ANN: Out-of-band Security Update to be released 23 Oct-08

[Guest PA Bear [MS MVP]]

Microsoft Security Bulletin Advance Notification for October 2008

http://www.microsoft.com/technet/security/...n/ms08-oct.mspx

 

<QP>

This is an advance notification of an out-of-band security bulletin that

Microsoft is intending to release on Thursday, 23 October 2008.

 

Critical Security Bulletin (1)

============================================================

 

Windows Bulletin

 

- Affected Software:

 

- Microsoft Windows 2000 Service Pack 4

- Windows XP Service Pack 2 and Windows XP Service Pack 3

- Windows XP Professional x64 Edition and Windows XP Professional x64

Edition Service Pack 2

- Windows Server 2003 Service Pack 1 and Windows Server 2003 Service

Pack 2

- Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition

Service Pack 2

- Windows Server 2003 with SP1 for Itanium-based Systems and Windows

Server 2003 with SP2 for Itanium based Systems

- Windows Vista and Windows Vista Service Pack 1

- Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1

- Windows Server 2008 for 32-bit Systems (Windows Server 2008 Server

Core installation affected)

- Windows Server 2008 for x64-based Systems (Windows Server 2008 Server

Core installation affected)

- Windows Server 2008 for Itanium-based Systems

 

- Impact: Remote Code Execution

- Restart Requirement: The update requires a restart

- Version Number: 1.0

 

© 2008 Microsoft Corporation

</QP>

 

Microsoft will host a webcast to address customer questions on this

out-of-band security bulletin on October 23, 2008, at 1:00 PM Pacific Time

(US & Canada). Register for this out-of-band Security Bulletin Webcast at

the link above.

 

[Crossposted to Security, Security Home Users, and Windows Update

newsgroups; Followup To set for Security newsgroup]

--

~Robear Dyer (PA Bear)

MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002

AumHa VSOP & Admin http://aumha.net

DTS-L http://dts-l.net/

[Guest MowGreen [MVP]]

In addition, the below shows the severity rating of this out-of-band

update. For those systems that it's deemed Critical for, be

strongly advised that it should be installed AS SOON AS POSSIBLE.

 

It's predicted that there will be active exploitation of the

vulnerability addressed by this update soon or it already is

being actively exploited.

Further details about any exploitation will be posted after the online

webcast scheduled for 10 AM today.

 

Windows Operating System and Components

 

 

Microsoft Windows 2000

Bulletin Identifier

Windows

 

Aggregate Severity Rating

Critical

 

Microsoft Windows 2000 Service Pack 4

Microsoft Windows 2000 Service Pack 4

(Critical)

 

Windows XP

Bulletin Identifier

Windows

 

Aggregate Severity Rating

Critical

 

Windows XP Service Pack 2 and Windows XP Service Pack 3

Windows XP Service Pack 2 and Windows XP Service Pack 3

(Critical)

 

Windows XP Professional x64 Edition and Windows XP Professional x64

Edition Service Pack 2

Windows XP Professional x64 Edition and Windows XP Professional x64

Edition Service Pack 2

(Critical)

 

Windows Server 2003

Bulletin Identifier

Windows

 

Aggregate Severity Rating

Critical

 

Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2

Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2

(Critical)

 

Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition

Service Pack 2

Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition

Service Pack 2

(Critical)

 

Windows Server 2003 with SP1 for Itanium-based Systems and Windows

Server 2003 with SP2 for Itanium-based Systems

Windows Server 2003 with SP1 for Itanium-based Systems and Windows

Server 2003 with SP2 for Itanium-based Systems

(Critical)

 

Windows Vista

Bulletin Identifier

Windows

 

Aggregate Severity Rating

Important

 

Windows Vista and Windows Vista Service Pack 1

Windows Vista and Windows Vista Service Pack 1

(Important)

 

Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1

Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1

(Important)

 

Windows Server 2008

Bulletin Identifier

Windows

 

Aggregate Severity Rating

Important

 

Windows Server 2008 for 32-bit Systems

Windows Server 2008 for 32-bit Systems

(Important)

 

Windows Server 2008 for x64-based Systems

Windows Server 2008 for x64-based Systems

(Important)

 

Windows Server 2008 for Itanium-based Systems

Windows Server 2008 for Itanium-based Systems

(Important)

 

IF anyone has an issue either installing this update, the update is

reoffered, or there are issues after installing it, please contact MS

for no-charge technical support:

<span style="color:blue">

> Support

> • Customers in the U.S. and Canada can receive technical support from Microsoft Product Support

> Services at 1-866-PCSAFETY. There is no charge for support calls that are associated with security

> updates.

> • International customers can receive support from their local Microsoft subsidiaries. There is no

> charge for support that is associated with security updates. For more information about how to

> contact Microsoft for support issues, visit the International Support Web site.

> http://go.microsoft.com/fwlink/?LinkId=21155</span>

 

 

 

MowGreen [MVP 2003-2009]

===============

-343- FDNY

Never Forgotten

===============

 

 

 

 

PA Bear [MS MVP] wrote:

<span style="color:blue">

> Microsoft Security Bulletin Advance Notification for October 2008

> http://www.microsoft.com/technet/security/...n/ms08-oct.mspx

>

> <QP>

> This is an advance notification of an out-of-band security bulletin that

> Microsoft is intending to release on Thursday, 23 October 2008.

>

> Critical Security Bulletin (1)

> ============================================================

>

> Windows Bulletin

>

> - Affected Software:

>

> - Microsoft Windows 2000 Service Pack 4

> - Windows XP Service Pack 2 and Windows XP Service Pack 3

> - Windows XP Professional x64 Edition and Windows XP Professional x64

> Edition Service Pack 2

> - Windows Server 2003 Service Pack 1 and Windows Server 2003 Service

> Pack 2

> - Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition

> Service Pack 2

> - Windows Server 2003 with SP1 for Itanium-based Systems and Windows

> Server 2003 with SP2 for Itanium based Systems

> - Windows Vista and Windows Vista Service Pack 1

> - Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1

> - Windows Server 2008 for 32-bit Systems (Windows Server 2008 Server

> Core installation affected)

> - Windows Server 2008 for x64-based Systems (Windows Server 2008

> Server Core installation affected)

> - Windows Server 2008 for Itanium-based Systems

>

> - Impact: Remote Code Execution

> - Restart Requirement: The update requires a restart

> - Version Number: 1.0

>

> © 2008 Microsoft Corporation

> </QP>

>

> Microsoft will host a webcast to address customer questions on this

> out-of-band security bulletin on October 23, 2008, at 1:00 PM Pacific

> Time (US & Canada). Register for this out-of-band Security Bulletin

> Webcast at the link above.

>

> [Crossposted to Security, Security Home Users, and Windows Update

> newsgroups; Followup To set for Security newsgroup]</span>

[Guest Phil Lewis - Checkfree]

We've just rolled the Patches into our lab to bwegin testing and right off

the bat we have questions regarding applicability.

