Problems with Hyperion and MS03-045
From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: 10/28/03
- Previous message: Kevin Costain: "An open source utility that might be of use to NTBugtraq users..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 28 Oct 2003 12:08:00 -0500 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
I received the following today;
-----
Russ,
I just received this from the company who makes Hyperion:
------------------------------------------------------------------------
----------------------------------
Microsoft Security Bulletin MS03-045
------------------------------------
Buffer Overrun in the ListBox and in the ComboBox Control Could Allow
Code Execution (824141)
Issue: After installing this hotfix, multiple digits appear when you
enter a single digit. For example, In Data Entry, enter a 1 in a cell
and it will appear as 11. Occurs in Enterprise 5.X versions and higher.
Not an issue with Enterprise SE.
Cause:
The hotfix patch addresses an issue with the User32.dll file, and this
affects keystrokes, which is where the issue is occurring.
Resolution:
The only resolution at the moment is to completely remove the hotfix. It
needs to be removed at both the server(s) (including Citrix) and the
workstation(s) for all users.
It can be removed via the Control Panel->Add/Remove Programs->and
clicking the Hotfix kb824141 and choosing Remove.
The servers/workstations will need to be re-booted after removed.
To receive more detailed information, including a possible workaround as
opposed to installing the patch, you can click on the following link and
look for the workaround expansion. The below link lists all the detailed
information related to this issue, as well as contact information for
Microsoft.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
ity/bulletin/MS03-045.asp
------------------------------------------------------------------------
-------------------------------------
The only solution now is to uninstall the patch
-----
Cheers,
Russ - NTBugtraq Editor
---- NTBugtraq subscribers save $103.00 off the TICSA exam by using promo code "NT1003" when registering to take the TICSA exam at www.2test.com. Prove to your employer and peers that you have the knowledge and abilities to be an active stakeholder in today's enterprise security. Become TICSA certified www.trusecure.com/ticsa. Promotion expires 12/31/03 and cannot be used in combination with other offers. ----
- Previous message: Kevin Costain: "An open source utility that might be of use to NTBugtraq users..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
