Microsoft Security Bulletin MS03-039 -

[Willit]

Thank's for the heads up notice !!!!!!!!!!

-----Original Message-----
Please note: Windows ME and Windows 9.x systems are not affected by this!

Title: Buffer Overrun In RPCSS Service Could Allow Code Execution (824146)
Date: September 10, 2003
Software: Microsoft Windows NT Workstation 4.0; Microsoft

Windows NT Server 4.0; Microsoft Windows NT Server 4.0,
Terminal Server Edition; Microsoft Windows 2000; Microsoft
Windows XP; Microsoft Windows Server 2003

Impact: Run code of attackers choice
Maximum Severity Rating: Critical
Bulletin: MS03-039

The Microsoft Security Response Center has released

Microsoft Security Bulletin MS03-039

What Is It?
The Microsoft Security Response Center has released

Microsoft Security Bulletin MS03-039 which concerns a
vulnerability in the versions of Microsoft Windows listed
above.

Microsoft has released a tool that can be used to scan a

network for the presence of systems which have not had the
MS03-039 patch installed. More details on this tool are
available in Microsoft Knowledge Base article 827363. This
tool supersedes the one provided in Microsoft Knowledge
Base article 826369 which was developed to scan systems
for the vulnerability patched by MS03-026.

More information is now available at http://www.microsoft.com/technet/security/bulletin/MS03-
039.asp

In an effort to better communicate with our customers,

Microsoft will also be conducting a Webcast to provide
guidance on Protecting Your PC and details of MS03-039.
http://www.microsoft.com/usa/webcasts/upcoming/2373.asp

If you have any questions regarding the patch or its

implementation after reading the above listed bulletin you
should contact Product Support Services in the United
States at 1-866-PCSafety (1-866-727-2338). International
customers should contact their local subsidiary.

 

[Chris Higgins]

I am unable to install the patch from Windows Update. I
get the following error:
"The following items failed to install. To try installing
them again, click Review and install updates, and then
click Install Now again.

Security Update for Windows XP (KB824146)"

Any ideas? I looked at the log file and there is a ton of
errors... Here are just a few of the lines:

LoadFileQueues: SetupGetSourceFileLocation for halacpi.dll
failed: 0xe0000102
***
CreateUninstall = 1,Directory =
C:\WINDOWS\$NtUninstallKB824146$
***
ref tag c:\windows\system32\sp4.cab does not exist
***
ref tag c:\windows\system32\sp3.cab does not exist
***
ref tag c:\windows\system32\sp2.cab does not exist
***
ref tag c:\windows\system32\sp1.cab does not exist
***
ref tag c:\windows\system32\driver.cab does not exist
***
ref tag c:\windows\system32\fp40ext.cab does not exist
***
ref tag c:\windows\system32\fp40ext1.cab does not exist
***
ref tag c:\windows\system32\wms4.cab does not exist
***
ref tag c:\windows\system32\wms41.cab does not exist
***
ref tag c:\windows\system32\ims.cab does not exist
***
ref tag c:\windows\system32\ims1.cab does not exist
***
ref tag c:\windows\system32\ins.cab does not exist
***
ref tag c:\windows\system32\ins1.cab does not exist
***
AnalyzePhaseZero used 0 ticks
***
No c:\windows\INF\updtblk.inf file.

Thanks!
Chris