Almost our target systems have IE7 installed and we are getting

notifications that the patch does not apply "the patch does not apply to the

version of Internet Explorer that is installed" On two Windows Svr 2003 R2

x64 SP2 systems with IE7 installed we get the error "Setup has detected that

the Service Pack Version is newer than the update you are applying. You do

not need to apply this update"

 

Am I correct in concluding this patch does not apply to systems running IE7?

 

Phil Lewis

[Guest Engel]

Hello Robear,

 

There are here:

 

Security Update for Windows Vista (KB958644)

Definition Update for Windows Defender - KB915597 (Definition 1.45.1012.0)

 

Thank you

-=-

 

 

"PA Bear [MS MVP]" wrote:

<span style="color:blue">

> Microsoft Security Bulletin Advance Notification for October 2008

> http://www.microsoft.com/technet/security/...n/ms08-oct.mspx

>

> <QP>

> This is an advance notification of an out-of-band security bulletin that

> Microsoft is intending to release on Thursday, 23 October 2008.

>

> Critical Security Bulletin (1)

> ============================================================

>

> Windows Bulletin

>

> - Affected Software:

>

> - Microsoft Windows 2000 Service Pack 4

> - Windows XP Service Pack 2 and Windows XP Service Pack 3

> - Windows XP Professional x64 Edition and Windows XP Professional x64

> Edition Service Pack 2

> - Windows Server 2003 Service Pack 1 and Windows Server 2003 Service

> Pack 2

> - Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition

> Service Pack 2

> - Windows Server 2003 with SP1 for Itanium-based Systems and Windows

> Server 2003 with SP2 for Itanium based Systems

> - Windows Vista and Windows Vista Service Pack 1

> - Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1

> - Windows Server 2008 for 32-bit Systems (Windows Server 2008 Server

> Core installation affected)

> - Windows Server 2008 for x64-based Systems (Windows Server 2008 Server

> Core installation affected)

> - Windows Server 2008 for Itanium-based Systems

>

> - Impact: Remote Code Execution

> - Restart Requirement: The update requires a restart

> - Version Number: 1.0

>

> © 2008 Microsoft Corporation

> </QP>

>

> Microsoft will host a webcast to address customer questions on this

> out-of-band security bulletin on October 23, 2008, at 1:00 PM Pacific Time

> (US & Canada). Register for this out-of-band Security Bulletin Webcast at

> the link above.

>

> [Crossposted to Security, Security Home Users, and Windows Update

> newsgroups; Followup To set for Security newsgroup]

> --

> ~Robear Dyer (PA Bear)

> MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002

> AumHa VSOP & Admin http://aumha.net

> DTS-L http://dts-l.net/

>

> </span>

[Guest PA Bear [MS MVP]]

Re: Out-of-band Security Update to be released 23 Oct-08

 

[Crossposted to Security, Security Home Users; Windows Update newsgroups;

Followup To set for Security newsgroup]

 

MS08-067 Vulnerability in Server Service Could Allow Remote Code Execution

(958644)

<QP>

Executive Summary

 

This security update resolves a privately reported vulnerability in the

Server service. The vulnerability could allow remote code execution if an

affected system received a specially crafted RPC request. On Microsoft

Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could

exploit this vulnerability without authentication to run arbitrary code. It

is possible that this vulnerability could be used in the crafting of a

wormable exploit. Firewall best practices and standard default firewall

configurations can help protect network resources from attacks that

originate outside the enterprise perimeter.

 

This security update is rated Critical for all supported editions of

Microsoft Windows 2000, Windows XP, Windows Server 2003, and rated Important

for all supported editions of Windows Vista and Windows Server 2008...

</QP>

Source: http://www.microsoft.com/technet/security/...n/ms08-oct.mspx

 

!! => Malware Protection Center: Get Protected, Now!

http://blogs.technet.com/mmpc/archive/2008...tected-now.aspx

--

~PA Bear

 

PA Bear [MS MVP] wrote:<span style="color:blue">

> Microsoft Security Bulletin Advance Notification for October 2008

> http://www.microsoft.com/technet/security/...n/ms08-oct.mspx

>

> <QP>

> This is an advance notification of an out-of-band security bulletin that

> Microsoft is intending to release on Thursday, 23 October 2008.

>

> Critical Security Bulletin (1)

> ============================================================

>

> Windows Bulletin

>

> - Affected Software:

>

> - Microsoft Windows 2000 Service Pack 4

> - Windows XP Service Pack 2 and Windows XP Service Pack 3

> - Windows XP Professional x64 Edition and Windows XP Professional x64

> Edition Service Pack 2

> - Windows Server 2003 Service Pack 1 and Windows Server 2003 Service

> Pack 2

> - Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition

> Service Pack 2

> - Windows Server 2003 with SP1 for Itanium-based Systems and Windows

> Server 2003 with SP2 for Itanium based Systems

> - Windows Vista and Windows Vista Service Pack 1

> - Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack

> 1

> - Windows Server 2008 for 32-bit Systems (Windows Server 2008 Server

> Core installation affected)

> - Windows Server 2008 for x64-based Systems (Windows Server 2008 Server

> Core installation affected)

> - Windows Server 2008 for Itanium-based Systems

>

> - Impact: Remote Code Execution

> - Restart Requirement: The update requires a restart

> - Version Number: 1.0

>

> © 2008 Microsoft Corporation

> </QP></span>

<snip>

[Guest InfoSecGuru]

does this affect XP Embedded?

 

==================================

 

"PA Bear [MS MVP]" wrote:

<span style="color:blue">

> Microsoft Security Bulletin Advance Notification for October 2008

> http://www.microsoft.com/technet/security/...n/ms08-oct.mspx

>

> <QP>

> This is an advance notification of an out-of-band security bulletin that

> Microsoft is intending to release on Thursday, 23 October 2008.

>

> Critical Security Bulletin (1)

> ============================================================

>

> Windows Bulletin

>

> - Affected Software:

>

> - Microsoft Windows 2000 Service Pack 4

> - Windows XP Service Pack 2 and Windows XP Service Pack 3

> - Windows XP Professional x64 Edition and Windows XP Professional x64

> Edition Service Pack 2

> - Windows Server 2003 Service Pack 1 and Windows Server 2003 Service

> Pack 2

> - Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition

> Service Pack 2

> - Windows Server 2003 with SP1 for Itanium-based Systems and Windows

> Server 2003 with SP2 for Itanium based Systems

> - Windows Vista and Windows Vista Service Pack 1

> - Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1

> - Windows Server 2008 for 32-bit Systems (Windows Server 2008 Server

> Core installation affected)

> - Windows Server 2008 for x64-based Systems (Windows Server 2008 Server

> Core installation affected)

> - Windows Server 2008 for Itanium-based Systems

>

> - Impact: Remote Code Execution

> - Restart Requirement: The update requires a restart

> - Version Number: 1.0

>

> © 2008 Microsoft Corporation

> </QP>

>

> Microsoft will host a webcast to address customer questions on this

> out-of-band security bulletin on October 23, 2008, at 1:00 PM Pacific Time

> (US & Canada). Register for this out-of-band Security Bulletin Webcast at

> the link above.

