Microsoft has acknowledged several new problems with the emergency patch it released last week to quash the Windows animated cursor file (ANI) bug and has updated a hotfix that it's telling some Windows XP SP2 users to download and install.
The first problem with the MS07-017 update, the series of seven patches released last Tuesday that among other things fixed the ANI flaw, was known to Microsoft before it posted the security bulletin. In fact, a hotfix to correct a flaw in the Realtek HD Audio Control Panel was published simultaneously with MS07-017. A glance at the Microsoft support forums that day and the next, however, showed that many Realtek users were unaware of the hotfix and were frustrated by the error messages they saw after installing the security update.
Last Friday, Microsoft refreshed the hotfix to include three more third-party applications that won't start and may throw up an error message that states, "The system DLL user32.dll was relocated in memory. The application will not run properly."
The applications are ElsterFormular, a German value-added tax calculator; TUGZip, a free compression utility; and CD-Tag, a US$19 CD ripper.
"While the impact of these issues is clearly not widespread, it is affecting some of our customers," said Christopher Budd, program manager at Microsoft Security Response Center, on the team's blog. "To help customers who have these applications installed, we will be releasing the hotfix to affected customers through Windows Update, Microsoft Update and Automatic Updates as part of the Tuesday April 10 release as a high-priority, nonsecurity update."
Users of the enterprise Windows Server Update Services and Software Update Services (SUS), meanwhile, will be able to approve the hotfix update and install it automatically on any applicable systems, Budd added. Users provisioned by SUS, however, won't get the update until Thursday.
The hotfix can be manually downloaded immediately from the Microsoft support site.