Perpetual restarts after installing MS03-039 patch
From: Mike Strout (mstrout_at_TYLERCVC.COM)
Date: 09/12/03
- Previous message: Mark Brown: "XP systems continue to reboot, even with all patches installed an d native firewalling enabled"
- Next in thread: Marek Byszewski: "Re: Perpetual restarts after installing MS03-039 patch"
- Maybe reply: Marek Byszewski: "Re: Perpetual restarts after installing MS03-039 patch"
- Maybe reply: Mike Strout: "Re: Perpetual restarts after installing MS03-039 patch"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 12 Sep 2003 14:57:35 -0500 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
I use Shavlik's HKNETCHK Pro in my environment to push out my patches.
Last night I decided to push out the MS03-039 patch to all my 2ksp3
workstations and servers.
This morning I am having problems with several workstations that when
logged in as an admin user that has a roaming profile, the patch install
routine for ms03-026 launches, even though it has been installed for a
month, and then within 45 seconds I get the old shutting down in 30
seconds box. At first I assumed that this patch just wasn't installed
and it was being installed because hknetchk pro thought it hadn't been
done correctly. However, upon restart, the same user logs in and the
process starts all over again.
The strange thing however is if I log in with a domain admin account,
the update doesn't run and the machine works flawlessly. About the only
difference between the domain admin account and the user's account (user
has admin rights) is the fact that the user has a roaming profile. This
really has me scratching my head. I find it hard to believe a virus
would be created to be profile specific.
I ran Symantec's fix tool. It didn't find msblast. I ran Microsoft's
latest vulnerability checker for 039. These machines show both patches
are installed. I also looked at the hklm key and verified that 026 is
already installed. I also looked to try and find what is calling this
update. Nothing in startup, any of the registry "run" or "run once" keys
and no task in scheduled tasks. Is this a new bug or what?
Mike Strout
Director of Information Systems
Tyler Cardiovascular Consultants
---- Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER! With a growth rate exceeding 110%, the TICSA security practitioner certification is one of the hottest IT credentials available. And now, for a limited time, you can save 33% off of the TICSA certification exam! To learn more about the TICSA certification, and to register as a TICSA candidate online, just go to http://www.trusecure.com/offer/s0100/ ----
- Previous message: Mark Brown: "XP systems continue to reboot, even with all patches installed an d native firewalling enabled"
- Next in thread: Marek Byszewski: "Re: Perpetual restarts after installing MS03-039 patch"
- Maybe reply: Marek Byszewski: "Re: Perpetual restarts after installing MS03-039 patch"
- Maybe reply: Mike Strout: "Re: Perpetual restarts after installing MS03-039 patch"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
