Some users aren't able to use Internet Explorer 7 (IE7) after installing this month's six-bug patch, the Microsoft security team acknowledged late Wednesday as it published a work-around for the problem.
"The issue here is that after applying the update, these users may then see the 'File Download -- Security Warning' dialog box raised when starting IE," said Christopher Budd, a program manager with the Microsoft Security Response Team (MSRC) in a blog post. "After you close the dialog, you then cannot start IE."
According to Budd, the dialog box appears only on machines where the Temporary Internet Files directory, which is used as IE's cache folder, has been moved. IE will not have the proper access rights to the folder in its new location and so will throw up the warning and refuse to run.
Although the IE team said it's looking into the behavior, the MSRC has generated a support document with two work-arounds that users can apply to fix the problem. The first work-around is to simply return the cache folder to its previous, default location; the second is to grant the required permissions to the folder in its new location.
Some users on the Windows Update support forum, however, swore that they had not moved the Temporary Internet Files (TIF) directory, but were being locked out of IE7 just the same. A user identified as Ottmar Freudenberger summarized an alternate rationale for the problem on Microsoft's IE blog.
"It's irrelevant whether the Temporary Internet Files folder has been moved from the default location," said Freudenberger. "The issue is the subfolder 'PhishingFilter.' Deleting that folder will solve the issue. Also moving the TIF folder via the Internet Options to *any* other folder will resolve the issue too, since with moving the TIF the 'PhishingFilter' subfolder is deleted and recreated as soon as you [enable] the Phishing Filter in Internet Options."
Both IE7 on Windows XP SP2 and IE7 on Vista are affected by the bug in the May 8 update.
This story, "IE7 goes into the ditch on some PCs" was originally published by Computerworld.