FOR MS EXPERT: BUG in Defs 5721?

[bk]

After using the auto-updater to update to Defs 5721,
I ran the FCIV utility in

http://support.microsoft.com/kb/841290/

on the file "gcThreatAuditScanData.gcd". I got
values of MD5 and SHA-1 different from those in

http://support.microsoft.com/default.aspx?scid=kb;en-
us;892519

What does that tell you?

 

[Bill Sanderson]

Are the dates and times and sizes of those files consistent with 5721?
Unfortunately, the equivalent hashes for the last update aren't available.

I'd offer to send them to you from some machines I can check, but I haven't
been able to make the FCIV utility give me any results on my own machine!

In general, if you get the wrong hashes, something is wrong. Either the
files are corrupted in download, or the article is wrong, or you have a
different file--i.e. not 5721.

 

[Steve Dodson [MSFT]]

What hash are you getting for the files?

--
-steve

Steve Dodson [MSFT]
MCSE, CISSP
PSS Security

--

This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this
message are best directed to the newsgroup/thread from which they
originated.

 

[Rusty]

Something changed today because update now works on both of my machines and
the hashes now match 892519

Thanks!

What hash are you getting for the files?

--
-steve

Steve Dodson [MSFT]
MCSE, CISSP
PSS Security

--

This posting is provided "AS IS" with no warranties, and confers no
rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this
message are best directed to the newsgroup/thread from which they
originated.

After using the auto-updater to update to Defs 5721,
I ran the FCIV utility in

http://support.microsoft.com/kb/841290/

on the file "gcThreatAuditScanData.gcd". I got
values of MD5 and SHA-1 different from those in

http://support.microsoft.com/default.aspx?scid=kb;en-
us;892519

What does that tell you?

 

[Bill Sanderson]

Thanks for letting us know--I've got your other message flagged trying to
come up with some useful response, but I haven't!
--

Something changed today because update now works on both of my machines
and the hashes now match 892519

Thanks!

What hash are you getting for the files?

--
-steve

Steve Dodson [MSFT]
MCSE, CISSP
PSS Security

--

This posting is provided "AS IS" with no warranties, and confers no
rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this
message are best directed to the newsgroup/thread from which they
originated.

After using the auto-updater to update to Defs 5721,
I ran the FCIV utility in

http://support.microsoft.com/kb/841290/

on the file "gcThreatAuditScanData.gcd". I got
values of MD5 and SHA-1 different from those in

http://support.microsoft.com/default.aspx?scid=kb;en-
us;892519

What does that tell you?

 

[Jason McKinnon]

Bill,

I am guessing that there was a mismatch between some load-balanced servers,
as mine updated for the last time this morning as well, and I am also no
longer having to redownload the same signature file ad infinitum.

So, if the person responsible for fixing it is reading this... Thanks
muchly.

(Now if that person can speak to the people who can fix the NSIS false
positives, that would really make my day)

Thanks again,
Jason

Thanks for letting us know--I've got your other message flagged trying to
come up with some useful response, but I haven't!
--

Something changed today because update now works on both of my machines
and the hashes now match 892519

Thanks!

What hash are you getting for the files?

--
-steve

Steve Dodson [MSFT]
MCSE, CISSP
PSS Security

--

This posting is provided "AS IS" with no warranties, and confers no
rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this
message are best directed to the newsgroup/thread from which they
originated.
After using the auto-updater to update to Defs 5721,
I ran the FCIV utility in

http://support.microsoft.com/kb/841290/

on the file "gcThreatAuditScanData.gcd". I got
values of MD5 and SHA-1 different from those in

http://support.microsoft.com/default.aspx?scid=kb;en-
us;892519

What does that tell you?

 

[Bill Sanderson]

Well - you got Steve Dodson's attention, anyway. I think that should be
enough to get the NSIS issue fixed.
--

Bill,

I am guessing that there was a mismatch between some load-balanced
servers,
as mine updated for the last time this morning as well, and I am also no
longer having to redownload the same signature file ad infinitum.

So, if the person responsible for fixing it is reading this... Thanks
muchly.

(Now if that person can speak to the people who can fix the NSIS false
positives, that would really make my day)

Thanks again,
Jason

Thanks for letting us know--I've got your other message flagged trying to
come up with some useful response, but I haven't!
--

Something changed today because update now works on both of my machines
and the hashes now match 892519

Thanks!


What hash are you getting for the files?

--
-steve

Steve Dodson [MSFT]
MCSE, CISSP
PSS Security

--

This posting is provided "AS IS" with no warranties, and confers no
rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to
this
message are best directed to the newsgroup/thread from which they
originated.
After using the auto-updater to update to Defs 5721,
I ran the FCIV utility in

http://support.microsoft.com/kb/841290/

on the file "gcThreatAuditScanData.gcd". I got
values of MD5 and SHA-1 different from those in

http://support.microsoft.com/default.aspx?scid=kb;en-
us;892519

What does that tell you?