RE: Out of Cycle Critical Windows Patch ?

[gsweers]

I don't know how my week would be complete without a Shookie or some
good BS (BlackStone) thrown around..

 

From: Tim Vander Kooi [mailto:[EMAIL PROTECTED] 
Sent: Monday, October 27, 2008 4:58 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

Martin -> Shook...You've been Blackstoned!!! 

 

From: Martin Blackstone [mailto:[EMAIL PROTECTED] 
Sent: Monday, October 27, 2008 3:48 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

___ = Shook

 

From: Andy Shook [mailto:[EMAIL PROTECTED] 
Sent: Monday, October 27, 2008 1:28 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

Why would you want to find ME2's "giggle spot" unless you're ___

 

Shook

 

From: Jim Majorowicz [mailto:[EMAIL PROTECTED] 
Sent: Monday, October 27, 2008 4:26 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

ME2 did.  He always does.  He then proceeded to share with the rest of
the class, because he enjoys bringing everyone into the gutter with him.
Now excuse me while I go find that giggle spot ME2 was looking for...

 

From: James Rankin [mailto:[EMAIL PROTECTED] 
Sent: Monday, October 27, 2008 8:07 AM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

 

I didn't think of it like that   :-)

2008/10/27 Micheal Espinola Jr <[EMAIL PROTECTED]>

So you came home to find a pink pussy...

Well then.  I'm going to walk away from my computer now and find a
quite section of the building to giggle my ass off in.  Thank you very
much.

--
ME2




On Mon, Oct 27, 2008 at 7:53 AM, James Rankin <[EMAIL PROTECTED]>
wrote:
> It is a long time since I've had to do one of these "panic" patch
> deployments, so I think that MS must be getting on top of it - most of
the
> time :-)
>
> On a lighter note, when I got home yesterday morning my cat was pink.
I kid
> you not, God knows what he has been into.
>
> 2008/10/27 Ziots, Edward <[EMAIL PROTECTED]>
>>
>> Ken,
>>
>> NO offense but I am too tired and pivved off about this to comment
>> anymore about technical merits, or who is right or wrong. This
>> vulnerability is attacking the same darn service that MS06-040 did,
with
>> the same result, unauthenticated remote code execution that is
>> propagating malware, spyware and worm activity which could definitely
>> bring networks to a halt and have a snowball effect across the next.
>>
>> Like I said before, /End Thread... Moving on..
>>
>> Thanks
>> EZ
>>

>> Edward E. Ziots
>> Network Engineer
>> Lifespan Organization
>> MCSE,MCSA,MCP,Security+,Network+,CCA
>> Phone: 401-639-3505
>> -Original Message-

>> From: Ken Schaefer [mailto:[EMAIL PROTECTED]

>> Sent: Sunday, October 26, 2008 9:27 PM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch ?
>>

>> Nothing you are saying is in dispute here. But I still don't see any
>> argument as to why this is the "same type" of vulnerability in 06-040
>> that you previously stated, or why it should have been fixed as such.
>>
>> That you need to spend time patching things isn't different to anyone
>> else here. Unfortunately it's a facet of running software these days
-
>> no matter what the platform you'd be having to the same thing. So, if
>> you are venting, then by all means vent. If you are making some claim
>> about the technical aspects of this vulnerability or patch, then as I
>> asked before, can you provide some information/facts/evidence/etc to
>> substantiate that. Not that I'm doubting you per se, but I'm always
>> looking to further my own technical knowledge (which is why I'm on
this
>> list)
>>

>> Cheers
>> Ken
>>
>> > -Original Message-
>> > From: Ziots, Edward [mailto:[EMAIL PROTECTED]

>> > Sent: Monday, 27 October 2008 12:08 PM
>> > To: NT System Admin Issues

>> > Subject: RE: Out of Cycle Critical Windows Patch ?
>> >

>> > Ken,
>> >
>> > Basically it's a juicy door for exploits, unauthenticated remote
code
>> > execution, non-authenticated access is just that, unauthenticated,
no
>> > trust, no authenticated before authorization and legitimate access.
It
>> > basically a violate of AAA security principles. Honestly, I
personally
>> > loathe any type of weak or non-existent access to systems, and we
seen
>> > it in this one that it keeps opening up the door for attacks.
>> >
>> > Any its pretty easy to get authenticated crede

RE: Out of Cycle Critical Windows Patch ?

[Tim Vander Kooi]

Martin -> Shook...You've been Blackstoned!!!

From: Martin Blackstone [mailto:[EMAIL PROTECTED]
Sent: Monday, October 27, 2008 3:48 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

___ = Shook

From: Andy Shook [mailto:[EMAIL PROTECTED]
Sent: Monday, October 27, 2008 1:28 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Why would you want to find ME2's "giggle spot" unless you're ___

Shook

From: Jim Majorowicz [mailto:[EMAIL PROTECTED]
Sent: Monday, October 27, 2008 4:26 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

ME2 did.  He always does.  He then proceeded to share with the rest of the 
class, because he enjoys bringing everyone into the gutter with him.  Now 
excuse me while I go find that giggle spot ME2 was looking for...

From: James Rankin [mailto:[EMAIL PROTECTED]
Sent: Monday, October 27, 2008 8:07 AM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

I didn't think of it like that   :-)
2008/10/27 Micheal Espinola Jr <[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>>
So you came home to find a pink pussy...

Well then.  I'm going to walk away from my computer now and find a
quite section of the building to giggle my ass off in.  Thank you very
much.

--
ME2



On Mon, Oct 27, 2008 at 7:53 AM, James Rankin <[EMAIL PROTECTED]<mailto:[EMAIL 
PROTECTED]>> wrote:
> It is a long time since I've had to do one of these "panic" patch
> deployments, so I think that MS must be getting on top of it - most of the
> time :-)
>
> On a lighter note, when I got home yesterday morning my cat was pink. I kid
> you not, God knows what he has been into.
>
> 2008/10/27 Ziots, Edward <[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>>
>>
>> Ken,
>>
>> NO offense but I am too tired and pivved off about this to comment
>> anymore about technical merits, or who is right or wrong. This
>> vulnerability is attacking the same darn service that MS06-040 did, with
>> the same result, unauthenticated remote code execution that is
>> propagating malware, spyware and worm activity which could definitely
>> bring networks to a halt and have a snowball effect across the next.
>>
>> Like I said before, /End Thread... Moving on..
>>
>> Thanks
>> EZ
>>
>> Edward E. Ziots
>> Network Engineer
>> Lifespan Organization
>> MCSE,MCSA,MCP,Security+,Network+,CCA
>> Phone: 401-639-3505
>> -Original Message-
>> From: Ken Schaefer [mailto:[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>]
>> Sent: Sunday, October 26, 2008 9:27 PM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch ?
>>
>> Nothing you are saying is in dispute here. But I still don't see any
>> argument as to why this is the "same type" of vulnerability in 06-040
>> that you previously stated, or why it should have been fixed as such.
>>
>> That you need to spend time patching things isn't different to anyone
>> else here. Unfortunately it's a facet of running software these days -
>> no matter what the platform you'd be having to the same thing. So, if
>> you are venting, then by all means vent. If you are making some claim
>> about the technical aspects of this vulnerability or patch, then as I
>> asked before, can you provide some information/facts/evidence/etc to
>> substantiate that. Not that I'm doubting you per se, but I'm always
>> looking to further my own technical knowledge (which is why I'm on this
>> list)
>>
>> Cheers
>> Ken
>>
>> > -Original Message-
>> > From: Ziots, Edward [mailto:[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>]
>> > Sent: Monday, 27 October 2008 12:08 PM
>> > To: NT System Admin Issues
>> > Subject: RE: Out of Cycle Critical Windows Patch ?
>> >
>> > Ken,
>> >
>> > Basically it's a juicy door for exploits, unauthenticated remote code
>> > execution, non-authenticated access is just that, unauthenticated, no
>> > trust, no authenticated before authorization and legitimate access. It
>> > basically a violate of AAA security principles. Honestly, I personally
>> > loathe any type of weak or non-existent access to systems, and we seen
>> > it in this one that it keeps opening up the door for attacks.
>> >
>> > Any its pretty easy to get authenticated credentials harvested from
>> one
>> > exploited system and use these to wack the rest of them. A quick
>> > exploit, dump the hashes, run

RE: Out of Cycle Critical Windows Patch ?

[Tim Vander Kooi]

I SO can't believe you went there...I am going to start a rant now!!! Oh wait. 
I'm giggling too. :-P
TVK


From: Andy Shook [mailto:[EMAIL PROTECTED]
Sent: Monday, October 27, 2008 3:28 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Why would you want to find ME2's "giggle spot" unless you're ___

Shook

From: Jim Majorowicz [mailto:[EMAIL PROTECTED]
Sent: Monday, October 27, 2008 4:26 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

ME2 did.  He always does.  He then proceeded to share with the rest of the 
class, because he enjoys bringing everyone into the gutter with him.  Now 
excuse me while I go find that giggle spot ME2 was looking for...

From: James Rankin [mailto:[EMAIL PROTECTED]
Sent: Monday, October 27, 2008 8:07 AM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

I didn't think of it like that   :-)
2008/10/27 Micheal Espinola Jr <[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>>
So you came home to find a pink pussy...

Well then.  I'm going to walk away from my computer now and find a
quite section of the building to giggle my ass off in.  Thank you very
much.

--
ME2



On Mon, Oct 27, 2008 at 7:53 AM, James Rankin <[EMAIL PROTECTED]<mailto:[EMAIL 
PROTECTED]>> wrote:
> It is a long time since I've had to do one of these "panic" patch
> deployments, so I think that MS must be getting on top of it - most of the
> time :-)
>
> On a lighter note, when I got home yesterday morning my cat was pink. I kid
> you not, God knows what he has been into.
>
> 2008/10/27 Ziots, Edward <[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>>
>>
>> Ken,
>>
>> NO offense but I am too tired and pivved off about this to comment
>> anymore about technical merits, or who is right or wrong. This
>> vulnerability is attacking the same darn service that MS06-040 did, with
>> the same result, unauthenticated remote code execution that is
>> propagating malware, spyware and worm activity which could definitely
>> bring networks to a halt and have a snowball effect across the next.
>>
>> Like I said before, /End Thread... Moving on..
>>
>> Thanks
>> EZ
>>
>> Edward E. Ziots
>> Network Engineer
>> Lifespan Organization
>> MCSE,MCSA,MCP,Security+,Network+,CCA
>> Phone: 401-639-3505
>> -Original Message-
>> From: Ken Schaefer [mailto:[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>]
>> Sent: Sunday, October 26, 2008 9:27 PM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch ?
>>
>> Nothing you are saying is in dispute here. But I still don't see any
>> argument as to why this is the "same type" of vulnerability in 06-040
>> that you previously stated, or why it should have been fixed as such.
>>
>> That you need to spend time patching things isn't different to anyone
>> else here. Unfortunately it's a facet of running software these days -
>> no matter what the platform you'd be having to the same thing. So, if
>> you are venting, then by all means vent. If you are making some claim
>> about the technical aspects of this vulnerability or patch, then as I
>> asked before, can you provide some information/facts/evidence/etc to
>> substantiate that. Not that I'm doubting you per se, but I'm always
>> looking to further my own technical knowledge (which is why I'm on this
>> list)
>>
>> Cheers
>> Ken
>>
>> > -Original Message-
>> > From: Ziots, Edward [mailto:[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>]
>> > Sent: Monday, 27 October 2008 12:08 PM
>> > To: NT System Admin Issues
>> > Subject: RE: Out of Cycle Critical Windows Patch ?
>> >
>> > Ken,
>> >
>> > Basically it's a juicy door for exploits, unauthenticated remote code
>> > execution, non-authenticated access is just that, unauthenticated, no
>> > trust, no authenticated before authorization and legitimate access. It
>> > basically a violate of AAA security principles. Honestly, I personally
>> > loathe any type of weak or non-existent access to systems, and we seen
>> > it in this one that it keeps opening up the door for attacks.
>> >
>> > Any its pretty easy to get authenticated credentials harvested from
>> one
>> > exploited system and use these to wack the rest of them. A quick
>> > exploit, dump the hashes, run em through ophcrack or jack the ripper,
>> > and then impersonate those credentials ( hey generic dumb user) and
&

RE: Out of Cycle Critical Windows Patch ?

[Martin Blackstone]

___ = Shook

 

From: Andy Shook [mailto:[EMAIL PROTECTED] 
Sent: Monday, October 27, 2008 1:28 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

Why would you want to find ME2's "giggle spot" unless you're ___

 

Shook

 

From: Jim Majorowicz [mailto:[EMAIL PROTECTED] 
Sent: Monday, October 27, 2008 4:26 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

ME2 did.  He always does.  He then proceeded to share with the rest of the
class, because he enjoys bringing everyone into the gutter with him.  Now
excuse me while I go find that giggle spot ME2 was looking for.

 

From: James Rankin [mailto:[EMAIL PROTECTED] 
Sent: Monday, October 27, 2008 8:07 AM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

 

I didn't think of it like that   :-)

2008/10/27 Micheal Espinola Jr <[EMAIL PROTECTED]>

So you came home to find a pink pussy...

Well then.  I'm going to walk away from my computer now and find a
quite section of the building to giggle my ass off in.  Thank you very
much.

--
ME2




On Mon, Oct 27, 2008 at 7:53 AM, James Rankin <[EMAIL PROTECTED]> wrote:
> It is a long time since I've had to do one of these "panic" patch
> deployments, so I think that MS must be getting on top of it - most of the
> time :-)
>
> On a lighter note, when I got home yesterday morning my cat was pink. I
kid
> you not, God knows what he has been into.
>
> 2008/10/27 Ziots, Edward <[EMAIL PROTECTED]>
>>
>> Ken,
>>
>> NO offense but I am too tired and pivved off about this to comment
>> anymore about technical merits, or who is right or wrong. This
>> vulnerability is attacking the same darn service that MS06-040 did, with
>> the same result, unauthenticated remote code execution that is
>> propagating malware, spyware and worm activity which could definitely
>> bring networks to a halt and have a snowball effect across the next.
>>
>> Like I said before, /End Thread... Moving on..
>>
>> Thanks
>> EZ
>>

>> Edward E. Ziots
>> Network Engineer
>> Lifespan Organization
>> MCSE,MCSA,MCP,Security+,Network+,CCA
>> Phone: 401-639-3505
>> -Original Message-

>> From: Ken Schaefer [mailto:[EMAIL PROTECTED]

>> Sent: Sunday, October 26, 2008 9:27 PM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch ?
>>

>> Nothing you are saying is in dispute here. But I still don't see any
>> argument as to why this is the "same type" of vulnerability in 06-040
>> that you previously stated, or why it should have been fixed as such.
>>
>> That you need to spend time patching things isn't different to anyone
>> else here. Unfortunately it's a facet of running software these days -
>> no matter what the platform you'd be having to the same thing. So, if
>> you are venting, then by all means vent. If you are making some claim
>> about the technical aspects of this vulnerability or patch, then as I
>> asked before, can you provide some information/facts/evidence/etc to
>> substantiate that. Not that I'm doubting you per se, but I'm always
>> looking to further my own technical knowledge (which is why I'm on this
>> list)
>>

>> Cheers
>> Ken
>>
>> > -Original Message-
>> > From: Ziots, Edward [mailto:[EMAIL PROTECTED]

>> > Sent: Monday, 27 October 2008 12:08 PM
>> > To: NT System Admin Issues

>> > Subject: RE: Out of Cycle Critical Windows Patch ?
>> >

>> > Ken,
>> >
>> > Basically it's a juicy door for exploits, unauthenticated remote code
>> > execution, non-authenticated access is just that, unauthenticated, no
>> > trust, no authenticated before authorization and legitimate access. It
>> > basically a violate of AAA security principles. Honestly, I personally
>> > loathe any type of weak or non-existent access to systems, and we seen
>> > it in this one that it keeps opening up the door for attacks.
>> >
>> > Any its pretty easy to get authenticated credentials harvested from
>> one
>> > exploited system and use these to wack the rest of them. A quick
>> > exploit, dump the hashes, run em through ophcrack or jack the ripper,
>> > and then impersonate those credentials ( hey generic dumb user) and
>> then
>> > run your exploit. Its about a trivial exercise. SO as for Vista and
>> W2k8
>> > being a little less vulnerabile, sorry they are just as vulnerable as
>> > the Win2k,XP, and Win2k3

RE: Out of Cycle Critical Windows Patch ?

[Andy Shook]

Why would you want to find ME2's "giggle spot" unless you're ___

Shook

From: Jim Majorowicz [mailto:[EMAIL PROTECTED]
Sent: Monday, October 27, 2008 4:26 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

ME2 did.  He always does.  He then proceeded to share with the rest of the 
class, because he enjoys bringing everyone into the gutter with him.  Now 
excuse me while I go find that giggle spot ME2 was looking for...

From: James Rankin [mailto:[EMAIL PROTECTED]
Sent: Monday, October 27, 2008 8:07 AM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

I didn't think of it like that   :-)
2008/10/27 Micheal Espinola Jr <[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>>
So you came home to find a pink pussy...

Well then.  I'm going to walk away from my computer now and find a
quite section of the building to giggle my ass off in.  Thank you very
much.

