Microsoft repairs PCs crippled by XP SP3 update

Computerworld - Nearly three weeks after security vendor Symantec Corp. released a free tool to clean up PCs crippled by the Windows XP Service Pack 3 (SP3) update, Microsoft Corp. issued a fix that should reestablish lost Internet and wireless connections.

Earlier this week, Microsoft posted a hot fix for a problem users first reported in mid-May. Users of Symantec's consumer security software said that after updating their PCs to XP SP3, a bug emptied Windows' Device Driver and deleted network connections.

Although Symantec initially blamed Microsoft for the snafu, it later accepted some responsibility. In late May, Symantec acknowledged that Microsoft's updating process and a security feature in its own Norton-branded software combined to swamp the Windows registry with hundreds, sometimes thousands, of bogus and corrupted keys. That security feature, dubbed "SymProtect" by Symantec, was designed to protect the company's security software from attack by guarding against unauthorized changes to the registry.

Although Microsoft had previously declined to comment on the episode, the support document that accompanied the hot fix fingered Symantec's software. "This problem occurs when the Fixccs.exe process is called during the Windows XP SP3 installation," said Microsoft. "This process creates some intermediate registry subkeys, and it later deletes these subkeys. In some cases, some antivirus applications may not let the Fixccs.exe process delete these intermediate registry subkeys."

The hot fix replaces the Fixccs.exe file with an updated version, but it can only be applied if the user has booted into Windows' Safe Mode, according to the support document.

Symantec has contended that other security software with registry-change monitoring defenses also caused similar problems for users updating to Windows XP SP3, but there have been few reports logged to Microsoft's support forums. Microsoft, however, intimated that Symantec might not be alone when it used the generic, and plural, "some antivirus applications" in its explanatory document.

Users can download the hot fix from the Microsoft site.

Microsoft has not yet begun serving up Windows XP SP3 via Windows Update's Automatic Updates feature, and conceivably could prevent machines that have specific security programs installed from receiving the update. It's already done exactly that by blocking other systems, notably those running AMD processors, from getting XP SP3 to sidestep an endless reboot bug.

Read more about security in Computerworld's Security Knowledge Center.