IE 6 crashes after you install security update MS07-069 on a computer that is running Windows XP SP2

If you are still on Windows XP SP2 with Internet Explorer (IE) 6, and you install the security update announced in MS07-069, then you may just have lost your ability to surf much of the web with IE. Apparently that combination causes IE to crash when you go to a web site, according to Microsoft Knowledge Base article 946627 and a blog post on the IE blog. The exact cause appears to still be under investigation. The signature of the crash, however, is shown in this picture:

The fix is to set a registry key. However, most home users would probably struggle with that, and enterprises, trying to figure out how to roll that fix out to 50,000 desktops would probably not be enjoying themselves tremendously either. In an attempt to help out I wrapped the required registry key in a Windows Installer program, attached to this post. The installer only sets the registry key. However, for a home user it is much simpler to double-click on an installer than navigating through the registry. For an enterprise, since it is an MSI file, it can be deployed with Group Policy to all affected computers. The best part is that it is completely uninstallable through Add/Remove Programs.

Hopefully this will help someone.

Attachment: KB942615-Fix.msi
Published 19 December 2007 09:15 PM by jesper
Filed under:

Comments

# Magnus L said on 20 December, 2007 12:46 AM

Great job with these enterprise grade quick-fixes Jesper, as always. Nice.

p.s. I am always curious on how bugs like this one can pass through quality testing?  

# jesper said on 20 December, 2007 01:31 AM

Good question Magnus. You can't help but wonder. I have been impressed by the scope of the IE test pass in the past. It covers something like 300 versions of the browser/OS combination. However, in this case, a supported browser crashes when you open the default homepage. It seems something was badly missed in that test pass.

# Mike B said on 20 December, 2007 11:50 AM

Looks like you hit the nail on the head. We are testing your fix now, and hopefully this is going to save our Desktop technicians some time and headaches!

Thanks Jesper.

# appreciatingit said on 20 December, 2007 05:19 PM

Thank you, Jesper.  That was most kind.

# Evan said on 20 December, 2007 06:30 PM

I opted to write a Group Policy Administrative Template. I think it's a little easier to deploy than an MSI, especially if you don't already have a distribution point setup for those types of thing.

peeved.org/.../19

# jesper said on 20 December, 2007 09:50 PM

Evan, the Group Policy templates is definitely an option. The only problem is that those templates are not enforcable in GP since they have to be made outside the policy node. They would also tatoo the registry and be near-impossible to roll-back in a centralized way. That is why I opted for an MSI file instead.

Having now said that, it appears Microsoft just published a work-around of their own to Windows Update: blogs.technet.com/.../ms07-069-cumulative-security-update-for-internet-explorer-post-install-issue-automated-work-around.aspx.

# Big G said on 21 December, 2007 12:58 AM

Hey, I did the registry edit and everything seems to be OK now ... however, right as the registry edit finished, my Windows updater downloaded a fix from Microsoft for this problem. I canceled the update because I was concerned about running it right after editing the registry. Should I redownload the Microsoft fix and run it too, or will the edit I did be sufficient? Thanks!

# jesper said on 21 December, 2007 01:08 AM

Big G, the update from Microsoft does exactly the same thing as my fix. You can use either, or both. As a general rule, however, you shoudl prefer the fix from the vendor that owns the problem. I wrote mine only to fill a gap for an easy to use work-around as none was available from Microsoft at the time.

# Big G said on 21 December, 2007 01:27 AM

Thanks Jesper ... I just tried to download the actual Microsoft update again but it didn't pop up when I manually ran Windows Update. If it should appear again, I will go ahead and run it too. But if it doesn't, the registry edit again appears to have worked, this is the longest I've gone without IE6 crashing on me since 942615 made its way onto my computer, and in fact it appears that my browser is working a bit more sprightly than when it was constantly crashing. Thanks again!

# dl said on 30 December, 2007 12:15 PM

I too am having the ie6 (sp2) crashing problem but ONLY after I'm on the internet (any site) for about 15-20 min., then I get the error msg. some of the info.

under Error Signature:

eventtype:bex P1:iexplore.exe P2:;6.0.29000.2180 P3:;41107b81 P4:matrix.dll P5: 1.0.0.1 P6: 472a8b4f P7:0001809f P8:c0000409 P9:00000000

my MS Windows updates are current & I did try installing the MS patch 946627..did'n work.  I've also cleared out my temp files & cookies.  Any assistance to resolve would be greatly appreciated...I'm not very 'tech-y' and don't necessarily feel comfortable messing w/the registry manually.

thx, dl

# jesper said on 30 December, 2007 12:49 PM

dl, that's almost certainly not the same problem. I would guess that you have a trojan horse (malware) on your computer called WinBudget (www.castlecops.com/tk31094-matrix_dll.html). Are you seeing strange ads on the Internet too? That trojan has been known to do that.

To tell for certain, see if there is a folder called C:\Program Files\WinBudget. If that is there, you have the malware. Your best bet if you are not comfortable doing this on your own is to call Microsoft's free security support line. The phone number for your region is at www.microsoft.com/.../default.mspx.

Unfortunately, this trojan also attempts to make your computer vulnerable to other vulnerabilities as well. That means that simply removing WinBudget may not be sufficient, and it may become a matter of having to reformat your computer. The support folks at Microsoft are best positioned to determine what needs to be done with your computer.

Leave a Comment

(required) 
(required) 
(optional)
(required)