Reapply Previous Patches?
Results 1 to 3 of 3

Thread: Reapply Previous Patches?

  1. #1
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002
    Posts
    830

    Reapply Previous Patches?

    One of the problem with Service Packs and Patches is that you never know if the next piece of software, or the next patch will overwrite a patched file and undo the repair you put in.

    It used to be our standard procedure on NT4 to reapply SP6a after installing just about any piece of software.

    Lately, I am seeing some systems that have been LONG patched against the Unchecked Buffer in Index Server ISAPI Extension Could Enable Web Server Compromise flaw (MS01-033) being infected with this new CodeRed.F worm.

    MS01-033 was one of the main vulnerabilities exploited by CodeRed. It has been superceded a few times with cumulative patches and it is listed in the Windows 2000 SP3 list of things fixed.

    Is anyone aware of any specific post-SP3 patch or hotfix on Windows 2000 that would undo this patch or somehow make a seemingly patched system vulnerable to CodeRed.F again?

  2. #2
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    I don't have an answer to your question... but

    I do the same thing with all my boxes. I install everything that I need to put on there when I configure it, and then I apply all the updates. If I install alot of software after the system has been patched... I'll start over.

    I'm not sure if you're supposed to do this, but people have told me to do it, so I have.

  3. #3
    Junior Member
    Join Date
    Mar 2003
    Posts
    5
    the only cure for the os instability caused by patching is to not patch at all - simply isolate your box of goodies, leaving the original system intact (thus gauranteeing the security of your private stuff), and connect to the net with an old beater. Any experimentation can then be objective and scientific - and fun as well. Unplug from the world, LAN to your real machine and voila - no more starting over (at least not with EVERYTHING...) I know that this sheds no light on the real matter at hand here, but it can maki it a bit less painless...
    [shadow]i don\'t know who i am anymore...[/shadow]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides