Re: Issues with MS03-043
From: Randy Cardon (rec_at_LANL.GOV)
Date: 10/21/03
- Previous message: Russ: "Alert: Microsoft Security Bulletin MS03-047 - Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting Attack (828489)"
- In reply to: Russ: "Re: Issues with MS03-043"
- Next in thread: Russ: "Re: Issues with MS03-043"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 21 Oct 2003 15:52:41 -0600 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Russ,
Here's what I've found, today;
Using an account that is a member of the Local Administrators group on
Windows XP SP1 configured using the Win2kProGold_R1.2.3.inf template
(Account doesn't have the Debug program right).
An attempt to install MS03-45 from the Windows Update site never ends.
Downloading WindowsXP-KB828035-x86-ENU.exe and running it locally
eventually finishes, but doesn't force a reboot. Updater.exe and
WindowsXP-KB828035-x86-ENU.exe are both left running after you click on
finish and the windows closes. WINNT\System32\msgsvc.dll and
WINNT\System32\wkssvc.dll get replaced. The correct entries get made in the
registry.
Using an account that is a member of the Local Administrators group on
Windows XP SP1 configured using the Win2kProGold_R1.2.3.inf template (and
adding the Debug program right to the Administrators group).
Installing MS03-45 from the Windows Update site works the way I would
expect it to (fairly quick and forcing a reboot). Downloading
WindowsXP-KB828035-x86-ENU.exe and running it locally performs the way I
expected it to, including forcing a reboot.
Even without the Debug right the patch seems to get installed (files
replaced and registry modified), so I'm not sure the patch actually
requires Debug.
The "Cumulative Patch" WindowsXP-KB826939-x86-ENU.exe presents the same
type of behavior. So did MS make a mistake on these two (I haven't tried
any of the October patches) or are they changing the rights that are
required to install patches?
The problem appears to be the version of update.exe that comes with these
hot fixes. I extracted WindowsXP-KB826939-x86-ENU.exe, and replaced
replaced update.exe with the update.exe from MS03-39, worked fine without
the debug right.
Randy
-----
Marcus Ranum's new book "The Myth of Homeland Security" is now out and
is available from http://www.amazon.com/ranum In this hard-hitting
review of the homeland security business, Ranum shows us how the problem
is vastly harder than it's being made to sound, and how special
interests, *** covering, and bureaucracy are threatening to derail any
chance of making progress.
-----
- Previous message: Russ: "Alert: Microsoft Security Bulletin MS03-047 - Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting Attack (828489)"
- In reply to: Russ: "Re: Issues with MS03-043"
- Next in thread: Russ: "Re: Issues with MS03-043"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
