RE: Microsoft Security Advisory MS 03-007 - Problems

From: Woods Robert (Robert.Woods@bmwgroup.ca)
Date: 03/18/03

  • Next message: Bill Mote: "RE: Microsoft Security Advisory MS 03-007 - Problems" 
    From: Woods Robert <Robert.Woods@bmwgroup.ca>
To: Focus-MS <focus-ms@securityfocus.com>
Date: Tue, 18 Mar 2003 14:04:41 -0500

      I agree, if there are problems with functionality after the upgrade, the
    problems would arise from those services/applications that depend on the
    particular .dll file. I patched my IIS Server running MRTG, and normal
    services resumed. The more elaborate your web services are, the greater the
    risk of outage due to patching the server.
      I haven't followed all the rants on the exploit, but if adding the
    registry key does the trick alone, go with that, and minimize your risk.

    Rob

    -----Original Message-----
    From: Marc Fossi [mailto:mfossi@securityfocus.com]
    Sent: Tuesday, March 18, 2003 12:57 PM
    To: josephdurnal@cablespeed.com
    Cc: Focus-MS; mikeheitz@upshotmail.com; jgrotegut@directpointe.com
    Subject: Re: Microsoft Security Advisory MS 03-007 - Problems

    I think that one of the most important things to remember about this patch
    is that if the MSNBC story is correct, MS only had 5 days or so to develop
    and test it. Compare that to other patches that have been released after
    weeks or sometimes months of development or testing.

    Many of the people who have said that the patch worked ok for them seemed
    to have fairly vanilla installs that only ran MS software. I'm sure that
    MS probably tested the patch with some of the more common IIS configs (ie.
    OWA) before releasing it, but I don't think that they could have
    realistically tested the patch against other configs.

    There's a strong possibility that the patch may only break IIS servers
    running a certain app that uses WebDAV that MS never tested. It could
    also be that this certain app happens to be more widely used than most
    people would think.

    Then again, MS has released buggy patches in the past.

    Overall, I think that until things are clear as to whether the patch is
    broken or not, people should take a look at some of the workarounds, like
    the one Mark Burnett posted earlier today.

    Link to Mark Burnett's post in the archive:
    http://www.securityfocus.com/archive/88/315375

    On Tue, 18 Mar 2003, Joseph Durnal wrote:

    > Here is the exact text of the message - I'm not sure
    > if I'm allowed to include any infomation about the
    > sender, so, I'm not. The best advice is to install
    > the patch on a test box and test all required
    > functionality before installing it in a production
    > environment. My first install on a freslhly built W2K
    > server did not indicate that there were any problems.
    > I will try to update the group if I get more
    > information.
    >
    > **Message Text**
    > Subject: RE: Premier - Product Support Services -
    > Microsoft Security Bulletin - MS03-007
    > Importance: High
    >
    > Hi Folks,
    >
    > We may have identified an issue with applying the
    > patch for this security issue. We currently have
    > folks in Redmond working on it. Please hold off on
    > applying any further patches, until further notice.
    >
    > As soon as I have more details, I will let you know.
    >
    > **End Message Text**
    >
    > Joseph M. Durnal
    > josephdurnal@yahoo.com

    Marc Fossi
    Symantec Corp.
    www.symantec.com

    ----------------------------------------------------------------------
    ALERT: How a Hacker Uses SQL Injection to Steal Your SQL Data!
    It's as simple as placing additional SQL commands into a Web Form input
    box giving hackers complete access to all your backend systems!
    http://www.spidynamics.com/mktg/sqlinjection33

    ----------------------------------------------------------------------
    ALERT: How a Hacker Uses SQL Injection to Steal Your SQL Data!
    It's as simple as placing additional SQL commands into a Web Form input
    box giving hackers complete access to all your backend systems!
    http://www.spidynamics.com/mktg/sqlinjection33

  • Next message: Bill Mote: "RE: Microsoft Security Advisory MS 03-007 - Problems"

    Relevant Pages

    • RE: Microsoft Security Advisory MS 03-007 - Problems
      ... We are currently researching a very specific issue with the patch. ... My first install on a freslhly built W2K ... How a Hacker Uses SQL Injection to Steal Your SQL Data! ... box giving hackers complete access to all your backend systems! ...
      (Focus-Microsoft)
    • RE: Microsoft Security Advisory MS 03-007 - Problems
      ... recommending that the patch be installed. ... would have a problem installing this patch, ... How a Hacker Uses SQL Injection to Steal Your SQL Data! ... box giving hackers complete access to all your backend systems! ...
      (Focus-Microsoft)
    • RE: MS patch-scanner for Win-NT, 2K, IIS, SQL
      ... MS patch-scanner for Win-NT, 2K, IIS, SQL ... seems so far that the patches it suggests are accurate. ... it the patch for advisory MS01-015 is not istalled, ... verison of the binary or the xml file at any of the URLs I've been given. ...
      (Focus-Microsoft)
    • RE: Microsoft Security Advisory MS 03-007 - Problems
      ... I had one person report problems installing the patch on a server running ... How a Hacker Uses SQL Injection to Steal Your SQL Data! ... box giving hackers complete access to all your backend systems! ... It's as simple as placing additional SQL commands into a Web Form input ...
      (Focus-Microsoft)
    • Re: Applying Windows Updates/ Service Packs to Cluster Nodes
      ... Actually, you typically want to patch the passive nodefirst, reboot as necessary and then move resources to the patched nodeand finish the process with the remaining nodes. ... SQL is different...you must patch SQL on the node that owns the instance. ... Windows Server 2008 Readiness Team ... updates successfuly to Windows (& by extension SQL patches) Clusters ...
      (microsoft.public.windows.server.clustering)
    • Quantcast