--
ME2



On Mon, Oct 27, 2008 at 7:53 AM, James Rankin <[EMAIL PROTECTED]<mailto:[EMAIL 
PROTECTED]>> wrote:
> It is a long time since I've had to do one of these "panic" patch
> deployments, so I think that MS must be getting on top of it - most of the
> time :-)
>
> On a lighter note, when I got home yesterday morning my cat was pink. I kid
> you not, God knows what he has been into.
>
> 2008/10/27 Ziots, Edward <[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>>
>>
>> Ken,
>>
>> NO offense but I am too tired and pivved off about this to comment
>> anymore about technical merits, or who is right or wrong. This
>> vulnerability is attacking the same darn service that MS06-040 did, with
>> the same result, unauthenticated remote code execution that is
>> propagating malware, spyware and worm activity which could definitely
>> bring networks to a halt and have a snowball effect across the next.
>>
>> Like I said before, /End Thread... Moving on..
>>
>> Thanks
>> EZ
>>
>> Edward E. Ziots
>> Network Engineer
>> Lifespan Organization
>> MCSE,MCSA,MCP,Security+,Network+,CCA
>> Phone: 401-639-3505
>> -Original Message-
>> From: Ken Schaefer [mailto:[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>]
>> Sent: Sunday, October 26, 2008 9:27 PM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch ?
>>
>> Nothing you are saying is in dispute here. But I still don't see any
>> argument as to why this is the "same type" of vulnerability in 06-040
>> that you previously stated, or why it should have been fixed as such.
>>
>> That you need to spend time patching things isn't different to anyone
>> else here. Unfortunately it's a facet of running software these days -
>> no matter what the platform you'd be having to the same thing. So, if
>> you are venting, then by all means vent. If you are making some claim
>> about the technical aspects of this vulnerability or patch, then as I
>> asked before, can you provide some information/facts/evidence/etc to
>> substantiate that. Not that I'm doubting you per se, but I'm always
>> looking to further my own technical knowledge (which is why I'm on this
>> list)
>>
>> Cheers
>> Ken
>>
>> > -Original Message-
>> > From: Ziots, Edward [mailto:[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>]
>> > Sent: Monday, 27 October 2008 12:08 PM
>> > To: NT System Admin Issues
>> > Subject: RE: Out of Cycle Critical Windows Patch ?
>> >
>> > Ken,
>> >
>> > Basically it's a juicy door for exploits, unauthenticated remote code
>> > execution, non-authenticated access is just that, unauthenticated, no
>> > trust, no authenticated before authorization and legitimate access. It
>> > basically a violate of AAA security principles. Honestly, I personally
>> > loathe any type of weak or non-existent access to systems, and we seen
>> > it in this one that it keeps opening up the door for attacks.
>> >
>> > Any its pretty easy to get authenticated credentials harvested from
>> one
>> > exploited system and use these to wack the rest of them. A quick
>> > exploit, dump the hashes, run em through ophcrack or jack the ripper,
>> > and then impersonate those credentials ( hey generic dumb user) and
>> then
>> > run your exploit. Its about a trivial exercise. SO as for Vista and
>> W2k8
>> > being a little less vulnerabile, sorry they are just as vulnerable as
>> > the Win2k,XP, and Win2k3 boxes, when you look at them being on the
>&

RE: Out of Cycle Critical Windows Patch ?

[Jim Majorowicz]

ME2 did.  He always does.  He then proceeded to share with the rest of the
class, because he enjoys bringing everyone into the gutter with him.  Now
excuse me while I go find that giggle spot ME2 was looking for.

 

From: James Rankin [mailto:[EMAIL PROTECTED] 
Sent: Monday, October 27, 2008 8:07 AM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

 

I didn't think of it like that   :-)

2008/10/27 Micheal Espinola Jr <[EMAIL PROTECTED]>

So you came home to find a pink pussy...

Well then.  I'm going to walk away from my computer now and find a
quite section of the building to giggle my ass off in.  Thank you very
much.

--
ME2




On Mon, Oct 27, 2008 at 7:53 AM, James Rankin <[EMAIL PROTECTED]> wrote:
> It is a long time since I've had to do one of these "panic" patch
> deployments, so I think that MS must be getting on top of it - most of the
> time :-)
>
> On a lighter note, when I got home yesterday morning my cat was pink. I
kid
> you not, God knows what he has been into.
>
> 2008/10/27 Ziots, Edward <[EMAIL PROTECTED]>
>>
>> Ken,
>>
>> NO offense but I am too tired and pivved off about this to comment
>> anymore about technical merits, or who is right or wrong. This
>> vulnerability is attacking the same darn service that MS06-040 did, with
>> the same result, unauthenticated remote code execution that is
>> propagating malware, spyware and worm activity which could definitely
>> bring networks to a halt and have a snowball effect across the next.
>>
>> Like I said before, /End Thread... Moving on..
>>
>> Thanks
>> EZ
>>

>> Edward E. Ziots
>> Network Engineer
>> Lifespan Organization
>> MCSE,MCSA,MCP,Security+,Network+,CCA
>> Phone: 401-639-3505
>> -----Original Message-

>> From: Ken Schaefer [mailto:[EMAIL PROTECTED]

>> Sent: Sunday, October 26, 2008 9:27 PM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch ?
>>

>> Nothing you are saying is in dispute here. But I still don't see any
>> argument as to why this is the "same type" of vulnerability in 06-040
>> that you previously stated, or why it should have been fixed as such.
>>
>> That you need to spend time patching things isn't different to anyone
>> else here. Unfortunately it's a facet of running software these days -
>> no matter what the platform you'd be having to the same thing. So, if
>> you are venting, then by all means vent. If you are making some claim
>> about the technical aspects of this vulnerability or patch, then as I
>> asked before, can you provide some information/facts/evidence/etc to
>> substantiate that. Not that I'm doubting you per se, but I'm always
>> looking to further my own technical knowledge (which is why I'm on this
>> list)
>>

>> Cheers
>> Ken
>>
>> > -Original Message-
>> > From: Ziots, Edward [mailto:[EMAIL PROTECTED]

>> > Sent: Monday, 27 October 2008 12:08 PM
>> > To: NT System Admin Issues

>> > Subject: RE: Out of Cycle Critical Windows Patch ?
>> >

>> > Ken,
>> >
>> > Basically it's a juicy door for exploits, unauthenticated remote code
>> > execution, non-authenticated access is just that, unauthenticated, no
>> > trust, no authenticated before authorization and legitimate access. It
>> > basically a violate of AAA security principles. Honestly, I personally
>> > loathe any type of weak or non-existent access to systems, and we seen
>> > it in this one that it keeps opening up the door for attacks.
>> >
>> > Any its pretty easy to get authenticated credentials harvested from
>> one
>> > exploited system and use these to wack the rest of them. A quick
>> > exploit, dump the hashes, run em through ophcrack or jack the ripper,
>> > and then impersonate those credentials ( hey generic dumb user) and
>> then
>> > run your exploit. Its about a trivial exercise. SO as for Vista and
>> W2k8
>> > being a little less vulnerabile, sorry they are just as vulnerable as
>> > the Win2k,XP, and Win2k3 boxes, when you look at them being on the
>> same
>> > network as the others mentioned.
>> >
>> > Again, it's a total pain in the preverbal keister, been up far too
>> many
>> > hours getting my network straight with this patch, calling for a lot
>> of
>> > downtime, and disrupting operations.
>> >
>> > Thanks M$ you guys take the cake on this one:)
>> >
>>

Re: Out of Cycle Critical Windows Patch ?

[James Rankin]

I didn't think of it like that   :-)

2008/10/27 Micheal Espinola Jr <[EMAIL PROTECTED]>

> So you came home to find a pink pussy...
>
> Well then.  I'm going to walk away from my computer now and find a
> quite section of the building to giggle my ass off in.  Thank you very
> much.
>
> --
> ME2
>
>
>
> On Mon, Oct 27, 2008 at 7:53 AM, James Rankin <[EMAIL PROTECTED]>
> wrote:
> > It is a long time since I've had to do one of these "panic" patch
> > deployments, so I think that MS must be getting on top of it - most of
> the
> > time :-)
> >
> > On a lighter note, when I got home yesterday morning my cat was pink. I
> kid
> > you not, God knows what he has been into.
> >
> > 2008/10/27 Ziots, Edward <[EMAIL PROTECTED]>
> >>
> >> Ken,
> >>
> >> NO offense but I am too tired and pivved off about this to comment
> >> anymore about technical merits, or who is right or wrong. This
> >> vulnerability is attacking the same darn service that MS06-040 did, with
> >> the same result, unauthenticated remote code execution that is
> >> propagating malware, spyware and worm activity which could definitely
> >> bring networks to a halt and have a snowball effect across the next.
> >>
> >> Like I said before, /End Thread... Moving on..
> >>
> >> Thanks
> >> EZ
> >>
> >> Edward E. Ziots
> >> Network Engineer
> >> Lifespan Organization
> >> MCSE,MCSA,MCP,Security+,Network+,CCA
> >> Phone: 401-639-3505
> >> -Original Message-
> >> From: Ken Schaefer [mailto:[EMAIL PROTECTED]
> >> Sent: Sunday, October 26, 2008 9:27 PM
> >> To: NT System Admin Issues
> >> Subject: RE: Out of Cycle Critical Windows Patch ?
> >>
> >> Nothing you are saying is in dispute here. But I still don't see any
> >> argument as to why this is the "same type" of vulnerability in 06-040
> >> that you previously stated, or why it should have been fixed as such.
> >>
> >> That you need to spend time patching things isn't different to anyone
> >> else here. Unfortunately it's a facet of running software these days -
> >> no matter what the platform you'd be having to the same thing. So, if
> >> you are venting, then by all means vent. If you are making some claim
> >> about the technical aspects of this vulnerability or patch, then as I
> >> asked before, can you provide some information/facts/evidence/etc to
> >> substantiate that. Not that I'm doubting you per se, but I'm always
> >> looking to further my own technical knowledge (which is why I'm on this
> >> list)
> >>
> >> Cheers
> >> Ken
> >>
> >> > -Original Message-
> >> > From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> >> > Sent: Monday, 27 October 2008 12:08 PM
> >> > To: NT System Admin Issues
> >> > Subject: RE: Out of Cycle Critical Windows Patch ?
> >> >
> >> > Ken,
> >> >
> >> > Basically it's a juicy door for exploits, unauthenticated remote code
> >> > execution, non-authenticated access is just that, unauthenticated, no
> >> > trust, no authenticated before authorization and legitimate access. It
> >> > basically a violate of AAA security principles. Honestly, I personally
> >> > loathe any type of weak or non-existent access to systems, and we seen
> >> > it in this one that it keeps opening up the door for attacks.
> >> >
> >> > Any its pretty easy to get authenticated credentials harvested from
> >> one
> >> > exploited system and use these to wack the rest of them. A quick
> >> > exploit, dump the hashes, run em through ophcrack or jack the ripper,
> >> > and then impersonate those credentials ( hey generic dumb user) and
> >> then
> >> > run your exploit. Its about a trivial exercise. SO as for Vista and
> >> W2k8
> >> > being a little less vulnerabile, sorry they are just as vulnerable as
> >> > the Win2k,XP, and Win2k3 boxes, when you look at them being on the
> >> same
> >> > network as the others mentioned.
> >> >
> >> > Again, it's a total pain in the preverbal keister, been up far too
> >> many
> >> > hours getting my network straight with this patch, calling for a lot
> >> of
> >> > downtime, and disrupting operations.

Re: Out of Cycle Critical Windows Patch ?

[Micheal Espinola Jr]

So you came home to find a pink pussy...

Well then.  I'm going to walk away from my computer now and find a
quite section of the building to giggle my ass off in.  Thank you very
much.

--
ME2



On Mon, Oct 27, 2008 at 7:53 AM, James Rankin <[EMAIL PROTECTED]> wrote:
> It is a long time since I've had to do one of these "panic" patch
> deployments, so I think that MS must be getting on top of it - most of the
> time :-)
>
> On a lighter note, when I got home yesterday morning my cat was pink. I kid
> you not, God knows what he has been into.
>
> 2008/10/27 Ziots, Edward <[EMAIL PROTECTED]>
>>
>> Ken,
>>
>> NO offense but I am too tired and pivved off about this to comment
>> anymore about technical merits, or who is right or wrong. This
>> vulnerability is attacking the same darn service that MS06-040 did, with
>> the same result, unauthenticated remote code execution that is
>> propagating malware, spyware and worm activity which could definitely
>> bring networks to a halt and have a snowball effect across the next.
>>
>> Like I said before, /End Thread... Moving on..
>>
>> Thanks
>> EZ
>>
>> Edward E. Ziots
>> Network Engineer
>> Lifespan Organization
>> MCSE,MCSA,MCP,Security+,Network+,CCA
>> Phone: 401-639-3505
>> -----Original Message-
>> From: Ken Schaefer [mailto:[EMAIL PROTECTED]
>> Sent: Sunday, October 26, 2008 9:27 PM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch ?
>>
>> Nothing you are saying is in dispute here. But I still don't see any
>> argument as to why this is the "same type" of vulnerability in 06-040
>> that you previously stated, or why it should have been fixed as such.
>>
>> That you need to spend time patching things isn't different to anyone
>> else here. Unfortunately it's a facet of running software these days -
>> no matter what the platform you'd be having to the same thing. So, if
>> you are venting, then by all means vent. If you are making some claim
>> about the technical aspects of this vulnerability or patch, then as I
>> asked before, can you provide some information/facts/evidence/etc to
>> substantiate that. Not that I'm doubting you per se, but I'm always
>> looking to further my own technical knowledge (which is why I'm on this
>> list)
>>
>> Cheers
>> Ken
>>
>> > -Original Message-
>> > From: Ziots, Edward [mailto:[EMAIL PROTECTED]
>> > Sent: Monday, 27 October 2008 12:08 PM
>> > To: NT System Admin Issues
>> > Subject: RE: Out of Cycle Critical Windows Patch ?
>> >
>> > Ken,
>> >
>> > Basically it's a juicy door for exploits, unauthenticated remote code
>> > execution, non-authenticated access is just that, unauthenticated, no
>> > trust, no authenticated before authorization and legitimate access. It
>> > basically a violate of AAA security principles. Honestly, I personally
>> > loathe any type of weak or non-existent access to systems, and we seen
>> > it in this one that it keeps opening up the door for attacks.
>> >
>> > Any its pretty easy to get authenticated credentials harvested from
>> one
>> > exploited system and use these to wack the rest of them. A quick
>> > exploit, dump the hashes, run em through ophcrack or jack the ripper,
>> > and then impersonate those credentials ( hey generic dumb user) and
>> then
>> > run your exploit. Its about a trivial exercise. SO as for Vista and
>> W2k8
>> > being a little less vulnerabile, sorry they are just as vulnerable as
>> > the Win2k,XP, and Win2k3 boxes, when you look at them being on the
>> same
>> > network as the others mentioned.
>> >
>> > Again, it's a total pain in the preverbal keister, been up far too
>> many
>> > hours getting my network straight with this patch, calling for a lot
>> of
>> > downtime, and disrupting operations.
>> >
>> > Thanks M$ you guys take the cake on this one:)
>> >
>> > /END Thread
>> > Z
>> >
>> > Edward E. Ziots
>> > Network Engineer
>> > Lifespan Organization
>> > MCSE,MCSA,MCP,Security+,Network+,CCA
>> > Phone: 401-639-3505
>> >
>> > -Original Message-
>> > From: Ken Schaefer [mailto:[EMAIL PROTECTED]
>> > Sent: Sunday, October 26, 2008 8:49 PM
>> > To: NT System Admin Issues
>> > Subject: RE: Out of Cycle Critical Windows

RE: Out of Cycle Critical Windows Patch ?

[Doige, Clayton]

Yikes, I think Steve Ballmer just hacked into Phil's email account ;-)

Clayton Doige
IT Project Manager
CME Development Corporation
T: 020 7430 5355
M: 07949 255062
E:[EMAIL PROTECTED]
W:www.cetv-net.com

-Original Message-
From: Phil Thompson [mailto:[EMAIL PROTECTED] 
Sent: 27 October 2008 11:55
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

I LOVE MICROSOFT..


-Original Message-
From: Rod Trent [mailto:[EMAIL PROTECTED]
Sent: Monday, October 27, 2008 7:37 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Please apply your personal opinions to all other vendors.

-Original Message-
From: Phil Thompson [mailto:[EMAIL PROTECTED]
Sent: Monday, October 27, 2008 7:31 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

I don't see Microsoft.com in your email. Do you work for them?

After 20 years MS should have these holes fixed by now. No excuses!!



-Original Message-
From: Ken Schaefer [mailto:[EMAIL PROTECTED]
Sent: Sunday, October 26, 2008 6:31 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Microsoft does have this...

They also have a bunch of internal staff (ACE) that train developers,
work
on automated tools that analyse code, random code reviews, and creating
prescriptive guidance on how to write better code.

I know one of the guys (Rocky Heckman) on the ACE team out of CBR. He
used
to be a security MVP, and he's one of the smartest coders (and a
security
guy to boot) I know.

Cheers
Ken

> -Original Message-
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Monday, 27 October 2008 8:11 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> I see ya point, my real point is why don't they have pen-testers on
> staff, looking at there systems trying to find the exploits and fix
them
> before the bad-guys do. I mean hiring some security researchers on
staff
> and have them pen-test the non-sense out of your software could go a
> long way in keeping stuff secure..
>
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
>
> -Original Message-
> From: Martin Blackstone [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 10:28 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Fax = fix
>
> -Original Message-
> From: Martin Blackstone [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 7:18 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> I'm not sure I would agree with that. Developing a fix isn't a 15
minute
> job. The chances are they were already hard at work on it. There is a
> ton of
> compatibility and regression testing that goes into a fax.
> They probably got their hand forced because it was out in the wild,
but
> I
> wouldn't go so far as imply they were just sitting around on their
asses
> until something happened.
>
> -Original Message-----
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 6:45 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Yeah someone lit a fire under MSFT arse and they got with the program
on
> this one, but only after they detected systems getting exploited in
the
> wild. Why they didn't determine this flaw back when they patched
06-040
> for the same type of issue we probably will never know...
>
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
>
> -Original Message-
> From: Kurt Buff [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 24, 2008 8:08 PM
> To: NT System Admin Issues
> Subject: Re: Out of Cycle Critical Windows Patch ?
>
> Taking this in a slightly different direction...
>
> I told the IT Director and COO yesterday that I was patching all
> servers, and sending an email to all of the laptop users to do the
> same.
>
> They were a bit skeptical, but not only did the emails that I
> forwarded them from various lists buttress my opinion, this morning I
> got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
> of the message - MSFT is taking this extremely seriously, and you
> should patch now.
>
> Director's comments was "nice job, good of you to jump on this."
>
> Anyone else get a call like this from MSFT? It's the first time I've
> heard of them doing this, and I take it as a really good sign - MSFT
> is finally getting the real clue about this stuff.
>
> Kurt
>
> On Fr

RE: Out of Cycle Critical Windows Patch ?

[Phil Thompson]

I LOVE MICROSOFT..


-Original Message-
From: Rod Trent [mailto:[EMAIL PROTECTED]
Sent: Monday, October 27, 2008 7:37 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Please apply your personal opinions to all other vendors.

-Original Message-
From: Phil Thompson [mailto:[EMAIL PROTECTED]
Sent: Monday, October 27, 2008 7:31 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

I don't see Microsoft.com in your email. Do you work for them?

