[Full-Disclosure] Problems with MS03-042 (KB826232) patch?

From: Jerry Heidtke (jheidtke_at_fmlh.edu)
Date: 10/17/03

  • Next message: Bill Scherr IV, GSEC, GCIA: "RE: [Full-Disclosure] Strange netcat behavior" 
    To: <full-disclosure@lists.netsys.com>
Date: Fri, 17 Oct 2003 16:37:54 -0500

    On a variety of computers ranging from Windows 2000 SP2 to SP4 plus all
    previous patches, whenever the KB826232 patch is installed, then other
    patches/service packs/whatever is installed, while attempting to remove
    the KB826232 patch results in warning messages that whatever was
    installed after this patch may no longer work.

    We found this because we always test backout procedures before deploying
    patches to the entire enterprise.

    For example, on one computer that had Windows 2000 SP2, we installed
    KB826232 and then the other critical patches from 10/15. We then
    installed SP4. When attempting later to uninstall KB826232, we get a
    warning that Internet Explorer, Windows Media Player, and other patches
    installed after KB826232 might be non-functional if we proceeded. We
    tested Windows Media Player and it was, in fact, non-functional (it
    could download a video clip and display that it was playing, it just
    couldn't display any video... a minor inconvenience I guess).

    The same symptoms were found on a freshly installed Win2k with SP4 and
    IE6 SP1, and no other software installed.

    Has anyone else found any issues with this patch?

    Jerry

    Confidentiality Notice: This e-mail message, including any attachments,
    is for the sole use of the intended recipient(s) and may contain
    confidential and privileged information. Any unauthorized review, use,
    disclosure or distribution is prohibited. If you are not the intended
    recipient, please contact the sender by reply e-mail and destroy all
    copies of the original message.

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Bill Scherr IV, GSEC, GCIA: "RE: [Full-Disclosure] Strange netcat behavior"

    Relevant Pages

    • 9_Recommended error codes (specifically return code 5)
      ... * "return code 2" indicates patches are already installed. ... * "return code 25" means a patches requires another patch that is not yet installed. ... With or without using the save option, the patch installation process ... Installing 114008-01... ...
      (SunManagers)
    • Re: This is [Re:] How to improve the quality of the kernel[?].
      ... The -mm kernel already implements what your proposed PTS would do. ... If patch have no TS ID, ... Thus i can apply for example lguest patches and implement and test new ... How many open source projects use Bugzilla and how many use the Debian BTS? ...
      (Linux-Kernel)
    • Re: ATTACK of the WEEK-fentanyl patches
      ... FDA warns of deaths from fentanyl patch ... Some of the deaths came after doctors prescribed the patches to the ... The drug is only for chronic pain in people used to narcotics, ...
      (alt.support.chronic-pain)
    • Re: Conflicting info between the global Security Bulletin and some SPi Security Bulletin
      ... The MS02-050 is explicitly listed as included in SP4 AND in Rollup 1 ... I think the correct answer is that it depends on the era of the patch. ... installers do not always use such ... patches later than the end of 2002 are ...
      (microsoft.public.win2000.security)
    • Tru64 and OpenVMS patch announcements change after next month
      ... distribution of various patches ... OpenVMS systems with DCE and/or RPC installed. ... Update on OpenVMS and Tru64 UNIX Patches in HP ITRC ... Tru64 patch server will soon be shutdown. ...
      (Bugtraq)