Download our in-depth report: The Ultimate Guide to IT Security VendorsMicrosoft (Quote, Chart) has been screaming for users to get the patch to fix vulnerability MS06-040. And now it's warning them they might want to wait before fixing MS06042 -- or at least be careful.
Patch MS06-042, a fairly comprehensive fix, plugs multiple holes in Internet Explorer 5 and 6, several of which could allow for remote code execution.
However, there is one rather specific problem.
If you are using both Internet Explorer 6 with Service Pack 1 on either Windows XP with its Service Pack 1 or Windows 2000, Service Pack 4, IE could suddenly crash while trying to access a Web page using the HTTP 1.1 protocol.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=iBoth IE 6 and Windows XP are on their second Service Packs, and there is no problem if you are using both products at these levels, a Microsoft spokesperson told internetnews.com.
Support for Windows XP Service Pack 1 will end in October.
The spokesman said Microsoft will reissue MS06-042 next Tuesday and encourages SP1 users to update when it's available.