As anticipated, Microsoft this week released its out-of-band patch for the zero-day LNK (and PIF) file security hole that afflicts every modern version of Windows -- that is, Windows XP SP3 systems or later.
Most systems patched without a hitch, but several Windows customers are howling in pain.
[ Find out how to block the viruses, worms, and other malware that threaten your business, with hands-on advice from InfoWorld's expert contributors in InfoWorld's "Malware Deep Dive" PDF guide. ]
If you're stuck with the thankless job of vetting Microsoft patches before releasing them to the unwashed masses -- or, even more frustrating, if you pick up the pieces after a patch has gone awry -- there are a few details about the MS10-046/KB 2286198 patch that deserve your attention.
Most importantly, the patch is completely incompatible with earlier versions of ESET NOD32 Antivirus and ESET Smart Security. I've seen reports of systems that refused to install the patch, other reports of hangs in the middle of installation, systems that suffer sporadic and ill-defined problems after the patch goes in and, most harrowing, systems that freeze on reboot or jump joyfully into Blue Screen bliss. ESET acknowledges the problems on its Customer Care site, and recommends you download signature file version 5338 or later but doesn't offer a step-by-step solution.
The most thorough explanation I've found, with detailed workarounds, appears on the Wilders Security Forums.