SP4 reverts MS03-026 - Not!
From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: 08/21/03
- Previous message: Marc Maiffret: "EEYE: Internet Explorer Object Data Remote Execution Vulnerability"
- Next in thread: Russ: "Re: SP4 reverts MS03-026 - Not!"
- Maybe reply: Russ: "Re: SP4 reverts MS03-026 - Not!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 21 Aug 2003 16:09:51 -0400 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Seems many of you subscribe to Brian's Buzz. He published a story today;
http://www.briansbuzz.com/w/030821/
that included a bit about the statement we, TruSecure Corporation, had posted on our website.
During the initial rush to get information out about Blaster, we included a statement that if you had Windows 2000 SP3, then applied MS03-026, you'd be patched. However, if you subsequently installed SP4, you would be reverted to an unpatched state.
The testing that was used to come up with this statement was wrong. I did the testing, so I know it was wrong. Last week I rechecked this and found my mistake. Unfortunately, it took until Monday to get the TruSecure alert corrected. Brian refers to a different alert, the original alert about the RPC/DCOM overflow (TSA03-009). I'm not sure we ever had mention about SP4 reverting MS03-026 in that alert. I know we had it in TSA03-011, and that alert now contains the following;
"TruSecure Corporation originally believed that Windows 2000 machines which were at SP3, then patched with MS03-026, and then updated to SP4, would become vulnerable to the attacks against RPC/DCOM (e.g. Blaster). Subsequent testing proved this not to be the case. Systems patched in this method will retain the MS03-026 patch after applying SP4 and do not need to re-apply the patch. "
Apologies to all who read the incorrect information.
Cheers,
Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Whatever Happened to Octopus?
LEGATO RepliStor, formerly known as Octopus, delivers breakthrough
replication performance that's 5X faster than the competition in an
independent head-to-head test. Learn how RepliStor uses patented,
asynchronous, real-time replication, to deliver disaster recovery, data
distribution and consolidated backups. It is the first replication solution
to achieve Windows 2003 certification. Get the performance report now.
http://portal1.legato.com/products/replistor/upgrade.cfm
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
- Previous message: Marc Maiffret: "EEYE: Internet Explorer Object Data Remote Execution Vulnerability"
- Next in thread: Russ: "Re: SP4 reverts MS03-026 - Not!"
- Maybe reply: Russ: "Re: SP4 reverts MS03-026 - Not!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