After 20 years MS should have these holes fixed by now. No excuses!!



-Original Message-
From: Ken Schaefer [mailto:[EMAIL PROTECTED]
Sent: Sunday, October 26, 2008 6:31 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Microsoft does have this...

They also have a bunch of internal staff (ACE) that train developers, work
on automated tools that analyse code, random code reviews, and creating
prescriptive guidance on how to write better code.

I know one of the guys (Rocky Heckman) on the ACE team out of CBR. He used
to be a security MVP, and he's one of the smartest coders (and a security
guy to boot) I know.

Cheers
Ken

> -Original Message-
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Monday, 27 October 2008 8:11 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> I see ya point, my real point is why don't they have pen-testers on
> staff, looking at there systems trying to find the exploits and fix them
> before the bad-guys do. I mean hiring some security researchers on staff
> and have them pen-test the non-sense out of your software could go a
> long way in keeping stuff secure..
>
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
>
> -Original Message-
> From: Martin Blackstone [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 10:28 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Fax = fix
>
> -Original Message-
> From: Martin Blackstone [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 7:18 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> I'm not sure I would agree with that. Developing a fix isn't a 15 minute
> job. The chances are they were already hard at work on it. There is a
> ton of
> compatibility and regression testing that goes into a fax.
> They probably got their hand forced because it was out in the wild, but
> I
> wouldn't go so far as imply they were just sitting around on their asses
> until something happened.
>
> -----Original Message-
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 6:45 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Yeah someone lit a fire under MSFT arse and they got with the program on
> this one, but only after they detected systems getting exploited in the
> wild. Why they didn't determine this flaw back when they patched 06-040
> for the same type of issue we probably will never know...
>
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
>
> -Original Message-
> From: Kurt Buff [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 24, 2008 8:08 PM
> To: NT System Admin Issues
> Subject: Re: Out of Cycle Critical Windows Patch ?
>
> Taking this in a slightly different direction...
>
> I told the IT Director and COO yesterday that I was patching all
> servers, and sending an email to all of the laptop users to do the
> same.
>
> They were a bit skeptical, but not only did the emails that I
> forwarded them from various lists buttress my opinion, this morning I
> got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
> of the message - MSFT is taking this extremely seriously, and you
> should patch now.
>
> Director's comments was "nice job, good of you to jump on this."
>
> Anyone else get a call like this from MSFT? It's the first time I've
> heard of them doing this, and I take it as a really good sign - MSFT
> is finally getting the real clue about this stuff.
>
> Kurt
>
> On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
> <[EMAIL PROTECTED]> wrote:
> > Chaps,
> >
> > The update that was sent out last night, has that caused any issues
> > elsewhere? We've had a spate of calls from users about problems today,
> > several servers which were set to auto-update for various reasons have
> > had varying levels of failur

Re: Out of Cycle Critical Windows Patch ?

[James Rankin]

It is a long time since I've had to do one of these "panic" patch
deployments, so I think that MS must be getting on top of it - most of the
time :-)

On a lighter note, when I got home yesterday morning my cat was pink. I kid
you not, God knows what he has been into.

2008/10/27 Ziots, Edward <[EMAIL PROTECTED]>

> Ken,
>
> NO offense but I am too tired and pivved off about this to comment
> anymore about technical merits, or who is right or wrong. This
> vulnerability is attacking the same darn service that MS06-040 did, with
> the same result, unauthenticated remote code execution that is
> propagating malware, spyware and worm activity which could definitely
> bring networks to a halt and have a snowball effect across the next.
>
> Like I said before, /End Thread... Moving on..
>
> Thanks
> EZ
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
> -Original Message-
> From: Ken Schaefer [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 9:27 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Nothing you are saying is in dispute here. But I still don't see any
> argument as to why this is the "same type" of vulnerability in 06-040
> that you previously stated, or why it should have been fixed as such.
>
> That you need to spend time patching things isn't different to anyone
> else here. Unfortunately it's a facet of running software these days -
> no matter what the platform you'd be having to the same thing. So, if
> you are venting, then by all means vent. If you are making some claim
> about the technical aspects of this vulnerability or patch, then as I
> asked before, can you provide some information/facts/evidence/etc to
> substantiate that. Not that I'm doubting you per se, but I'm always
> looking to further my own technical knowledge (which is why I'm on this
> list)
>
> Cheers
> Ken
>
> > -Original Message-
> > From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> > Sent: Monday, 27 October 2008 12:08 PM
> > To: NT System Admin Issues
> > Subject: RE: Out of Cycle Critical Windows Patch ?
> >
> > Ken,
> >
> > Basically it's a juicy door for exploits, unauthenticated remote code
> > execution, non-authenticated access is just that, unauthenticated, no
> > trust, no authenticated before authorization and legitimate access. It
> > basically a violate of AAA security principles. Honestly, I personally
> > loathe any type of weak or non-existent access to systems, and we seen
> > it in this one that it keeps opening up the door for attacks.
> >
> > Any its pretty easy to get authenticated credentials harvested from
> one
> > exploited system and use these to wack the rest of them. A quick
> > exploit, dump the hashes, run em through ophcrack or jack the ripper,
> > and then impersonate those credentials ( hey generic dumb user) and
> then
> > run your exploit. Its about a trivial exercise. SO as for Vista and
> W2k8
> > being a little less vulnerabile, sorry they are just as vulnerable as
> > the Win2k,XP, and Win2k3 boxes, when you look at them being on the
> same
> > network as the others mentioned.
> >
> > Again, it's a total pain in the preverbal keister, been up far too
> many
> > hours getting my network straight with this patch, calling for a lot
> of
> > downtime, and disrupting operations.
> >
> > Thanks M$ you guys take the cake on this one:)
> >
> > /END Thread
> > Z
> >
> > Edward E. Ziots
> > Network Engineer
> > Lifespan Organization
> > MCSE,MCSA,MCP,Security+,Network+,CCA
> > Phone: 401-639-3505
> >
> > -Original Message-
> > From: Ken Schaefer [mailto:[EMAIL PROTECTED]
> > Sent: Sunday, October 26, 2008 8:49 PM
> > To: NT System Admin Issues
> > Subject: RE: Out of Cycle Critical Windows Patch ?
> >
> > Um, not sure what you are saying here...
> >
> > Are you saying that because there are unauthenticated ways of calling
> > the Server service, then Microsoft needs to review all the pieces of
> > code that the server service calls, even if they aren't part of the
> > server service itself?
> >
> > (FWIW Windows Server 2008 and Vista require authentication by default
> to
> > the server service, so there's one fix).
> >
> > I know they are doing code reviews, but as per the SDL blog, this
> > particular issue in netapi32.dll is a particularly different one to
> fix.
> >
> 

RE: Out of Cycle Critical Windows Patch ?

[Doige, Clayton]

Erm, I am no Microsoft employee so not coming from a defensive point of
view, but will say that there is no such thing as a secure OS, and as
long as there is a will to find exploits in software, for whatever
purpose, then the software will be exploited. Yes it's damn frustrating
to spend 72 hours cleaning up someone's nice little bit of malware, but
it's not the vendor that creates the OS that creates the malware etc.

If Linux was top of the pile in terms of OS popularity then they would
be the main target out there, but Linux is every bit as breakable, as is
any other OS.

So, if you are pitted against a collective will to find weaknesses in a
product that you make for reasons of hacking, hacktivism, fraud, theft,
one-upmanship, script kiddies, and the millions of other motivators for
people to exploit your product, are you ever going to get it bullet
proof? 

In a word, yes, when you stick it in a concrete bunker 20 feet
underground with no internet connection, and no electricity, else, if
you are the manufacturer of anything to do with code you are on a losing
battle in terms of creating something that can't be broken. 

The only hope any vendor has is to catch something before it causes too
much damage and hope the new replacement code is up to the job.

If any of us could do better we would be in a different job with a hole
lot more money after all...

Clayton Doige
IT Project Manager
CME Development Corporation
T: 020 7430 5355
M: 07949 255062
E:[EMAIL PROTECTED]
W:www.cetv-net.com

-Original Message-
From: Phil Thompson [mailto:[EMAIL PROTECTED] 
Sent: 27 October 2008 11:31
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

I don't see Microsoft.com in your email. Do you work for them?

After 20 years MS should have these holes fixed by now. No excuses!!



-Original Message-
From: Ken Schaefer [mailto:[EMAIL PROTECTED]
Sent: Sunday, October 26, 2008 6:31 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Microsoft does have this...

They also have a bunch of internal staff (ACE) that train developers,
work on automated tools that analyse code, random code reviews, and
creating prescriptive guidance on how to write better code.

I know one of the guys (Rocky Heckman) on the ACE team out of CBR. He
used to be a security MVP, and he's one of the smartest coders (and a
security guy to boot) I know.

Cheers
Ken

> -Original Message-
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Monday, 27 October 2008 8:11 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> I see ya point, my real point is why don't they have pen-testers on
> staff, looking at there systems trying to find the exploits and fix
them
> before the bad-guys do. I mean hiring some security researchers on
staff
> and have them pen-test the non-sense out of your software could go a
> long way in keeping stuff secure..
>
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
>
> -Original Message-
> From: Martin Blackstone [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 10:28 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Fax = fix
>
> -Original Message-
> From: Martin Blackstone [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 7:18 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> I'm not sure I would agree with that. Developing a fix isn't a 15
minute
> job. The chances are they were already hard at work on it. There is a
> ton of
> compatibility and regression testing that goes into a fax.
> They probably got their hand forced because it was out in the wild,
but
> I
> wouldn't go so far as imply they were just sitting around on their
asses
> until something happened.
>
> -Original Message-
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 6:45 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Yeah someone lit a fire under MSFT arse and they got with the program
on
> this one, but only after they detected systems getting exploited in
the
> wild. Why they didn't determine this flaw back when they patched
06-040
> for the same type of issue we probably will never know...
>
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
>
> -Original Message-
> From: Kurt Buff [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 24, 2008 8:08 PM
> To: NT System Admin Issues
> Subject: Re: Out of Cycle Critical Windows Patch ?
>
&

RE: Out of Cycle Critical Windows Patch ?

[Ziots, Edward]

Guys don't bash Ken, OK..

Like to end this thread and move on to other stuff. 

We all know these kind of things are utter non-sense, but nobody is
perfect not even M$. 

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Rod Trent [mailto:[EMAIL PROTECTED] 
Sent: Monday, October 27, 2008 7:37 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Please apply your personal opinions to all other vendors.

-Original Message-
From: Phil Thompson [mailto:[EMAIL PROTECTED] 
Sent: Monday, October 27, 2008 7:31 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

I don't see Microsoft.com in your email. Do you work for them?

After 20 years MS should have these holes fixed by now. No excuses!!



-Original Message-
From: Ken Schaefer [mailto:[EMAIL PROTECTED]
Sent: Sunday, October 26, 2008 6:31 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Microsoft does have this...

They also have a bunch of internal staff (ACE) that train developers,
work
on automated tools that analyse code, random code reviews, and creating
prescriptive guidance on how to write better code.

I know one of the guys (Rocky Heckman) on the ACE team out of CBR. He
used
to be a security MVP, and he's one of the smartest coders (and a
security
guy to boot) I know.

Cheers
Ken

> -Original Message-
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Monday, 27 October 2008 8:11 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> I see ya point, my real point is why don't they have pen-testers on
> staff, looking at there systems trying to find the exploits and fix
them
> before the bad-guys do. I mean hiring some security researchers on
staff
> and have them pen-test the non-sense out of your software could go a
> long way in keeping stuff secure..
>
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
>
> -Original Message-
> From: Martin Blackstone [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 10:28 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Fax = fix
>
> -Original Message-
> From: Martin Blackstone [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 7:18 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> I'm not sure I would agree with that. Developing a fix isn't a 15
minute
> job. The chances are they were already hard at work on it. There is a
> ton of
> compatibility and regression testing that goes into a fax.
> They probably got their hand forced because it was out in the wild,
but
> I
> wouldn't go so far as imply they were just sitting around on their
asses
> until something happened.
>
> -Original Message-----
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 6:45 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Yeah someone lit a fire under MSFT arse and they got with the program
on
> this one, but only after they detected systems getting exploited in
the
> wild. Why they didn't determine this flaw back when they patched
06-040
> for the same type of issue we probably will never know...
>
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
>
> -Original Message-
> From: Kurt Buff [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 24, 2008 8:08 PM
> To: NT System Admin Issues
> Subject: Re: Out of Cycle Critical Windows Patch ?
>
> Taking this in a slightly different direction...
>
> I told the IT Director and COO yesterday that I was patching all
> servers, and sending an email to all of the laptop users to do the
> same.
>
> They were a bit skeptical, but not only did the emails that I
> forwarded them from various lists buttress my opinion, this morning I
> got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
> of the message - MSFT is taking this extremely seriously, and you
> should patch now.
>
> Director's comments was "nice job, good of you to jump on this."
>
> Anyone else get a call like this from MSFT? It's the first time I've
> heard of them doing this, and I take it as a really good sign - MSFT
> is finally getting the real clue about this stuff.
>
> Kurt
>
> On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
> <[EMAIL PROTECTED]> wrote:
> > Chaps,
> >
> >

RE: Out of Cycle Critical Windows Patch ?

[Rod Trent]

Please apply your personal opinions to all other vendors.

-Original Message-
From: Phil Thompson [mailto:[EMAIL PROTECTED] 
Sent: Monday, October 27, 2008 7:31 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

I don't see Microsoft.com in your email. Do you work for them?

After 20 years MS should have these holes fixed by now. No excuses!!



-Original Message-
From: Ken Schaefer [mailto:[EMAIL PROTECTED]
Sent: Sunday, October 26, 2008 6:31 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Microsoft does have this...

They also have a bunch of internal staff (ACE) that train developers, work
on automated tools that analyse code, random code reviews, and creating
prescriptive guidance on how to write better code.

I know one of the guys (Rocky Heckman) on the ACE team out of CBR. He used
to be a security MVP, and he's one of the smartest coders (and a security
guy to boot) I know.

Cheers
Ken

> -Original Message-
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Monday, 27 October 2008 8:11 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> I see ya point, my real point is why don't they have pen-testers on
> staff, looking at there systems trying to find the exploits and fix them
> before the bad-guys do. I mean hiring some security researchers on staff
> and have them pen-test the non-sense out of your software could go a
> long way in keeping stuff secure..
>
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
>
> -Original Message-
> From: Martin Blackstone [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 10:28 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Fax = fix
>
> -Original Message-
> From: Martin Blackstone [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 7:18 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> I'm not sure I would agree with that. Developing a fix isn't a 15 minute
> job. The chances are they were already hard at work on it. There is a
> ton of
> compatibility and regression testing that goes into a fax.
> They probably got their hand forced because it was out in the wild, but
> I
> wouldn't go so far as imply they were just sitting around on their asses
> until something happened.
>
> -----Original Message-
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 6:45 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Yeah someone lit a fire under MSFT arse and they got with the program on
> this one, but only after they detected systems getting exploited in the
> wild. Why they didn't determine this flaw back when they patched 06-040
> for the same type of issue we probably will never know...
>
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
>
> -Original Message-
> From: Kurt Buff [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 24, 2008 8:08 PM
> To: NT System Admin Issues
> Subject: Re: Out of Cycle Critical Windows Patch ?
>
> Taking this in a slightly different direction...
>
> I told the IT Director and COO yesterday that I was patching all
> servers, and sending an email to all of the laptop users to do the
> same.
>
> They were a bit skeptical, but not only did the emails that I
> forwarded them from various lists buttress my opinion, this morning I
> got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
> of the message - MSFT is taking this extremely seriously, and you
> should patch now.
>
> Director's comments was "nice job, good of you to jump on this."
>
> Anyone else get a call like this from MSFT? It's the first time I've
> heard of them doing this, and I take it as a really good sign - MSFT
> is finally getting the real clue about this stuff.
>
> Kurt
>
> On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
> <[EMAIL PROTECTED]> wrote:
> > Chaps,
> >
> > The update that was sent out last night, has that caused any issues
> > elsewhere? We've had a spate of calls from users about problems today,
> > several servers which were set to auto-update for various reasons have
> > had varying levels of failure. It's mentally busy here for a Friday,
> and
> > the one thing they have in common is that all the machine rebooted for
> > an update last night.
> >
> > Is it just us ?
>

RE: Out of Cycle Critical Windows Patch ?

[Phil Thompson]

I don't see Microsoft.com in your email. Do you work for them?

After 20 years MS should have these holes fixed by now. No excuses!!



-Original Message-
From: Ken Schaefer [mailto:[EMAIL PROTECTED]
Sent: Sunday, October 26, 2008 6:31 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Microsoft does have this...

They also have a bunch of internal staff (ACE) that train developers, work on 
automated tools that analyse code, random code reviews, and creating 
prescriptive guidance on how to write better code.

I know one of the guys (Rocky Heckman) on the ACE team out of CBR. He used to 
be a security MVP, and he's one of the smartest coders (and a security guy to 
boot) I know.

Cheers
Ken

> -Original Message-
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Monday, 27 October 2008 8:11 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> I see ya point, my real point is why don't they have pen-testers on
> staff, looking at there systems trying to find the exploits and fix them
> before the bad-guys do. I mean hiring some security researchers on staff
> and have them pen-test the non-sense out of your software could go a
> long way in keeping stuff secure..
>
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
>
> -Original Message-
> From: Martin Blackstone [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 10:28 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Fax = fix
>
> -Original Message-
> From: Martin Blackstone [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 7:18 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> I'm not sure I would agree with that. Developing a fix isn't a 15 minute
> job. The chances are they were already hard at work on it. There is a
> ton of
> compatibility and regression testing that goes into a fax.
> They probably got their hand forced because it was out in the wild, but
> I
> wouldn't go so far as imply they were just sitting around on their asses
> until something happened.
>
> -----Original Message-
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 6:45 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Yeah someone lit a fire under MSFT arse and they got with the program on
> this one, but only after they detected systems getting exploited in the
> wild. Why they didn't determine this flaw back when they patched 06-040
> for the same type of issue we probably will never know...
>
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
>
> -Original Message-
> From: Kurt Buff [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 24, 2008 8:08 PM
> To: NT System Admin Issues
> Subject: Re: Out of Cycle Critical Windows Patch ?
>
> Taking this in a slightly different direction...
>
> I told the IT Director and COO yesterday that I was patching all
> servers, and sending an email to all of the laptop users to do the
> same.
>
> They were a bit skeptical, but not only did the emails that I
> forwarded them from various lists buttress my opinion, this morning I
> got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
> of the message - MSFT is taking this extremely seriously, and you
> should patch now.
>
> Director's comments was "nice job, good of you to jump on this."
>
> Anyone else get a call like this from MSFT? It's the first time I've
> heard of them doing this, and I take it as a really good sign - MSFT
> is finally getting the real clue about this stuff.
>
> Kurt
>
> On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
> <[EMAIL PROTECTED]> wrote:
> > Chaps,
> >
> > The update that was sent out last night, has that caused any issues
> > elsewhere? We've had a spate of calls from users about problems today,
> > several servers which were set to auto-update for various reasons have
> > had varying levels of failure. It's mentally busy here for a Friday,
> and
> > the one thing they have in common is that all the machine rebooted for
> > an update last night.
> >
> > Is it just us ?
> >
> > Olly
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ~ Finally, powerful endpoint security that ISN&

RE: Out of Cycle Critical Windows Patch ?

