Re: W2K SP4 bug on DCs
From: Vladimir Markovic (VMarkovic_at_SWST.COM)
Date: 09/18/03
- Previous message: Exibar: "Better way to perform Microsoft security patching?"
- Maybe in reply to: Vladimir Markovic: "W2K SP4 bug on DCs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 18 Sep 2003 10:54:16 -0500 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Hi Russ - I wanted to add to my previous email. It has come to my attention
that fix KB824226 that resolved the reboot of the AD Domain Controllers as
described below actually introduces a new bug - and that is a memory leak in
LSASS. M$ has already acknowledged the issue and written a new fix that
resolves the memory leak and it supercedes the KB824226. New article # is
KB828297 but you may not be able to find it as of this writing since it has
not yet been completed according to the support tech. Patch is however
ready and I already downloaded it. good luck
Vladimir Markovic
Information Technology
Southwest Securities, Inc.
214.859.6372
vmarkovic@swst.com
-----Original Message-----
From: Vladimir Markovic
Sent: Tuesday, September 02, 2003 2:14 PM
To: 'NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM'
Subject: W2K SP4 bug on DCs
Hello Russ,
I am not sure if this is worth mentioning to the masses - but since I just
got burned by this I wanted to make other folks aware of it. We upgraded
our AD DCs to SP4 3 days ago and just this morning, as users were getting
logged on all of them decided to reboot themselves. I found this in the
event logs
Internal event: Exception c0000005 has occurred with parameters 757b5954 and
0 (Internal ID 0).
And it was issued by NTDS General, Category Internal processing with the
event IS 1173
After a little bit of research I found a new article 824226 that describes
this error but does not mention the severity of it. I contacted M$ and
received the patch that is now in our Test Forrest. Hopefully tonight it
will go into production so tomorrow can be a better day.
http://support.microsoft.com/default.aspx?scid=kb;en-us;824226
Vladimir Markovic
Information Technology
Southwest Securities, Inc.
214.859.6372
vmarkovic@swst.com
---- Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER! With a growth rate exceeding 110%, the TICSA security practitioner certification is one of the hottest IT credentials available. And now, for a limited time, you can save 33% off of the TICSA certification exam! To learn more about the TICSA certification, and to register as a TICSA candidate online, just go to http://www.trusecure.com/offer/s0100/ ----
- Previous message: Exibar: "Better way to perform Microsoft security patching?"
- Maybe in reply to: Vladimir Markovic: "W2K SP4 bug on DCs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
