[11079] in bugtraq
Re: Microsoft Security Bulletin (MS99-025)
daemon@ATHENA.MIT.EDU (=?iso-8859-1?Q?Bj=F8rnar_B=2E_Lars)
Tue Jul 20 16:48:50 1999
Mime-Version: 1.0
Content-Type: text/plain
Message-Id: <50325BA28B01D211A57F00805FB7FC250159A61C@mail>
Date: Tue, 20 Jul 1999 01:08:44 +0200
Reply-To: =?iso-8859-1?Q?Bj=F8rnar_B=2E_Larsen?= <bbl@AVENIR.NO>
From: =?iso-8859-1?Q?Bj=F8rnar_B=2E_Larsen?= <bbl@AVENIR.NO>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
(this email has also been sent to ntbugtraq)
Hello people!
Am I missing something here, or are there something wrong with MS99-025faq
(www.microsoft.com/security/bulletins/MS99-025faq.asp) ?
The registry keys we're asked to manually remove are these (may be wrapped):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W3SVC\
Parameters\ADCLaunch\RDSServer.DataFactory
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W3SVC\
Parameters\ADCLaunch\AdvancedDataFactory
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W3SVC\
Parameters\ADCLaunch\VbBusObj.VbBusObjCls
while the downloadable registry file we're asked to double-click
(www.microsoft.com/security/bulletins/handunsf.exe) contains these
adjustments (may be wrapped):
------------------cut here----------------
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DataFactory]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DataFactory\HandlerInfo]
"handlerRequired"=dword:00000000
"DefaultHandler"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DataFactory\HandlerInfo\
safeHandlerList]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DataFactory\HandlerInfo\
safeHandlerList\MSDFMAP.Handler]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DataFactory\HandlerInfo\
safeHandlerList\MSDFMAP_VB.Handler]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DataFactory\HandlerInfo\
safeHandlerList\MSDFMAP_VC.Handler]
----------------and cut here-------------
I happily comitted the manual changes, then downloaded the reigistry file
just to be sure I hadn't let anything out. None of the keys in this .reg
file exists on my webserver. I guess they indirectly might do the same
service as the manual changes... but why the difference?
cheers,
:-) bblarsen
