|
Cudni
Anon
2003-Apr-16 2:17 pm
Buffer Overrun in Windows Kernel Message» www.microsoft.com/techne ··· -013.asp"..Summary Who should read this bulletin: Administrators of Microsoft® Windows NT® 4.0, Windows® 2000 and Windows® XP systems. Impact of vulnerability: Local Elevation of Privilege Maximum Severity Rating: Important Recommendation: Customers should install the patch at the earliest opportunity. Affected Software: Microsoft Windows NT 4.0 Microsoft Windows NT 4.0 Server, Terminal Server Edition Microsoft Windows 2000 Microsoft Windows XP ...." Cudni |
|
Lucky5 Premium Member join:2002-07-24 Desert Floor |
Lucky5
Premium Member
2003-Apr-16 2:29 pm
Thanks for the heads up Cudni. Link for more info: » microsoft.com/technet/tr ··· -013.asp |
|
dave Premium Member join:2000-05-04 not in ohio
|
dave to Cudni
Premium Member
2003-Apr-16 3:41 pm
to Cudni
Note that the bug requires that someone log in interactively before they can exploit this bug; i.e., they have to be sitting at your PC console, or you have to be running Terminal Server and they're using that to log in.
i.e., no real panic for home users.
[text was edited by author 2003-04-16 15:41:30] |
|
jansson_markMarkus Jansson Premium Member join:2001-08-05 Finland
|
said by dave: Note that the bug requires that someone log in interactively before they can exploit this bug; i.e., they have to be sitting at your PC console, or you have to be running Terminal Server and they're using that to log in. i.e., no real panic for home users.
On the contrary...concidering the totally insecure default settings and generan stupidit...I mean ignorance...of the Windows operating system and security, home users should really panic. But then again, I bet the insecure default settings and the lack of knowledge is the real reason to panic, not this particular vulnerability... Besides, most users of WindowsXP always logon as admins so... |
|
bcool Premium Member join:2000-08-25
|
to Lucky5
too soon to make any blank statements here, but I just installed this patch and my system seems very sluggish now. It's not my imagination. I won't panic yet. Maybe this will work itself out. |
|
dave Premium Member join:2000-05-04 not in ohio |
dave to Cudni
Premium Member
2003-Apr-16 10:46 pm
to Cudni
That log doesn't appear to say anything more than "we replaced the OS kernel". |
|
dave
2 recommendations |
to jansson_mark
said by jansson_mark: concidering the totally insecure default settings and generan stupidit...
Why on earth do you use Windows? You don't seem to do anything else but complain about it. |
|
mrbrimi join:2000-02-15 Woodstock, ON |
to bcool
Same problem here (Windows XP Home Edition) had to remove. Have seen similar complaints in Microsoft newsgroups. Looks like there is a definite problem with this update. |
|
bcool Premium Member join:2000-08-25
|
bcool to dave
Premium Member
2003-Apr-16 11:05 pm
to dave
said by dave: That log doesn't appear to say anything more than "we replaced the OS kernel".
the failed items did not catch your attention or are nothing of interest? Which? |
|
bcool
|
to mrbrimi
said by mrbrimi: Same problem here (Windows XP Home Edition) had to remove. Have seen similar complaints in Microsoft newsgroups. Looks like there is a definite problem with this update.
well that is at least some relief. I'll check the MSNG and see what's up. Thanks! [text was edited by author 2003-04-16 23:08:33] |
|
|
dave Premium Member join:2000-05-04 not in ohio
|
dave to bcool
Premium Member
2003-Apr-16 11:19 pm
to bcool
said by bcool: the failed items did not catch your attention or are nothing of interest?
I rather skipped over them, thinking that they were irrelevant, since I was assuming that ONLY the kernel was involed anyway. Maybe that was a bad assumption; I'm downloading a copy of the patch to see what's in it. Stay tuned... Oh, damn, it's an .EXE file. I don't want to install it. Can I get to look at the contents before installation? [text was edited by author 2003-04-16 23:26:07] |
|
bcool Premium Member join:2000-08-25 |
bcool
Premium Member
2003-Apr-16 11:25 pm
Thank you Dave. I've looked over at the XP News GRP and there a couple of others popping up indicating problems. Windows XP H.E. here. |
|
|
to Cudni
I will definitely stay tuned to this thread. I d/l the patch this afternoon but haven't installed it yet. i usually wait a while to see if there is a problem, and from the sound of it, there is with this one. If anyone finds out what the problem is or hears anything more, I do presume that it will be posted here for all of us to see too. I am sorry that you had a problem, bcool and mrbrimi, but I guess bringing it to the attention of this forum has also alerted others to potential difficulties. Thumbs up to you for that, although that seems a horrible thing to give a thumbs up toward. |
|
bcool Premium Member join:2000-08-25 |
bcool to dave
Premium Member
2003-Apr-16 11:41 pm
to dave
Dave, I guess you know that Winzip will extract the contents for you. I usually can do it with these MS patches using Winzip. |
|
dave Premium Member join:2000-05-04 not in ohio |
dave to Cudni
Premium Member
2003-Apr-16 11:42 pm
to Cudni
I don't have WinZip on the machine though (never needed it on XP until now) and it's bed time... |
|
|
to jaykaykay
said by jaykaykay: ...I usually wait a while to see if there is a problem, and from the sound of it, there is with this one...
