Two patches released in Microsoft’s April batch of security updates are causing system hangs, Windows crashes and the appearance of strange dialog boxes.
The problems stem from a nonsecurity modification to Internet Explorer and a critical fix for a code execution hole in Windows Explorer and affect third-party programs from Google, Siebel and Microsoft’s own Windows Media Player.
On April 15, Microsoft released a knowledge base article to acknowledge “problems” in Windows Explorer or the Windows shell after the MS06-015 security update is installed.
That update, Microsoft said, includes a new binary called VERCLSID.EXE that validates shell extensions before they are instantiated by the Windows Shell or Windows Explorer.
On some consumer-facing programs running Hewlett-Packard’s Share-to-Web software and Sunbelt’s Kerio Personal Firewall, the new binary stops responding.
“The scope is limited at the moment, but the impact might be that an application could hang when conducting certain operations, like opening a file from the ‘File open’ dialog in an application,” said Mike Reavey, program manager in the Microsoft Security Response Center.