Admins run into trouble with Microsoft updates

By Bill Brenner, Senior News Writer 14 May 2007 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

At least one IT professional reported that after applying this month's patches to a bunch of domain controllers, the DNS service on one of them was failing repeatedly.

Even after you patch it your browser will [still] have security issues and if you have other mitigations in place, the rush should not be on to be the first to install. Susan Bradley, Microsoft MVP, SBS Diva blog

"I have it set to recover, so it comes back on, but it fails again after a few minutes," he said in a patch management email forum hosted by Roseville, Minn.-based Shavlik Technologies.

Meanwhile, Susan Bradley, a Microsoft MVP and IT administrator at Tamiyasu, Smith, Horn and Braun Accountancy Corp. in Fresno, Calif., wrote in her MS07-027, a cumulative update for Internet Explorer.

She said there are two issues with the patch -- Some Windows 2000 machines were being offered a 2004 patch, and some Vista machines were getting a "navcancl" error message after patching. As a temporary solution, she recommended IT administrators start Internet Explorer 7 using the following commands: start->run iexplore.exe -nohome -extoff; then right click on the toolbar area and click the menu bar if it's disabled; and then select tools->options->advanced->security->disable phishing filter.

Even though the Internet Explorer patch is rated critical, she said IT administrators should not hurry it onto their systems at the expense of thorough testing.

Microsoft updates: Microsoft issues critical updates, patches DNS zero-day flaw: Microsoft issued patches to plug 19 holes, including a critical zero-day DNS Server Service flaw as part of its monthly Patch Tuesday bulletin. DNS worm strikes at Microsoft flaw: A new worm called Rinbot.BC exploits the Microsoft DNS flaw by installing an IRC bot on infected machines and scanning for other vulnerable servers. Microsoft investigates DNS server flaw: Attackers could exploit a DNS flaw in Microsoft Windows 2000 Server and Windows Server 2003 and run malicious code on the system. A workaround is suggested until a patch is issued.

"Even after you patch it your browser will [still] have security issues and if you have other mitigations in place, the rush should not be on to be the first to install," she wrote in her blog. She said administrators should remember they are "installing changed code on a system that Microsoft CANNOT fully test for because they DO NOT have your system, your software, your surfing habits, etc."

Administrators are also reporting problems with WSUS following Microsoft's Tuesday patch release, which addressed 19 flaws that included a zero-day DNS server flaw and flaws in Microsoft Exchange, Internet Explorer, Microsoft Excel, Word and Office.

The WSUS team has been dealing for some time with a problem they call the 'svchost/msi issue.' One of the problems here is that during automatic patch updates on a Windows XP machine, CPU usage goes into overdrive. "Of course, the computer is virtually unusable" when that happens, someone using the name Foxy-Perth wrote on the Windows Update support forum.

The problem persists even though Microsoft has tried to address it will a hotfix.

Tags: Security Patch Management,  Network Protocols and Security,  Web Browser Security,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Security Patch Management Squad: Tokenization, Phishing and the Feds Should management processes change based on a patch release schedule? Should Windows Mobile updates come from Microsoft? Adobe updates ColdFusion, JRun, Flex Trusteer CEO criticizes Adobe, touts better patch deployments Patch management study shows IT taking significant risks Vulnerability mitigation study shows need for faster patching Microsoft to issue security report card, new tool at Black Hat How to manage patches for Adobe When is it suitable to remove Java updates? Network Protocols and Security Expert calls SSL protocol vulnerability a non issue How to prevent phishing attacks with social engineering tests How SSL-encrypted Web connections are intercepted DNSSEC deployment challenges can be overcome Microsoft issues SMB vulnerability advisory, patch pending Microsoft repairs Windows media, TCP/IP vulnerabilities How to test IPv6 infrastructures DNSSEC deployments gain momentum since Kaminsky DNS bug Kaminsky interview: DNSSEC addresses cross-organizational trust and security How to create secure Windows FTP automation Web Browser Security Microsoft fixes security update that breaks Internet Explorer Mozilla update repairs Firefox buffer overflow vulnerabilities Kaspersky system analyzes malicious URLs on Twitter for malware Silon malware intercepts Internet Explorer sessions, steals credentials Do Facebook URL security concerns justify blocking social networks? Phishing attacks to remain a major problem, say security experts Adrian Perrig: Improve SSL/TLS Security Through Education and Technology New Bahama botnet evades search engines, fuels click fraud SANS: Application threats, website flaws pose biggest security threats Mozilla helps Adobe push out faster patches Web Browser Security Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary attack vector  (SearchSecurity.com) back door  (SearchSecurity.com) ethical worm  (SearchSecurity.com) Patch Tuesday  (SearchSecurity.com) zero-day exploit  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary