lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <873c6hnqgv.fsf@it029205.massey.ac.nz>
Date: Tue, 04 May 2004 09:36:00 +1200
From: James Riden <j.riden@...sey.ac.nz>
To: InfoSec@...a.com
Cc: bugtraq@...urityfocus.com
Subject: Re: After Ms patches last Wed ...


InfoSec@...a.com writes:

> I've been following this thread and the stated instabilities of the 
> MS04-011 security update, I had determined to delay deployment of this 
> patch until it was stabilized but it seems it wasnt stabilized fast enough 
> to beat the worms to market.
>
> Now of course this same LSASS vuln addressed by MS04-011 is the target of 
> the Sasser worm.... 
>
> undeployable/unstable patch + critical vulnerability = the even greater 
> threat of the sasser worm(s)... good job.
>
> I read in a article on this patch that the instability is only present if 
> the "Nortel Networks VPN client is installed and the IPSec Policy Agent is 
> set to manual or automatic startup type", does anyone have any further 
> input on MS04-011? Stable on a standard Win2k server install or not?

We've just seen issues with some USB storage devices after applying
MS04-011. No good details yet I'm afraid, but you might want to test
the patch on a few machines first.

It's been stable on all the servers (just over 100) I've applied it
to.

cheers,
 Jamie
-- 
James Riden / j.riden@...sey.ac.nz / Systems Security Engineer
GPG public key available at: http://www.massey.ac.nz/~jriden/
This post does not necessarily represent the views of my employer.



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