Regarding MS04-004, you all should be aware of the following: http://support.microsoft.com/default.aspx?scid=kb;en-us;831167
This issue is affecting us significantly. Mike Thommes -----Original Message----- From: Roger Seielstad [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 11, 2004 3:15 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] MS04-004 I concur. And frankly, those aren't all that secure to begin with, so I don't see it as a huge deal. -------------------------------------------------------------- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. > -----Original Message----- > From: Coleman, Hunter [mailto:[EMAIL PROTECTED] > Sent: Wednesday, February 11, 2004 4:04 PM > To: '[EMAIL PROTECTED]' > Subject: RE: [ActiveDir] MS04-004 > > > It should only affect URLs that embed user names and > passwords. Otherwise, I > don't see anything that would bugger up basic authentication. > But let us > know what you find on your test bench... > > -----Original Message----- > From: Salandra, Justin A. [mailto:[EMAIL PROTECTED] > Sent: Wednesday, February 11, 2004 1:49 PM > To: '[EMAIL PROTECTED]' > Subject: RE: [ActiveDir] MS04-004 > > Is there anyway to permit the basic authentication after it > is installed? > > -----Original Message----- > From: Coleman, Hunter [mailto:[EMAIL PROTECTED] > Sent: Wednesday, February 11, 2004 3:47 PM > To: '[EMAIL PROTECTED]' > Subject: RE: [ActiveDir] MS04-004 > > According to KB834489 > (http://support.microsoft.com/default.aspx?scid=kb;en-us;83448 > 9), it only > applies to HTTP/HTTPS > > Hunter > > ________________________________ > > From: Celone, Mike [mailto:[EMAIL PROTECTED] > Sent: Wednesday, February 11, 2004 1:36 PM > To: '[EMAIL PROTECTED]' > Subject: RE: [ActiveDir] MS04-004 > > > > Anyone know if this also applies to ftp connections too. On > the SMS list > one guy says it does and others say it doesn't? I haven't > deployed the > patch yet but plan on doing it soon. > > Mike > > -----Original Message----- > From: Salandra, Justin A. [mailto:[EMAIL PROTECTED] > Sent: Wednesday, February 11, 2004 3:24 PM > To: Exchange2000 (E-mail); ActiveDir (E-mail) > Subject: [ActiveDir] MS04-004 > > If any of you use Basic Authentication over HTTP or HTTPS you > need to read > this. > http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/ Bulletin/MS04-004.asp <http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security /Bulletin/MS04-004.asp> The cumulative patch for IE no longer supports http://username:[EMAIL PROTECTED]/resource Justin A. Salandra, MCSE Senior Network Engineer Catholic Healthcare System 212.752.7300 - office 917.455.0110 - cell [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
