FW: Alert: Problems with MS03-007 installed - clarification

From: Russ (Russ.Cooper@RC.ON.CA)
Date: 03/19/03

  • Next message: Russ: "Alert: Microsoft Security Bulletin - MS03-008" 
    Date:         Wed, 19 Mar 2003 06:18:41 -0500
From: Russ <Russ.Cooper@RC.ON.CA>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

    Microsoft have revised MS03-007 (not the binary, just the details
    contained in the bulletin).

    It seems that MS PSS (Product Support Services) distributed a version of
    NTOSKRNL.EXE prior to W2K SP3 but after W2K SP2 to some customers
    together with Hotfixes for other purposes. Versions of NTOSKRNL.EXE
    between 5.0.2195.4797 and 5.0.2195.4928 (inclusive) are not compatible
    with the patch delivered in MS03-007. These systems will all report
    being W2K SP2 and the only way to distinguish them from other SP2
    systems (where MS03-007 will work) is by checking the file details.
    Windows Update is not able to do this (did I say that Windows Update was
    a dog, or didn't I!).

    Ergo, if you use Windows Update (or Software Update Services) you will
    end up with crashed machines if any of them applied one of these PSS
    patches (no list has been provided, so you'll just have to guess for
    yourself).

    Microsoft is recommending that you check the file version, if you
    determine you have a version of NTOSKRNL.EXE that is not compatible with
    MS03-007, you will have to upgraded to W2K SP3 prior to being able to
    apply MS03-007.

    See my previous message describing what to do if you have a STOP
    0x00000071 Blue Screen.

    Let's hear a collective "Yippy Kiayah ..." for this wonderful mess.
    Ain't patching using MS tools fun?

    Cheers,
    Russ - NTBugtraq Editor

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
    Delivery co-sponsored by Prometric - More than testing, learning.
    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
    http://www.prometric.com

    Prometric, part of The Thomson Corporation, is the leader in
    technology-enabled testing and assessment services for information
    technology certification, academic admissions, professional licensure and
    certifications, computer-based driver's licensing, and corporate testing.

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo

  • Next message: Russ: "Alert: Microsoft Security Bulletin - MS03-008"

    Relevant Pages

    • RE: Windows Update has stopped working.
      ... Microsoft CSS Online Newsgroup Support ... Windows Update has stopped working. ... Click on Start, Run, type REGSVR32 MSXML.DLL and click OK. ...
      (microsoft.public.windows.server.sbs)
    • Re: KB943460 / Software Distribution Service 3.0 System Restore Pr
      ... Sorry if I seemed coy its simply I had it my head you were a Microsoft ... I suppose it might simply be a rebrand of Windows Update. ... McAfee Security Center or AVG Free. ... KB943460 is not causing your System Restore problems. ...
      (microsoft.public.windowsxp.general)
    • >>>> UPDATE COMPUTER <<<<
      ... High-priority Updates Install Problem Computer Solution ... High-priority Updates Certificates Computer Microsoft Root ... Windows Update Causes Computer To Restart ... Device Driver Updates For Computer ...
      (comp.sys.mac.advocacy)
    • Re: Windows Update is a dog, again!
      ... For at least the past several days Windows Update has ... you're making all the responsibility MS's. ... how to obtain and DL the patch. ... >Microsoft will supply us with a properly tested security patch within 24 ...
      (NT-Bugtraq)
    • Re: SVCHOST.exe & Auto update program causing CPU to run at 100%
      ... Like wise I also downloaded that microsoft patch, ... Without service packs there is no auto update. ... install SP2, this is where the troubles begin. ... Workaround: Change the default from Microsoft Update to Windows Update: ...
      (microsoft.public.windowsxp.general)