I have three workstations on my desk at work that I use on a daily basis. One runs Vista Ultimate, one runs Vista Business, and the other is Vista Home Premium. Since yesterday was Patch Tuesday, I had a dozen or so Windows Updates to install. All installations on all 3 systems seemed to go just fine.

However, my Home Premium box’s IE started acting funny! It could not load web pages by domain but could load them by IP. Obviously a DNS-related issue, right? Think again! I could open up Visual Studio and browse sites just fine in it! Pings worked, Firefox worked, everything worked except for IE by domain name! And all of this was working before patching, so that’s the obvious culprit. After uninstalling patches one-at-a-time, I finally got to KB 944533 (1/4 MB source so it may take a bit to load and render!) and after uninstalling that patch and rebooting, IE ran fine again!

Reading through the KB article, it mentions KB 942818 as a known issue with the patch. I’m running a combination of Kaspersky AV, Kaspersky Proactive Defense, Windows Firewall, and Windows Defender, so if KB 942818 applies to me, then it is Kaspersky AV or Proactive Defense that has issues with it. When installing updates I get into the habit of, upon the first prompt by Kaspersky Proactive Defense, disabling it for 5 minutes, so that is indeed what I did, so I suspect this is the culprit, IF KB 942818 is correct.

While it is not a conclusive test, I’m going to try reinstalling it with Kaspersky completely disabled from before beginning installation. If it is still broken, then I will try again with it all completely enabled the entire time, manually allowing exceptions as prompted. I will post back here the results.

Update #1 (Feb 13, 2008): Apparently having Kaspersky completely disabled the entire time does not fix this. I am now back in a broken state. Next I will uninstall the patch and re-install it with Kaspersky completely enabled the entire time.

Update #2 (Feb 13, 2008): While I’m waiting for it to install yet again, I wanted to mention another behavior that I thought was peculiar that I noticed. If, while browing things in Visual Studio 2005, I immediately went to the same URL in IE as I was viewing in Visual Studio (such as www.cnn.com), then IE would pull the page up although it was obviously being loaded from cache (some dynamic images were dead, some bad javascript and styles, etc. and all links were dead). So it seems that IE’s domain-to-cache linking was working correctly, IP address-to-internet was working correctly, just not domain-to-internet.

Update #3 (Feb 13, 2008): Well, installing it with everything turned on and being aware of the changes made no difference either. I’m giving up for the day and will try again later. As of this point, I have no way to have this patch installed and IE working on this machine, but since it’s a cumulative security patch, I WANT to have it installed!

Update #4 (Feb 14, 2008): As mentioned here, it is appearing as though Kaspersky Internet Security v7.0.0.125d may be the culprit here. I have began a post in Kaspersky’s forums discussing this here. So far, no luck with anything else.

Update #5 (Feb 20, 2008): I have located a post here by A.BORD that pointed out that pausing KIS via the icon in the tray doesn’t really disable things (who knows what it does). If you open up the KIS control panel and individually disable everything in KIS, then the update should install without problems and once you reboot, you can re-enable everything again and be fine and happy. I am trying this right now to see if I can install the patch via this method. If it works, I’ll outline it in more detail.

Update #6 (Feb 20, 2008): I got my hopes up for nothing. This made no difference. I guess I’m going to completely uninstall Kaspersky, install the patch, and then reinstall Kaspersky. I REALLY hope this fixes the problem. I think Microsoft and Kaspersky need to cooperate a bit more than they have on this patch. It’s ludicrous to have to uninstall my security software just to install a Microsoft security patch.

Update #7 (Feb 20, 2008): I’ve fixed it. See my post here with more details.

-Shane