News

Microsoft Reposts Windows NT Patch

Microsoft on Friday posted a fixed version of a botched security patch from December that had been causing Windows NT 4.0 systems to crash.

The botched patch was contained in Microsoft Security Bulletin MS02-071, which fixed what Microsoft called an "Important" security vulnerability allowing privilege elevation in Windows NT 4.0, Windows 2000 and Windows XP. There were no reported problems with the separate patches for Windows 2000 or Windows XP.

Microsoft pulled the faulty Windows NT 4.0 version of the patch last week. "Subsequent to the release of this bulletin it was determined that the patch for Microsoft Windows NT 4.0 machines introduced an error that may, under certain configurations, cause NT 4.0 to fail," Microsoft wrote in explaining the removal of the patch. A new version of the Windows NT 4.0 patch is on the site now.

The reliability problem with a Microsoft hotfix comes at an awkward time for the company, given the recent outbreak of the SQL Slammer worm. Database and network administrators have come under fire for failing to apply an unrelated "critical" patch from six months ago that would have blocked the worm from their systems.

Yet the faulty patch could rekindle concerns about quality control in Microsoft's hotfix process, causing administrators to delay in applying new patches.

Prior to this latest incident, Microsoft had not had a significant problem with patch quality control in some time. The company has always encouraged users to apply service packs when possible instead of hotfixes because of the more intensive compatibility testing undergone by the less frequent service packs.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.