Microsoft (Quote, Chart) has been screaming for users to get the patch to fix vulnerability MS06-040. And now it's warning them they might want to wait before fixing MS06–042 -- or at least be careful.

Patch MS06-042, a fairly comprehensive fix, plugs multiple holes in Internet Explorer 5 and 6, several of which could allow for remote code execution.

However, there is one rather specific problem.

If you are using both Internet Explorer 6 with Service Pack 1 on either Windows XP with its Service Pack 1 or Windows 2000, Service Pack 4, IE could suddenly crash while trying to access a Web page using the HTTP 1.1 protocol.

Both IE 6 and Windows XP are on their second Service Packs, and there is no problem if you are using both products at these levels, a Microsoft spokesperson told

Support for Windows XP Service Pack 1 will end in October.

The spokesman said Microsoft will reissue MS06-042 next Tuesday and encourages SP1 users to update when it's available.

This article was first published on To read the full article, click here.