[25033] in bugtraq
RE: Windows 2000 Sec rollup 2 patch -- Ouch!
daemon@ATHENA.MIT.EDU (krisk@kbeta.com)
Thu Apr 11 16:27:24 2002
From: krisk@kbeta.com
Reply-To: <krisk@kbeta.com>
To: "BUGTRAQ" <BUGTRAQ@securityfocus.com>
Date: Wed, 10 Apr 2002 22:15:39 -0500
Message-ID: <BNEAJFPMLHDOPNIMGBFEOENLCIAA.krisk@kbeta.com>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
In-Reply-To: <MKEAIJIPCGAHEFEJGDOCKEHBFBAA.marc@eeye.com>
Well, after trying the patch on two servers, I'm 50/50 going on none.
Upgrade of server #1 went fine, no problems.
Upgrade of server #2 (the one with actual webs and some asp database hooks)
went way bad.
First the machine went into a repetitive reboot for about 3 times,
Then seemed stable for about 5 minutes, then rebooted again.
Then continued to reboot at random intervals of between 2 to 10 minutes for
the next hour, while I attempted to copy some files off of it that hadn't
made it to back up yet. I couldn't seem to find a way to stop it, or a
method, so attempted to remove the patch. (thinking I would just re-apply
sp2 and secrollup1 which had been stable)
This was NOT a good thing. The computer attempted reboot after the patch
removal and BSOD! (ntoskernel)
Just like the old days! (first one in well over a year). I did a hard boot
and system came back up, I copied a few more files, but the machine
continued with it's reboot cycle for about another 3 or 4 times at which
point it would no longer come back up. Attempts at repair failed, and I'm
now almost 5 hours into a 5 minute patch.
Server that died has a slightly unusual config (no excuse!) of Win2k Server
on an ASUS P2BD system board, 256 Meg RAM, Dual P3 450's, LS-120, Promise
IDE Raid controller (2 drives striped for data, system is/was on it's own
separate IDE drive). and two IDE CDR Drives (one a Yamaha 16x CDRW). Prior
to the evil patch, it had been up nearly 2 years without a crash and
survived many other service packs and hotfixes (sp1->sp2->most critical
hotfixes->secrollup1->secrollup2->boom).
These two stragglers are on my replacement list of home boxen and I just
wish it could've waited another couple months for their retirement and
upgrade to a "real" operating system. I wish the rest of you better luck.
Enjoy!
Kris Kistler
CISSP, GSEC, CCNA, MCSE, CCA,
Network Security Engineer
Give me Linux or give me death!
