Hey everyone this is Adrian Stone and I wanted to let you know about a very limited issue that some Windows 2000 customers are experiencing after the installation of MS06-049. We just became aware of this issue due to customer reports earlier this week, and have been verifying the reports and understanding the root cause of the issue for the past two days.
If you have installed MS06-049 on an NTFS formatted drive and enabled NTFS compression on individual folders, there is the potential for data corruption. This issue can occur when the system that is using NTFS file system compression has compressed files that are larger than 4 kilobytes and the files are either updated or created. The result is that the data becomes corrupted and unreadable and appears corrupted when read back. In the short term you can disable NTFS compression and the data integrity will not be affected and your system will still remain protected from the vulnerability after having installed MS06-049.
Since MS06-049 addressed a security issue on Windows 2000 only, no other platforms are affected by the NTFS compression issue.
We’ve followed our standard procedure for documenting known issues by noting this in Microsoft Knowledge Base Article 920958, updating the MS06-049 Bulletin and to notify our customers of the potential impact, and writing this blog entry.
In the near term we are working on a re-release for this update and will be revising and reissuing the MS06-049 files as soon as it ready and has completed enough testing to ensure it’s quality. We will release it as soon as it is ready, we will not specifically wait for the October 10 Tuesday security release. The update will apply to all Windows 2000 systems and will automatically be distributed over Windows Update, Automatic Updates and WSUS.
If you have run into this issue please contact the Product Support Services team so that we can continue to get solid data regarding this and channel it back into our investigation of the issue. As always you can contact Product Support Services in North America for help with security update issues or viruses at no charge using the PC Safety line (1866-PCSAFETY) and international customers by using any method found at this location: http://support.microsoft.com/security.
I will keep you posted and let you know our progress as more information becomes available regarding the re-release or any additional info on this right here on the blog.
Thanks,
-A
*This posting is provided “AS IS” with no warranties, and confers no rights.*
Updated to correct the date for the October 2006 release.