>

> [Crossposted to Security, Security Home Users, and Windows Update

> newsgroups; Followup To set for Security newsgroup]

> --

> ~Robear Dyer (PA Bear)

> MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002

> AumHa VSOP & Admin http://aumha.net

> DTS-L http://dts-l.net/

>

> </span>

[Guest MowGreen [MVP]]

NO, it applies to the OS, irrespective of the browser installed.

Strongly suggest you contact MS to report this issue and for assistance

in getting this Critical update installed ASAP.

From the Sec Bulletin:

http://www.microsoft.com/technet/security/...n/MS08-067.mspx

<span style="color:blue">

> Support

> • Customers in the U.S. and Canada can receive technical support from Microsoft Product Support

> Services at 1-866-PCSAFETY. There is no charge for support calls that are associated with security

> updates.

> • International customers can receive support from their local Microsoft subsidiaries. There is no

> charge for support that is associated with security updates. For more information about how to

> contact Microsoft for support issues, visit the International Support Web site.

> http://go.microsoft.com/fwlink/?LinkId=21155</span>

 

 

MowGreen [MVP 2003-2009]

===============

-343- FDNY

Never Forgotten

===============

 

 

 

Phil Lewis - Checkfree wrote:

<span style="color:blue">

> We've just rolled the Patches into our lab to bwegin testing and right off

> the bat we have questions regarding applicability.

> Almost our target systems have IE7 installed and we are getting

> notifications that the patch does not apply "the patch does not apply to the

> version of Internet Explorer that is installed" On two Windows Svr 2003 R2

> x64 SP2 systems with IE7 installed we get the error "Setup has detected that

> the Service Pack Version is newer than the update you are applying. You do

> not need to apply this update"

>

> Am I correct in concluding this patch does not apply to systems running IE7?

>

> Phil Lewis</span>

[Guest PA Bear [MS MVP]]

[How did I miss this one?]

 

MS08-067 is not dependent on the version of IE installed per se.

 

Then again, you're running Win2008 SP2 Beta which (AFAIK) is not yet a

"supported edition" of Win2008 and I have no idea what download of MS08-067

you're attempting to install.

 

Also see the listing (and footnotes) for Win2008 in the section Affected

Software and Download Locations | Windows Operating System and Components of

http://www.microsoft.com/technet/security/...n/ms08-oct.mspx

 

That being said, there is a version of MS08-067 for Windows 7 Pre-Beta so

there might be one for Win2008 SP2 Beta. Contact MS via your usual support

channels ASAP, Phil.

--

~Robear Dyer (PA Bear)

MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002

AumHa VSOP & Admin http://aumha.net

DTS-L http://dts-l.net/

 

 

Phil Lewis - Checkfree wrote:<span style="color:blue">

> We've just rolled the Patches into our lab to bwegin testing and right off

> the bat we have questions regarding applicability.

> Almost our target systems have IE7 installed and we are getting

> notifications that the patch does not apply "the patch does not apply to

> the

> version of Internet Explorer that is installed" On two Windows Svr 2003 R2

> x64 SP2 systems with IE7 installed we get the error "Setup has detected

> that

> the Service Pack Version is newer than the update you are applying. You do

> not need to apply this update"

>

> Am I correct in concluding this patch does not apply to systems running

> IE7?

>

> Phil Lewis</span>

[Guest Alun Jones]

"PA Bear [MS MVP]" <PABearMVP@gmail.com> wrote in message

news:eW5$RTjNJHA.5024@TK2MSFTNGP02.phx.gbl...<span style="color:blue">

> [How did I miss this one?]

>

> MS08-067 is not dependent on the version of IE installed per se.

>

> Then again, you're running Win2008 SP2 Beta which (AFAIK) is not yet a

> "supported edition" of Win2008 and I have no idea what download of

> MS08-067

> you're attempting to install.</span>

 

If you'd only done inline quoting style_emoticons/ you'd have seen this:

<span style="color:blue">

> Phil Lewis - Checkfree wrote:<span style="color:green">

>> We've just rolled the Patches into our lab to bwegin testing and right

>> off

>> the bat we have questions regarding applicability.

>> Almost our target systems have IE7 installed and we are getting

>> notifications that the patch does not apply "the patch does not apply to

>> the

>> version of Internet Explorer that is installed" On two Windows Svr 2003

>> R2

>> x64 SP2 systems with IE7 installed we get the error "Setup has detected

>> that

>> the Service Pack Version is newer than the update you are applying. You

>> do

>> not need to apply this update"</span></span>

 

That's 2003 R2 x64 SP2, not 2008. This is a supported version and a

supported service pack.

 

Having said that, it's entirely possible that there's a versioning issue

here, and hopefully Microsoft can address this quickly.

 

