mailing list archives
Invalid URL vulnerability & SP4 > (Additional Information)
From: "Givens, Mike" <MGivens () AEGONUSA COM>
Date: Fri, 8 Sep 2000 09:10:11 -0500
Here is something I received from the "other" bugtraq list I belong to.
working on NT should/would like to know this !
Post From: Karl Knibbs
Just a quick note regarding MS00-063 (invalid URL vulnerability) and Service
Pack 4. It don't work!
Having obtained the fix from product support I went through my usual round
of testing on my development servers before updating production servers. On
both of my servers still on SP4 the replaced kernel caused a STOP on boot.
On contacting PSS it was confirmed (eventually) that this is a post SP6a
fix. This however is not noted in the security bulletin.
Recovery of these machines was quite a simply affair of replacing the
kernel32.dll in system32 with the back-up placed in the
I have not as of yet tested with SP5 although I have applied to several SP6a
machines without problems.
- Invalid URL vulnerability & SP4 > (Additional Information) Givens, Mike (Sep 08)