[Ziots, Edward]

Ken, 

NO offense but I am too tired and pivved off about this to comment
anymore about technical merits, or who is right or wrong. This
vulnerability is attacking the same darn service that MS06-040 did, with
the same result, unauthenticated remote code execution that is
propagating malware, spyware and worm activity which could definitely
bring networks to a halt and have a snowball effect across the next. 

Like I said before, /End Thread... Moving on..

Thanks
EZ

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505
-Original Message-
From: Ken Schaefer [mailto:[EMAIL PROTECTED] 
Sent: Sunday, October 26, 2008 9:27 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Nothing you are saying is in dispute here. But I still don't see any
argument as to why this is the "same type" of vulnerability in 06-040
that you previously stated, or why it should have been fixed as such.

That you need to spend time patching things isn't different to anyone
else here. Unfortunately it's a facet of running software these days -
no matter what the platform you'd be having to the same thing. So, if
you are venting, then by all means vent. If you are making some claim
about the technical aspects of this vulnerability or patch, then as I
asked before, can you provide some information/facts/evidence/etc to
substantiate that. Not that I'm doubting you per se, but I'm always
looking to further my own technical knowledge (which is why I'm on this
list)

Cheers
Ken

> -Original Message-
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Monday, 27 October 2008 12:08 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Ken,
>
> Basically it's a juicy door for exploits, unauthenticated remote code
> execution, non-authenticated access is just that, unauthenticated, no
> trust, no authenticated before authorization and legitimate access. It
> basically a violate of AAA security principles. Honestly, I personally
> loathe any type of weak or non-existent access to systems, and we seen
> it in this one that it keeps opening up the door for attacks.
>
> Any its pretty easy to get authenticated credentials harvested from
one
> exploited system and use these to wack the rest of them. A quick
> exploit, dump the hashes, run em through ophcrack or jack the ripper,
> and then impersonate those credentials ( hey generic dumb user) and
then
> run your exploit. Its about a trivial exercise. SO as for Vista and
W2k8
> being a little less vulnerabile, sorry they are just as vulnerable as
> the Win2k,XP, and Win2k3 boxes, when you look at them being on the
same
> network as the others mentioned.
>
> Again, it's a total pain in the preverbal keister, been up far too
many
> hours getting my network straight with this patch, calling for a lot
of
> downtime, and disrupting operations.
>
> Thanks M$ you guys take the cake on this one:)
>
> /END Thread
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
>
> -Original Message-
> From: Ken Schaefer [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 8:49 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Um, not sure what you are saying here...
>
> Are you saying that because there are unauthenticated ways of calling
> the Server service, then Microsoft needs to review all the pieces of
> code that the server service calls, even if they aren't part of the
> server service itself?
>
> (FWIW Windows Server 2008 and Vista require authentication by default
to
> the server service, so there's one fix).
>
> I know they are doing code reviews, but as per the SDL blog, this
> particular issue in netapi32.dll is a particularly different one to
fix.
>
> Cheers
> Ken
>
> > -Original Message-
> > From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> > Sent: Monday, 27 October 2008 11:44 AM
> > To: NT System Admin Issues
> > Subject: RE: Out of Cycle Critical Windows Patch ?
> >
> > Yean pretty aware that netapi32.dll is called by a lot of items,
which
> > sends the attack vector up quite a bit, but the server service was
the
> > route into both if memory serves me right, so question is why did
> > another unauthenticated RPC error attack with that service as the
> route
> > happen again when they made a fix for a similar vulnerability 2+ yrs
> > ago..
> >
> > Z
> >
> > Edward E. Ziots
> > Network Engineer
> > Lifespan Organization
> > MCSE,MCSA,MCP,Security+,Network+,CC

RE: Out of Cycle Critical Windows Patch ?

[Ken Schaefer]

Nothing you are saying is in dispute here. But I still don't see any argument 
as to why this is the "same type" of vulnerability in 06-040 that you 
previously stated, or why it should have been fixed as such.

That you need to spend time patching things isn't different to anyone else 
here. Unfortunately it's a facet of running software these days - no matter 
what the platform you'd be having to the same thing. So, if you are venting, 
then by all means vent. If you are making some claim about the technical 
aspects of this vulnerability or patch, then as I asked before, can you provide 
some information/facts/evidence/etc to substantiate that. Not that I'm doubting 
you per se, but I'm always looking to further my own technical knowledge (which 
is why I'm on this list)

Cheers
Ken

> -Original Message-
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Monday, 27 October 2008 12:08 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Ken,
>
> Basically it's a juicy door for exploits, unauthenticated remote code
> execution, non-authenticated access is just that, unauthenticated, no
> trust, no authenticated before authorization and legitimate access. It
> basically a violate of AAA security principles. Honestly, I personally
> loathe any type of weak or non-existent access to systems, and we seen
> it in this one that it keeps opening up the door for attacks.
>
> Any its pretty easy to get authenticated credentials harvested from one
> exploited system and use these to wack the rest of them. A quick
> exploit, dump the hashes, run em through ophcrack or jack the ripper,
> and then impersonate those credentials ( hey generic dumb user) and then
> run your exploit. Its about a trivial exercise. SO as for Vista and W2k8
> being a little less vulnerabile, sorry they are just as vulnerable as
> the Win2k,XP, and Win2k3 boxes, when you look at them being on the same
> network as the others mentioned.
>
> Again, it's a total pain in the preverbal keister, been up far too many
> hours getting my network straight with this patch, calling for a lot of
> downtime, and disrupting operations.
>
> Thanks M$ you guys take the cake on this one:)
>
> /END Thread
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
>
> -Original Message-
> From: Ken Schaefer [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 8:49 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Um, not sure what you are saying here...
>
> Are you saying that because there are unauthenticated ways of calling
> the Server service, then Microsoft needs to review all the pieces of
> code that the server service calls, even if they aren't part of the
> server service itself?
>
> (FWIW Windows Server 2008 and Vista require authentication by default to
> the server service, so there's one fix).
>
> I know they are doing code reviews, but as per the SDL blog, this
> particular issue in netapi32.dll is a particularly different one to fix.
>
> Cheers
> Ken
>
> > -Original Message-
> > From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> > Sent: Monday, 27 October 2008 11:44 AM
> > To: NT System Admin Issues
> > Subject: RE: Out of Cycle Critical Windows Patch ?
> >
> > Yean pretty aware that netapi32.dll is called by a lot of items, which
> > sends the attack vector up quite a bit, but the server service was the
> > route into both if memory serves me right, so question is why did
> > another unauthenticated RPC error attack with that service as the
> route
> > happen again when they made a fix for a similar vulnerability 2+ yrs
> > ago..
> >
> > Z
> >
> > Edward E. Ziots
> > Network Engineer
> > Lifespan Organization
> > MCSE,MCSA,MCP,Security+,Network+,CCA
> > Phone: 401-639-3505
> > -Original Message-
> > From: Ken Schaefer [mailto:[EMAIL PROTECTED]
> > Sent: Sunday, October 26, 2008 6:50 PM
> > To: NT System Admin Issues
> > Subject: RE: Out of Cycle Critical Windows Patch ?
> >
> > Hmm - I check MS06-040 again, and I don't think they are the same
> "type"
> > of issue.
> >
> > The current bug is in the NetCanonicalize API - not in the Server
> > service. It's just that the server service is a route to get to that
> bug
> > - because it calls that API. But it's entirely possible for /other/
> > applications to also call that API. Just use Process Explorer, and see
> > how many applicati

RE: Out of Cycle Critical Windows Patch ?

[Ziots, Edward]

Ken, 

Basically it's a juicy door for exploits, unauthenticated remote code
execution, non-authenticated access is just that, unauthenticated, no
trust, no authenticated before authorization and legitimate access. It
basically a violate of AAA security principles. Honestly, I personally
loathe any type of weak or non-existent access to systems, and we seen
it in this one that it keeps opening up the door for attacks. 

Any its pretty easy to get authenticated credentials harvested from one
exploited system and use these to wack the rest of them. A quick
exploit, dump the hashes, run em through ophcrack or jack the ripper,
and then impersonate those credentials ( hey generic dumb user) and then
run your exploit. Its about a trivial exercise. SO as for Vista and W2k8
being a little less vulnerabile, sorry they are just as vulnerable as
the Win2k,XP, and Win2k3 boxes, when you look at them being on the same
network as the others mentioned. 

Again, it's a total pain in the preverbal keister, been up far too many
hours getting my network straight with this patch, calling for a lot of
downtime, and disrupting operations. 

Thanks M$ you guys take the cake on this one:)

/END Thread
Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Ken Schaefer [mailto:[EMAIL PROTECTED] 
Sent: Sunday, October 26, 2008 8:49 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Um, not sure what you are saying here...

Are you saying that because there are unauthenticated ways of calling
the Server service, then Microsoft needs to review all the pieces of
code that the server service calls, even if they aren't part of the
server service itself?

(FWIW Windows Server 2008 and Vista require authentication by default to
the server service, so there's one fix).

I know they are doing code reviews, but as per the SDL blog, this
particular issue in netapi32.dll is a particularly different one to fix.

Cheers
Ken

> -Original Message-
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Monday, 27 October 2008 11:44 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Yean pretty aware that netapi32.dll is called by a lot of items, which
> sends the attack vector up quite a bit, but the server service was the
> route into both if memory serves me right, so question is why did
> another unauthenticated RPC error attack with that service as the
route
> happen again when they made a fix for a similar vulnerability 2+ yrs
> ago..
>
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
> -Original Message-
> From: Ken Schaefer [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 6:50 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Hmm - I check MS06-040 again, and I don't think they are the same
"type"
> of issue.
>
> The current bug is in the NetCanonicalize API - not in the Server
> service. It's just that the server service is a route to get to that
bug
> - because it calls that API. But it's entirely possible for /other/
> applications to also call that API. Just use Process Explorer, and see
> how many applications are using Netapi32.dll - I think you'll find
it's
> a lot. Any of these /might/ also call that API, and become a vector
for
> compromise.
>
> Cheers
> Ken
>
> > -Original Message-
> > From: Ken Schaefer [mailto:[EMAIL PROTECTED]
> > Sent: Monday, 27 October 2008 9:28 AM
> > To: NT System Admin Issues
> > Subject: RE: Out of Cycle Critical Windows Patch ?
> >
> > According to the SDL blog, this is why this particular issue is not
> easy to
> > discover, especially using automated analysis:
> > http://blogs.msdn.com/sdl/archive/2008/10/22/ms08-067.aspx
> >
> > Cheers
> > Ken
> >
> > > -Original Message-
> > > From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> > > Sent: Monday, 27 October 2008 12:45 AM
> > > To: NT System Admin Issues
> > > Subject: RE: Out of Cycle Critical Windows Patch ?
> > >
> > > Yeah someone lit a fire under MSFT arse and they got with the
> program on
> > > this one, but only after they detected systems getting exploited
in
> the
> > > wild. Why they didn't determine this flaw back when they patched
> 06-040
> > > for the same type of issue we probably will never know...
> > >
> > > Z
> > >
> > > Edward E. Ziots
> > > Network Engineer
> > > Lifespan Organization
> > >

RE: Out of Cycle Critical Windows Patch ?

[Ken Schaefer]

Um, not sure what you are saying here...

Are you saying that because there are unauthenticated ways of calling the 
Server service, then Microsoft needs to review all the pieces of code that the 
server service calls, even if they aren't part of the server service itself?

(FWIW Windows Server 2008 and Vista require authentication by default to the 
server service, so there's one fix).

I know they are doing code reviews, but as per the SDL blog, this particular 
issue in netapi32.dll is a particularly different one to fix.

Cheers
Ken

> -Original Message-
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Monday, 27 October 2008 11:44 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Yean pretty aware that netapi32.dll is called by a lot of items, which
> sends the attack vector up quite a bit, but the server service was the
> route into both if memory serves me right, so question is why did
> another unauthenticated RPC error attack with that service as the route
> happen again when they made a fix for a similar vulnerability 2+ yrs
> ago..
>
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
> -Original Message-
> From: Ken Schaefer [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 6:50 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Hmm - I check MS06-040 again, and I don't think they are the same "type"
> of issue.
>
> The current bug is in the NetCanonicalize API - not in the Server
> service. It's just that the server service is a route to get to that bug
> - because it calls that API. But it's entirely possible for /other/
> applications to also call that API. Just use Process Explorer, and see
> how many applications are using Netapi32.dll - I think you'll find it's
> a lot. Any of these /might/ also call that API, and become a vector for
> compromise.
>
> Cheers
> Ken
>
> > -----Original Message-----
> > From: Ken Schaefer [mailto:[EMAIL PROTECTED]
> > Sent: Monday, 27 October 2008 9:28 AM
> > To: NT System Admin Issues
> > Subject: RE: Out of Cycle Critical Windows Patch ?
> >
> > According to the SDL blog, this is why this particular issue is not
> easy to
> > discover, especially using automated analysis:
> > http://blogs.msdn.com/sdl/archive/2008/10/22/ms08-067.aspx
> >
> > Cheers
> > Ken
> >
> > > -Original Message-
> > > From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> > > Sent: Monday, 27 October 2008 12:45 AM
> > > To: NT System Admin Issues
> > > Subject: RE: Out of Cycle Critical Windows Patch ?
> > >
> > > Yeah someone lit a fire under MSFT arse and they got with the
> program on
> > > this one, but only after they detected systems getting exploited in
> the
> > > wild. Why they didn't determine this flaw back when they patched
> 06-040
> > > for the same type of issue we probably will never know...
> > >
> > > Z
> > >
> > > Edward E. Ziots
> > > Network Engineer
> > > Lifespan Organization
> > > MCSE,MCSA,MCP,Security+,Network+,CCA
> > > Phone: 401-639-3505
> > >
> > > -Original Message-
> > > From: Kurt Buff [mailto:[EMAIL PROTECTED]
> > > Sent: Friday, October 24, 2008 8:08 PM
> > > To: NT System Admin Issues
> > > Subject: Re: Out of Cycle Critical Windows Patch ?
> > >
> > > Taking this in a slightly different direction...
> > >
> > > I told the IT Director and COO yesterday that I was patching all
> > > servers, and sending an email to all of the laptop users to do the
> > > same.
> > >
> > > They were a bit skeptical, but not only did the emails that I
> > > forwarded them from various lists buttress my opinion, this morning
> I
> > > got forwarded a voicemail by the IT Director, from a rep at MSFT.
> Gist
> > > of the message - MSFT is taking this extremely seriously, and you
> > > should patch now.
> > >
> > > Director's comments was "nice job, good of you to jump on this."
> > >
> > > Anyone else get a call like this from MSFT? It's the first time I've
> > > heard of them doing this, and I take it as a really good sign - MSFT
> > > is finally getting the real clue about this stuff.
> > >
> > > Kurt
> > >
> > > On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
> > > <[EMAIL

RE: Out of Cycle Critical Windows Patch ?

[Ziots, Edward]

Yean pretty aware that netapi32.dll is called by a lot of items, which
sends the attack vector up quite a bit, but the server service was the
route into both if memory serves me right, so question is why did
another unauthenticated RPC error attack with that service as the route
happen again when they made a fix for a similar vulnerability 2+ yrs
ago..

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505
-Original Message-
From: Ken Schaefer [mailto:[EMAIL PROTECTED] 
Sent: Sunday, October 26, 2008 6:50 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Hmm - I check MS06-040 again, and I don't think they are the same "type"
of issue.

The current bug is in the NetCanonicalize API - not in the Server
service. It's just that the server service is a route to get to that bug
- because it calls that API. But it's entirely possible for /other/
applications to also call that API. Just use Process Explorer, and see
how many applications are using Netapi32.dll - I think you'll find it's
a lot. Any of these /might/ also call that API, and become a vector for
compromise.

Cheers
Ken

> -Original Message-
> From: Ken Schaefer [mailto:[EMAIL PROTECTED]
> Sent: Monday, 27 October 2008 9:28 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> According to the SDL blog, this is why this particular issue is not
easy to
> discover, especially using automated analysis:
> http://blogs.msdn.com/sdl/archive/2008/10/22/ms08-067.aspx
>
> Cheers
> Ken
>
> > -Original Message-
> > From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> > Sent: Monday, 27 October 2008 12:45 AM
> > To: NT System Admin Issues
> > Subject: RE: Out of Cycle Critical Windows Patch ?
> >
> > Yeah someone lit a fire under MSFT arse and they got with the
program on
> > this one, but only after they detected systems getting exploited in
the
> > wild. Why they didn't determine this flaw back when they patched
06-040
> > for the same type of issue we probably will never know...
> >
> > Z
> >
> > Edward E. Ziots
> > Network Engineer
> > Lifespan Organization
> > MCSE,MCSA,MCP,Security+,Network+,CCA
> > Phone: 401-639-3505
> >
> > -Original Message-
> > From: Kurt Buff [mailto:[EMAIL PROTECTED]
> > Sent: Friday, October 24, 2008 8:08 PM
> > To: NT System Admin Issues
> > Subject: Re: Out of Cycle Critical Windows Patch ?
> >
> > Taking this in a slightly different direction...
> >
> > I told the IT Director and COO yesterday that I was patching all
> > servers, and sending an email to all of the laptop users to do the
> > same.
> >
> > They were a bit skeptical, but not only did the emails that I
> > forwarded them from various lists buttress my opinion, this morning
I
> > got forwarded a voicemail by the IT Director, from a rep at MSFT.
Gist
> > of the message - MSFT is taking this extremely seriously, and you
> > should patch now.
> >
> > Director's comments was "nice job, good of you to jump on this."
> >
> > Anyone else get a call like this from MSFT? It's the first time I've
> > heard of them doing this, and I take it as a really good sign - MSFT
> > is finally getting the real clue about this stuff.
> >
> > Kurt
> >
> > On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
> > <[EMAIL PROTECTED]> wrote:
> > > Chaps,
> > >
> > > The update that was sent out last night, has that caused any
issues
> > > elsewhere? We've had a spate of calls from users about problems
today,
> > > several servers which were set to auto-update for various reasons
have
> > > had varying levels of failure. It's mentally busy here for a
Friday,
> > and
> > > the one thing they have in common is that all the machine rebooted
for
> > > an update last night.
> > >
> > > Is it just us ?
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Ken Schaefer]

Hmm - I check MS06-040 again, and I don't think they are the same "type" of 
issue.

