From: Michael Rimar (mrmr_at_uclink.berkeley.edu)
Date: Thu Jul 31 2003 - 13:43:39 PDT
Interesting...I have recently had to re install WinNT4 on a couple of
machines (due to RPC problems!!!) and when I update using the 6a
patch, the startup screen says sp6. I know I have other systems that
do reflect the 6a designation....what is that about??
Thanks
michael
>Hi -
>
>I had the same problem. It turned out the particular machine didn't
>have NT service pack 6a. After I installed
>that, I was able to install all the "critical updates" that I
>couldn't before because I kept getting "setup cancelled".
>Also, the list of critical updates went from 2 to about 15 after the
>installation of sp6a; the new list included the
>rpc exploit patch in question.
>
>Merle
>
>At 12:52 PM 7/31/2003 -0700, you wrote:
>
>>Hi Folks:
>>
>>First, it appears that the page referenced to obtain the patch
>>leads to the generic Windows Update page...and I don't see any
>>patch there with a recent date that relates to this issue. We are
>>using NT4 and XP on various machines here.
>>
>>So, then, in spite of that I did get a chance to install other
>>updates...and ran into this on one system (NT4) the download begins
>>(two updates being installed) and after each download, I get a
>>'Setup cancelled' message...not installed, 'go back and try
>>again'...
>>
>>haven't encountered this before.
>>
>>Thanks
>>
>>Michael
>>
>>>You are receiving this because your email address appears on our
>>>list of campus
>>>Security Contacts. It is NOT necessary for you to respond to this notice.
>>>
>>>THE PROBLEM
>>>
>>>A vulnerability in Microsoft Windows has recently been detected
>>>that constitutes
>>>a potential threat to the security of any machine running various
>>>versions of
>>>the Operating System. In particular, the following software is affected:
>>>
>>> Microsoft Windows NT 4.0
>>> Microsoft Windows NT 4.0 Terminal Services Edition
>>> Microsoft Windows 2000
>>> Microsoft Windows XP
>>> Microsoft Windows Server 2003
>>>
>>>The following is not affected by this vulnerability:
>>>
>>> Microsoft Windows Millennium Edition
>>>
>>>IMPACT
>>>
>>>The vulnerability would allow an attacker to gain complete control over an
>>>affected system, including installing programs, viewing, changing
>>>or deleting
>>>data, or creating new accounts with full privileges.
>>>
>>>WHAT SHOULD BE DONE BY THE ADMINISTRATOR OF AN AFFECTED MACHINE
>>>
>>>Microsoft has released a patch for this problem. Information
>>>about how to get
>>>the appropriate patch for each version of Windows is available at this URL:
>>>
>>>http://www.microsoft.com/security/security_bulletins/ms03-026.asp
>>>
>>>A tool is available that will scan machines on your network and detect which
>>>ones are vulnerable. It may be obtained from this site:
>>>
>>>http://www.eeye.com/html/Press/PR20030725.html
>>>
>>>--------------------------------------------------------------------------------
>>>NOTE: SNS will be sending individual notices to the contacts for
>>>specific hosts
>>>that we believe have already been compromised as a result of this
>>>vulnerability.
>>>--------------------------------------------------------------------------------
>>>
>>>TECHNICAL DESCRIPTION
>>>
>>>More detailed information about the vulnerability (including possible
>>>workarounds if a patch cannot be applied) may be obtained at this URL:
>>>
>>>http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-026.asp
>>>
>>>..........................
>>>System and Network Security
>>>
>>
>>
>>------------------------------------------------------------------------
>>The following was automatically added to this message by the list server:
>>
>>For information about Micronet, including subscribing to
>>or unsubscribing from its mailing list and finding out
>>about upcoming meetings, please visit the Micronet Web site:
>><http://micronet.berkeley.edu/>.
>>
>
>Technical Support Manager
>>*<>*<>*<>*<>*<>*<>*<>*<>*<>*<>*<>*<>*<>*<>*<>*<
>Richard & Rhoda Goldman School of Public Policy
>2607 Hearst Avenue, Room 110
>University of California
>Berkeley, CA 94720-7320
>510-643-7394 ph
>510-643-9657 fax
>mah_at_socrates.berkeley.edu
>http://gspp.berkeley.edu
-- ------------------------------ Michael Rimar Administrative Assistant UC Botanical Garden 200 Centennial Drive #5045 Berkeley, CA 94720-5045 (510) 642-0849 fax (510) 642-3012 ------------------------------ "There's no bad weather, only the wrong clothes" Scottish fisherman's proverb ------------------------------------------------------------------------ The following was automatically added to this message by the list server: For information about Micronet, including subscribing to or unsubscribing from its mailing list and finding out about upcoming meetings, please visit the Micronet Web site: <http://micronet.berkeley.edu/>.
This archive was generated by hypermail 2.1.5 : Thu Jul 31 2003 - 13:50:20 PDT