Faulty MS Security Patches
Has anyone been using the series of security patches that have been issued by Microsoft since January, 2002? THere have been at least a dozen of them.
Every few weeks MS issues a new patch to correct some holes in its Windows operating systems - NT 4.0, 2000, or XP. I've stopped downloading them because, according to both MS and its customers, the patches are stepping on each other, and might render your server or workstation un-bootable.
According MS Security Bulletin MS03-007, issued April 16, a patch to correct a flaw involving ntdll.dll is now available. The flaw can permit hackers to create a buffer-stack overflow.
The next day, Microsoft issued Security Bulletin MS03-013, admitting that the patch doesn't really work because the real flaw is in the way that the OS kernel passes error messages to the debugger program. In other words, hackers can even write programs to exploit the OS debugging program!
As I mentioned, these defective patches and contradictory solutions have been issued by Microsoft since the beginning of 2002.
My questions are:
Has anybody here downloaded these patches?
If so, have they been effective?
Did they limit or affect the functionality of your PCs in any way?
Here are some references:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-013.asp
http://support.microsoft.com/?id=811493
http://support.microsoft.com/default.aspx?kbid=307934
Thanks, as always,
mairving posted this at 21:13 — 23rd April 2003.
They have: 2,256 posts
Joined: Feb 2001
It is a big groan sometimes patching systems. I installed an Exchange patch the other day. After that the Exchange service wouldn't restart. So I uninstalled it, that didn't work. I reinstalled it and that didn't work. Finally after a couple of reboots and a couple of hours, I saw some documentation about moving the internal NIC to the top and the External to the bottom in the Bindings. Well it already was but when I brought the external to the top and then flipped it back to the bottom, rebooted the server and it was fixed. Still two needless hours of my time wasted.
Often I think MS rushes patches out without a whole bunch of testing just to fix a security hole. Then when they find out that they break things they issue another fix. It is a sad process.
There are about 30 meg's of Critical Updates since the first of the year. I haven't really had much problem with the patch that you listed. Is it on a server exposed to the wild or on a machine sitting behind a firewall.
Mark Irving
I have a mind like a steel trap; it is rusty and illegal in 47 states
Mark Hensler posted this at 23:21 — 23rd April 2003.
He has: 4,048 posts
Joined: Aug 2000
*checks windows updates*
Gah, 2 new ones to do.
I generally install them as soon as my system try pops up with that bubble thing. I've not had any noticeable probelms.
Mark Hensler
If there is no answer on Google, then there is no question.
kb posted this at 21:00 — 24th April 2003.
He has: 1,380 posts
Joined: Feb 2002
i generally download patches every two weeks, i have yet to have problems, as i dont dl ones that just came out, i wait for them to fix the fixes...just wait a bit after you recieve a notice about one, to make sure it doesnt need fixing too, and you will be fine
nike_guy_man posted this at 22:41 — 24th April 2003.
They have: 840 posts
Joined: Sep 2000
Here's a solution: Get a Mac
:-D
I've had mine for over a month now, no 'security patches' none of that
The only update it did was automatically update Quicktime for me
Seriously though, I never had any problems with patches on the multiple years I was with Windows
I have read a lot of reports of patches that don't work though
Is it better to install a patch right away before an attack would take place? Or wait 2 weeks ot make sure it's good and meanwhile leave your server/computer vulnerable??
kb posted this at 23:58 — 24th April 2003.
He has: 1,380 posts
Joined: Feb 2002
good question, i guess it depends whether you want your comp/server to crash from an error or an attack
Mark Hensler posted this at 09:42 — 25th April 2003.
He has: 4,048 posts
Joined: Aug 2000
I think it's best to have a testing system setup for a production environment. Meaning, if I had a valuable box, I would first install XYZ on a machine with a similar setup and give it the what-for. If it survives, then proceed to install on the live box.
Mark Hensler
If there is no answer on Google, then there is no question.
hk5754 posted this at 23:03 — 15th May 2003.
They have: 4 posts
Joined: Mar 2003
I leave my server on Auto-Update of patches and have not had any problems yet. If I do ever encounter problems, I just let MS fix them remotely. Of course, I have to pay but I let them know they will pay if they screw up my server!
Phil Stanley
Hosting America Directory
http://www.hosting-america.net
Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.