Microsoft just released MS08-78, a security bulletin describing the issue that has been affecting Internet Explorer users for almost a week (CVE-2008-4844). The bug is fixed for Internet Explorer 5.01, 6, 7 and the beta version of IE8. As Microsoft points out on their Internet Explorer homepage, the browser is now “safer than ever”. Don’t you just love that?
The security bulletin itself doesn’t contain any surprises, but I did notice a new piece of information I haven’t seen before:
In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.
To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart, see Microsoft Knowledge Base Article 887012.
KB887012 contains an explanation of why your computer needs to reboot after installing security updates. Now if only they’d use their expertise to improve their update process instead of trying to explain why these reboots are necessary… I’m not an expert at OS-level programming, but I assume Windows knows what processes are running and what files are in use. If a particular DLL needs to be updated but is in use, it shouldn’t be too hard to track down what service is using that DLL, and ask for permission to restart that service.