limited" number of customers have been affected by this problem, and customers who received Update MS05-050 automatically or correctly followed the steps in Microsoft's security bulletin will not be affected, Microsoft said in a statement provided by its public relations agency.
This is the second problem Microsoft has had with the Oct. 11 patches. Last week some users ran into a variety of technical problems when they attempted to install a separate Security Update, MS05-051.
Directions for determining whether or not a Windows 2000 system has been correctly updated can be found here: http://support.microsoft.com/kb/909596.
Microsoft executives were not available to comment on this story.