Alun.

~~~~

--

Texas Imperial Software | Web: http://www.wftpd.com/

23921 57th Ave SE | Blog: http://msmvps.com/alunj/

Woodinville WA 98072-8661 | WFTPD, WFTPD Pro are Windows FTP servers.

Fax/Voice +1(425)807-1787 | Try our NEW client software, WFTPD Explorer.

[Guest PA Bear [MS MVP]]

Oops! Thanks & sorry to the OP. (Now when did I schedule that eye doctor

appointment...?)

 

Alun Jones wrote:<span style="color:blue">

> "PA Bear [MS MVP]" <PABearMVP@gmail.com> wrote in message

> news:eW5$RTjNJHA.5024@TK2MSFTNGP02.phx.gbl...<span style="color:green">

>> [How did I miss this one?]

>>

>> MS08-067 is not dependent on the version of IE installed per se.

>>

>> Then again, you're running Win2008 SP2 Beta which (AFAIK) is not yet a

>> "supported edition" of Win2008 and I have no idea what download of

>> MS08-067

>> you're attempting to install.</span>

>

> If you'd only done inline quoting style_emoticons/ you'd have seen this:

><span style="color:green">

>> Phil Lewis - Checkfree wrote:<span style="color:darkred">

>>> We've just rolled the Patches into our lab to bwegin testing and right

>>> off

>>> the bat we have questions regarding applicability.

>>> Almost our target systems have IE7 installed and we are getting

>>> notifications that the patch does not apply "the patch does not apply to

>>> the

>>> version of Internet Explorer that is installed" On two Windows Svr 2003

>>> R2

>>> x64 SP2 systems with IE7 installed we get the error "Setup has detected

>>> that

>>> the Service Pack Version is newer than the update you are applying. You

>>> do

>>> not need to apply this update"</span></span>

>

> That's 2003 R2 x64 SP2, not 2008. This is a supported version and a

> supported service pack.

>

> Having said that, it's entirely possible that there's a versioning issue

> here, and hopefully Microsoft can address this quickly.

>

> Alun.

> ~~~~ </span>

[Guest josephr38@hotmail.com]

We have received unconfirmed reports from other companies that the Microsoft

Security Bulletin MS08-067 caused some issues after installation. HAs anyone

else heard or experienced any issues with the install??

 

Thanks,

Joseph

 

"InfoSecGuru" wrote:

<span style="color:blue">

> does this affect XP Embedded?

>

> ==================================

>

> "PA Bear [MS MVP]" wrote:

> <span style="color:green">

> > Microsoft Security Bulletin Advance Notification for October 2008

> > http://www.microsoft.com/technet/security/...n/ms08-oct.mspx

> >

> > <QP>

> > This is an advance notification of an out-of-band security bulletin that

> > Microsoft is intending to release on Thursday, 23 October 2008.

> >

> > Critical Security Bulletin (1)

> > ============================================================

> >

> > Windows Bulletin

> >

> > - Affected Software:

> >

> > - Microsoft Windows 2000 Service Pack 4

> > - Windows XP Service Pack 2 and Windows XP Service Pack 3

> > - Windows XP Professional x64 Edition and Windows XP Professional x64

> > Edition Service Pack 2

> > - Windows Server 2003 Service Pack 1 and Windows Server 2003 Service

> > Pack 2

> > - Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition

> > Service Pack 2

> > - Windows Server 2003 with SP1 for Itanium-based Systems and Windows

> > Server 2003 with SP2 for Itanium based Systems

> > - Windows Vista and Windows Vista Service Pack 1

> > - Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1

> > - Windows Server 2008 for 32-bit Systems (Windows Server 2008 Server

> > Core installation affected)

> > - Windows Server 2008 for x64-based Systems (Windows Server 2008 Server

> > Core installation affected)

> > - Windows Server 2008 for Itanium-based Systems

> >

> > - Impact: Remote Code Execution

> > - Restart Requirement: The update requires a restart

> > - Version Number: 1.0

> >

> > © 2008 Microsoft Corporation

> > </QP>

> >

> > Microsoft will host a webcast to address customer questions on this

> > out-of-band security bulletin on October 23, 2008, at 1:00 PM Pacific Time

> > (US & Canada). Register for this out-of-band Security Bulletin Webcast at

> > the link above.

> >

> > [Crossposted to Security, Security Home Users, and Windows Update

> > newsgroups; Followup To set for Security newsgroup]

> > --

> > ~Robear Dyer (PA Bear)

> > MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002

> > AumHa VSOP & Admin http://aumha.net

> > DTS-L http://dts-l.net/

> >

> > </span></span>

[Guest PA Bear [MS MVP]]

<QP>

In terms of the security update itself, we’re seeing strong deployments

worldwide. We also have no reports of known issues with the security update

at this time.

</QP>

Source:

http://blogs.technet.com/msrc/archive/2008...n-ms08-067.aspx

 

That being said, free support is available should you run into problems:

 

Start a free Windows Update support incident request:

https://support.microsoft.com/oas/default.aspx?gprid=6527

 

Support for Windows Update:

http://support.microsoft.com/gp/wusupport

 

For home users, no-charge support is available by calling 1-866-PCSAFETY in

the United States and in Canada or by contacting your local Microsoft

subsidiary. There is no-charge for support calls that are associated with

security updates. When you call, clearly state that your problem is related

to a Security Update and cite the update's KB number (e.g., KB958644).

 

For more information about how to contact your local Microsoft subsidiary

for security update support issues, visit the International Support Web

site: http://support.microsoft.com/common/international.aspx

 

For enterprise customers, support for security updates is available through

your usual support contacts.

--

~Robear Dyer (PA Bear)

MS MVP-Windows (IE, OE, Security, Shell/User)

AumHa VSOP & Admin; DTS-L.net

 

josephr38@hotmail.com wrote:<span style="color:blue">

> We have received unconfirmed reports from other companies that the

> Microsoft

> Security Bulletin MS08-067 caused some issues after installation. HAs

> anyone else heard or experienced any issues with the install??

>

> Thanks,

> Joseph

>

> "InfoSecGuru" wrote:

><span style="color:green">

>> does this affect XP Embedded?

>>

>> ==================================

>>

>> "PA Bear [MS MVP]" wrote:

>><span style="color:darkred">

>>> Microsoft Security Bulletin Advance Notification for October 2008

>>> http://www.microsoft.com/technet/security/...n/ms08-oct.mspx

>>>

>>> <QP>

>>> This is an advance notification of an out-of-band security bulletin that

>>> Microsoft is intending to release on Thursday, 23 October 2008.

>>>

>>> Critical Security Bulletin (1)

>>> ============================================================

>>>

>>> Windows Bulletin

>>>

>>> - Affected Software:

>>>

>>> - Microsoft Windows 2000 Service Pack 4

>>> - Windows XP Service Pack 2 and Windows XP Service Pack 3

>>> - Windows XP Professional x64 Edition and Windows XP Professional

>>> x64

>>> Edition Service Pack 2

>>> - Windows Server 2003 Service Pack 1 and Windows Server 2003 Service

>>> Pack 2

>>> - Windows Server 2003 x64 Edition and Windows Server 2003 x64

>>> Edition

>>> Service Pack 2

>>> - Windows Server 2003 with SP1 for Itanium-based Systems and Windows

>>> Server 2003 with SP2 for Itanium based Systems

>>> - Windows Vista and Windows Vista Service Pack 1

>>> - Windows Vista x64 Edition and Windows Vista x64 Edition Service

>>> Pack 1

>>> - Windows Server 2008 for 32-bit Systems (Windows Server 2008 Server

