One of my machines runs Windows XP Home Edition. I have set it to automatically apply updates to the operating system from Microsoft.

I also have various security programs running including McAfee Antivirus and Webroot Spy Sweeper. Normally these co-exist with each other and the automatic Windows updates without too much conflict.

But on July 14th, Microsoft issued, and my machine automatically applied, a bunch of Windows updates. One in particular apparently involved implementing a BHO (Browser Helper Object) in Internet Explorer. BHO’s have legitimate purposes but they are also a known point of vulnerability for malware of various kinds. For this reason, anti-spyware tools such as Spy Sweeper have a shield that monitors for attempts to install BHO’s.

On July 14th, Spy Sweeper apparently blocked the implementation of the BHO that was part of the Windows updates. When the machine rebooted, I found that I could not reliably get a Windows Explorer window and I was totally unable to get Internet Explorer to work. I only found out that Spy Sweeper had blocked the BHO implementation by going back and looking at the Spy Sweeper log.

The lack of the Windows Explorer windows was the main problem. I primarily use Firefox for browsing although I still need IE in order to access some sites (such as windowsupdate.microsoft.com !!!

So the next question was… How do I get this problem resolved?

• Step 1 - Temporarily disable Webroot Spy Sweeper
• Step 2 - Revert to a Windows XP restore point prior to the July 14th Windows Updates
• Step 3 - Re-Apply the July 14th Windows Updates
• Step 4 - Re-enable Webroot Spy Sweeper

That seems to have got everything working properly.

This sort of thing is, unfortunately, one of the problems faced by all MS Windows users. We need all this security software (antispyware and antivirus, etc.) but we also need to have automated updates from Microsoft… And some of those updates may be mistaken by the security software for malicious attacks. One could wish that Microsoft would work with the security software vendors to try and ensure this doesn’t happen.

But, of course, Microsoft is gradually getting into the security business and we all know Microsoft does not “play nice” with competitors.

This entry was posted on Sunday, July 16th, 2006 at 8:39 pm and is filed under safe computing. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.