late Tuesday withdrew a Windows XP software
update after thousands of users complained the patch was blocking Internet
The Windows XP update, first posted on May 21, was issued to enhance the functionality of
the Layer Two Tunneling Protocol (L2TP) and Internet Protocol security
(IPSec) on PCs running Windows XP or Windows 2000.
It was issued to deal with changes to the way IPSec encryption was used
by PCs behind firewalls and to better support virtual private network (VPN)
clients behind network address translation (NAT) devices. The update also
included additional support for stronger IPSec protection by using the
2048-bit Diffie-Hellman algorithm, the company explained
However, about half a million users who applied the fix via the operating
system’s automatic Windows Update feature complained that it blocked
Internet connectivity and Microsoft was forced to yank the update.
It is not the first problematic patch pulled by the software giant. In
February, Microsoft withdrew
a security fix for Windows NT 4.0 systems because it introduced an error
that caused systems to crash.
The problems of faulty patches is a public relations nightmare for
Microsoft, which has gone to great lengths to implement its Trustworthy
In the past, security experts have scolded sysadmins for failing to
apply security patches in a timely manner but the recurrence of faulty
patches has added to the conundrum.