>>> Core installation affected)

>>> - Windows Server 2008 for x64-based Systems (Windows Server 2008

>>> Server Core installation affected)

>>> - Windows Server 2008 for Itanium-based Systems

>>>

>>> - Impact: Remote Code Execution

>>> - Restart Requirement: The update requires a restart

>>> - Version Number: 1.0

>>>

>>> © 2008 Microsoft Corporation

>>> </QP>

>>>

>>> Microsoft will host a webcast to address customer questions on this

>>> out-of-band security bulletin on October 23, 2008, at 1:00 PM Pacific

>>> Time

>>> (US & Canada). Register for this out-of-band Security Bulletin Webcast

>>> at

>>> the link above.

>>>

>>> [Crossposted to Security, Security Home Users, and Windows Update

>>> newsgroups; Followup To set for Security newsgroup]

>>> --

>>> ~Robear Dyer (PA Bear)

>>> MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002

>>> AumHa VSOP & Admin http://aumha.net

>>> DTS-L http://dts-l.net/ </span></span></span>

[Guest Harry Johnston [MVP]]

josephr38@hotmail.com wrote:

<span style="color:blue">

> We have received unconfirmed reports from other companies that the Microsoft

> Security Bulletin MS08-067 caused some issues after installation. HAs anyone

> else heard or experienced any issues with the install??</span>

 

What PA Bear said. Also, we know that in at least some cases problems thought

to be caused by MS08-067 were actually caused by a third-party software update

that was released around the same time.

 

Harry.

[Guest PA Bear [MS MVP]]

Re: Out-of-band Security Update to be released 23 Oct-08

 

Microsoft Security Advisory (958963): Exploit Code Published Affecting the

Server Service

<QP>

Microsoft is aware that detailed exploit code demonstrating code execution

has been published on the Internet for the vulnerability that is addressed

by security update MS08-067. This exploit code demonstrates code execution

on Windows 2000, Windows XP, and Windows Server 2003. Microsoft is aware of

limited, targeted active attacks that use this exploit code. At this time,

there are no self-replicating attacks associated with this vulnerability.

Microsoft has activated its Software Security Incident Response Process

(SSIRP) and is continuing to investigate this issue.

 

Our investigation of this exploit code has verified that it does not affect

customers who have installed the updates detailed in MS08-067 on their

computers. Microsoft continues to recommend that customers apply the

updates to the affected products by enabling the Automatic Updates feature

in Windows.

 

We continue to work with our Microsoft Security Response Alliance (MSRA) and

Microsoft Active Protections Program (MAPP) partners so that their products

can provide additional protections for customers. We have updated our

Windows Live Safety Scanner, Windows Live One Care, and Forefront security

products with protections for customers. We have also been working with our

partners in the Global Infrastructure Alliance for Internet Safety (GIAIS)

program to take steps to help keep attacks from spreading.

 

Customers who believe they are affected can contact Customer Service and

Support. Contact CSS in North America for help with security update issues

or viruses at no charge using the PC Safety line (1-866-PCSAFETY).

International customers may request help by using any method found at this

location: http://www.microsoft.com/protect/support/default.mspx (click on

the select your region hyperlink in the first paragraph).

 

Mitigating Factors:

 

• Customers who have installed the MS08-067 security update are not affected

by this vulnerability.

 

• Windows 2000, Windows XP and Windows Server 2003 systems are primarily at

risk from this vulnerability. Customers running these platforms should

deploy MS08-067 as soon as possible.

 

• While installation of the update is the recommended action, customers who

have applied the mitigations as identified in MS08-067 will have minimized

their exposure and potential exploitability against an attack.

</QP>

Source: http://www.microsoft.com/technet/security/...ory/958963.mspx

 

PA Bear [MS MVP] wrote:<span style="color:blue">

> Microsoft Security Bulletin Advance Notification for October 2008

> http://www.microsoft.com/technet/security/...n/ms08-oct.mspx

>

> <QP>

> This is an advance notification of an out-of-band security bulletin that

> Microsoft is intending to release on Thursday, 23 October 2008.

>

> Critical Security Bulletin (1)

> ============================================================

>

> Windows Bulletin

>

> - Affected Software:

>

> - Microsoft Windows 2000 Service Pack 4

> - Windows XP Service Pack 2 and Windows XP Service Pack 3

> - Windows XP Professional x64 Edition and Windows XP Professional x64

> Edition Service Pack 2

> - Windows Server 2003 Service Pack 1 and Windows Server 2003 Service

> Pack 2

> - Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition

> Service Pack 2

> - Windows Server 2003 with SP1 for Itanium-based Systems and Windows

> Server 2003 with SP2 for Itanium based Systems

> - Windows Vista and Windows Vista Service Pack 1

> - Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack

> 1

> - Windows Server 2008 for 32-bit Systems (Windows Server 2008 Server

> Core installation affected)

> - Windows Server 2008 for x64-based Systems (Windows Server 2008 Server

> Core installation affected)

> - Windows Server 2008 for Itanium-based Systems

>

> - Impact: Remote Code Execution

> - Restart Requirement: The update requires a restart

> - Version Number: 1.0

>

> © 2008 Microsoft Corporation

> </QP>

>

> Microsoft will host a webcast to address customer questions on this

> out-of-band security bulletin on October 23, 2008, at 1:00 PM Pacific Time

> (US & Canada). Register for this out-of-band Security Bulletin Webcast at

> the link above.

>

> [Crossposted to Security, Security Home Users, and Windows Update

> newsgroups; Followup To set for Security newsgroup] </span>

[Guest WAB]

On Monday morning after the update, about 50 pc's in my Domain OU all

received the following error when trying to run windows or Microsoft

update!!!

Note:Other OU's reporting windows update failing!!

Of the three option given for (error number 0x800A0046), the script in the

second option restore the ability to run Microsoft update, but We hade to go

through the "start using Microsoft updates" as if it had never been used!

Note: doesn't always survive reboot!

 

Nobody seams to know if it;s waht is causing it, the MS patch, the AD or

both??

Wab

<span style="color:blue"><span style="color:green"><span style="color:darkred">

>>>>>>>>>> Error >>>>>>>>>>>>>>>>>>>>>>>>>>></span></span></span>

Please change your Internet Explorer security settings

To save changes to your settings for this website, you need to enable

userdata persistence for Internet Explorer. Complete the steps below, and

then click Change settings to the left and try saving your changes again.

1. In Internet Explorer, on the Tools menu, click Internet Options.

2. Click the Security tab, click the Internet security zone icon, and

then click Custom Level.

3. In the Settings dialog box, scroll to the Miscellaneous section.

4. Under Userdata persistence , select Enable.

5. Click OK and when the security warning dialog box appears, click

Yes.

Read more about steps you can take to resolve this problem (error number

0x800A0046) yourself. <span style="color:blue"><span style="color:green"><span style="color:darkred">

