Bug in Microsoft patch reignites questions about source code analysis for updates

Bug in Microsoft patch reignites questions about source code analysis for updates

on Sep 13, 13 • by Chris Bubinas • with No Comments

Users filled support forums with complaints after an update as part of Microsoft's September Patch Tuesday rendered the folder pane in Outlook 2013 unviewable. Microsoft acknowledged the update was flawed and retracted it, suggesting users uninstall the current version until a fix was released...

Home » Code Refactoring » Bug in Microsoft patch reignites questions about source code analysis for updates

Users filled support forums with complaints after an update as part of Microsoft’s September Patch Tuesday rendered the folder pane in Outlook 2013 unviewable. Microsoft acknowledged the update was flawed and retracted it, suggesting users uninstall the current version until a fix was released. The error was the latest in several Microsoft patches that introduced new bugs while attempting to fix others, highlighting the ongoing challenge of scanning code to avoid conflicts between new lines and old ones.

The update, KB2817630, was designed to address stability and performance issues in several Office programs and fix an error that causes Office to freeze when opening a document in “Protected Mode,” among other changes. However, due to a version incompatibility between outlook.exe and mso.dll, a mismatched data structure reference causes a rendering error with the “Minimize” button in the navigation pane, Microsoft explained in a blog post. The pane is displayed as extremely large, causing it to look invisible to users.

The issue only occurs in situations in which a user has installed either the September Public Update or the August Cumulative Update, but not both, creating the incompatibility. Only Office 2013 Standard and Office 2013 Professional Plus are affected. However, these are versions that are typically only found in enterprise settings, which may have accelerated the lengthy thread of confused responses to the Microsoft Office helpĀ forums.

Several users said they were able to fix the problem by uninstalling the update, which is the solution that Microsoft itself later suggested. The company noted that it is working to republish the September Public Update with the correct versions of mso.dll and outlook.exe so that users with automatic updates enabled will not encounter the problem.

Catching latent errors in code
The patch error follows on the heels of a flaw in last month’s updates that created a security risk in Exchange Server 2013. While the most recent problem is not as severe, it speaks to the challenge inherent in any patching process: ensuring that the patch does not introduce new problems. Given the already substantial difficulty of getting users to adopt patches, it’s in every vendor’s best interest to test updated software before it’s released to ensure there are no new problems are created by additional lines of code.

One common issue is that an update might trigger some long-dormant section of code, as was the case with a program modification last summer at Knight Capital that led to erroneous trades and more than $440 million in losses. Developers can use code refactoring tools to find and consolidate outdated elements in programs or logical conflicts. While errors such as a window rendering incorrectly may be minor, source code analysis is always an important practice to apply before deploying a patch.

Software news brought to you by Klocwork Inc., dedicated to helping software developers create better code with every keystroke.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Scroll to top