[34777] in bugtraq
Re: After Ms patches last Wed ...
daemon@ATHENA.MIT.EDU (James Riden)
Mon May 3 18:09:40 2004
To: InfoSec@seba.com
Cc: bugtraq@securityfocus.com
From: James Riden <j.riden@massey.ac.nz>
Date: Tue, 04 May 2004 09:36:00 +1200
In-Reply-To: <OF6CB1254D.22B27464-ON85256E89.004FB436-85256E89.0050E58D@seba.com> (InfoSec@seba.com's
message of "Mon, 3 May 2004 10:41:45 -0400")
Message-ID: <873c6hnqgv.fsf@it029205.massey.ac.nz>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
InfoSec@seba.com writes:
> I've been following this thread and the stated instabilities of the
> MS04-011 security update, I had determined to delay deployment of this
> patch until it was stabilized but it seems it wasnt stabilized fast enough
> to beat the worms to market.
>
> Now of course this same LSASS vuln addressed by MS04-011 is the target of
> the Sasser worm....
>
> undeployable/unstable patch + critical vulnerability = the even greater
> threat of the sasser worm(s)... good job.
>
> I read in a article on this patch that the instability is only present if
> the "Nortel Networks VPN client is installed and the IPSec Policy Agent is
> set to manual or automatic startup type", does anyone have any further
> input on MS04-011? Stable on a standard Win2k server install or not?
We've just seen issues with some USB storage devices after applying
MS04-011. No good details yet I'm afraid, but you might want to test
the patch on a few machines first.
It's been stable on all the servers (just over 100) I've applied it
to.
cheers,
Jamie
--
James Riden / j.riden@massey.ac.nz / Systems Security Engineer
GPG public key available at: http://www.massey.ac.nz/~jriden/
This post does not necessarily represent the views of my employer.