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>></span></span></span>

 

"josephr38@hotmail.com" wrote:

<span style="color:blue">

> We have received unconfirmed reports from other companies that the Microsoft

> Security Bulletin MS08-067 caused some issues after installation. HAs anyone

> else heard or experienced any issues with the install??

>

> Thanks,

> Joseph

>

> "InfoSecGuru" wrote:

> <span style="color:green">

> > does this affect XP Embedded?

> >

> > ==================================

> >

> > "PA Bear [MS MVP]" wrote:

> > <span style="color:darkred">

> > > Microsoft Security Bulletin Advance Notification for October 2008

> > > http://www.microsoft.com/technet/security/...n/ms08-oct.mspx

> > >

> > > <QP>

> > > This is an advance notification of an out-of-band security bulletin that

> > > Microsoft is intending to release on Thursday, 23 October 2008.

> > >

> > > Critical Security Bulletin (1)

> > > ============================================================

> > >

> > > Windows Bulletin

> > >

> > > - Affected Software:

> > >

> > > - Microsoft Windows 2000 Service Pack 4

> > > - Windows XP Service Pack 2 and Windows XP Service Pack 3

> > > - Windows XP Professional x64 Edition and Windows XP Professional x64

> > > Edition Service Pack 2

> > > - Windows Server 2003 Service Pack 1 and Windows Server 2003 Service

> > > Pack 2

> > > - Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition

> > > Service Pack 2

> > > - Windows Server 2003 with SP1 for Itanium-based Systems and Windows

> > > Server 2003 with SP2 for Itanium based Systems

> > > - Windows Vista and Windows Vista Service Pack 1

> > > - Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1

> > > - Windows Server 2008 for 32-bit Systems (Windows Server 2008 Server

> > > Core installation affected)

> > > - Windows Server 2008 for x64-based Systems (Windows Server 2008 Server

> > > Core installation affected)

> > > - Windows Server 2008 for Itanium-based Systems

> > >

> > > - Impact: Remote Code Execution

> > > - Restart Requirement: The update requires a restart

> > > - Version Number: 1.0

> > >

> > > © 2008 Microsoft Corporation

> > > </QP>

> > >

> > > Microsoft will host a webcast to address customer questions on this

> > > out-of-band security bulletin on October 23, 2008, at 1:00 PM Pacific Time

> > > (US & Canada). Register for this out-of-band Security Bulletin Webcast at

> > > the link above.

> > >

> > > [Crossposted to Security, Security Home Users, and Windows Update

> > > newsgroups; Followup To set for Security newsgroup]

> > > --

> > > ~Robear Dyer (PA Bear)

> > > MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002

> > > AumHa VSOP & Admin http://aumha.net

> > > DTS-L http://dts-l.net/

> > >

> > > </span></span></span>

[Guest PA Bear [MS MVP]]

Error message when you visit the Windows Update Web site or the Microsoft

Update Web site: "0x800A0046":

http://support.microsoft.com/kb/910338

 

Error message when you try to install Microsoft Update on a Windows

Vista-based computer: "Could not install Microsoft Update on the computer":

http://support.microsoft.com/kb/933528

 

===

Start a free Windows Update support incident request:

https://support.microsoft.com/oas/default.aspx?gprid=6527

 

Support for Windows Update:

http://support.microsoft.com/gp/wusupport

 

For more information about how to contact your local Microsoft subsidiary

for security update support issues, visit the International Support Web

site: http://support.microsoft.com/common/international.aspx

 

For enterprise customers, support for security updates is available through

your usual support contacts.

--

~Robear Dyer (PA Bear)

MS MVP-Windows (IE, OE, Security, Shell/User)

AumHa VSOP & Admin; DTS-L.net

 

WAB wrote:<span style="color:blue">

> On Monday morning after the update, about 50 pc's in my Domain OU all

> received the following error when trying to run windows or Microsoft

> update!!!

> Note:Other OU's reporting windows update failing!!

> Of the three option given for (error number 0x800A0046), the script in the

> second option restore the ability to run Microsoft update, but We hade to

> go

> through the "start using Microsoft updates" as if it had never been used!

> Note: doesn't always survive reboot!

>

> Nobody seams to know if it;s waht is causing it, the MS patch, the AD or

> both??

> Wab

><span style="color:green"><span style="color:darkred">

>>>>>>>>>>> Error >>>>>>>>>>>>>>>>>>>>>>>>>>></span></span>

> Please change your Internet Explorer security settings

> To save changes to your settings for this website, you need to enable

> userdata persistence for Internet Explorer. Complete the steps below, and

> then click Change settings to the left and try saving your changes again.

> 1. In Internet Explorer, on the Tools menu, click Internet Options.

> 2. Click the Security tab, click the Internet security zone icon,

> and

> then click Custom Level.

> 3. In the Settings dialog box, scroll to the Miscellaneous section.

> 4. Under Userdata persistence , select Enable.

> 5. Click OK and when the security warning dialog box appears, click

> Yes.

> Read more about steps you can take to resolve this problem (error number

> 0x800A0046) yourself.<span style="color:green"><span style="color:darkred">

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>></span></span>

>

> "josephr38@hotmail.com" wrote:

><span style="color:green">

>> We have received unconfirmed reports from other companies that the

>> Microsoft Security Bulletin MS08-067 caused some issues after

>> installation. HAs anyone else heard or experienced any issues with the

>> install??

>>

>> Thanks,

>> Joseph

>>

>> "InfoSecGuru" wrote:

>><span style="color:darkred">

>>> does this affect XP Embedded?

>>>

>>> ==================================

>>>

>>> "PA Bear [MS MVP]" wrote:

>>>

>>>> Microsoft Security Bulletin Advance Notification for October 2008

>>>> http://www.microsoft.com/technet/security/...n/ms08-oct.mspx

>>>>

>>>> <QP>

>>>> This is an advance notification of an out-of-band security bulletin

>>>> that

>>>> Microsoft is intending to release on Thursday, 23 October 2008.

>>>>

>>>> Critical Security Bulletin (1)

>>>> ============================================================

>>>>

>>>> Windows Bulletin

>>>>

>>>> - Affected Software:

>>>>

>>>> - Microsoft Windows 2000 Service Pack 4

>>>> - Windows XP Service Pack 2 and Windows XP Service Pack 3

>>>> - Windows XP Professional x64 Edition and Windows XP Professional

>>>> x64

>>>> Edition Service Pack 2

>>>> - Windows Server 2003 Service Pack 1 and Windows Server 2003

>>>> Service

>>>> Pack 2

>>>> - Windows Server 2003 x64 Edition and Windows Server 2003 x64

>>>> Edition

>>>> Service Pack 2

>>>> - Windows Server 2003 with SP1 for Itanium-based Systems and

>>>> Windows

>>>> Server 2003 with SP2 for Itanium based Systems

>>>> - Windows Vista and Windows Vista Service Pack 1

>>>> - Windows Vista x64 Edition and Windows Vista x64 Edition Service

>>>> Pack 1

>>>> - Windows Server 2008 for 32-bit Systems (Windows Server 2008

>>>> Server

>>>> Core installation affected)

>>>> - Windows Server 2008 for x64-based Systems (Windows Server 2008

>>>> Server Core installation affected)

>>>> - Windows Server 2008 for Itanium-based Systems

>>>>

>>>> - Impact: Remote Code Execution

>>>> - Restart Requirement: The update requires a restart