The current bug is in the NetCanonicalize API - not in the Server service. It's 
just that the server service is a route to get to that bug - because it calls 
that API. But it's entirely possible for /other/ applications to also call that 
API. Just use Process Explorer, and see how many applications are using 
Netapi32.dll - I think you'll find it's a lot. Any of these /might/ also call 
that API, and become a vector for compromise.

Cheers
Ken

> -Original Message-
> From: Ken Schaefer [mailto:[EMAIL PROTECTED]
> Sent: Monday, 27 October 2008 9:28 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> According to the SDL blog, this is why this particular issue is not easy to
> discover, especially using automated analysis:
> http://blogs.msdn.com/sdl/archive/2008/10/22/ms08-067.aspx
>
> Cheers
> Ken
>
> > -Original Message-
> > From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> > Sent: Monday, 27 October 2008 12:45 AM
> > To: NT System Admin Issues
> > Subject: RE: Out of Cycle Critical Windows Patch ?
> >
> > Yeah someone lit a fire under MSFT arse and they got with the program on
> > this one, but only after they detected systems getting exploited in the
> > wild. Why they didn't determine this flaw back when they patched 06-040
> > for the same type of issue we probably will never know...
> >
> > Z
> >
> > Edward E. Ziots
> > Network Engineer
> > Lifespan Organization
> > MCSE,MCSA,MCP,Security+,Network+,CCA
> > Phone: 401-639-3505
> >
> > -Original Message-
> > From: Kurt Buff [mailto:[EMAIL PROTECTED]
> > Sent: Friday, October 24, 2008 8:08 PM
> > To: NT System Admin Issues
> > Subject: Re: Out of Cycle Critical Windows Patch ?
> >
> > Taking this in a slightly different direction...
> >
> > I told the IT Director and COO yesterday that I was patching all
> > servers, and sending an email to all of the laptop users to do the
> > same.
> >
> > They were a bit skeptical, but not only did the emails that I
> > forwarded them from various lists buttress my opinion, this morning I
> > got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
> > of the message - MSFT is taking this extremely seriously, and you
> > should patch now.
> >
> > Director's comments was "nice job, good of you to jump on this."
> >
> > Anyone else get a call like this from MSFT? It's the first time I've
> > heard of them doing this, and I take it as a really good sign - MSFT
> > is finally getting the real clue about this stuff.
> >
> > Kurt
> >
> > On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
> > <[EMAIL PROTECTED]> wrote:
> > > Chaps,
> > >
> > > The update that was sent out last night, has that caused any issues
> > > elsewhere? We've had a spate of calls from users about problems today,
> > > several servers which were set to auto-update for various reasons have
> > > had varying levels of failure. It's mentally busy here for a Friday,
> > and
> > > the one thing they have in common is that all the machine rebooted for
> > > an update last night.
> > >
> > > Is it just us ?
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Ken Schaefer]

Microsoft does have this...

They also have a bunch of internal staff (ACE) that train developers, work on 
automated tools that analyse code, random code reviews, and creating 
prescriptive guidance on how to write better code.

I know one of the guys (Rocky Heckman) on the ACE team out of CBR. He used to 
be a security MVP, and he's one of the smartest coders (and a security guy to 
boot) I know.

Cheers
Ken

> -Original Message-
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Monday, 27 October 2008 8:11 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> I see ya point, my real point is why don't they have pen-testers on
> staff, looking at there systems trying to find the exploits and fix them
> before the bad-guys do. I mean hiring some security researchers on staff
> and have them pen-test the non-sense out of your software could go a
> long way in keeping stuff secure..
>
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
>
> -Original Message-
> From: Martin Blackstone [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 10:28 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Fax = fix
>
> -Original Message-
> From: Martin Blackstone [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 7:18 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> I'm not sure I would agree with that. Developing a fix isn't a 15 minute
> job. The chances are they were already hard at work on it. There is a
> ton of
> compatibility and regression testing that goes into a fax.
> They probably got their hand forced because it was out in the wild, but
> I
> wouldn't go so far as imply they were just sitting around on their asses
> until something happened.
>
> -----Original Message-----
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 26, 2008 6:45 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Yeah someone lit a fire under MSFT arse and they got with the program on
> this one, but only after they detected systems getting exploited in the
> wild. Why they didn't determine this flaw back when they patched 06-040
> for the same type of issue we probably will never know...
>
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
>
> -Original Message-
> From: Kurt Buff [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 24, 2008 8:08 PM
> To: NT System Admin Issues
> Subject: Re: Out of Cycle Critical Windows Patch ?
>
> Taking this in a slightly different direction...
>
> I told the IT Director and COO yesterday that I was patching all
> servers, and sending an email to all of the laptop users to do the
> same.
>
> They were a bit skeptical, but not only did the emails that I
> forwarded them from various lists buttress my opinion, this morning I
> got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
> of the message - MSFT is taking this extremely seriously, and you
> should patch now.
>
> Director's comments was "nice job, good of you to jump on this."
>
> Anyone else get a call like this from MSFT? It's the first time I've
> heard of them doing this, and I take it as a really good sign - MSFT
> is finally getting the real clue about this stuff.
>
> Kurt
>
> On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
> <[EMAIL PROTECTED]> wrote:
> > Chaps,
> >
> > The update that was sent out last night, has that caused any issues
> > elsewhere? We've had a spate of calls from users about problems today,
> > several servers which were set to auto-update for various reasons have
> > had varying levels of failure. It's mentally busy here for a Friday,
> and
> > the one thing they have in common is that all the machine rebooted for
> > an update last night.
> >
> > Is it just us ?
> >
> > Olly
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Ken Schaefer]

According to the SDL blog, this is why this particular issue is not easy to 
discover, especially using automated analysis:
http://blogs.msdn.com/sdl/archive/2008/10/22/ms08-067.aspx

Cheers
Ken

> -Original Message-
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Monday, 27 October 2008 12:45 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Yeah someone lit a fire under MSFT arse and they got with the program on
> this one, but only after they detected systems getting exploited in the
> wild. Why they didn't determine this flaw back when they patched 06-040
> for the same type of issue we probably will never know...
>
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
>
> -Original Message-
> From: Kurt Buff [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 24, 2008 8:08 PM
> To: NT System Admin Issues
> Subject: Re: Out of Cycle Critical Windows Patch ?
>
> Taking this in a slightly different direction...
>
> I told the IT Director and COO yesterday that I was patching all
> servers, and sending an email to all of the laptop users to do the
> same.
>
> They were a bit skeptical, but not only did the emails that I
> forwarded them from various lists buttress my opinion, this morning I
> got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
> of the message - MSFT is taking this extremely seriously, and you
> should patch now.
>
> Director's comments was "nice job, good of you to jump on this."
>
> Anyone else get a call like this from MSFT? It's the first time I've
> heard of them doing this, and I take it as a really good sign - MSFT
> is finally getting the real clue about this stuff.
>
> Kurt
>
> On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
> <[EMAIL PROTECTED]> wrote:
> > Chaps,
> >
> > The update that was sent out last night, has that caused any issues
> > elsewhere? We've had a spate of calls from users about problems today,
> > several servers which were set to auto-update for various reasons have
> > had varying levels of failure. It's mentally busy here for a Friday,
> and
> > the one thing they have in common is that all the machine rebooted for
> > an update last night.
> >
> > Is it just us ?


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Ziots, Edward]

I totally agree, 
Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505
-Original Message-
From: Phil Thompson [mailto:[EMAIL PROTECTED] 
Sent: Sunday, October 26, 2008 5:39 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

A hole that covers everyone of their OS's???

They need to hire more hackers. I think that 50 billion in cash would
cover a few of them.


From: Ziots, Edward [EMAIL PROTECTED]
Sent: Sunday, October 26, 2008 5:10 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

I see ya point, my real point is why don't they have pen-testers on
staff, looking at there systems trying to find the exploits and fix them
before the bad-guys do. I mean hiring some security researchers on staff
and have them pen-test the non-sense out of your software could go a
long way in keeping stuff secure..

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Martin Blackstone [mailto:[EMAIL PROTECTED]
Sent: Sunday, October 26, 2008 10:28 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Fax = fix

-Original Message-
From: Martin Blackstone [mailto:[EMAIL PROTECTED]
Sent: Sunday, October 26, 2008 7:18 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

I'm not sure I would agree with that. Developing a fix isn't a 15 minute
job. The chances are they were already hard at work on it. There is a
ton of
compatibility and regression testing that goes into a fax.
They probably got their hand forced because it was out in the wild, but
I
wouldn't go so far as imply they were just sitting around on their asses
until something happened.

-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED]
Sent: Sunday, October 26, 2008 6:45 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Yeah someone lit a fire under MSFT arse and they got with the program on
this one, but only after they detected systems getting exploited in the
wild. Why they didn't determine this flaw back when they patched 06-040
for the same type of issue we probably will never know...

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Kurt Buff [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 8:08 PM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

Taking this in a slightly different direction...

I told the IT Director and COO yesterday that I was patching all
servers, and sending an email to all of the laptop users to do the
same.

They were a bit skeptical, but not only did the emails that I
forwarded them from various lists buttress my opinion, this morning I
got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
of the message - MSFT is taking this extremely seriously, and you
should patch now.

Director's comments was "nice job, good of you to jump on this."

Anyone else get a call like this from MSFT? It's the first time I've
heard of them doing this, and I take it as a really good sign - MSFT
is finally getting the real clue about this stuff.

Kurt

On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
<[EMAIL PROTECTED]> wrote:
> Chaps,
>
> The update that was sent out last night, has that caused any issues
> elsewhere? We've had a spate of calls from users about problems today,
> several servers which were set to auto-update for various reasons have
> had varying levels of failure. It's mentally busy here for a Friday,
and
> the one thing they have in common is that all the machine rebooted for
> an update last night.
>
> Is it just us ?
>
> Olly

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Phil Thompson]

A hole that covers everyone of their OS's???

They need to hire more hackers. I think that 50 billion in cash would cover a 
few of them.


From: Ziots, Edward [EMAIL PROTECTED]
Sent: Sunday, October 26, 2008 5:10 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

I see ya point, my real point is why don't they have pen-testers on
staff, looking at there systems trying to find the exploits and fix them
before the bad-guys do. I mean hiring some security researchers on staff
and have them pen-test the non-sense out of your software could go a
long way in keeping stuff secure..

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Martin Blackstone [mailto:[EMAIL PROTECTED]
Sent: Sunday, October 26, 2008 10:28 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Fax = fix

-Original Message-
From: Martin Blackstone [mailto:[EMAIL PROTECTED]
Sent: Sunday, October 26, 2008 7:18 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

I'm not sure I would agree with that. Developing a fix isn't a 15 minute
job. The chances are they were already hard at work on it. There is a
ton of
compatibility and regression testing that goes into a fax.
They probably got their hand forced because it was out in the wild, but
I
wouldn't go so far as imply they were just sitting around on their asses
until something happened.

-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED]
Sent: Sunday, October 26, 2008 6:45 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Yeah someone lit a fire under MSFT arse and they got with the program on
this one, but only after they detected systems getting exploited in the
wild. Why they didn't determine this flaw back when they patched 06-040
for the same type of issue we probably will never know...

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Kurt Buff [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 8:08 PM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

Taking this in a slightly different direction...

I told the IT Director and COO yesterday that I was patching all
servers, and sending an email to all of the laptop users to do the
same.

They were a bit skeptical, but not only did the emails that I
forwarded them from various lists buttress my opinion, this morning I
got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
of the message - MSFT is taking this extremely seriously, and you
should patch now.

Director's comments was "nice job, good of you to jump on this."

Anyone else get a call like this from MSFT? It's the first time I've
heard of them doing this, and I take it as a really good sign - MSFT
is finally getting the real clue about this stuff.

Kurt

On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
<[EMAIL PROTECTED]> wrote:
> Chaps,
>
> The update that was sent out last night, has that caused any issues
> elsewhere? We've had a spate of calls from users about problems today,
> several servers which were set to auto-update for various reasons have
> had varying levels of failure. It's mentally busy here for a Friday,
and
> the one thing they have in common is that all the machine rebooted for
> an update last night.
>
> Is it just us ?
>
> Olly

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Ziots, Edward]

I see ya point, my real point is why don't they have pen-testers on
staff, looking at there systems trying to find the exploits and fix them
before the bad-guys do. I mean hiring some security researchers on staff
and have them pen-test the non-sense out of your software could go a
long way in keeping stuff secure..

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Martin Blackstone [mailto:[EMAIL PROTECTED] 
Sent: Sunday, October 26, 2008 10:28 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Fax = fix

-Original Message-
From: Martin Blackstone [mailto:[EMAIL PROTECTED] 
Sent: Sunday, October 26, 2008 7:18 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

I'm not sure I would agree with that. Developing a fix isn't a 15 minute
job. The chances are they were already hard at work on it. There is a
ton of
compatibility and regression testing that goes into a fax. 
They probably got their hand forced because it was out in the wild, but
I
wouldn't go so far as imply they were just sitting around on their asses
until something happened.

-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Sunday, October 26, 2008 6:45 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Yeah someone lit a fire under MSFT arse and they got with the program on
this one, but only after they detected systems getting exploited in the
wild. Why they didn't determine this flaw back when they patched 06-040
for the same type of issue we probably will never know...

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Kurt Buff [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 8:08 PM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

Taking this in a slightly different direction...

I told the IT Director and COO yesterday that I was patching all
servers, and sending an email to all of the laptop users to do the
same.

They were a bit skeptical, but not only did the emails that I
forwarded them from various lists buttress my opinion, this morning I
got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
of the message - MSFT is taking this extremely seriously, and you
should patch now.

Director's comments was "nice job, good of you to jump on this."

Anyone else get a call like this from MSFT? It's the first time I've
heard of them doing this, and I take it as a really good sign - MSFT
is finally getting the real clue about this stuff.

Kurt

On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
<[EMAIL PROTECTED]> wrote:
> Chaps,
>
> The update that was sent out last night, has that caused any issues
> elsewhere? We've had a spate of calls from users about problems today,
> several servers which were set to auto-update for various reasons have
> had varying levels of failure. It's mentally busy here for a Friday,
and
> the one thing they have in common is that all the machine rebooted for
> an update last night.
>
> Is it just us ?
>
> Olly

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Martin Blackstone]

Fax = fix

-Original Message-
From: Martin Blackstone [mailto:[EMAIL PROTECTED] 
Sent: Sunday, October 26, 2008 7:18 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

I'm not sure I would agree with that. Developing a fix isn't a 15 minute
job. The chances are they were already hard at work on it. There is a ton of
compatibility and regression testing that goes into a fax. 
They probably got their hand forced because it was out in the wild, but I
wouldn't go so far as imply they were just sitting around on their asses
until something happened.

-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Sunday, October 26, 2008 6:45 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Yeah someone lit a fire under MSFT arse and they got with the program on
this one, but only after they detected systems getting exploited in the
wild. Why they didn't determine this flaw back when they patched 06-040
for the same type of issue we probably will never know...

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Kurt Buff [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 8:08 PM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

Taking this in a slightly different direction...

I told the IT Director and COO yesterday that I was patching all
servers, and sending an email to all of the laptop users to do the
same.

They were a bit skeptical, but not only did the emails that I
forwarded them from various lists buttress my opinion, this morning I
got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
of the message - MSFT is taking this extremely seriously, and you
should patch now.

Director's comments was "nice job, good of you to jump on this."

Anyone else get a call like this from MSFT? It's the first time I've
heard of them doing this, and I take it as a really good sign - MSFT
is finally getting the real clue about this stuff.

Kurt

On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
<[EMAIL PROTECTED]> wrote:
> Chaps,
>
> The update that was sent out last night, has that caused any issues
> elsewhere? We've had a spate of calls from users about problems today,
> several servers which were set to auto-update for various reasons have
> had varying levels of failure. It's mentally busy here for a Friday,
and
> the one thing they have in common is that all the machine rebooted for
> an update last night.
>
> Is it just us ?
>
> Olly

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Martin Blackstone]

I'm not sure I would agree with that. Developing a fix isn't a 15 minute
job. The chances are they were already hard at work on it. There is a ton of
compatibility and regression testing that goes into a fax. 
They probably got their hand forced because it was out in the wild, but I
wouldn't go so far as imply they were just sitting around on their asses
until something happened.

-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Sunday, October 26, 2008 6:45 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Yeah someone lit a fire under MSFT arse and they got with the program on
this one, but only after they detected systems getting exploited in the
wild. Why they didn't determine this flaw back when they patched 06-040
for the same type of issue we probably will never know...

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Kurt Buff [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 8:08 PM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

Taking this in a slightly different direction...

I told the IT Director and COO yesterday that I was patching all
servers, and sending an email to all of the laptop users to do the
same.

They were a bit skeptical, but not only did the emails that I
forwarded them from various lists buttress my opinion, this morning I
got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
of the message - MSFT is taking this extremely seriously, and you
should patch now.

Director's comments was "nice job, good of you to jump on this."

Anyone else get a call like this from MSFT? It's the first time I've
heard of them doing this, and I take it as a really good sign - MSFT
is finally getting the real clue about this stuff.

