Re: For those that are squeemish about MS patches

["Barros, Jacob" <jkbarros () GRACE EDU>]

We too have rolled out the patches on our desktops / laptops without
much hassle and no impact on Win2K servers (although we haven't touched
our Exchange server yet).  The only problem we've found was a blue
screen caused by an outdated Dell (Broadcom) wireless driver.  
 
For what it's worth, the message below was forwarded to me so I thought
I'd pass it on.
 
Jake Barros
Grace College
 
 
 
In last week's heads-up that I sent out, one of the security patches 
Microsoft released was MS04-011...
http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx
<http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx> 
 
This patched a number of critical vulnerabilities, but unfortunately it
apparently *broke* SSL encryption for users of Windows 2003...
 
http://lists.netsys.com/pipermail/full-disclosure/2004-April/020246.html
<http://lists.netsys.com/pipermail/full-disclosure/2004-April/020246.htm
l> 
 
My recommendation is that if you are using Windows 2003 Server, do not
uninstall this patch yet. Instead switch to a somewhat more secure 
browser such as Mozilla to browse SSL encrypted sites (i.e... those that
 
start with https://.). 
 
http://www.mozilla.org/ <http://www.mozilla.org/> 
 
As always, continue to check back with windowsupdate.microsoft.com for
further hotfixes. No doubt they will (hopefully) post a fix soon for
what the last fix broke...
 
 

        


**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.