Microsoft's critical security patches from last week are causing problems with some users.
In particular, the patch issued to fix a critical hole in Windows 2000 (MS05-051) has seen the SANS Institute's Internet Storm Center (ISC) receive over two dozen reports of compatability issues, its CTO Johannes Ullrich said.
Problems include an inability to use the Search tool in the operating system's Start Menu, a blank screen upon log-in to the Windows Update site and disruption of Symantec's LiveUpdate virus-updating tool and the SpySweeper anti-spyware product from Webroot.
"These are the sort of problems that we typically see when patches don't co-operate well with various third-party software and some of the less used functions of Windows," Ullrich said. "At this point, the problems with Symantec LiveUpdate and SpySweeper are the most severe," he said.
Ullrich added that the problems reported so far appear to be "very user-dependent", with no clear indication why some are reporting problems while others aren't. The size and complexity of this month's patches - nine fixing a total of 14 problems - could be one reason for the problems, Ullrich said.
Microsoft said it is aware of reports of "isolated deployment issues with security update MS05-051, and is working with the limited amount of customers affected to help resolve the issue." The company has posted a Knowledge Base article online with more information about the issue.
A Symantec spokesman said his company is aware of the reports and is trying to replicate the problems. "They have not been able to replicate any of the problems up to this point," he said. "We have not seen any problems up to now that point to this patch."
Reports of the patch problems come amid growing concerns of a worm outbreak targeted at the MSDTC and COM+ vulnerabilities. Fueling those concerns was the development of an exploit earlier this week that takes advantage of both the flaws.
In addition, there has been a significant increase in computer scanning activity - apparently by hackers looking for targets to attack once an exploit becomes widely available, Ullrich said. "If you run Windows 2000, you should be very concerned," he said.