Kurt

On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
<[EMAIL PROTECTED]> wrote:
> Chaps,
>
> The update that was sent out last night, has that caused any issues
> elsewhere? We've had a spate of calls from users about problems today,
> several servers which were set to auto-update for various reasons have
> had varying levels of failure. It's mentally busy here for a Friday,
and
> the one thing they have in common is that all the machine rebooted for
> an update last night.
>
> Is it just us ?
>
> Olly

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Ziots, Edward]

LOL I didn't leave early, but yes you are right TVK, and I figured the
dinner I bought at Charleys would have gone a long way, but I digress. 

Joking HAPPY Patch SUNDAY!

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 2:32 PM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

So thats why you two left the conference early...

--
ME2



On Fri, Oct 24, 2008 at 2:28 PM, Tim Vander Kooi <[EMAIL PROTECTED]>
wrote:
> We all know that Z would rather be spanked than shot. :-P
>
> TVK
>
>
>
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 24, 2008 8:39 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
>
>
> Would be shot on site here If I did that, its why doing the server
patching
> is hard to get scheduled sometimes.
>
>
>
> Z
>
>
>
> Edward E. Ziots
>
> Network Engineer
>
> Lifespan Organization
>
> MCSE,MCSA,MCP,Security+,Network+,CCA
>
> Phone: 401-639-3505
>
> 
>
> From: Michael B. Smith [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 24, 2008 9:26 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
>
>
> You auto-update and auto-reboot servers?
>
>
>
> Now that takes real brass cajones...
>
>
>
> Regards,
>
>
>
> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>
> My blog: http://TheEssentialExchange.com/blogs/michael
>
> Link with me at: http://www.linkedin.com/in/theessentialexchange
>
>
>
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 24, 2008 9:05 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
>
>
> Most of them would have been rebooted as they were all set to
auto-update
> and reboot.
>
>
>
> From: Michael B. Smith [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 13:59
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
>
>
> Were the boxes you are having trouble with rebooted last week for the
normal
> patch cycle?
>
>
>
> Or has it been awhile?
>
>
>
> Regards,
>
>
>
> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>
> My blog: http://TheEssentialExchange.com/blogs/michael
>
> Link with me at: http://www.linkedin.com/in/theessentialexchange
>
>
>
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 24, 2008 7:33 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
>
>
> Oh to have all the boxes running in VMs :S
>
>
>
> I for one am gonna upload myself in to the cloud and just start taking
> snapshots of myself.
>
>
>
> From: James Rankin [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 12:29
> To: NT System Admin Issues
> Subject: Re: Out of Cycle Critical Windows Patch ?
>
>
>
> I had no issues with my development and pre-prod boxes...however I
didn't
> give it long to bed in, having a long memory, I can remember the hell
I went
> through with those other two network worms, Blaster and Sasser.
>
> Good job I have snapshots sitting on my ESX boxes though!
>
> 2008/10/24 Ken Schaefer <[EMAIL PROTECTED]>
>
> We are going to push this patch to ~40,000 boxes this weekend alone.
> Hopefully all goes well :-)
>
> From what we are seeing in UAT, no major issues. Certainly nothing
with IIS
> (and I'm not seeing that in the IIS forums). DHCP - no issues either.
I
> suspect those are unrelated issues that were waiting to manifest, and
did so
> via a reboot.
>
> Cheers
> Ken
>
>> -Original Message-
>> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
>
>> Sent: Friday, 24 October 2008 10:09 PM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch ?
>>
>> Well so far we have IE7 deciding to stop as and when it feels like
it,
>> normally when the user has more than one tab open, almost all are XP
>> clients
>> with SP3 on it apart from one which isn't and is on SP2 - no problems
on
>> that
>> one for some unknown reason.
>>
>> Not seen any DHCP or IIS issues, though a 2K8 server here decided to
have
>> a
>> lie down at around 3ish this morning, but that could be entirely
>> unrelated,
>> one sharepoint install has fallen over and wont get up for love nor
money
>> (we
>> tried both)
>>
>> John Aa

RE: Out of Cycle Critical Windows Patch ?

[Ziots, Edward]

Yeah someone lit a fire under MSFT arse and they got with the program on
this one, but only after they detected systems getting exploited in the
wild. Why they didn't determine this flaw back when they patched 06-040
for the same type of issue we probably will never know...

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Kurt Buff [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 8:08 PM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

Taking this in a slightly different direction...

I told the IT Director and COO yesterday that I was patching all
servers, and sending an email to all of the laptop users to do the
same.

They were a bit skeptical, but not only did the emails that I
forwarded them from various lists buttress my opinion, this morning I
got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
of the message - MSFT is taking this extremely seriously, and you
should patch now.

Director's comments was "nice job, good of you to jump on this."

Anyone else get a call like this from MSFT? It's the first time I've
heard of them doing this, and I take it as a really good sign - MSFT
is finally getting the real clue about this stuff.

Kurt

On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
<[EMAIL PROTECTED]> wrote:
> Chaps,
>
> The update that was sent out last night, has that caused any issues
> elsewhere? We've had a spate of calls from users about problems today,
> several servers which were set to auto-update for various reasons have
> had varying levels of failure. It's mentally busy here for a Friday,
and
> the one thing they have in common is that all the machine rebooted for
> an update last night.
>
> Is it just us ?
>
> Olly

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Ziots, Edward]

Got 2 emails, and 3 voicemails, and 2 other calls from my reps. 

 

I had some "choice" words for them and theree superiors about the timing
of the patch. If they knew on Patch Tuesday about this flaw then they
should have released the patch then, not 1.5 weeks laters. 

 

Z

 

Edward E. Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP,Security+,Network+,CCA

Phone: 401-639-3505



From: Steve Ens [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 10:39 PM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: Out of Cycle Critical Windows Patch ?

[Kurt Buff]

This afternoon I got an email, too, probably because of my Technet subscription.

On Fri, Oct 24, 2008 at 7:38 PM, Steve Ens <[EMAIL PROTECTED]> wrote:
> I got a personal email from Microsoft, but not a voice mail.
>
> On Fri, Oct 24, 2008 at 7:08 PM, Kurt Buff <[EMAIL PROTECTED]> wrote:
>>
>> Taking this in a slightly different direction...
>>
>> I told the IT Director and COO yesterday that I was patching all
>> servers, and sending an email to all of the laptop users to do the
>> same.
>>
>> They were a bit skeptical, but not only did the emails that I
>> forwarded them from various lists buttress my opinion, this morning I
>> got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
>> of the message - MSFT is taking this extremely seriously, and you
>> should patch now.
>>
>> Director's comments was "nice job, good of you to jump on this."
>>
>> Anyone else get a call like this from MSFT? It's the first time I've
>> heard of them doing this, and I take it as a really good sign - MSFT
>> is finally getting the real clue about this stuff.
>>
>> Kurt
>>
>> On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
>> <[EMAIL PROTECTED]> wrote:
>> > Chaps,
>> >
>> > The update that was sent out last night, has that caused any issues
>> > elsewhere? We've had a spate of calls from users about problems today,
>> > several servers which were set to auto-update for various reasons have
>> > had varying levels of failure. It's mentally busy here for a Friday, and
>> > the one thing they have in common is that all the machine rebooted for
>> > an update last night.
>> >
>> > Is it just us ?
>> >
>> > Olly
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Out of Cycle Critical Windows Patch ?

[Troy Meyer]

It's bad, when I started working for the company we were $16.xx and yesterday 
we closed at $0.87.

It's about a 95% drop, but 800% sounded more intriguing.


-troy



-Original Message-
From: Mark Boersma [mailto:[EMAIL PROTECTED]
Sent: Saturday, October 25, 2008 6:49 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

If your accountants can explain how stock can drop 800% would you
forward that on please? :)

Mark
-
Two rules to success in life:
1. Never tell people everything you know.


-Original Message-
From: Troy Meyer [mailto:[EMAIL PROTECTED]
Sent: Saturday, October 25, 2008 3:04 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

WHEN we had PSS (read before our stock dropped 800%) we had a fantastic
TAM and this was the type of thing she would make a personal call on to
make sure we understood the importance of the issue.

I do miss her, and I agree MSFT customer service (especially PSS) is
very nice.


Now if I could get a couple of you to buy a luxury motor-home, perhaps
we could get back in the loop ;)


-troy


-Original Message-
From: Kurt Buff [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 5:08 PM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

Taking this in a slightly different direction...

I told the IT Director and COO yesterday that I was patching all
servers, and sending an email to all of the laptop users to do the
same.

They were a bit skeptical, but not only did the emails that I
forwarded them from various lists buttress my opinion, this morning I
got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
of the message - MSFT is taking this extremely seriously, and you
should patch now.

Director's comments was "nice job, good of you to jump on this."

Anyone else get a call like this from MSFT? It's the first time I've
heard of them doing this, and I take it as a really good sign - MSFT
is finally getting the real clue about this stuff.

Kurt

On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
<[EMAIL PROTECTED]> wrote:
> Chaps,
>
> The update that was sent out last night, has that caused any issues
> elsewhere? We've had a spate of calls from users about problems today,
> several servers which were set to auto-update for various reasons have
> had varying levels of failure. It's mentally busy here for a Friday,
and
> the one thing they have in common is that all the machine rebooted for
> an update last night.
>
> Is it just us ?
>
> Olly

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


Please consider the environment before printing this email.


CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for 
the sole use of the intended recipients(s) and may contain confidential and 
privileged information.  Any unauthorized review, use, disclosure or 
distribution is prohibited.  If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: Out of Cycle Critical Windows Patch ?

[Sean Martin]

Our MS TAM told our manager that on a scale from 1 to 3, they considered
this a 5. We started patching immediately.

- Sean

On Fri, Oct 24, 2008 at 4:08 PM, Kurt Buff <[EMAIL PROTECTED]> wrote:

> Taking this in a slightly different direction...
>
> I told the IT Director and COO yesterday that I was patching all
> servers, and sending an email to all of the laptop users to do the
> same.
>
> They were a bit skeptical, but not only did the emails that I
> forwarded them from various lists buttress my opinion, this morning I
> got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
> of the message - MSFT is taking this extremely seriously, and you
> should patch now.
>
> Director's comments was "nice job, good of you to jump on this."
>
> Anyone else get a call like this from MSFT? It's the first time I've
> heard of them doing this, and I take it as a really good sign - MSFT
> is finally getting the real clue about this stuff.
>
> Kurt
>
> On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
> <[EMAIL PROTECTED]> wrote:
> > Chaps,
> >
> > The update that was sent out last night, has that caused any issues
> > elsewhere? We've had a spate of calls from users about problems today,
> > several servers which were set to auto-update for various reasons have
> > had varying levels of failure. It's mentally busy here for a Friday, and
> > the one thing they have in common is that all the machine rebooted for
> > an update last night.
> >
> > Is it just us ?
> >
> > Olly
>
>  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Out of Cycle Critical Windows Patch ?

[Mark Boersma]

If your accountants can explain how stock can drop 800% would you
forward that on please? :)

Mark
-
Two rules to success in life:
1. Never tell people everything you know.


-Original Message-
From: Troy Meyer [mailto:[EMAIL PROTECTED] 
Sent: Saturday, October 25, 2008 3:04 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

WHEN we had PSS (read before our stock dropped 800%) we had a fantastic
TAM and this was the type of thing she would make a personal call on to
make sure we understood the importance of the issue.

I do miss her, and I agree MSFT customer service (especially PSS) is
very nice.


Now if I could get a couple of you to buy a luxury motor-home, perhaps
we could get back in the loop ;)


-troy


-Original Message-
From: Kurt Buff [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 5:08 PM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

Taking this in a slightly different direction...

I told the IT Director and COO yesterday that I was patching all
servers, and sending an email to all of the laptop users to do the
same.

They were a bit skeptical, but not only did the emails that I
forwarded them from various lists buttress my opinion, this morning I
got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
of the message - MSFT is taking this extremely seriously, and you
should patch now.

Director's comments was "nice job, good of you to jump on this."

Anyone else get a call like this from MSFT? It's the first time I've
heard of them doing this, and I take it as a really good sign - MSFT
is finally getting the real clue about this stuff.

Kurt

On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
<[EMAIL PROTECTED]> wrote:
> Chaps,
>
> The update that was sent out last night, has that caused any issues
> elsewhere? We've had a spate of calls from users about problems today,
> several servers which were set to auto-update for various reasons have
> had varying levels of failure. It's mentally busy here for a Friday,
and
> the one thing they have in common is that all the machine rebooted for
> an update last night.
>
> Is it just us ?
>
> Olly

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


Please consider the environment before printing this email.


CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for 
the sole use of the intended recipients(s) and may contain confidential and 
privileged information.  Any unauthorized review, use, disclosure or 
distribution is prohibited.  If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Troy Meyer]

WHEN we had PSS (read before our stock dropped 800%) we had a fantastic TAM and 
this was the type of thing she would make a personal call on to make sure we 
understood the importance of the issue.

I do miss her, and I agree MSFT customer service (especially PSS) is very nice.


Now if I could get a couple of you to buy a luxury motor-home, perhaps we could 
get back in the loop ;)


-troy


-Original Message-
From: Kurt Buff [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 5:08 PM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

Taking this in a slightly different direction...

I told the IT Director and COO yesterday that I was patching all
servers, and sending an email to all of the laptop users to do the
same.

They were a bit skeptical, but not only did the emails that I
forwarded them from various lists buttress my opinion, this morning I
got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
of the message - MSFT is taking this extremely seriously, and you
should patch now.

Director's comments was "nice job, good of you to jump on this."

Anyone else get a call like this from MSFT? It's the first time I've
heard of them doing this, and I take it as a really good sign - MSFT
is finally getting the real clue about this stuff.

Kurt

On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
<[EMAIL PROTECTED]> wrote:
> Chaps,
>
> The update that was sent out last night, has that caused any issues
> elsewhere? We've had a spate of calls from users about problems today,
> several servers which were set to auto-update for various reasons have
> had varying levels of failure. It's mentally busy here for a Friday, and
> the one thing they have in common is that all the machine rebooted for
> an update last night.
>
> Is it just us ?
>
> Olly

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: Out of Cycle Critical Windows Patch ?

[Steve Ens]

I got a personal email from Microsoft, but not a voice mail.

On Fri, Oct 24, 2008 at 7:08 PM, Kurt Buff <[EMAIL PROTECTED]> wrote:

> Taking this in a slightly different direction...
>
> I told the IT Director and COO yesterday that I was patching all
> servers, and sending an email to all of the laptop users to do the
> same.
>
> They were a bit skeptical, but not only did the emails that I
> forwarded them from various lists buttress my opinion, this morning I
> got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
> of the message - MSFT is taking this extremely seriously, and you
> should patch now.
>
> Director's comments was "nice job, good of you to jump on this."
>
> Anyone else get a call like this from MSFT? It's the first time I've
> heard of them doing this, and I take it as a really good sign - MSFT
> is finally getting the real clue about this stuff.
>
> Kurt
>
> On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
> <[EMAIL PROTECTED]> wrote:
> > Chaps,
> >
> > The update that was sent out last night, has that caused any issues
> > elsewhere? We've had a spate of calls from users about problems today,
> > several servers which were set to auto-update for various reasons have
> > had varying levels of failure. It's mentally busy here for a Friday, and
> > the one thing they have in common is that all the machine rebooted for
> > an update last night.
> >
> > Is it just us ?
> >
> > Olly
>
>  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Out of Cycle Critical Windows Patch ?

[Kurt Buff]

Taking this in a slightly different direction...

I told the IT Director and COO yesterday that I was patching all
servers, and sending an email to all of the laptop users to do the
same.

They were a bit skeptical, but not only did the emails that I
forwarded them from various lists buttress my opinion, this morning I
got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist
of the message - MSFT is taking this extremely seriously, and you
should patch now.

Director's comments was "nice job, good of you to jump on this."

Anyone else get a call like this from MSFT? It's the first time I've
heard of them doing this, and I take it as a really good sign - MSFT
is finally getting the real clue about this stuff.

Kurt

On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall
<[EMAIL PROTECTED]> wrote:
> Chaps,
>
> The update that was sent out last night, has that caused any issues
> elsewhere? We've had a spate of calls from users about problems today,
> several servers which were set to auto-update for various reasons have
> had varying levels of failure. It's mentally busy here for a Friday, and
> the one thing they have in common is that all the machine rebooted for
> an update last night.
>
> Is it just us ?
>
> Olly

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Out of Cycle Critical Windows Patch ?

[Micheal Espinola Jr]

So thats why you two left the conference early...

--
ME2



On Fri, Oct 24, 2008 at 2:28 PM, Tim Vander Kooi <[EMAIL PROTECTED]> wrote:
> We all know that Z would rather be spanked than shot. :-P
>
> TVK
>
>
>
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 24, 2008 8:39 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
>
>
> Would be shot on site here If I did that, its why doing the server patching
> is hard to get scheduled sometimes.
>
>
>
> Z
>
>
>
> Edward E. Ziots
>
> Network Engineer
>
> Lifespan Organization
>
> MCSE,MCSA,MCP,Security+,Network+,CCA
>
> Phone: 401-639-3505
>
> 
>
> From: Michael B. Smith [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 24, 2008 9:26 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
>
>
> You auto-update and auto-reboot servers?
>
>
>
> Now that takes real brass cajones…
>
>
>
> Regards,
>
>
>
> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>
> My blog: http://TheEssentialExchange.com/blogs/michael
>
> Link with me at: http://www.linkedin.com/in/theessentialexchange
>
>
>
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 24, 2008 9:05 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
>
>
> Most of them would have been rebooted as they were all set to auto-update
> and reboot.
>
>
>
> From: Michael B. Smith [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 13:59
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
>
>
> Were the boxes you are having trouble with rebooted last week for the normal
> patch cycle?
>
>
>
> Or has it been awhile?
>
>
>
> Regards,
>
>
>
> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>
> My blog: http://TheEssentialExchange.com/blogs/michael
>
> Link with me at: http://www.linkedin.com/in/theessentialexchange
>
>
>
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 24, 2008 7:33 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
>
>
> Oh to have all the boxes running in VMs :S
>
>
>
> I for one am gonna upload myself in to the cloud and just start taking
> snapshots of myself.
>
>
>
> From: James Rankin [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 12:29
> To: NT System Admin Issues
> Subject: Re: Out of Cycle Critical Windows Patch ?
>
>
>
> I had no issues with my development and pre-prod boxes...however I didn't
> give it long to bed in, having a long memory, I can remember the hell I went
> through with those other two network worms, Blaster and Sasser.
>
> Good job I have snapshots sitting on my ESX boxes though!
>
> 2008/10/24 Ken Schaefer <[EMAIL PROTECTED]>
>
> We are going to push this patch to ~40,000 boxes this weekend alone.
> Hopefully all goes well :-)
>
> From what we are seeing in UAT, no major issues. Certainly nothing with IIS
> (and I'm not seeing that in the IIS forums). DHCP - no issues either. I
> suspect those are unrelated issues that were waiting to manifest, and did so
> via a reboot.
>
> Cheers
> Ken
>
>> -Original Message-
>> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
>
>> Sent: Friday, 24 October 2008 10:09 PM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch ?
>>
>> Well so far we have IE7 deciding to stop as and when it feels like it,
>> normally when the user has more than one tab open, almost all are XP
>> clients
>> with SP3 on it apart from one which isn't and is on SP2 - no problems on
>> that
>> one for some unknown reason.
>>
>> Not seen any DHCP or IIS issues, though a 2K8 server here decided to have
>> a
>> lie down at around 3ish this morning, but that could be entirely
>> unrelated,
>> one sharepoint install has fallen over and wont get up for love nor money
>> (we
>> tried both)
>>
>> John Aaron Shaw-Miller MBCS KtGC OBE
>> IT Consultant, Infrastructure & Exchange Specialist
>> Member of the Microsoft IT Advisory Council
>>
>> Mobile: 07896 740 712
>> Home Office:01952 400511
>> Email:  [EMAIL PROTECTED]
>> MSN:   [EMAIL PROTECTED]
>> Website:  www.servtec.co.uk
>>
>>
>>
>> Remember, inside every old person is a young person wondering what
>> happened..
>>
>> i

RE: Out of Cycle Critical Windows Patch ?

