MS03-007 Round-up

From: Marc Fossi (mfossi@securityfocus.com)
Date: 03/19/03

  • Next message: Colcord, Aaron: "RE: Microsoft Security Advisory MS 03-007" 
    Date: Wed, 19 Mar 2003 13:55:10 -0700 (MST)
From: Marc Fossi <mfossi@securityfocus.com>
To: Focus-MS <focus-ms@securityfocus.com>

    Hey folks,

    I think that we've pretty much established that this patch does cause
    problems on some systems and not on others. Seems to be about 50/50
    judging from the posts.

    At this point I'm not going to approve any more posts about it unless
    someone offers conclusive evidence as to what the problem is or a remedy.
    I know that there are MS people subscribed to the list and their silence
    on this says to me that they are aware that there is a problem (though it
    would be nice to actually hear it from them).

    On a side note, the bulletin has been updated with some info about a
    possible conflict with a prior hotfix released by PSS. Check out the FAQ
    in the bulletin. Not sure if this covers everyone who reported problems
    with the patch or if there are additional issues there.

    Marc Fossi
    Symantec Corp.
    www.symantec.com

    ----------------------------------------------------------------------
    ALERT: How a Hacker Uses SQL Injection to Steal Your SQL Data!
    It's as simple as placing additional SQL commands into a Web Form input
    box giving hackers complete access to all your backend systems!
    http://www.spidynamics.com/mktg/sqlinjection33

  • Next message: Colcord, Aaron: "RE: Microsoft Security Advisory MS 03-007"

    Relevant Pages

    • RE: Microsoft Security Advisory MS 03-007 - Problems
      ... We are currently researching a very specific issue with the patch. ... My first install on a freslhly built W2K ... How a Hacker Uses SQL Injection to Steal Your SQL Data! ... box giving hackers complete access to all your backend systems! ...
      (Focus-Microsoft)
    • RE: Microsoft Security Advisory MS 03-007 - Problems
      ... recommending that the patch be installed. ... would have a problem installing this patch, ... How a Hacker Uses SQL Injection to Steal Your SQL Data! ... box giving hackers complete access to all your backend systems! ...
      (Focus-Microsoft)
    • RE: Microsoft Security Advisory MS 03-007 - Problems
      ... I had one person report problems installing the patch on a server running ... How a Hacker Uses SQL Injection to Steal Your SQL Data! ... box giving hackers complete access to all your backend systems! ... It's as simple as placing additional SQL commands into a Web Form input ...
      (Focus-Microsoft)
    • RE: Microsoft Security Advisory MS 03-007 - Problems
      ... I think that one of the most important things to remember about this patch ... MS has released buggy patches in the past. ... How a Hacker Uses SQL Injection to Steal Your SQL Data! ... box giving hackers complete access to all your backend systems! ...
      (Focus-Microsoft)
    • RE: Microsoft Security Advisory MS 03-007 - Problems
      ... We've only got 1 OWA server we were planning to patch ... How a Hacker Uses SQL Injection to Steal Your SQL Data! ... box giving hackers complete access to all your backend systems! ...
      (Focus-Microsoft)