Home page logo

bugtraq logo Bugtraq mailing list archives

FW: URGENT: Freeze Distribution of IE 5.0, 5.0a, and 5.0b with th e 128-bit encryption pack
From: stace.cunningham () KEESLER AF MIL (Cunningham Stace D MSgt 2 AF/XPI)
Date: Mon, 13 Mar 2000 12:59:48 -0600

FYI in case people aren't aware yet...

-----Original Message-----
From: ieak () microsoft com [mailto:ieak () microsoft com]
Sent: Monday, March 13, 2000 10:49 AM
To: stace.cunningham () keesler af mil
Subject: URGENT: Freeze Distribution of IE 5.0, 5.0a, and 5.0b with the
128-bit encryption pack

IEAK Partners,

Microsoft has just discovered a serious problem when a user attempts to
install the 128-bit security patch for Internet Explorer 5.0, 5.0a and
5.0b on Windows 2000 as part of an IE5.0 IEAK package. After restarting
the system, users will not be able to logon to Windows 2000.

The instructions to incorporate the 128-bit security patch into IEAK
packages say you should use the command line switches: "/q:a /r:n /n:v"
The /n:v switch when used with ie5dom.exe (the 128-bit security patch for
5.0x) causes important security files on Windows 2000 to be replaced with
older files, preventing users from logging on.

Installations created using IEAK 5.0 for Windows 95, Windows 98, and
Windows NT4 systems with the ie5dom.exe, and these command line parameters
specified, are not affected.

It is critical that you freeze distribution of IE 5.0, 5.0a or 5.0b builds
that incorporate the 128-bit security patch with these switches. Please
take immediate action to help prevent more customers from encountering
this issue.

Please check
http://www.microsoft.com/windows/ieak/en/support/faq/default.asp and
Microsoft Knowledge Base (KB) article Q255669 for updates to this issue.
Note: It may take 24 hours from the original issuance of this bulletin for
the Microsoft Knowledge Base (KB) article related to this issue to be

We sincerely apologize for this inconvenience and thank you in advance for
your help in protecting end users.

Thank you, The IEAK Product Team

Checking to see if you have included this command-line switch:

To check a package for this issue:

Open your IEAK package in the IEAK Wizard and go to the Custom Components
screen. Examine each custom component. If you have included ie5dom.exe as
a custom component, check the command line switches for '/R:N /Q:A /N:V'


If you don't have the IEAK Wizard available to you:

1) Extract your custom IE 5.0x package by running this command line:
'ie5setup.exe /c /t:<path to an empty directory>'

2) Browse to the directory. Open 'iesetup.cif' in Notepad.

3) Look for a section like this:

DisplayName='128-bit Security'
Switches1='/R:N /Q:A /N:V'
Details='128-bit Securiy'

4) Examine for:

Switches1='/R:N /Q:A /N:V'

If you have this switch listed, immediately freeze distribution of this

  By Date           By Thread  

Current thread:
  • FW: URGENT: Freeze Distribution of IE 5.0, 5.0a, and 5.0b with th e 128-bit encryption pack Cunningham Stace D MSgt 2 AF/XPI (Mar 13)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]