lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
From: jheidtke at fmlh.edu (Jerry Heidtke)
Subject: Anyone running SUS see the content update today?

There were a variety of "issues" with last weeks patches.

MS03-045 installation failed on some language version of Windows 2000 SP4. Since this patch replaces the entire core of the OS, it often left the computer in a completely unusable state. This patch has also been repackaged so that a single download can be used to patch Windows 2000 SP2, SP3, and SP4. Previously, SP2 had a separate package.

All the original 10/15 OS patches included a new version of update.exe that contained a critical bug. In an attempt to reduce the number of reboots, MS tested to see if the user installing the patch had the debug privilege. This privilege allows system files that are in-use to be replaced on a running system. Normally only Local System and Administrators have this right. The intention was that if the user had the debug right, the files would be replaced and no reboot would be needed. The check to see if the current user had this right would sometimes enter an infinite loop, and sometimes system files would be damaged, putting the computer into an endless reboot cycle. Sometimes recovery was possible by booting into safe mode or using the recovery console and uninstalling the patches or manually copying the old files.

The updated bulletins so far make no mention of this. I would bet that when the updated patches are actually available on the the download site (they're not there yet) they will have a new version of update.exe.

I believe that in every case, the patches themselves contain the same system files. It is only the patch installer that is being replaced. We should know for sure by tomorrow.

Jerry

-----Original Message-----
From: Joshua Levitsky [mailto:jlevitsk@...hie.com]
Sent: Wednesday, October 22, 2003 9:12 PM
To: full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] Anyone running SUS see the content update today?


Seems like tonight Microsoft re-released all the updates from last week. Anyone else see this? Anyone know why all the updates from last week got re-released and some of them show up as new rather than updated even though the KB articles in the description are last weeks patches. 

-Josh

Confidentiality Notice: This e-mail message, including any attachments,
is for the sole use of the intended recipient(s) and may contain
confidential and privileged information.  Any unauthorized review, use,
disclosure or distribution is prohibited.  If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