IE patch breaks HTTPS logins - TechRepublic
General discussion
February 16, 2004 at 07:50 AM
jerrylee

IE patch breaks HTTPS logins

by jerrylee . Updated 22 years, 4 months ago

the much touted patch (MS04-004) while fixing vulnerabilities in IE itself, also breaks a few things, namely https connections.
Here it is in the Caveats section of the bulletin… “Caveats: Some Internet Explorer 6.0 Service Pack 1 users may receive an error while attempting to access SSL secured Web Sites. This error will present itself as a HTTP 500 (Internal Server Error) and only occurs when accessing web servers using SSL/TLS 3.0 with a specific configuration. An update for this issue is available, please see Knowledge Base article 831167. This update will be included in future Cumulative Security Updates for Internet Explorer 6.0 Service Pack 1.”

If you have users or as it was in my case, developers experiencing problems with previously accessible https sites apply the patch listed in KB831167. Although this does not fix the problem completely, it will allow the users/developers to go back to work with only intermittent interruptions. Hopefully MS will create a fix for this soon, instead of the bandaid they issued in MS04-004

This discussion is locked

All Comments