Re: Patch MS03-045 for Czech W2K has conflicting kernel32.dll [lw]
From: Microsoft Security Response Center (secure_at_MICROSOFT.COM)
Date: 10/17/03
- Previous message: Russ: "Re: Alert: Microsoft Security Bulletin MS03-047 - Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting Attack (828489)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 17 Oct 2003 14:21:09 -0700 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Thank you very much.
Microsoft Product Support Services is aware of the problem. We are
working on a resolution to this, in the meantime the bulletin for
MS03-045 has been updated to reflect this and will also be reissued once
we have a resolution ready.
As Russ mentioned earlier, customers who are experiencing these problems
should contact Microsoft Product Support Services via any of the support
channels available through http://support.microsoft.com/ so that we can
track this properly.
Kind regards,
/Lennart
Microsoft Security Response Center
-----Original Message-----
From: Windows NTBugtraq Mailing List
[mailto:NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM] On Behalf Of Ondrej Holas
Sent: Friday, October 17, 2003 9:50 AM
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: Patch MS03-045 for Czech W2K has conflicting kernel32.dll
Patch MS03-045 (824141) for Czech version of Windows 2000 has
kernel32.dll with preferred base address changed and causing overlay
with mpr.dll. If a process using mpr.dll starts and kernel32.dll is
loaded first, it's OK - mpr.dll is relocated (the only effect of the
conflict here is a bit greater memory usage since pages of relocated
libraries are not shared between processes). If mpr.dll is loaded first,
kernel32.dll cannot be relocated (is present on "KnownDlls list") and
the process does not start at all. Uninstallation of 824141 helps to
resolve this problem, but leaves the system unpatched by MS03-045.
English version of the patch seems to be OK. We've not tested other
language versions.
Regards,
Ondrej Holas
Senior Systems Consultant
DIGI TRADE, s.r.o.
Vlkova 46
Praha 3
130 00
Czech Republic
Tel.: +420 222 720 699
Fax : +420 222 722 302
http://www.digi-trade.cz
---- NTBugtraq subscribers save $103.00 off the TICSA exam by using promo code "NT1003" when registering to take the TICSA exam at www.2test.com. Prove to your employer and peers that you have the knowledge and abilities to be an active stakeholder in today's enterprise security. Become TICSA certified www.trusecure.com/ticsa. Promotion expires 12/31/03 and cannot be used in combination with other offers. ---- ---- NTBugtraq subscribers save $103.00 off the TICSA exam by using promo code "NT1003" when registering to take the TICSA exam at www.2test.com. Prove to your employer and peers that you have the knowledge and abilities to be an active stakeholder in today's enterprise security. Become TICSA certified www.trusecure.com/ticsa. Promotion expires 12/31/03 and cannot be used in combination with other offers. ----
- Previous message: Russ: "Re: Alert: Microsoft Security Bulletin MS03-047 - Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting Attack (828489)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
