Re: Issues with MS03-043
From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: 10/22/03
- Previous message: Russ: "MinorRev: Microsoft Security Bulletin MS03-047 - Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting Attack (828489)"
- Maybe in reply to: Eddy - Security: "Issues with MS03-043"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 22 Oct 2003 17:22:24 -0400 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
I have had confirmation from an individual in Microsoft that there is a
requirement in UPDATE.EXE prior to version 5.4.1.0, used in hotfixes,
which expects the user running the update process to have debug rights.
This was done in order to avoid the need to reboot. Apparently, the
process was supposed to check for the right, and if not found, prompt
the user to reboot. If found, it would avoid the need to reboot
(something most people want.) A bug causes some versions (unknown
precisely which ones) to drive the CPU utilization up when the right
isn't present.
I've got no details on how to get the newer version of this file, likely
you could contact PSS and ask for it. I'm told that the newer version
will be used in future patches that use it (not all patches use this
method of deployment, as we know there are currently 8 different
installer packages.)
I certainly do not recommend granting the right to the user if you have
previously removed it, clearly the advantages of the user not having
such rights outweigh the benefits of not having to reboot.
Apparently the problem can also occur with MS03-041.
I suggest you perform a reboot after installing this patch to ensure it
completes (or at least terminates the update process.)
Cheers,
Russ - NTBugtraq Editor
-----
Marcus Ranum's new book "The Myth of Homeland Security" is now out and
is available from http://www.amazon.com/ranum In this hard-hitting
review of the homeland security business, Ranum shows us how the problem
is vastly harder than it's being made to sound, and how special
interests, *** covering, and bureaucracy are threatening to derail any
chance of making progress.
-----
- Previous message: Russ: "MinorRev: Microsoft Security Bulletin MS03-047 - Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting Attack (828489)"
- Maybe in reply to: Eddy - Security: "Issues with MS03-043"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
