Posted on 10/19/2005 10:54:59 AM PDT by Prime Choice
Some computer administrators are reporting issues with Microsoft's latest security update which is designed to fix a critical flaw in Windows.
The SANS Internet Storm Centre warned that in some cases security update MS05-051 will cause a host of problems, including blocking access to the Microsoft update website, displaying a blank log-in screen without icons, and issues with Office applications.
A Microsoft spokeswoman confirmed the glitch to vnunet.com, explaining that the problems are "isolated deployment issues" and that the company is working with the affected users to resolve the issue.
Microsoft issued the security bulletin and patch on 11 October. The bulletin describes a vulnerability rated 'critical' in the MSDTC and COM+ components of Windows. Unpatched systems are susceptible to attacks that could allow them to be taken over by cyber-criminals.
Early reports suggest that worm authors have already crafted malware that exploits the security hole described in the bulletin.
The problems with the security patch affect users that have changed the default settings of the COM+ catalog files, Microsoft said in a Knowledge Base article published on Friday.
The problem occurs in Windows XP, 2000 and Server 2003. The document also provides instructions on how to revolve the issue.
When the security patch is applied, it will prevent the firewall and Windows installer from starting. Windows will also display an empty 'network connections' folder and will not run any COM+ applications.
The Microsoft Component Object Model enables components inside Windows to communicate. The technology allows Word documents to dynamically exchange data with an Excel spreadsheet, for instance.
I've never been hosed by a Windows update - including these.
"Eh I from just down the lake in Buffalo... I Think, maybe, that youre a victim of our Zone.."
Hmmm, you're right, that's a toss up.
Actually, Cleveland sports has made me "toss up" more than once.
No real problems here, between thousands of workstations and hundreds of servers. We've already pushed the patch out to most all of them, I had one report this morning of a system that had to be reboot twice. I'll probably take this afternoon off, LOL.
Why...if it isn't the Whore of Redmond. Thanks for dropping by!
Notice it only affects those who have screwed with their COM+ settings. This is such a minority it hardly warrants a press release. But since it is the evil Microsoft it is an issue.
Really, then I'm glad I'm talking to a rocket scientist. I have no doubt that NASAs tasks are far more complicated than those of testing patches. That's not the problem. The problem is the sheer number of possible permutations of software installations, registry settings, group policy settings, file system permissions, network access types and protocols, etc... Think about this for a moment... Let's say that you've got WinXP, and there's a patch which effects say, 35 registry entries. Then figure that those registry entries interact with another 35 or so group policy settings. And then add in the changes in permissions for the file system, say the 14 different permissions... So, right off the bat, how many different test permutations do we have here? And that's just with the registry settings. We haven't even begun talking about the application and library file changes either. For example I remember one patch that broke systems that used an ATI driver, but only if it was set at a certain resolution and refresh rate.
I'm not making excuses for Microsoft, I'm being realistic.
Mark
LMAO, name calling is all you ever have. Shouldn't you be out patching all the new holes in Linux from the last couple of days?
http://lwn.net/Alerts/
Or at least looking for others in the open source code so you might actually beat the hackers to them?
Guess not. All you seem capable of are negative attacks and scowls.
Once again you show your sheer and utter ignorance! *ROTFLOL*
Sorry, Buzzy...those bugs are not in Linux. They're in third-party programs. Try again! And next time, please try talking out your mouth instead of your butt. *LOL*
By the way, where's your buddy Bush2000? He seems pretty quiet these days. *snicker*
And WHO is responsible for this level of complexity? Yes, there are many possible combinations and configurations. But it is a finite number. It is a LARGE finite number, but it is still a finite number. What I've seen is that Microsoft people are too intimidated by the complexity of their own code, they, like you, throw their hands up in the air and say: "well, there's nothing to be done about it."
I've seen it first hand -- Microsoft does not test their own code.
My eMachine has a notice that pops up everytime Microsmurf creates a patch. Since it wasn't convenient for us to reboot yesterday, I didn't download them. I just checked. It's the same one you're talking about. Guess I'm not going to download it. Thanks for the heads up : )
It's not LWN.NET's fault that you're a clueless idiot who can't tell the difference between an OS and third party applications.
Stop trying to pass the buck, fool.
Oh...or are you now going to say you were just "joking"? You know, like the last time you tried when I busted you for your ignorant ramblings regarding cryptographic hashing algorithms?
LOL, more names and insults from you as usual. Yep, waste your time trying to deny it if you want, but all those security holes are in all the different Linux distros, several being announced every day as of late. You better get to patching, because chances are there's going to be even more announced tomorrow.
Buzzy, if you didn't exist, someone would have had to invent you...just to show how utterly free of clue you Redmond shills truly are. Bless you!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.