Greetings to
all:
I need some help in
interpreting the results of two different MSFT security
tools:
1.
MPSA - Microsoft Personal Security Advisor at
2.
HFNetChk - Microsoft Network Security Hotfix Checker at
I am getting very
different results on a NT4 SP6a PDC Server.
Before I give you the results,
let me own up to a couple of things:
1. I
know I've been lax in keeping up with security hotfixes -- but I'm trying to get
up to date now.
2. I
know the MPSA states that it should NOT be used on a server, but I thought it
would be interesting to see the results since the output is more
readable.
The HFNetChk report shows that
there are 9 hotfixes possibly not applied.
The MPSA report shows that
there are 25 hotfixes not applied.
How can there be such a large
difference? Is the MPSA just a bogus report since "it should not be used
on a server"?
Should I just use the HTNetChk
and not worry about the MPSA results?
Environment:
- NT4 SP6a Server, PDC
- IIS4
- Exchange Server 5.5 SP4
- HP NetServer LC2
- 192MB RAM
- 27GB total HD space, 5GB free
- Single server used for small office, 10 users
Here are the
reports:
===========
HFNetChk
===========
WINDOWS NT4
SP6a
WARNING MS99-036 Q155197
WARNING MS99-041 Q242294
Patch NOT Found MS00-081 Q277014
WARNING MS01-022 Q296441
WARNING MS01-041 Q299444
WARNING MS99-041 Q242294
Patch NOT Found MS00-081 Q277014
WARNING MS01-022 Q296441
WARNING MS01-041 Q299444
Internet
Information Server 4.0
WARNING MS99-025 Q184375
WARNING MS00-025 Q259799
WARNING MS00-028 Q260267
WARNING MS01-044 Q301625
=============================================================
WARNING MS00-025 Q259799
WARNING MS00-028 Q260267
WARNING MS01-044 Q301625
=============================================================
==========
MPSA
==========
MS00-003
Spoofed LPC Port Request Vulnerability
MS00-004 RDISK Registry Enumeration File Vulnerability
MS00-005 Malformed RTF Control Word Vulnerability
MS00-007 Recycle Bin Creation Vulnerability
MS00-021 Malformed TCP/IP Print Request Vulnerability
MS00-027 Malformed Environment Variable Vulnerability
MS00-029 IP Fragment Reassembly Vulnerability
MS00-036 ResetBrowser Frame and Host Announcement Frame Vulnerabilities
MS00-040 Remote Registry Access Authentication Vulnerability
MS00-047 NetBIOS Name Server Protocol Spoofing Vulnerability
MS00-052 Relative Shell Path Vulnerability
MS00-063 Invalid URL Vulnerability
MS00-070 Multiple LPC and LPC Ports Vulnerabilities
MS00-081 New Variant of VM File Reading Vulnerability
MS00-091 Incomplete TCP/IP Packet Vulnerability
MS00-095 Registry Permissions Vulnerability
MS01-003 Weak Permissions on Winsock Mutex Can Allow Service Failure
MS01-008 Malformed NTLMSSP Request Can Enable Code to Run with System Privileges
MS01-009 Malformed PPTP Packet Stream Can Cause Kernel Exhaustion
MS01-041 Malformed RPC Request Can Cause Service Failure
MS99-046 Improve TCP Initial Sequence Number Randomness
MS99-047 Malformed Spooler Request Vulnerability
MS99-055 Malformed Resource Enumeration Argument Vulnerability
MS99-056 Syskey Keystream Reuse Vulnerability
MS99-057 Malformed Security Identifier Request Vulnerability
==================================================================
MS00-004 RDISK Registry Enumeration File Vulnerability
MS00-005 Malformed RTF Control Word Vulnerability
MS00-007 Recycle Bin Creation Vulnerability
MS00-021 Malformed TCP/IP Print Request Vulnerability
MS00-027 Malformed Environment Variable Vulnerability
MS00-029 IP Fragment Reassembly Vulnerability
MS00-036 ResetBrowser Frame and Host Announcement Frame Vulnerabilities
MS00-040 Remote Registry Access Authentication Vulnerability
MS00-047 NetBIOS Name Server Protocol Spoofing Vulnerability
MS00-052 Relative Shell Path Vulnerability
MS00-063 Invalid URL Vulnerability
MS00-070 Multiple LPC and LPC Ports Vulnerabilities
MS00-081 New Variant of VM File Reading Vulnerability
MS00-091 Incomplete TCP/IP Packet Vulnerability
MS00-095 Registry Permissions Vulnerability
MS01-003 Weak Permissions on Winsock Mutex Can Allow Service Failure
MS01-008 Malformed NTLMSSP Request Can Enable Code to Run with System Privileges
MS01-009 Malformed PPTP Packet Stream Can Cause Kernel Exhaustion
MS01-041 Malformed RPC Request Can Cause Service Failure
MS99-046 Improve TCP Initial Sequence Number Randomness
MS99-047 Malformed Spooler Request Vulnerability
MS99-055 Malformed Resource Enumeration Argument Vulnerability
MS99-056 Syskey Keystream Reuse Vulnerability
MS99-057 Malformed Security Identifier Request Vulnerability
==================================================================
TIA.
Best Regards,
JMU
Jim Underwood
Apollo Information Systems,
Inc.
Houston, TX 77058
EMail:
[EMAIL PROTECTED]