March 28th, 2003, 03:31 AM
Reapply Previous Patches?
One of the problem with Service Packs and Patches is that you never know if the next piece of software, or the next patch will overwrite a patched file and undo the repair you put in.
It used to be our standard procedure on NT4 to reapply SP6a after installing just about any piece of software.
Lately, I am seeing some systems that have been LONG patched against the Unchecked Buffer in Index Server ISAPI Extension Could Enable Web Server Compromise flaw (MS01-033) being infected with this new CodeRed.F worm.
MS01-033 was one of the main vulnerabilities exploited by CodeRed. It has been superceded a few times with cumulative patches and it is listed in the Windows 2000 SP3 list of things fixed.
Is anyone aware of any specific post-SP3 patch or hotfix on Windows 2000 that would undo this patch or somehow make a seemingly patched system vulnerable to CodeRed.F again?
March 28th, 2003, 03:54 AM
I don't have an answer to your question... but
I do the same thing with all my boxes. I install everything that I need to put on there when I configure it, and then I apply all the updates. If I install alot of software after the system has been patched... I'll start over.
I'm not sure if you're supposed to do this, but people have told me to do it, so I have.
March 28th, 2003, 05:14 AM
the only cure for the os instability caused by patching is to not patch at all - simply isolate your box of goodies, leaving the original system intact (thus gauranteeing the security of your private stuff), and connect to the net with an old beater. Any experimentation can then be objective and scientific - and fun as well. Unplug from the world, LAN to your real machine and voila - no more starting over (at least not with EVERYTHING...) I know that this sheds no light on the real matter at hand here, but it can maki it a bit less painless...
[shadow]i don\'t know who i am anymore...[/shadow]