Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Windows 2k SP2 breaks security fix should reapply
From: Eric <ews () tellurian net>
Date: Fri, 15 Jun 2001 12:01:20 -0700

Hmmm.. I took a Win2K Gold (no SP) machine, installed all hotfixes for the OS and IIS5 (including the 01-026 patch). I then installed SP2 and tested for the double decode bug - the machine was not vulnerable.

I then compared all the files that came with MS01-026 (IIS5) to the files that were on the system (after the SP2 install and a reboot). I compared fileversion and checksum of each file from the hotfix to the files on the system and found that all the MS01-026 files are still on the box - both before and after SP2 install.

SP2 will delete the registry key that is installed by MS01-026 (HKLM\Software\Microsoft\Updates\Windows 2000\SP2\Q293826) - maybe causing hfcheck.exe to report that the hotfix has not been applied, however, all the relevant files are on the system.

As far as I can tell, SP2 does not break the patch - and there is no need to re-install the patch if you installed it prior to SP2.

--eric

At 04:56 PM 6/13/2001 -0500, Colby Rice wrote:
SP2 allows the decoding bug to work
SP2 breaks the following patch and it should be reinstalled.

http://www.microsoft.com/technet/security/bulletin/MS01-026.asp


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault