Re: MS08-067 locked up my servers
- From: LIONHEART2205 <LIONHEART2205@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 15 Dec 2008 04:54:06 -0800
HOW DO I UNINSTALL THIS PATCH
______________________________
"Michael D. Ober" wrote:
"Alun Jones" <alun@xxxxxxxxxxxxx> wrote in message.
news:uqiWTX2OJHA.4480@xxxxxxxxxxxxxxxxxxxxxxx
"Al Dunbar" <AlanDrub@xxxxxxxxxxxxxxxxxxx> wrote in messageI rebooted multiple times after the patches, since I have seen previous MS
news:eRFLIvwOJHA.780@xxxxxxxxxxxxxxxxxxxxxxx
"Michael D. Ober" <obermd.@.alum.mit.edu.nospam.> wrote in message
news:Buqdnf-pDZCZoZTUnZ2dnUVZ_h6dnZ2d@xxxxxxxxxxxxxxxx
"Greg H" <gphalpin@xxxxxxxxx> wrote in message
news:82977544-5fce-493b-990a-0439ebf5d7c5@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
On Oct 28, 10:57 am, Greg H <gphal...@xxxxxxxxx> wrote:
On Oct 27, 7:24 pm, "Michael D. Ober" <obermd.@.alum.mit.edu.nospam.>Restarting the servers solved my problem. I can remote to them
wrote:
After installing MS08-067 (last weeks emergency RPC patch) none of
my domain
controllers could talk to each other. When I uninstalled this
patch,
everything started working again. My DCs are Windows Server 2003 R2
SP2
running on VMWare Server 1.05. Has anyone else seen this behavior
or have
any ideas on how to avoid it? The errors indicated that RPC failed
to allow
new connections.
Thanks,
Mike Ober.
again.
The problem I'm having is that I cannot remote desktop to a couple of
my Windows 2003 R2 SP2 Servers. I haven't found a solution yet.
The RDP services are running.
The firewall is off.
I disabled and then renabled Remote Desktop on the My Computer
Properties.
I haven't restarted the server yet but will be trying that after 5 PM
today.
There are no errors in the logs regarding RDP.
I'm going to restart the server at the end of the day to see if that
resolves it. If that resolves it, I'll post again.
Greg
It wasn't just Remote Desktop for me. Group Policy didn't work,
Kerberos didn't work. Basically, nothing that required RPC calls to
operate, which is almost all of Active Directory's communications,
worked until I uninstalled this patch.
That's odd. We didn't have any issues with it at all.
Well, you probably followed the instructions and rebooted the server after
installing the patch.
I've seen a number of sites suggest you install the patch without
restarting, and simply stop and restart the Server service.
That doesn't do the trick. When the Server service starts up again, it
reuses the copy of the DLL that is in the svchost.exe memory. Still
flawed.
What if you stop every service in the same SvcHost group, and then restart
them?
It fixes the _one_ specific path to exploit this flaw, but it leaves the
flawed function loaded in dozens of processes - can you guarantee that
none of these processes call the same function? [ tasklist /m netapi32.dll
shows you the processes using the DLL ]
And if Netapi32.dll expects to talk to its other instances, can it? Nope.
And that will cause random breakage.
So, you just apply the patch, restart, and everything will be better.
Alun.
~~~~
--
Texas Imperial Software | Web: http://www.wftpd.com/
23921 57th Ave SE | Blog: http://msmvps.com/alunj/
Woodinville WA 98072-8661 | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(425)807-1787 | Try our NEW client software, WFTPD Explorer.
patches that require two reboots to really get installed correctly.
Mike.
- Follow-Ups:
- Re: MS08-067 locked up my servers
- From: Michael D. Ober
- Re: MS08-067 locked up my servers
- Prev by Date: Re: server 2008 - option to stop ntfs perm inheritance disabled?
- Next by Date: Re: server 2008 - option to stop ntfs perm inheritance disabled?
- Previous by thread: Run As without log on locally permission?
- Next by thread: Re: MS08-067 locked up my servers
- Index(es):
Relevant Pages
|
