Can’t open addresses in IE – KB908531 – MS06-015

I received a call from a customer around lunchtime today.

For some reason, they couldn’t open any websites, yet for some reason their PC was still opening his default homepage without any problems.

The quick indicator to the problem was several instances of verclsid.exe in Task Manager.

A google search quickly identified that this file was connected with a recent Microsoft Windows Update, KB908531 which is supposed to help verify ActiveX controls and close a security loophole.

However, it seems that the patch was very poorly written and also succeeds in preventing Windows users from accessing websites and network resources correctly.

Some comments suggest that it may be connected with HP equipment or software. This may have been the case with our client earlier today, who has an HP scanner.

The advice provided by others online certainly helped to identify the problem, a bad Windows update – and the consequent solution, remove said update, however there doesn’t seem to be any word yet on a permanent solution.

The post on the IE6 newsgroup (see quote below) is of little use for those who want to see this issue resolved.

Our advice to our customers for the moment is to surf the web sensibly and to miss out update KB908531.

We’ve determined that the majority of the issues people are having with
MS06-015 / KB908531 are due to a bad interaction between the security update
and a software component included with various HP hardware devices,
including but not limited to printers, scanners, and cameras.

Here are two fixes which should fix problems caused by the interaction with
the HP software:

Option 1 – Modify the registry
——————————

- (If you have multiple user accounts set up) Log onto the computer using an
account with Administrator privileges

- Click the Start button, then click Run and type “regedit” at the prompt,
without the quotes; this will start Registry Editor

- Locate the
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows
CurrentVersionShellExtensionsCached key in Registry Editor

- Right click on the key and select New / DWORD Value

- Rename the resulting value “{A4DF5659-0801-4A60-9607-1C48695EFDA9}
{000214E6-0000-0000-C000-000000000046} 0×401″, without the quotes

- Right click the value, select Modify, and type “1″ into the Value Data
field

- Close Registry Editor

Option 2 – Kill the HP process
——————————

- Wait until Internet Explorer, Windows Explorer, or whichever component is
encountering problems is in an unresponsive state

- Click the Start button, then select Run and type “taskmgr” at the prompt,
without the quotes; this will start Task Manager

- Locate any instances of hpgs2wnd.exe or hpgs2wnf.exe in Task Manager, then
right click on them and select End Process

Notes:

- Option 2 this may disable some HP device-specific functionality until you
restart your computer.

- Option 2 will correct the problem for the logged-in user, but not for all
users on a computer with multiple user accounts. For that reason, Option 1
is the preferred option.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If your computer is not currently unresponsive, you should only have to do
Option 1 or Option 2, not both. If your computer is currently unresponsive,
you should be fixed by doing Option 2.

I’m very sorry about the inconvenience this has caused you all; hopefully
this will get things back on track. Please note that MS06-015 fixes a
critical security vulnerability, so it’s very important that you reinstall
it as soon as possible if you’ve uninstalled it. Please also keep in mind
that disabling Auto Update will leave your computer unprotected even after
we release security updates. I understand that this experience has been
very frustrating for many of you, but I really must still strongly recommend
that you leave [Automatic Updates] enabled for your own safety.

http://groups.google.com/group/
microsoft.public.windows.inetexplorer.ie6.browser/msg/094143b42d0c3ca2

Update: 28/4/06

Microsoft is to release a new version of its patch, in order to patch the previous one.

If you had downloaded the problematic patch, the new one will be automatically downloaded and applied.

More information at ZDNet.

Comments are closed.