Chris, My server team was about to install that patch next weekend. So thank you so much!! Just one clarification if you can. Do we need to prevent them from patching only the app server or also the MSSQL server? We do have a remote DB and they were going to patch both the app servers and our db.
Thank you, Pascale Sterrett christopher.pru...@hp.com Sent by: arslist@ARSLIST.ORG 04/14/2011 08:56 AM Please respond to arslist@ARSLIST.ORG To arslist@ARSLIST.ORG cc Subject Re: WARNING on Microsoft MS11-030 KB2509553 Thanks for the heads up, we were planning on applying that patch this weekend. I will stop that right away. Christopher Pruitt Business Consulting III HP Enterprises Services christopher.pru...@hp.com www.hp.com Confidentiality Notice: This message and any files transmitted with it are intended for the sole use of the entity or individual to whom it is addressed, and may contain information that is confidential, privileged, and exempt from disclosure under applicable law. If you are not the intended addressee for this e-mail, you are hereby notified that any copying, distribution, or dissemination of this e-mail is strictly prohibited. If you have received this e-mail in error, please immediately destroy, erase, or discard this message. Please notify the sender immediately by return e-mail if you have received this e-mail by mistake. -----Original Message----- From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of strauss Sent: Thursday, April 14, 2011 10:49 AM To: arslist@ARSLIST.ORG Subject: WARNING on Microsoft MS11-030 KB2509553 After applying this patch to my Reference Server for the 7.6.04 upgrade: Windows 2003 R2 x64 with ARS 7.1.00.003 CMDB 2.1.00.02 and ITSM 7.0.03.009 etc., SQL Server 2005 on remote server), the AR Service immediately and absolutely refuses to start. On reboot from the security patches (there were 15 total) the AR Server would not start automatically, and all subsequent attempts to start it manually saw the armonitor start, then crash. While troubleshooting with BMC support, it could not even be started from the command line. Removing the KB2509553 security update and rebooting solved the problem immediately, with the ARS service starting normally. The only other AR server that I had applied this patch (and all of the others) to was the Staging Server (Windows 2003 R2 x64 with ARS 7.6.04 CMDB 2.1.00.02 and ITSM 7.0.03.009 etc.), and it has a local SQL Server hosting the db so it was not affected. Note that on the problem AR Server, it was still possible to run the SQL Server Management Studio client (2008) and connect to the remote db normally, even though the ARS service could not. Security Bulletin MS11-030 KB2509553 is a Critical patch for a vulnerability in DNS resolution that could allow remote code execution; it slammed the door shut on something that ARS depends on. Until BMC comes up with a solution for this, I will not be applying this patch to any other AR Server, especially my 7.1 production system with a remote db. Christopher Strauss, Ph.D. Call Tracking Administration Manager University of North Texas Computing & IT Center http://itsm.unt.edu/ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: "Where the Answers Are" _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: "Where the Answers Are" If you are not the intended addressee, please inform us immediately that you have received this e-mail in error, and delete it. We thank you for your cooperation. _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: "Where the Answers Are"