I agree with this approach, especially given the several Windows Update issues recently. In fact, it's been about a week now since that MicrosoftVM update, which, appears to have been okay. So, I'll be heading over to get that one and waiting on this one. |
|
bcool Premium Member join:2000-08-25
|
bcool to dave
Premium Member
2003-Apr-17 12:39 am
to dave
said by dave: I don't have WinZip on the machine though (never needed it on XP until now) and it's bed time...
Patched Kernel Files: ntoskrnl.exe,ntkrpamp.exe,ntkrnlpa.exe,ntkrnlmp.exe well then for tomorrow. Here are two .inf files one from folder marked SP1 and one SP2. Each of the set of kernel files has a different version number. I made note of the version number in the attached .inf files. You may see something I don't. It's almost Greek to me Sleep well. [text was edited by author 2003-04-17 00:49:45] |
|
bcool
|
to LowWaterMark
note to self: do not be the first to install anything just because it's located on microsoft.com
oh well, the uninstall appears to have worked well. |
|
SkipdawgThe Original
join:2001-04-19 Mount Vernon, WA |
to Cudni
Do a defrag after this one. It seems to shuffle things some. After defrag I was good to go again. |
|
catseyenuAck Pfft Premium Member join:2001-11-17 Fix East |
Skip, you're running 2k, right? |
|
antdudeMatrix Ant Premium Member join:2001-03-25 US
|
to bcool
said by bcool: too soon to make any blank statements here, but I just installed this patch and my system seems very sluggish now. It's not my imagination. I won't panic yet. Maybe this will work itself out. -- "in flagrante delicto" EDIT: I uninstalled this patch and my system returned to normal. Does anyone care to review the attached log and venture a guess???? Please.
On msnews.microsoft.com news server, I read a lot of people are having this slowdown problem. See » www.google.com/groups?nu ··· e+Search and » www.google.com/groups?as ··· 00&hl=en for some threads. I have no problems though on my production and test machines. Maybe the special hot fix (Q815411) to fix the slow down problem, in SP1, doesn't show the slow down: » slashdot.org/article.pl? ··· &tid=201 ... [text was edited by author 2003-04-17 04:22:10][text was edited by author 2003-04-17 04:22:54] |
|
Khaine join:2003-03-03 Australia |
to Cudni
Thanks, Downloading Now ... I hope it doesn't affect win2k |
|
Hutchy Premium Member join:2000-10-14 australia430 |
Hutchy
Premium Member
2003-Apr-17 4:38 am
Thanks... Downloaded and Installed, rebooted no side effects here at all. |
|
bcool Premium Member join:2000-08-25
|
to antdude
I already had Q815411 installed before I applied the 811493 patch. Hmmm... let me read the articles and see what's up. (Anyway, thanks for the resources.)
EDIT: Would be interesting to see if the common denominator in this problem security patch (811493) is Q815411, ntdll.dll, ver. 5.1.2600.1177, 2-28-03 The revised bulletin for Q815411 makes it much clearer that the patch is not needed by the majority of users. Wonder if 811493 creates a conflict with Q815411? Hmmmmm? [text was edited by author 2003-04-17 06:44:21] |
|
Lucky5 Premium Member join:2002-07-24 Desert Floor |
to Khaine
said by Khaine: I hope it doesn't affect win2k
Ran fine on my W2k test machine, and all three "work" machines, seems to only be a problem with XP. Will wait to update my XP. |
|
Hutchy Premium Member join:2000-10-14 australia430 |
Hutchy
Premium Member
2003-Apr-17 8:31 am
said by Hutchy: Thanks...
Downloaded and Installed, rebooted no side effects here at all.
I forgot to tell you all My OS is WinXP Pro. |
|
Lucky5 Premium Member join:2002-07-24 Desert Floor |
Lucky5
Premium Member
2003-Apr-17 9:01 am
said by Hutchy: I forgot to tell you all My OS is WinXP Pro.
Could it be just a problem with XP Home? |
|
dib22 join:2002-01-27 Kansas City, MO |
to Cudni
nope im on xp pro and it dogged me down...
a system restore had me fixed back up...
wonder if its cpu specific... im on Athlon XP 1.47gig |
|
antdudeMatrix Ant Premium Member join:2001-03-25 US |
to Lucky5
said by Lucky5:
said by Hutchy: I forgot to tell you all My OS is WinXP Pro.
Could it be just a problem with XP Home?
I have XP Home at work. I don't notice a slow down, but then it's a P4 3 Ghz! |
|
mrbrimi join:2000-02-15 Woodstock, ON |
mrbrimi
Member
2003-Apr-17 11:33 am
Mine was Windows XP Home on a Dell Dimension XPS T550 (Pentium 3 at 550 MHz). Believe me it was S-L-O-W. |
|