[Tim Vander Kooi]

We all know that Z would rather be spanked than shot. :-P
TVK

From: Ziots, Edward [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 8:39 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Would be shot on site here If I did that, its why doing the server patching is 
hard to get scheduled sometimes.

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

From: Michael B. Smith [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 9:26 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

You auto-update and auto-reboot servers?

Now that takes real brass cajones...

Regards,

Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
My blog: http://TheEssentialExchange.com/blogs/michael
Link with me at: http://www.linkedin.com/in/theessentialexchange

From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 9:05 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Most of them would have been rebooted as they were all set to auto-update and 
reboot.

From: Michael B. Smith [mailto:[EMAIL PROTECTED]
Sent: 24 October 2008 13:59
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Were the boxes you are having trouble with rebooted last week for the normal 
patch cycle?

Or has it been awhile?

Regards,

Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
My blog: http://TheEssentialExchange.com/blogs/michael
Link with me at: http://www.linkedin.com/in/theessentialexchange

From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 7:33 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Oh to have all the boxes running in VMs :S

I for one am gonna upload myself in to the cloud and just start taking 
snapshots of myself.

From: James Rankin [mailto:[EMAIL PROTECTED]
Sent: 24 October 2008 12:29
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

I had no issues with my development and pre-prod boxes...however I didn't give 
it long to bed in, having a long memory, I can remember the hell I went through 
with those other two network worms, Blaster and Sasser.

Good job I have snapshots sitting on my ESX boxes though!
2008/10/24 Ken Schaefer <[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>>
We are going to push this patch to ~40,000 boxes this weekend alone. Hopefully 
all goes well :-)

>From what we are seeing in UAT, no major issues. Certainly nothing with IIS 
>(and I'm not seeing that in the IIS forums). DHCP - no issues either. I 
>suspect those are unrelated issues that were waiting to manifest, and did so 
>via a reboot.

Cheers
Ken

> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>]
> Sent: Friday, 24 October 2008 10:09 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Well so far we have IE7 deciding to stop as and when it feels like it,
> normally when the user has more than one tab open, almost all are XP clients
> with SP3 on it apart from one which isn't and is on SP2 - no problems on that
> one for some unknown reason.
>
> Not seen any DHCP or IIS issues, though a 2K8 server here decided to have a
> lie down at around 3ish this morning, but that could be entirely unrelated,
> one sharepoint install has fallen over and wont get up for love nor money (we
> tried both)
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile: 07896 740 712
> Home Office:01952 400511
> Email:  [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>
> MSN:   [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>
> Website:  www.servtec.co.uk<http://www.servtec.co.uk>
>
>
>
> Remember, inside every old person is a young person wondering what happened..
>
> idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6 in
> progress" || sh ./clooless
>
>
>
> -Original Message-
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>]
> Sent: 24 October 2008 12:03
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Fancy detailing the Sh*t ?
>
> So far we have various from workstation users reporting that IE crashes
> at the drop of a hat (a large number of those, running XP mainly, but
> also vista. We have a server with IIS issues, another which rebooted
> this morning and then had errors about the raid driver, before loosing
> its hard disks (o s*t etc). Another whos DHCP service now fails
> to start on eac

Re: Out of Cycle Critical Windows Patch to be released today, stay tuned

[Sean Martin]

We too provide NFuse access for select remote users. Is there risk of
infection from a user's home PC? We prevent local drive to remote users via
Policy.

- Sean

On Fri, Oct 24, 2008 at 9:00 AM, Steven Peck <[EMAIL PROTECTED]> wrote:

> We're not allowing employees to use their personal systems to access
> our resources.  This was more in the nature of a public service
> announcement to our employees to help them protect themselves.
>
> We have corporate laptops with VPN, Citrix, OWA, etc for remote access
> depending on need and requirements for access.
>
> We're not crazy.
>
> Steven
>
> On Thu, Oct 23, 2008 at 6:58 PM, Durf <[EMAIL PROTECTED]> wrote:
> > If I had my way at a large enterprise, I'd only be allowing access via
> RDP
> > or ICA through SSL VPNs, preferably with two-factor RSA authentication.
> >
> > Ideally from thin clients.  I'd happily send them home to employees
> > preconfigured.
> >
> > -- Durf
> >
> > On Thu, Oct 23, 2008 at 9:00 PM, Steven Peck <[EMAIL PROTECTED]> wrote:
> >>
> >> I mentioned to our security team, that tomorrow, we should do an
> >> announcement encouraging our users to update their home systems.  So
> >> they understand how serious this sort of issue is.  We can use this as
> >> a positive opportunity to maybe, just maybe help prevent them from
> >> getting something infected on their system.  They thought it was an
> >> excellent idea.
> >>
> >> Steven
> >>
> >> On Thu, Oct 23, 2008 at 5:52 PM, Durf <[EMAIL PROTECTED]> wrote:
> >> > Exactly.  Think of all the poor suckers who install Antivirus XP 2009
> >> > without a care in the world.
> >> >
> >> > As soon as that sucker incorporates this exploit, things will get
> >> > hopping.
> >> >
> >> > -- Durf
> >> >
> >> > On Thu, Oct 23, 2008 at 8:49 PM, Carl Houseman <[EMAIL PROTECTED]>
> >> > wrote:
> >> >>
> >> >> All it takes is a hacked website serving up an .exe to a browser user
> >> >> who
> >> >> happily runs it.
> >> >>
> >> >>
> >> >>
> >> >> Carl
> >> >>
> >> >>
> >> >>
> >> >> From: Michael B. Smith [mailto:[EMAIL PROTECTED]
> >> >> Sent: Thursday, October 23, 2008 7:22 PM
> >> >> To: NT System Admin Issues
> >> >> Subject: RE: Out of Cycle Critical Windows Patch to be released
> today,
> >> >> stay tuned
> >> >>
> >> >>
> >> >>
> >> >> All it takes is one VPN'ed computer that is infected to compromise
> the
> >> >> enterprise.
> >> >>
> >> >>
> >> >>
> >> >> Regards,
> >> >>
> >> >>
> >> >>
> >> >> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
> >> >>
> >> >> My blog: 
> >> >> http://TheEssentialExchange.com/blogs/michael<http://theessentialexchange.com/blogs/michael>
> >> >>
> >> >> Link with me at: http://www.linkedin.com/in/theessentialexchange
> >> >>
> >> >>
> >> >>
> >> >> From: Ken Schaefer [mailto:[EMAIL PROTECTED]
> >> >> Sent: Thursday, October 23, 2008 7:17 PM
> >> >> To: NT System Admin Issues
> >> >> Subject: RE: Out of Cycle Critical Windows Patch to be released
> today,
> >> >> stay tuned
> >> >>
> >> >>
> >> >>
> >> >> I think having firewall enabled by default on Windows XP SP2+ and
> >> >> Windows
> >> >> Vista will help mitigate the issue in consumer land.
> >> >>
> >> >>
> >> >>
> >> >> Some of the orgs I work in now use router ACLs or FW rules to block
> RPC
> >> >> traffic across subnets/VLANs. That will help mitigate the issue as
> well
> >> >>
> >> >> Cheers
> >> >>
> >> >> Ken
> >> >>
> >> >>
> >> >>
> >> >> From: Kennedy, Jim [mailto:[EMAIL PROTECTED]
> >> >> Sent: Friday, 24 October 2008 8:42 AM
> >> >> To: NT System Admin Issues
> >> >> Subject: RE: Out of Cycle Critical Windows Patch to be released
> today,
> >> >> stay t

RE: Out of Cycle Critical Windows Patch ?

[Oliver Marshall]

I didn't say *we* set the to auto-reboot J

 

From: Michael B. Smith [mailto:[EMAIL PROTECTED] 
Sent: 24 October 2008 14:26
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

You auto-update and auto-reboot servers?

 

Now that takes real brass cajones...

 

Regards,

 

Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP

My blog: http://TheEssentialExchange.com/blogs/michael

Link with me at: http://www.linkedin.com/in/theessentialexchange

 

From: Oliver Marshall [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 9:05 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

Most of them would have been rebooted as they were all set to
auto-update and reboot. 

 

From: Michael B. Smith [mailto:[EMAIL PROTECTED] 
Sent: 24 October 2008 13:59
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

Were the boxes you are having trouble with rebooted last week for the
normal patch cycle?

 

Or has it been awhile?

 

Regards,

 

Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP

My blog: http://TheEssentialExchange.com/blogs/michael

Link with me at: http://www.linkedin.com/in/theessentialexchange

 

From: Oliver Marshall [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 7:33 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

Oh to have all the boxes running in VMs :S

 

I for one am gonna upload myself in to the cloud and just start taking
snapshots of myself.

 

From: James Rankin [mailto:[EMAIL PROTECTED] 
Sent: 24 October 2008 12:29
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

 

I had no issues with my development and pre-prod boxes...however I
didn't give it long to bed in, having a long memory, I can remember the
hell I went through with those other two network worms, Blaster and
Sasser.

Good job I have snapshots sitting on my ESX boxes though!

2008/10/24 Ken Schaefer <[EMAIL PROTECTED]>

We are going to push this patch to ~40,000 boxes this weekend alone.
Hopefully all goes well :-)

>From what we are seeing in UAT, no major issues. Certainly nothing with
IIS (and I'm not seeing that in the IIS forums). DHCP - no issues
either. I suspect those are unrelated issues that were waiting to
manifest, and did so via a reboot.

Cheers
Ken


> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]

> Sent: Friday, 24 October 2008 10:09 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Well so far we have IE7 deciding to stop as and when it feels like it,
> normally when the user has more than one tab open, almost all are XP
clients
> with SP3 on it apart from one which isn't and is on SP2 - no problems
on that
> one for some unknown reason.
>
> Not seen any DHCP or IIS issues, though a 2K8 server here decided to
have a
> lie down at around 3ish this morning, but that could be entirely
unrelated,
> one sharepoint install has fallen over and wont get up for love nor
money (we
> tried both)
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile: 07896 740 712
> Home Office:01952 400511
> Email:  [EMAIL PROTECTED]
> MSN:   [EMAIL PROTECTED]
> Website:  www.servtec.co.uk
>
>
>
> Remember, inside every old person is a young person wondering what
happened..
>
> idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init
6 in
> progress" || sh ./clooless
>
>
>
> -----Original Message-
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 12:03
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Fancy detailing the Sh*t ?
>
> So far we have various from workstation users reporting that IE
crashes
> at the drop of a hat (a large number of those, running XP mainly, but
> also vista. We have a server with IIS issues, another which rebooted
> this morning and then had errors about the raid driver, before loosing
> its hard disks (o s*t etc). Another whos DHCP service now
fails
> to start on each restart of the box.
>
> Again, could all be unrelated, but its just odd that each machine
> rebooted at 3am for the update.
>
> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 11:59
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> No I have some customers who are in the sh*t as well 
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile:   

Re: Out of Cycle Critical Windows Patch to be released today, stay tuned

[Steven Peck]

We're not allowing employees to use their personal systems to access
our resources.  This was more in the nature of a public service
announcement to our employees to help them protect themselves.

We have corporate laptops with VPN, Citrix, OWA, etc for remote access
depending on need and requirements for access.

We're not crazy.

Steven

On Thu, Oct 23, 2008 at 6:58 PM, Durf <[EMAIL PROTECTED]> wrote:
> If I had my way at a large enterprise, I'd only be allowing access via RDP
> or ICA through SSL VPNs, preferably with two-factor RSA authentication.
>
> Ideally from thin clients.  I'd happily send them home to employees
> preconfigured.
>
> -- Durf
>
> On Thu, Oct 23, 2008 at 9:00 PM, Steven Peck <[EMAIL PROTECTED]> wrote:
>>
>> I mentioned to our security team, that tomorrow, we should do an
>> announcement encouraging our users to update their home systems.  So
>> they understand how serious this sort of issue is.  We can use this as
>> a positive opportunity to maybe, just maybe help prevent them from
>> getting something infected on their system.  They thought it was an
>> excellent idea.
>>
>> Steven
>>
>> On Thu, Oct 23, 2008 at 5:52 PM, Durf <[EMAIL PROTECTED]> wrote:
>> > Exactly.  Think of all the poor suckers who install Antivirus XP 2009
>> > without a care in the world.
>> >
>> > As soon as that sucker incorporates this exploit, things will get
>> > hopping.
>> >
>> > -- Durf
>> >
>> > On Thu, Oct 23, 2008 at 8:49 PM, Carl Houseman <[EMAIL PROTECTED]>
>> > wrote:
>> >>
>> >> All it takes is a hacked website serving up an .exe to a browser user
>> >> who
>> >> happily runs it.
>> >>
>> >>
>> >>
>> >> Carl
>> >>
>> >>
>> >>
>> >> From: Michael B. Smith [mailto:[EMAIL PROTECTED]
>> >> Sent: Thursday, October 23, 2008 7:22 PM
>> >> To: NT System Admin Issues
>> >> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
>> >> stay tuned
>> >>
>> >>
>> >>
>> >> All it takes is one VPN'ed computer that is infected to compromise the
>> >> enterprise.
>> >>
>> >>
>> >>
>> >> Regards,
>> >>
>> >>
>> >>
>> >> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>> >>
>> >> My blog: http://TheEssentialExchange.com/blogs/michael
>> >>
>> >> Link with me at: http://www.linkedin.com/in/theessentialexchange
>> >>
>> >>
>> >>
>> >> From: Ken Schaefer [mailto:[EMAIL PROTECTED]
>> >> Sent: Thursday, October 23, 2008 7:17 PM
>> >> To: NT System Admin Issues
>> >> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
>> >> stay tuned
>> >>
>> >>
>> >>
>> >> I think having firewall enabled by default on Windows XP SP2+ and
>> >> Windows
>> >> Vista will help mitigate the issue in consumer land.
>> >>
>> >>
>> >>
>> >> Some of the orgs I work in now use router ACLs or FW rules to block RPC
>> >> traffic across subnets/VLANs. That will help mitigate the issue as well
>> >>
>> >> Cheers
>> >>
>> >> Ken
>> >>
>> >>
>> >>
>> >> From: Kennedy, Jim [mailto:[EMAIL PROTECTED]
>> >> Sent: Friday, 24 October 2008 8:42 AM
>> >> To: NT System Admin Issues
>> >> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
>> >> stay tuned
>> >>
>> >>
>> >>
>> >> Prior to me being here this district ignored Code Red. They got nailed
>> >> bad
>> >> and had to shut down for a week and go re-image 3000 computers. Feel
>> >> free to
>> >> quote me on that if you need to J
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
>> >> Sent: Thursday, October 23, 2008 5:28 PM
>> >> To: NT System Admin Issues
>> >> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
>> >> stay tuned
>> >>
>> >>
>> >>
>> >> I work at a hospital too, and this situation is a ohh well take NO

RE: Out of Cycle Critical Windows Patch to be released today, stay tuned

[gsweers]

Unless their local admins they wont be able to stop the service via a
login script anyway, you would need to stop it via GP or run a remote
script against them regularly.

-Original Message-
From: Joseph L. Casale [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 6:41 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today,
stay tuned

Prolly nothing, my clients all have the browser disabled and none of
them except maybe two with thermal printers share anything...

-Original Message-
From: Kurt Buff [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 4:30 PM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch to be released today,
stay tuned

H..

I wonder what the impact would be if I put "net stop server" in the
login script for my users...

