MS05-051 (902400) breaks XP SP2

[Guest]

Hi,

After installing MS MS05-051 (902400) on my fully patched XP SP2 i've seen
quite a few issues:

-when logging on with non-admin account, explorer.exe didn't start (no
taskbar, no start menu...). When logging on with local admin rights this
doesn't happen.
- clicking on search on start menu doesn't bring up search window
- when trying to uninstall programs i get an error saying that windows
installer couldn't be contacted
- network connections folder is empty (there should be few LAN and dial-up
connections)
- LAN connection icon is not shown in system tray (although it should be),
but connection is available
- can't use windowsupdate website
- sophos client (v 5.0) doesn't start

Uninstalling the patch resolves all the issues and brings computer to
noraml. Computer is running in a Windows 2003 domain. All other patches from
this months cycle work fine. This happens on 4 test boxes, all different
hardware. Anybody knows how to resolve this?

Also, I've heard 902400 patch is bundled of two patches, one for XP SP1
which is critical, other for XP SP2 which is moderate risk. Does anybody know
more about this?

Thanks,


Dudo

 

[Guest]

We have the same issues on several Notebooks here at our site. We stoped
deploying the patch untill we can find an answer. I think MS needs to
evaluate this closer.

 

[Guest]

Hi,

I have the samilar problems in two networks after automatically updated. All
windows XP sp2 workstations have been fully patched using WSUS.

Can those updates be uninstalled by changing the approval in WSUS?

Regards,

Bo

 

[Guest]

We fixed the problem by the following accation

Implementation of Microsoft Security Patch MS-05051 restricted non admin
users to logon to their systems. The solution to remediate this problem is
to add Authenticated Users into ‘Bypass Traverse Checking'

Our domain removed this as a domain GPO. When we added the Authenticated
Users all was well.

 

[Torgeir Bakken \(MVP\)]

Hi,

I have the samilar problems in two networks after automatically updated. All
windows XP sp2 workstations have been fully patched using WSUS.

Can those updates be uninstalled by changing the approval in WSUS?

Hi,

No, you will need to do the uninstall locally on each computer.

 

[Guest]

I've created new GPO, linked it to OU where my computers are located, edited
‘Bypass Traverse Checking' settings to include both Everyone and
Authenticated Users, updated GP on a computer, but it didn't solve any of the
problems I've had. Any other thoughts?

Dudo

 

[Guest]

We needed wait for replacation and also we found that some workstations
needed to be rebooted twice before the policy would take effect

 

[cjheck]

Did anyone have any issues doing system restore on the machines after
applying this update? We seem to be getting Restore Incomplete.

 

[Guest]

I also encountered the same problem with the empty network connections
folder, LAN connection icon is not shown in system tray and can't use windows
update website. The fix was to add the default settings back in the User
Rights Assignment under Local Policies. I believe the setting causing the
problem was for Bypass Traverse Checking.

 

[Guest]

Seems that Microsoft's team is aware of this issue They released a
security advisory today which provides solution.

Security Advisory (909444)

- Title: Various Issues After Installing Microsoft Security
Bulletin MS05-051 on Systems That Have Non-default
File Permissions


- Web site: http://go.microsoft.com/fwlink/?LinkId=55088