Win2k disabled after loading sasser patch

[Dan]

Today I went to the MS site & dl'd Windows2000-KB835732-x86-ENU.EXE for
my win2k machine (gateway athlon 1100). I had recently run these
patches for my inlaws on a win2k laptop & a brand new xp desktop, no
problems. On rebooting after the install on my pc though, the machine
locked at the windows password point. I have no windows password, and
in any event the box was dimmed; couldn't have entered one if I did have
it. After a few minutes, I ctrl/alt/deleted, after which it proceeded
to "loading personal settings" where it sat quite awhile. I left the
machine for about 1 hour, when I came back, windows had loaded, but was
sitting on WE (I have a shortcut to WE in my startup) with the
"searching" flashlight looking for I don't know what. I couldn't reboot,
so I powered down. After a few more of these sequences, I ran repair
(not full reinstall, but repair) from the win2k cd & the system now
seems OK. I have no idea if it has the sasser patch or not, & I'm leery
to run the patch install again. Any ideas what's going on with this?
At this point I'm not even sure what "service pack" I have (install disk
is fairly old). I did have sp4 prior to this event. Should I install
sp4 just to be sure then try the patch again? I see after the repair I
have reverted to IE 5 (probably what's on the win2k install cd) so I'm
wondering what else I should update (again, sp4?)

TIA

Dan

 

[Bojidar Alexandrov]

wondering what else I should update (again, sp4?)

Again IE6, then service pack and updates....

 

[Bruce Chambers]

Greetings --

It's a known issue on a small percentage of systems:

Your Windows 2000-based computer stops responding, you cannot log on
to Windows, or your CPU usage for the System process approaches 100
percent

http://support.microsoft.com/default.aspx?kbid=841382


Bruce Chambers

--
Help us help you:




You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH

 

[Dan]

Thanks Bruce, I'll check it out.\

Dan

Greetings --

It's a known issue on a small percentage of systems:

Your Windows 2000-based computer stops responding, you cannot log on
to Windows, or your CPU usage for the System process approaches 100
percent

http://support.microsoft.com/default.aspx?kbid=841382


Bruce Chambers

--
Help us help you:




You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH

 

[Bruce Chambers]

Greetings --

You're welcome. Unfortunately, the fix isn't quite ready for
prime time.

Bruce Chambers

--
Help us help you:




You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH

 

[Dan]

Well from my experience, neither is the 835732 update. After running
repair & reinstalling SP4 (as well as 2 days of re-configuring,
reloading, and general f'ing around) I'm ok, but I really think the page
for this update should have stated the possible problems with
implementing it MUCH more clearly. Though it did list Microsoft
Security Bulletin MS04-011 under a small "related resources" window (and
even MS04-011 only contains the mildly worded sentence & link "Microsoft
Knowledge Base Article 835732 documents the currently known issues...",
which if clicked on finally takes you to the actually particulars of the
potential problems with the update) the page where I dl'd the patch made
no mention whatever of possible difficulties. I know it was stupid of
me not to have read ALL the fine print associated with the patch, and to
have assumed M$ actually thoroughly tested this thing before releasing
it, especially as it addresses EXISTING security oversights on their
part. Given the fact the patch can render a win2k machine unusable, a
bold red print WARNING! messages beginning on the dl page itself would
seem appropriate. I guess I have a choice now, to take my chances with
the malicious minions of the Internet which may take advantage of the
vulnerabilites, or to risk more of M$'s "help". I think in this case
I'll opt for the former.

Thanks again.

Dan

 

[Mistoffolees]

Well from my experience, neither is the 835732 update. After running
repair & reinstalling SP4 (as well as 2 days of re-configuring,
reloading, and general f'ing around) I'm ok, but I really think the page
for this update should have stated the possible problems with
implementing it MUCH more clearly. Though it did list Microsoft
Security Bulletin MS04-011 under a small "related resources" window (and
even MS04-011 only contains the mildly worded sentence & link "Microsoft
Knowledge Base Article 835732 documents the currently known issues...",
which if clicked on finally takes you to the actually particulars of the
potential problems with the update) the page where I dl'd the patch made
no mention whatever of possible difficulties. I know it was stupid of
me not to have read ALL the fine print associated with the patch, and to
have assumed M$ actually thoroughly tested this thing before releasing
it, especially as it addresses EXISTING security oversights on their
part. Given the fact the patch can render a win2k machine unusable, a
bold red print WARNING! messages beginning on the dl page itself would
seem appropriate. I guess I have a choice now, to take my chances with
the malicious minions of the Internet which may take advantage of the
vulnerabilites, or to risk more of M$'s "help". I think in this case
I'll opt for the former.

Thanks again.

Dan

Experience still remains the best teacher. Always useful
to have a test machine to play with instead of having to
install the updates on working units.

 

[Dan]

How right you are. I have a dual boot/2 hdd machine, on which until
very recently I had run 2 installs of win2k (one on each hdd) for this
very reason. It's the next best thing to 2 completely separate machines,
if nothing else, I can always get online with the 2ndary OS to ask
questions/look for resources. But because of some recent changes, at
the time I installed this patch I was only running one OS. I'm now back
to 2 ;-)

Dan

Mistoffolees wrote:

 

[WoofWoof]

Experience still remains the best teacher. Always useful
to have a test machine to play with instead of having to
install the updates on working units.

Gee ... just like real beta-testers! -)

 

[Ben-Zion Joselson]

A few comments:
1. With a good firewall and an updated anti-virus
software, you are quite well protected against most of the
vulnerabilities of M$ Windows O/S's, even without
installing the dubious MS04-011 Security Update and its
predecessors, PROVIDED THAT you apply the "Workarounds"
listed for each vulnerability in the Microsoft Security
Bulletin MS04-011
http://www.microsoft.com/technet/security/bulletin/ms04-
011.mspx
and in earlier articles, e.g.
http://support.microsoft.com/default.aspx?kbid=824146

The advantage is that each "Workaround" can be tested
separately for any ill-effects, unlike the complete MSnn-
0mm patches.

2. I thought I was original in October 2000 when I ordered
a dual-boot dual-hdd IBM workstation with both disks
populated with Windows 2000!...
In fact, redundancy is essential for reliability, and it
is always safe to keep one foot on the ground. Use one O/S
to test a new Service-Pack or a new Patch, and the other
to obtain Internet support and to enable "First Aid" to
damaged system files or registry of the tested O/S if
tests fail. It is much easier than the Recovery Console
introduced by M$ for just this purpose.

3. Needless to say, routine defragmentation and similar
cleanup activities are much simpler to run from each O/S
applied to the other hdd, in a "You Scratch My Back and
I'll Scratch Yours" manner, because no system files are
locked in this mode.

4. Perhaps M$ should follow Intel's Processor
Hyperthreading example, and introduce a Dual-Drive version
for its Operating Systems, such that will automatically
install them in a dual-boot manner on two partitions (in a
single hdd computer) or on two hdds if exist.

 

[Ghostrider]

Mistoffolees wrote:




Gee ... just like real beta-testers! -)

That's what we all are when it comes to installing patches.
After MS-DOS 6.22, Windows 9X, NT, 2000 XP, etc., are all
betaware...too many lines of code to allow perfect debugging.