Bugtraq mailing list archives
Re: After Ms patches last Wed ...
From: James Riden <j.riden () massey ac nz>
Date: Tue, 04 May 2004 09:36:00 +1200
InfoSec () seba com writes:
I've been following this thread and the stated instabilities of the MS04-011 security update, I had determined to delay deployment of this patch until it was stabilized but it seems it wasnt stabilized fast enough to beat the worms to market. Now of course this same LSASS vuln addressed by MS04-011 is the target of the Sasser worm.... undeployable/unstable patch + critical vulnerability = the even greater threat of the sasser worm(s)... good job. I read in a article on this patch that the instability is only present if the "Nortel Networks VPN client is installed and the IPSec Policy Agent is set to manual or automatic startup type", does anyone have any further input on MS04-011? Stable on a standard Win2k server install or not?
We've just seen issues with some USB storage devices after applying MS04-011. No good details yet I'm afraid, but you might want to test the patch on a few machines first. It's been stable on all the servers (just over 100) I've applied it to. cheers, Jamie -- James Riden / j.riden () massey ac nz / Systems Security Engineer GPG public key available at: http://www.massey.ac.nz/~jriden/ This post does not necessarily represent the views of my employer.
Current thread:
- RE: After Ms patches last Wed ... InfoSec (May 03)
- Re: After Ms patches last Wed ... James Riden (May 03)
- Re: After Ms patches last Wed ... Nicholas Weaver (May 04)
- RE: After Ms patches last Wed ... Nick FitzGerald (May 04)
- Re: After Ms patches last Wed ... James Riden (May 03)