On Thursday 20 March 2003 12:49 pm, Thomas Cameron wrote:
> All -
>
> We are using the Windows 2000 automatic update feature on several of our
> production servers.
>
> One of my fellow IT team members has expressed concern that Microsoft has a
> bad history of releasing hotfixes which break servers. I can find lots of
> anecdotal evidence that this has happened, but only a very limited number
> of cases where some specific configurations were negatively impacted by
> hotfix application.
>
> Does anyone have any hard evidence that automatic updates are a Bad
> Thing(tm)?
>
Concerning the MS03-007 patch...
At the Microsoft website:
http://www.microsoft.com/technet/treeview/?url=/technet/security/bulleti
n/MS03-007.asp?tag=nl
Microsoft says this :
Caveats:
If you are running Windows 2000 SP2, before installing this patch please check the version of ntoskrnl.exe on your system. To verify the version of ntoskrnl.exe on your system, perform the following steps:
1. Browse to the %windir%\system32 directory
2. Right-click ntoskrnl.exe
3. Choose properties.
The version information is located on the 'version' tab.
Versions of ntoskrnl.exe between 5.0.2195.4797 and 5.0.2195.4928 (inclusive) are not compatible with this patch. These versions were only distributed with Product Support Services hotfixes.
If the patch for this issue is installed on a system with one of these versions of ntoskrnl.exe, the machine will fail on the first reboot with a Stop 0x00000071 message and will have to be recovered using the Windows 2000 recovery console and the backup copy of ntdll.dll stored in the "\winnt\$NTUninstallQ815021$" directory.
To update a system with a version of ntoskrnl.exe distributed from Product Support Services, you must first contact PSS before applying this patch. Information on contacting Product Support Services can be found at:
Kurt M. Keys BSCS, MCSE+I, CNA, GISO
Information Security Specialist
San Diego Data Processing Corporation
858-581-7844
kkeys (at) sddpc (dot) org [email concealed]
_______________________________
Bill Martin
Information Security Officer
San Diego Data Processing Corporation
858-581-9726
bmartin (at) sddpc (dot) org [email concealed]
_______________________________
----------------------------------------------------------------------
ALERT: How a Hacker Uses SQL Injection to Steal Your SQL Data!
It's as simple as placing additional SQL commands into a Web Form input
box giving hackers complete access to all your backend systems!
http://www.spidynamics.com/mktg/sqlinjection33
On Thursday 20 March 2003 12:49 pm, Thomas Cameron wrote:
> All -
>
> We are using the Windows 2000 automatic update feature on several of our
> production servers.
>
> One of my fellow IT team members has expressed concern that Microsoft has a
> bad history of releasing hotfixes which break servers. I can find lots of
> anecdotal evidence that this has happened, but only a very limited number
> of cases where some specific configurations were negatively impacted by
> hotfix application.
>
> Does anyone have any hard evidence that automatic updates are a Bad
> Thing(tm)?
>
Concerning the MS03-007 patch...
At the Microsoft website:
http://www.microsoft.com/technet/treeview/?url=/technet/security/bulleti
n/MS03-007.asp?tag=nl
Microsoft says this :
Caveats:
If you are running Windows 2000 SP2, before installing this patch please check the version of ntoskrnl.exe on your system. To verify the version of ntoskrnl.exe on your system, perform the following steps:
1. Browse to the %windir%\system32 directory
2. Right-click ntoskrnl.exe
3. Choose properties.
The version information is located on the 'version' tab.
Versions of ntoskrnl.exe between 5.0.2195.4797 and 5.0.2195.4928 (inclusive) are not compatible with this patch. These versions were only distributed with Product Support Services hotfixes.
If the patch for this issue is installed on a system with one of these versions of ntoskrnl.exe, the machine will fail on the first reboot with a Stop 0x00000071 message and will have to be recovered using the Windows 2000 recovery console and the backup copy of ntdll.dll stored in the "\winnt\$NTUninstallQ815021$" directory.
To update a system with a version of ntoskrnl.exe distributed from Product Support Services, you must first contact PSS before applying this patch. Information on contacting Product Support Services can be found at:
Kurt M. Keys BSCS, MCSE+I, CNA, GISO
Information Security Specialist
San Diego Data Processing Corporation
858-581-7844
kkeys (at) sddpc (dot) org [email concealed]
_______________________________
Bill Martin
Information Security Officer
San Diego Data Processing Corporation
858-581-9726
bmartin (at) sddpc (dot) org [email concealed]
_______________________________
----------------------------------------------------------------------
ALERT: How a Hacker Uses SQL Injection to Steal Your SQL Data!
It's as simple as placing additional SQL commands into a Web Form input
box giving hackers complete access to all your backend systems!
http://www.spidynamics.com/mktg/sqlinjection33
[ reply ]