Re: Windows Critical Update
From: Eric (ews@TELLURIAN.NET)Date: 12/19/01
- Previous message: Tomasz Polus: "Windows XP security concerns"
- In reply to: Bil Corry: "Windows Critical Update"
- Next in thread: Steen Larsen: "Re: MS01-058 exploit - W32/Cool.A-mm"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 19 Dec 2001 12:54:42 -0800 From: Eric <ews@TELLURIAN.NET> To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
The 01-058 patch is not yet included in Windows Update. Sometimes it takes
a while after the patch is released before it appears on Windows
Update. It looks like the 01-05 patch was just added to
WindowsUpdate. Since WIndows Update doesn't understand that 01-058 exists,
it doesn't know that 01-055 was superseded by 01-055. When WU scans your
machine, it doesn't see the reg entries for 01-055, (and it doesn't know
that it's been superseded), so it tells you you need the patch. False
positive in this case.
HFNetChk uses the mssecure.xml file which is updated with patch information
usually 4 to 6 hours after a patch is released. The XML file notes that
01-055 is superseded by 01-058 and hence won't even look for it if you're
running a version that has been superseded (in the default hfnetchk
configuration) It will report that you need 01-058, unless you've already
installed it, which you did, in which case you are up to date.
At 08:41 AM 12/19/2001 -0800, Bil Corry wrote:
>Russ,
>
>This is odd. I have the Windows Critical Updates Alert installed on my
>W2K box (which directs you to windowsupdate.microsoft.com when a "critical
>update" is available). It just alerted me to install:
>
> > Security Update, November 13, 2001 (Internet Explorer 6)
> > 447 KB/ Download Time: 1 min
> > This update resolves the "13 November 2001 Cumulative Patch for
> Internet Explorer"
> > security vulnerability in Internet Explorer 6, and is discussed in
> Microsoft
> > Security Bulletin MS01-055. Download now to prevent a malicious user
> from reading
> > or altering the cookies on your computer.
>
>However, HFNETCHK shows that I'm fully patched:
>
> > * Internet Explorer 6 Gold
> >
> > INFORMATION
> > All necessary hotfixes have been applied.
>
>Yesterday I installed IE6.0 (upgraded from IE5.5) then installed
>MS01-58. I never did install MS01-55 since MS01-58 was "Cumulative" and
>HFNETCHK showed that I was patched.
>
>So which is right? Critical Update or HFNETCHK?
>
><sigh>
>
>- Bil
>
>Delivery co-sponsored by VeriSign - The Internet Trust Company
>Protect your servers with 128-bit SSL encryption!
>Get VeriSign's FREE guide, "Securing Your Web Site for Business." You will
>learn everything you need to know about using SSL to encrypt your e-commerce
>transactions for serious online security. Click here!
>http://www.verisign.com/cgi-bin/go.cgi?a16065650057000
============================================================================
Delivery co-sponsored by VeriSign - The Internet Trust Company
============================================================================
Protect your servers with 128-bit SSL encryption!
Get VeriSign's FREE guide, "Securing Your Web Site for Business." You will
learn everything you need to know about using SSL to encrypt your e-commerce
transactions for serious online security. Click here!
http://www.verisign.com/cgi-bin/go.cgi?a=n016065650057000
============================================================================
- Previous message: Tomasz Polus: "Windows XP security concerns"
- In reply to: Bil Corry: "Windows Critical Update"
- Next in thread: Steen Larsen: "Re: MS01-058 exploit - W32/Cool.A-mm"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