>>>> - Version Number: 1.0

>>>>

>>>> © 2008 Microsoft Corporation

>>>> </QP>

>>>>

>>>> Microsoft will host a webcast to address customer questions on this

>>>> out-of-band security bulletin on October 23, 2008, at 1:00 PM Pacific

>>>> Time (US & Canada). Register for this out-of-band Security Bulletin

>>>> Webcast at the link above.

>>>>

>>>> [Crossposted to Security, Security Home Users, and Windows Update

>>>> newsgroups; Followup To set for Security newsgroup]

>>>> --

>>>> ~Robear Dyer (PA Bear)

>>>> MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002

>>>> AumHa VSOP & Admin http://aumha.net

>>>> DTS-L http://dts-l.net/ </span></span></span>

[Guest WAB]

Robear, Nice copy and paste, but it doesn't provide any insight!

 

As I said, the script restores the ability to access windows/Microsoft

updated site, but It doesn't always survive reboot!

 

Subinacl /service wuauserv

/sddl=D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)

 

Our domain admins say they can't find anything wrong, so is it a by product

of the out of band patch or our AD admin's,?

Is it by accident or design?

 

Already submitted support request.

 

Wondering if any one else is having this problem and if so did they find

solution?

 

Something striped many User/pc's ability to access Window/Microsoft update

and download critical updates right after the out of band patch.

 

I don't know if it was the MS patch or our domain admin's, but weather by

accident or design I need to find an answer/solution to protect the OU I

manage.

 

I can't keep running around running this script over and over again, need

something more then a bandaid!

So I ask the question, are there others having this problem after the out of

band patch?

wab

 

 

 

 

"PA Bear [MS MVP]" wrote:

<span style="color:blue">

> Error message when you visit the Windows Update Web site or the Microsoft

> Update Web site: "0x800A0046":

> http://support.microsoft.com/kb/910338

>

> Error message when you try to install Microsoft Update on a Windows

> Vista-based computer: "Could not install Microsoft Update on the computer":

> http://support.microsoft.com/kb/933528

>

> ===

> Start a free Windows Update support incident request:

> https://support.microsoft.com/oas/default.aspx?gprid=6527

>

> Support for Windows Update:

> http://support.microsoft.com/gp/wusupport

>

> For more information about how to contact your local Microsoft subsidiary

> for security update support issues, visit the International Support Web

> site: http://support.microsoft.com/common/international.aspx

>

> For enterprise customers, support for security updates is available through

> your usual support contacts.

> --

> ~Robear Dyer (PA Bear)

> MS MVP-Windows (IE, OE, Security, Shell/User)

> AumHa VSOP & Admin; DTS-L.net

>

> WAB wrote:<span style="color:green">

> > On Monday morning after the update, about 50 pc's in my Domain OU all

> > received the following error when trying to run windows or Microsoft

> > update!!!

> > Note:Other OU's reporting windows update failing!!

> > Of the three option given for (error number 0x800A0046), the script in the

> > second option restore the ability to run Microsoft update, but We hade to

> > go

> > through the "start using Microsoft updates" as if it had never been used!

> > Note: doesn't always survive reboot!

> >

> > Nobody seams to know if it;s waht is causing it, the MS patch, the AD or

> > both??

> > Wab

> ><span style="color:darkred">

> >>>>>>>>>>> Error >>>>>>>>>>>>>>>>>>>>>>>>>>></span>

> > Please change your Internet Explorer security settings

> > To save changes to your settings for this website, you need to enable

> > userdata persistence for Internet Explorer. Complete the steps below, and

> > then click Change settings to the left and try saving your changes again.

> > 1. In Internet Explorer, on the Tools menu, click Internet Options.

> > 2. Click the Security tab, click the Internet security zone icon,

> > and

> > then click Custom Level.

> > 3. In the Settings dialog box, scroll to the Miscellaneous section.

> > 4. Under Userdata persistence , select Enable.

> > 5. Click OK and when the security warning dialog box appears, click

> > Yes.

> > Read more about steps you can take to resolve this problem (error number

> > 0x800A0046) yourself.<span style="color:darkred">

> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>></span>

> >

> > "josephr38@hotmail.com" wrote:

> ><span style="color:darkred">

> >> We have received unconfirmed reports from other companies that the

> >> Microsoft Security Bulletin MS08-067 caused some issues after

> >> installation. HAs anyone else heard or experienced any issues with the

> >> install??

> >>

> >> Thanks,

> >> Joseph

> >>

> >> "InfoSecGuru" wrote:

> >>

> >>> does this affect XP Embedded?

> >>>

> >>> ==================================

> >>>

> >>> "PA Bear [MS MVP]" wrote:

> >>>

> >>>> Microsoft Security Bulletin Advance Notification for October 2008

> >>>> http://www.microsoft.com/technet/security/...n/ms08-oct.mspx

> >>>>

> >>>> <QP>

> >>>> This is an advance notification of an out-of-band security bulletin

> >>>> that

> >>>> Microsoft is intending to release on Thursday, 23 October 2008.

> >>>>

> >>>> Critical Security Bulletin (1)

> >>>> ============================================================

> >>>>

> >>>> Windows Bulletin

> >>>>

> >>>> - Affected Software:

> >>>>

> >>>> - Microsoft Windows 2000 Service Pack 4

> >>>> - Windows XP Service Pack 2 and Windows XP Service Pack 3

> >>>> - Windows XP Professional x64 Edition and Windows XP Professional

> >>>> x64

> >>>> Edition Service Pack 2

> >>>> - Windows Server 2003 Service Pack 1 and Windows Server 2003

> >>>> Service

> >>>> Pack 2

> >>>> - Windows Server 2003 x64 Edition and Windows Server 2003 x64

> >>>> Edition

> >>>> Service Pack 2

> >>>> - Windows Server 2003 with SP1 for Itanium-based Systems and

> >>>> Windows

> >>>> Server 2003 with SP2 for Itanium based Systems

> >>>> - Windows Vista and Windows Vista Service Pack 1

> >>>> - Windows Vista x64 Edition and Windows Vista x64 Edition Service

> >>>> Pack 1

> >>>> - Windows Server 2008 for 32-bit Systems (Windows Server 2008

> >>>> Server

> >>>> Core installation affected)

> >>>> - Windows Server 2008 for x64-based Systems (Windows Server 2008

> >>>> Server Core installation affected)

> >>>> - Windows Server 2008 for Itanium-based Systems

> >>>>

> >>>> - Impact: Remote Code Execution

> >>>> - Restart Requirement: The update requires a restart

> >>>> - Version Number: 1.0

> >>>>

> >>>> © 2008 Microsoft Corporation

> >>>> </QP>

> >>>>

> >>>> Microsoft will host a webcast to address customer questions on this

> >>>> out-of-band security bulletin on October 23, 2008, at 1:00 PM Pacific

> >>>> Time (US & Canada). Register for this out-of-band Security Bulletin

> >>>> Webcast at the link above.

> >>>>

> >>>> [Crossposted to Security, Security Home Users, and Windows Update

> >>>> newsgroups; Followup To set for Security newsgroup]

> >>>> --

> >>>> ~Robear Dyer (PA Bear)

> >>>> MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002

> >>>> AumHa VSOP & Admin http://aumha.net

> >>>> DTS-L http://dts-l.net/ </span></span>

>

> </span>

[Guest PA Bear [MS MVP]]

> As I said, the script restores the ability to access windows/Microsoft<span style="color:blue">

> updated site, but It doesn't always survive reboot!</span>

 

