Re: MS03-029 / Q823803 definitely breaks RAS and MS isn't listening?

From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: 07/29/03

  • Next message: Stephane Barizien: "RUNAS /SAVECRED is huge security hole"
    Date:         Tue, 29 Jul 2003 01:07:36 -0400
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    Well, sorry folks. I have had more than 30 people reply to the original post all indicating that their NT 4.0 RAS servers died after installing MS03-029. Some have filed reports with PSS, but PSS has thusfar not been able to provide any of these people with an answer, let alone confirmed there is a problem. Microsoft is continuing to provide people with the download, presumably only a very few NT 4.0 Servers were ever/are still configured to run RAS.

    Isn't it ironic that Microsoft claimed that none of their own software was vulnerable to the vulnerability published by @Stake, yet the fix has so far only killed RAS (nobody has indicated that any 3rd party app has been affected by the fix.)

    And what is up with Microsoft? Why haven't they pulled the patch? Why haven't they at least acknowledged within the FAQ section of the Bulletin that the patch kills boxes with RAS on them? Why doesn't PSS immediately tell affected people to remove the patch?

    FWIW, every else who responded to Adam's original message indicated they were able to successfully uninstall the patch. Not sure why Adam couldn't, but seems very few others have had the same problem.

    Could it be that Microsoft just doesn't care about NT 4.0 any more, are we to conclude that Trustworthy Computing doesn't apply to NT 4.0? I realize that support for NT 4.0 Workstation stopped on June 30, 2003, but NT 4.0 Server is supposed to be fully supported for security hotfixes until the end of 2004.

    I know many people at Microsoft still read NTBugtraq, would it be too much to ask that someone from there respond? (you can email or call me [705-878-3405] if you prefer not to send a post that hasn't been officially sanctioned)

    Cheers,
    Russ - NTBugtraq Editor

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
    Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER!

    With a growth rate exceeding 110%, the TICSA security practitioner
    certification is one of the hottest IT credentials available. And now, for
    a limited time, you can save 33% off of the TICSA certification exam! To
    learn more about the TICSA certification, and to register as a TICSA
    candidate online, just go to

    http://www.trusecure.com/offer/s0100/

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo


  • Next message: Stephane Barizien: "RUNAS /SAVECRED is huge security hole"

    Relevant Pages

    • Re: Alert: Microsoft Security Bulletin - MS03-039
      ... The way that Microsoft patched the new RPC Part II vulnerability ... Summer's Hottest Certification Just Got HOTTER! ... To learn more about the TICSA certification, ...
      (NT-Bugtraq)
    • WHERE ARE NT4 OLD PASSWORDS STORED
      ... Sorry if this bores many of you (being an NT4 question), ... Summer's Hottest Certification Just Got HOTTER! ... you can save 33% off of the TICSA certification exam! ...
      (NT-Bugtraq)
    • Windows 2000 server issue
      ... accurately parse the lists of vulnerable machines produced by the scan ... of addresses directly on the script. ... Summer's Hottest Certification Just Got HOTTER! ... you can save 33% off of the TICSA certification ...
      (NT-Bugtraq)
    • Firewalls and DCOM
      ... Never underestimate the lengths to which your users will inadvertently go through to infect a network;)" ... Summer's Hottest Certification Just Got HOTTER! ... you can save 33% off of the TICSA certification exam! ...
      (NT-Bugtraq)
    • Re: Drivial Pursuit: Internet Explorer Browser & Your Files and Folders !
      ... The default Enhanced Security Configuration of IE ... access to files and folders on the local machine from the internet. ... With a growth rate exceeding 110%, the TICSA security practitioner certification is one of the hottest IT credentials available. ... And now, for a limited time, you can save 33% off of the TICSA certification exam! ...
      (NT-Bugtraq)