RE: Windows 2000 Sec rollup 2 patch -- Ouch!

From: krisk@kbeta.com
Date: 04/11/02 

From: krisk@kbeta.com
To: "BUGTRAQ" <BUGTRAQ@securityfocus.com>
Date: Wed, 10 Apr 2002 22:15:39 -0500

Well, after trying the patch on two servers, I'm 50/50 going on none.

Upgrade of server #1 went fine, no problems.
Upgrade of server #2 (the one with actual webs and some asp database hooks)
went way bad.

First the machine went into a repetitive reboot for about 3 times,
Then seemed stable for about 5 minutes, then rebooted again.
Then continued to reboot at random intervals of between 2 to 10 minutes for
the next hour, while I attempted to copy some files off of it that hadn't
made it to back up yet. I couldn't seem to find a way to stop it, or a
method, so attempted to remove the patch. (thinking I would just re-apply
sp2 and secrollup1 which had been stable)

This was NOT a good thing. The computer attempted reboot after the patch
removal and BSOD! (ntoskernel)
Just like the old days! (first one in well over a year). I did a hard boot
and system came back up, I copied a few more files, but the machine
continued with it's reboot cycle for about another 3 or 4 times at which
point it would no longer come back up. Attempts at repair failed, and I'm
now almost 5 hours into a 5 minute patch.

Server that died has a slightly unusual config (no excuse!) of Win2k Server
on an ASUS P2BD system board, 256 Meg RAM, Dual P3 450's, LS-120, Promise
IDE Raid controller (2 drives striped for data, system is/was on it's own
separate IDE drive). and two IDE CDR Drives (one a Yamaha 16x CDRW). Prior
to the evil patch, it had been up nearly 2 years without a crash and
survived many other service packs and hotfixes (sp1->sp2->most critical
hotfixes->secrollup1->secrollup2->boom).

These two stragglers are on my replacement list of home boxen and I just
wish it could've waited another couple months for their retirement and
upgrade to a "real" operating system. I wish the rest of you better luck.

Enjoy!

Kris Kistler
CISSP, GSEC, CCNA, MCSE, CCA,
Network Security Engineer
Give me Linux or give me death!

Relevant Pages

  • The patch killed my system!
    ... prompts for a reboot, I say "Yes"...boom! ... that reason more often than any other on a server. ... when a patch appears to cause a problem with your server its more likely ... Now I'm not saying this to discourage reports of problems with patches, ...
    (NT-Bugtraq)
  • Re: Domain Controller / Automatic Updates..
    ... > the updates manually after testing them on a test server. ... > a weekend when I have time to recover from a bad patch. ... > "reboot" after installing a patch, you really need to be at the server. ... >> updates and then downloads and installs when there are new ones. ...
    (microsoft.public.windows.server.active_directory)
  • Re: RDP to Server Broken After Security Patch
    ... A reboot was required after this patch. ... Windows Small Business Server 2008 Unleashed ... Remote desktop was working fine up until the reboot for the security patch. ...
    (microsoft.public.windows.server.sbs)
  • Re: clarification of cvsup process.
    ... >> I have a FreeBSD 6.0 server that I manage that is used as a DNS / mail ... >> patch as listed in the announcement, but the patch just seemed to hang, ...
    (freebsd-questions)
  • Re: Patching Solaris 9 systems to "current"
    ... patch bundle onto them. ... and in some ways better approach is to do an upgrade ... time for a reboot, with another reboot to back out. ... additional disks to hand). ...
    (comp.unix.solaris)