Then one assumes something must be disallowing the changes to persist.

Could be anti-virus application, third-party firewall, and/or Group

Policy...or already-infected machines!

<span style="color:blue">

> Already submitted support request.</span>

 

Excellent. I'm quite sure you'll need assistance from MS.

 

Considering the following, I think it'd be best to have MS08-067 installed

on all machines at all times:

 

http://msmvps.com/blogs/harrywaldron/archi...n-the-wild.aspx

(and links therein)

 

http://msmvps.com/blogs/harrywaldron/archi...e-worm-yet.aspx

(and links therein)

 

http://blogs.technet.com/mmpc/archive/2008...ire-part-2.aspx

(nearly 50% of attacks via RPC Service)

 

http://blogs.technet.com/msrc/archive/2008...ory-958963.aspx

 

http://blogs.technet.com/mmpc/archive/2008...tected-now.aspx

 

Good luck!

--

~PA Bear

 

WAB wrote:<span style="color:blue">

> Robear, Nice copy and paste, but it doesn't provide any insight!

>

> As I said, the script restores the ability to access windows/Microsoft

> updated site, but It doesn't always survive reboot!

>

> Subinacl /service wuauserv

> /sddl=D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)

>

> Our domain admins say they can't find anything wrong, so is it a by

> product

> of the out of band patch or our AD admin's,?

> Is it by accident or design?

>

> Already submitted support request.

>

> Wondering if any one else is having this problem and if so did they find

> solution?

>

> Something striped many User/pc's ability to access Window/Microsoft update

> and download critical updates right after the out of band patch.

>

> I don't know if it was the MS patch or our domain admin's, but weather by

> accident or design I need to find an answer/solution to protect the OU I

> manage.

>

> I can't keep running around running this script over and over again, need

> something more then a bandaid!

> So I ask the question, are there others having this problem after the out

> of

> band patch?

>

> "PA Bear [MS MVP]" wrote:<span style="color:green">

>> Error message when you visit the Windows Update Web site or the Microsoft

>> Update Web site: "0x800A0046":

>> http://support.microsoft.com/kb/910338

>>

>> Error message when you try to install Microsoft Update on a Windows

>> Vista-based computer: "Could not install Microsoft Update on the

>> computer":

>> http://support.microsoft.com/kb/933528

>>

>> ===

>> Start a free Windows Update support incident request:

>> https://support.microsoft.com/oas/default.aspx?gprid=6527

>>

>> Support for Windows Update:

>> http://support.microsoft.com/gp/wusupport

>>

>> For more information about how to contact your local Microsoft subsidiary

>> for security update support issues, visit the International Support Web

>> site: http://support.microsoft.com/common/international.aspx

>>

>> For enterprise customers, support for security updates is available

>> through

>> your usual support contacts.

>> --

>> ~Robear Dyer (PA Bear)

>> MS MVP-Windows (IE, OE, Security, Shell/User)

>> AumHa VSOP & Admin; DTS-L.net

>>

>> WAB wrote:<span style="color:darkred">

>>> On Monday morning after the update, about 50 pc's in my Domain OU all

>>> received the following error when trying to run windows or Microsoft

>>> update!!!

>>> Note:Other OU's reporting windows update failing!!

>>> Of the three option given for (error number 0x800A0046), the script in

>>> the

>>> second option restore the ability to run Microsoft update, but We hade

>>> to

>>> go

>>> through the "start using Microsoft updates" as if it had never been

>>> used!

>>> Note: doesn't always survive reboot!

>>>

>>> Nobody seams to know if it;s waht is causing it, the MS patch, the AD or

>>> both??

>>> Wab

>>>

>>>>>>>>>>>>> Error >>>>>>>>>>>>>>>>>>>>>>>>>>>

>>> Please change your Internet Explorer security settings

>>> To save changes to your settings for this website, you need to enable

>>> userdata persistence for Internet Explorer. Complete the steps below,

>>> and

>>> then click Change settings to the left and try saving your changes

>>> again.

>>> 1. In Internet Explorer, on the Tools menu, click Internet

>>> Options.

>>> 2. Click the Security tab, click the Internet security zone icon,

>>> and

>>> then click Custom Level.

>>> 3. In the Settings dialog box, scroll to the Miscellaneous

>>> section.

>>> 4. Under Userdata persistence , select Enable.

>>> 5. Click OK and when the security warning dialog box appears,

>>> click

>>> Yes.

>>> Read more about steps you can take to resolve this problem (error number

>>> 0x800A0046) yourself.

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

>>>

>>> "josephr38@hotmail.com" wrote:

>>>

>>>> We have received unconfirmed reports from other companies that the

>>>> Microsoft Security Bulletin MS08-067 caused some issues after

>>>> installation. HAs anyone else heard or experienced any issues with the

>>>> install??

>>>>

>>>> Thanks,

>>>> Joseph

>>>>

>>>> "InfoSecGuru" wrote:

>>>>

>>>>> does this affect XP Embedded?

>>>>>

>>>>> ==================================

>>>>>

>>>>> "PA Bear [MS MVP]" wrote:

>>>>>

>>>>>> Microsoft Security Bulletin Advance Notification for October 2008

>>>>>> http://www.microsoft.com/technet/security/...n/ms08-oct.mspx

>>>>>>

>>>>>> <QP>

>>>>>> This is an advance notification of an out-of-band security bulletin

>>>>>> that

>>>>>> Microsoft is intending to release on Thursday, 23 October 2008.

>>>>>>

>>>>>> Critical Security Bulletin (1)

>>>>>> ============================================================

>>>>>>

>>>>>> Windows Bulletin

>>>>>>

>>>>>> - Affected Software:

>>>>>>

>>>>>> - Microsoft Windows 2000 Service Pack 4

>>>>>> - Windows XP Service Pack 2 and Windows XP Service Pack 3

>>>>>> - Windows XP Professional x64 Edition and Windows XP Professional

>>>>>> x64

>>>>>> Edition Service Pack 2

>>>>>> - Windows Server 2003 Service Pack 1 and Windows Server 2003

>>>>>> Service

>>>>>> Pack 2

>>>>>> - Windows Server 2003 x64 Edition and Windows Server 2003 x64

>>>>>> Edition

>>>>>> Service Pack 2

>>>>>> - Windows Server 2003 with SP1 for Itanium-based Systems and

>>>>>> Windows

>>>>>> Server 2003 with SP2 for Itanium based Systems

>>>>>> - Windows Vista and Windows Vista Service Pack 1

>>>>>> - Windows Vista x64 Edition and Windows Vista x64 Edition Service

>>>>>> Pack 1

>>>>>> - Windows Server 2008 for 32-bit Systems (Windows Server 2008

>>>>>> Server

>>>>>> Core installation affected)

>>>>>> - Windows Server 2008 for x64-based Systems (Windows Server 2008

>>>>>> Server Core installation affected)

>>>>>> - Windows Server 2008 for Itanium-based Systems

>>>>>>

>>>>>> - Impact: Remote Code Execution

>>>>>> - Restart Requirement: The update requires a restart

>>>>>> - Version Number: 1.0

>>>>>>

>>>>>> © 2008 Microsoft Corporation

>>>>>> </QP>

>>>>>>

>>>>>> Microsoft will host a webcast to address customer questions on this

>>>>>> out-of-band security bulletin on October 23, 2008, at 1:00 PM Pacific

>>>>>> Time (US & Canada). Register for this out-of-band Security Bulletin

>>>>>> Webcast at the link above.

>>>>>>

>>>>>> [Crossposted to Security, Security Home Users, and Windows Update

>>>>>> newsgroups; Followup To set for Security newsgroup]

>>>>>> --

>>>>>> ~Robear Dyer (PA Bear)

>>>>>> MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002

>>>>>> AumHa VSOP & Admin http://aumha.net

>>>>>> DTS-L http://dts-l.net/ </span></span></span>