The following information was forwarded to me in a security newsletter that I receive on a daily basis.
I am forwarding it to the list in an attempt to help those who may have been the target of those patches which have been applied over the last two weeks. Bruce Barnes ChicagoNetTech Inc Microsoft SSL patch causes system slowdowns Paul Roberts 04/30/2004 Microsoft has admitted that a recent software patch for its Windows operating system is causing some Windows 2000 machines to stop responding after it is installed. Some systems that use the security update, MS04-011, stop responding when they start up, prevent users from logging on to Windows, or bog down, Microsoft said. The security patch was released on 13 April and fixes a number of holes in Windows, including problems with Windows implementation of Secure Sockets Layer (SSL), a protocol frequently used to secure communications between servers and clients on public networks and the internet. Included in the patch is a fix for a buffer overrun in the Private Communications Transport (PCT) protocol, which is part of Microsoft's SSL library. PCT is a protocol in that library that was developed by Microsoft and Visa International to conduct encrypted communication on the internet. Shortly after Microsoft released that patch, malicious code that could be used to trigger the PCT buffer overflow and compromise Windows systems appeared on the internet. In recent days, security companies warned of widespread attacks that use the exploit code, though the code has not yet been tied to a virus or Internet worm. An attacker who could exploit the PCT hole could take complete control of affected systems, installing programs, viewing, modifying or deleting data or changing user access to the system. Since releasing the patch, Microsoft has encouraged customers to apply the it as soon as possible. However, now it appears that the patch comes with its own problems. Microsoft said that a software change in the patch causes Windows 2000 systems to repeatedly try to load drivers that cannot load successfully, causing the hangups. (See: http://support.microsoft.com/default.aspx?scid=kb;EN-US;841382.) The company listed three software drivers that, if installed, make Windows 2000 systems susceptible to the slowdowns. Microsoft also described specific problems and a work-around procedure for Windows systems that have Nortel Networks' virtual private network client installed. However, Microsoft acknowledged that the slowdowns may occur with other combinations of drivers and services that do not load successfully. Microsoft said it is researching the slowdown problem and will release more information when it is available. Original article: http://www.computerweekly.com/articles/article.asp?liArticleID=130288&liFlav ourID=1&sp=1 To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