Kurt

On Thu, Oct 23, 2008 at 9:19 AM, Michael B. Smith
<[EMAIL PROTECTED]> wrote:
> I completely agree it is a major pain in the tookus.
>
>
>
> Regards,
>
>
>
> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>
> My blog: http://TheEssentialExchange.com/blogs/michael
>
> Link with me at: http://www.linkedin.com/in/theessentialexchange
>
>
>
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 12:00 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
stay
> tuned
>
>
>
> Ok not so much of a trend, problem is they probably knew of the issue
before
> this months patch cycle, and didn't release it with Critical rating on
patch
> Tuesday but a week afterwards, during everyone(s) patching cycle for
there
> information systems. Now we have to validate yet another patch and ask
yet
> again for more downtime from the business on servers and workstations
etc
> etc to get required patches on the machines to protect against the
latest
> threat.
>
>
>
> What compounds it this month that there is already 11 patches to be
tested,
> validated and deployed and vetted for issues afterwards, one of these
> patches is exploitable and could definitely lead to a worm (SMB flaw)
now
> you add this remote exploitable, wormable patch, quiet possibly with
public
> exploit code in the wild and active exploits, the risk factor goes up
> through the dam roof.
>
>
>
> Now imagine if you was the only person responsible for accomplishing
all (4)
> tasks above, and this new exploit on top. That doesn't make for a
happy
> camper in anyones reguards.
>
>
>
> Then factor the number of assets to protect by about 10,000.
>
>
>
> I think you start to get the idea, its pretty crystal clear in my
mind.
>
>
>
> Z
>
>
>
> Edward E. Ziots
>
> Network Engineer
>
> Lifespan Organization
>
> MCSE,MCSA,MCP,Security+,Network+,CCA
>
> Phone: 401-639-3505
>
> 
>
> From: Michael B. Smith [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 11:48 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
stay
> tuned
>
>
>
> Trend? This is the first out-of-cycle patch from MSFT since April
2007.
>
>
>
> Regards,
>
>
>
> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>
> My blog: http://TheEssentialExchange.com/blogs/michael
>
> Link with me at: http://www.linkedin.com/in/theessentialexchange
>
>
>
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 11:39 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
stay
> tuned
>
>
>
> I am just pissed that they couldn't get this one out last week> Don't
be
> surprised if you see a column in a leading magazine from me about this
trend
> with M$ and other vendors.
>
>
>
> Z
>
>
>
> Edward E. Ziots
>
> Network Engineer
>
> Lifespan Organization
>
> MCSE,MCSA,MCP,Security+,Network+,CCA
>
> Phone: 401-639-3505
>
> 
>
> From: Tim Vander Kooi [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 11:25 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
stay
> tuned
>
>
>
> The report on line shows Reboot Required if you open all the drop
downs. It
> is for Remote Code Execution. It is Critical for Server 2003 all SPs
and XP
> all SPs, Important for Vista/SP1 and Server 2008.
>
> TVK
>
>
>
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 10:19 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch 

Re: Out of Cycle Critical Windows Patch ?

[Steven Peck]

We patched over a thousand servers and several thousand
desktops/laptops last night.  Yay for out of band late night
enterprise patching.

The only issue so far has been client based connectivity issue with
Outlook to Exchange and this was specific to some of our laptops.
They have McAfee HIPS (Host Intrusion Prevention) enabled and it seems
Outlook used to initiate connections on a specific port before now
does so randomly.  As a result they had to change the policy to to
accommodate a broader range of ports to the Exchange servers.

It makes sense as the patch is RPC related.

Steven

On Fri, Oct 24, 2008 at 8:05 AM, Phil Thompson <[EMAIL PROTECTED]> wrote:
> Look at your client DNS settings.
>
>
>
>
>
> Phil
>
> From: Rod Trent [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 24, 2008 10:20 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
>
>
> You need Nightwatchman…
>
>
>
> http://www.1e.com/SoftwareProducts/NightWatchman/Index.aspx
>
>
>
> From: Doige, Clayton [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 24, 2008 10:16 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
>
>
> Ah, but how many of those users shut their machines down lol
>
>
>
> Clayton Doige
>
> IT Project Manager
>
> CME Development Corporation
>
> T: 020 7430 5355
>
> M: 07949 255062
>
> E:[EMAIL PROTECTED]
>
> W:www.cetv-net.com
>
> From: David Lum [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 15:07
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
>
>
> I hit 400 our our desktops last night, here's what went out:
>
> 
>
>
>
> All Staff:
>
>
>
> In order to apply a critical update to our computers, a patch will be
> applied tonight at 7:00pm Pacific Time.
>
>
>
> It is critical that you log off after saving and closing all applications
> before 7:00pm tonight. Do not turn off your computer.
>
>
>
> Please contact the Service Desk with questions or concerns.
>
>
>
> I patched my other networks, and the only issues I saw was one 2K3 R2 server
> I had to restart the LogMeIn service, andother server (SBS 2K3) I had to go
> manually hit the power button because it didn't power up – looks unrelated
> but the NIC didn't want to maintain the IP it had been assigned.
>
> David Lum // SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 971.222.1025 // (Cell) 503.267.9764
>
>
>
>
>
>
>
>
>
> -Original Message-
> From: Rod Trent [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 24, 2008 6:34 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
>
>
> Here's one:
>
>
>
> "Do it, or else!"
>
>
>
> -Original Message-
>
> From: Roger Wright [mailto:[EMAIL PROTECTED]
>
> Sent: Friday, October 24, 2008 9:29 AM
>
> To: NT System Admin Issues
>
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
>
>
> Anybody have something prepared for all users that you can share with
>
> the group?
>
>
>
>
>
>
>
> Roger Wright
>
> Network Administrator
>
> Evatone, Inc.
>
> 727.572.7076  x388
>
> _
>
>
>
> -Original Message-
>
> From: Bill Lambert [mailto:[EMAIL PROTECTED]
>
> Sent: Friday, October 24, 2008 9:10 AM
>
> To: NT System Admin Issues
>
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
>
>
> Is there any press on this? In the past something this big made it to
>
> the evening news.
>
>
>
> Bill Lambert
>
> Concuity
>
> 847-941-9206
>
>
>
>
>
> -Original Message-
>
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
>
> Sent: Friday, October 24, 2008 5:52 AM
>
> To: NT System Admin Issues
>
> Subject: Out of Cycle Critical Windows Patch ?
>
>
>
> Chaps,
>
>
>
> The update that was sent out last night, has that caused any issues
>
> elsewhere? We've had a spate of calls from users about problems today,
>
> several servers which were set to auto-update for various reasons have
>
> had varying levels of failure. It's mentally busy here for a Friday, and
>
> the one thing they have in common is that all the machine rebooted for
>
> an update last night.
>
>
>
> Is it just us ?
>
>
>
> Olly
>
>
>
> --
>
> G2 Support
>
> Online Backups
>
>
>
> Email:  [EMAIL PROTECTED]
>
> Web:http://www.g2support.com
>
>
>
>
>
>

RE: Out of Cycle Critical Windows Patch ?

[Phil Thompson]

Look at your client DNS settings.


Phil
From: Rod Trent [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 10:20 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

You need Nightwatchman...

http://www.1e.com/SoftwareProducts/NightWatchman/Index.aspx

From: Doige, Clayton [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 10:16 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Ah, but how many of those users shut their machines down lol

Clayton Doige
IT Project Manager
CME Development Corporation
T: 020 7430 5355
M: 07949 255062
E:[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>
W:www.cetv-net.com<http://www.cetv-net.com>
From: David Lum [mailto:[EMAIL PROTECTED]
Sent: 24 October 2008 15:07
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

I hit 400 our our desktops last night, here's what went out:


All Staff:

In order to apply a critical update to our computers, a patch will be applied 
tonight at 7:00pm Pacific Time.

It is critical that you log off after saving and closing all applications 
before 7:00pm tonight. Do not turn off your computer.

Please contact the Service Desk with questions or concerns.

I patched my other networks, and the only issues I saw was one 2K3 R2 server I 
had to restart the LogMeIn service, andother server (SBS 2K3) I had to go 
manually hit the power button because it didn't power up - looks unrelated but 
the NIC didn't want to maintain the IP it had been assigned.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764




-Original Message-
From: Rod Trent [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 6:34 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Here's one:

"Do it, or else!"

-Original Message-
From: Roger Wright [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 9:29 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Anybody have something prepared for all users that you can share with
the group?



Roger Wright
Network Administrator
Evatone, Inc.
727.572.7076  x388
_

-Original Message-
From: Bill Lambert [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 9:10 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Is there any press on this? In the past something this big made it to
the evening news.

Bill Lambert
Concuity
847-941-9206


-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 5:52 AM
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~








__
This email has been scanned by the MessageLabs Email Security System.
__

__
This electronic mail message and any attached files contain information 
intended for the exclusive use of the person(s) to whom it is addressed and may 
contain information that is proprietary, privileged, confidential and/or exempt 
from disclosure under applicable law. If you are not the intended recipient, 
you are hereby notified that any viewing, copying, disclosure or distribution 
of this message or its contents may be subject to legal restriction or 
sanction. If you have received this message in error, please notify the sender 
immediately by electronic mail and delete the original message and any 
attachments without retaining any copies. 
_










~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Miller Bonnie L .]

I've seen the random explorer crash once in a while, but this is really 
specific.  Happened right after the patch prior to reboot and the drwatson 
error code is identical on all where it happened, otherwise I wouldn't have 
mentioned it.  Just wondering if it is similar in any way to the IE crashes 
others have reported, where it might only be a problem before rebooting.

-Original Message-
From: Rod Trent [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 7:21 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Explorer.exe is pretty common, particularly if the server has been running a
while.  Generally caused by an app that eats memory.

-Original Message-
From: Miller Bonnie L. [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 10:16 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Most people aren't in yet here to get good stats, but I noticed several of
our servers that I patched last night had explorer.exe failures right before
they were rebooted.  The error report came up when logging on after the
reboot, and it's in the application event log as a 1000 application error,
followed by a 4097 DrWatson.

Haven't noticed anything not running as usual this morning (except for the 3
servers that decided to have RDP not work after their reboot--same old
problem that has been happening since July--see the previous thread if you
care).  Patched about 80 servers.

-Bonnie

-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 3:52 AM
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups 

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[David Lum]

I have the ability to globally set BIOS to WOL, etc here (most of my my SMB 
clients can, except one that currently has Gateway PC's because the GW's SUCK 
and don't have WOL / auto-wakeup options!) but they haven't let me push that 
out to our PC's here yet...

From: Rod Trent [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 7:20 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

You need Nightwatchman...

http://www.1e.com/SoftwareProducts/NightWatchman/Index.aspx

From: Doige, Clayton [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 10:16 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Ah, but how many of those users shut their machines down lol

Clayton Doige
IT Project Manager
CME Development Corporation
T: 020 7430 5355
M: 07949 255062
E:[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>
W:www.cetv-net.com<http://www.cetv-net.com>
From: David Lum [mailto:[EMAIL PROTECTED]
Sent: 24 October 2008 15:07
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

I hit 400 our our desktops last night, here's what went out:


All Staff:

In order to apply a critical update to our computers, a patch will be applied 
tonight at 7:00pm Pacific Time.

It is critical that you log off after saving and closing all applications 
before 7:00pm tonight. Do not turn off your computer.

Please contact the Service Desk with questions or concerns.

I patched my other networks, and the only issues I saw was one 2K3 R2 server I 
had to restart the LogMeIn service, andother server (SBS 2K3) I had to go 
manually hit the power button because it didn't power up - looks unrelated but 
the NIC didn't want to maintain the IP it had been assigned.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764




-Original Message-
From: Rod Trent [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 6:34 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Here's one:

"Do it, or else!"

-Original Message-
From: Roger Wright [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 9:29 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Anybody have something prepared for all users that you can share with
the group?



Roger Wright
Network Administrator
Evatone, Inc.
727.572.7076  x388
_

-Original Message-
From: Bill Lambert [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 9:10 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Is there any press on this? In the past something this big made it to
the evening news.

Bill Lambert
Concuity
847-941-9206


-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 5:52 AM
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~








__
This email has been scanned by the MessageLabs Email Security System.
__

__
This electronic mail message and any attached files contain information 
intended for the exclusive use of the person(s) to whom it is addressed and may 
contain information that is proprietary, privileged, confidential and/or exempt 
from disclosure under applicable law. If you are not the intended recipient, 
you are hereby notified that any viewing, copying, disclosure or distribution 
of this message or its contents may be subject to legal restriction or 
sanction. If you have received this message in error, please notify the

RE: Out of Cycle Critical Windows Patch ?

[Rod Trent]

Explorer.exe is pretty common, particularly if the server has been running a
while.  Generally caused by an app that eats memory.

-Original Message-
From: Miller Bonnie L. [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 10:16 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Most people aren't in yet here to get good stats, but I noticed several of
our servers that I patched last night had explorer.exe failures right before
they were rebooted.  The error report came up when logging on after the
reboot, and it's in the application event log as a 1000 application error,
followed by a 4097 DrWatson.

Haven't noticed anything not running as usual this morning (except for the 3
servers that decided to have RDP not work after their reboot--same old
problem that has been happening since July--see the previous thread if you
care).  Patched about 80 servers.

-Bonnie

-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 3:52 AM
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups 

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Rod Trent]

You need Nightwatchman.

 

http://www.1e.com/SoftwareProducts/NightWatchman/Index.aspx 

 

From: Doige, Clayton [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 10:16 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

Ah, but how many of those users shut their machines down lol

 

Clayton Doige

IT Project Manager

CME Development Corporation

T: 020 7430 5355

M: 07949 255062

E:[EMAIL PROTECTED]

W:www.cetv-net.com

From: David Lum [mailto:[EMAIL PROTECTED] 
Sent: 24 October 2008 15:07
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

I hit 400 our our desktops last night, here's what went out:



 

All Staff:

 

In order to apply a critical update to our computers, a patch will be
applied tonight at 7:00pm Pacific Time.   

 

It is critical that you log off after saving and closing all applications
before 7:00pm tonight. Do not turn off your computer.

 

Please contact the Service Desk with questions or concerns.

 

I patched my other networks, and the only issues I saw was one 2K3 R2 server
I had to restart the LogMeIn service, andother server (SBS 2K3) I had to go
manually hit the power button because it didn't power up - looks unrelated
but the NIC didn't want to maintain the IP it had been assigned.

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

 

 

-Original Message-
From: Rod Trent [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 6:34 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

Here's one:

 

"Do it, or else!"

 

-Original Message-

From: Roger Wright [mailto:[EMAIL PROTECTED]

Sent: Friday, October 24, 2008 9:29 AM

To: NT System Admin Issues

Subject: RE: Out of Cycle Critical Windows Patch ?

 

Anybody have something prepared for all users that you can share with

the group?

 

 

 

Roger Wright

Network Administrator

Evatone, Inc.

727.572.7076  x388

_

 

-Original Message-

From: Bill Lambert [mailto:[EMAIL PROTECTED]

Sent: Friday, October 24, 2008 9:10 AM

To: NT System Admin Issues

Subject: RE: Out of Cycle Critical Windows Patch ?

 

Is there any press on this? In the past something this big made it to

the evening news.

 

Bill Lambert

Concuity

847-941-9206

 

 

-Original Message-

From: Oliver Marshall [mailto:[EMAIL PROTECTED]

Sent: Friday, October 24, 2008 5:52 AM

To: NT System Admin Issues

Subject: Out of Cycle Critical Windows Patch ?

 

Chaps,

 

The update that was sent out last night, has that caused any issues

elsewhere? We've had a spate of calls from users about problems today,

several servers which were set to auto-update for various reasons have

had varying levels of failure. It's mentally busy here for a Friday, and

the one thing they have in common is that all the machine rebooted for

an update last night.

 

Is it just us ?

 

Olly

 

--

G2 Support

Online Backups

 

Email:  [EMAIL PROTECTED]

Web:http://www.g2support.com

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~

~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~

~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~

~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~

~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

 

 

 

 

 


__
This email has been scanned by the MessageLabs Email Security System.
__


__
This electronic mail message and any attached files contain information
intended for the exclusive use of the person(s) to whom it is addressed and
may contain information that is proprietary, privileged, confidential and/or
exempt from disclosure under applicable law. If you are not the intended
recipient, you are hereby notified that any viewing, copying, disclosure or
distribution of this message or its contents may be subject to legal
restriction or sanction. If you have received this message in error, please
notify the sender immediately by electronic mail and delete the original
message and any attachments without retaining any copies.
_

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: Out of Cycle Critical Windows Patch ?

[John Cook]

Dodge, Dip, Duck Dodge..
John W. Cook
Systems Administrator
Partnership For Strong Families
Painfully sent to you from my Blackberry


From: Ziots, Edward
To: NT System Admin Issues
Sent: Fri Oct 24 10:14:32 2008
Subject: RE: Out of Cycle Critical Windows Patch ?
NO they would shoot me in my Cubical ☺

On the Site that I am…

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

From: James Rankin [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 9:45 AM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?












CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
Consider the environment. Please don't print this e-mail unless you really need 
to.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Miller Bonnie L .]

Most people aren't in yet here to get good stats, but I noticed several of our 
servers that I patched last night had explorer.exe failures right before they 
were rebooted.  The error report came up when logging on after the reboot, and 
it's in the application event log as a 1000 application error, followed by a 
4097 DrWatson.

Haven't noticed anything not running as usual this morning (except for the 3 
servers that decided to have RDP not work after their reboot--same old problem 
that has been happening since July--see the previous thread if you care).  
Patched about 80 servers.

-Bonnie

-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 3:52 AM
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups 

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Out of Cycle Critical Windows Patch ?

[Doige, Clayton]

Ah, but how many of those users shut their machines down lol

 

Clayton Doige

IT Project Manager

CME Development Corporation

T: 020 7430 5355

M: 07949 255062

E:[EMAIL PROTECTED]

W:www.cetv-net.com

From: David Lum [mailto:[EMAIL PROTECTED] 
Sent: 24 October 2008 15:07
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

I hit 400 our our desktops last night, here's what went out:



 

All Staff:

 

In order to apply a critical update to our computers, a patch will be
applied tonight at 7:00pm Pacific Time.   

 

It is critical that you log off after saving and closing all
applications before 7:00pm tonight. Do not turn off your computer.

 

Please contact the Service Desk with questions or concerns.

 

I patched my other networks, and the only issues I saw was one 2K3 R2
server I had to restart the LogMeIn service, andother server (SBS 2K3) I
had to go manually hit the power button because it didn't power up -
looks unrelated but the NIC didn't want to maintain the IP it had been
assigned.

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

 

 

-Original Message-
From: Rod Trent [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 6:34 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

Here's one:

 

"Do it, or else!"

 

-Original Message-

From: Roger Wright [mailto:[EMAIL PROTECTED]

Sent: Friday, October 24, 2008 9:29 AM

To: NT System Admin Issues

Subject: RE: Out of Cycle Critical Windows Patch ?

 

Anybody have something prepared for all users that you can share with

the group?

 

 

 

Roger Wright

Network Administrator

Evatone, Inc.

727.572.7076  x388

_

 

-Original Message-

From: Bill Lambert [mailto:[EMAIL PROTECTED]

Sent: Friday, October 24, 2008 9:10 AM

To: NT System Admin Issues

Subject: RE: Out of Cycle Critical Windows Patch ?

 

Is there any press on this? In the past something this big made it to

the evening news.

 

Bill Lambert

Concuity

847-941-9206

 

 

-Original Message-

From: Oliver Marshall [mailto:[EMAIL PROTECTED]

Sent: Friday, October 24, 2008 5:52 AM

To: NT System Admin Issues

Subject: Out of Cycle Critical Windows Patch ?

 

Chaps,

 

The update that was sent out last night, has that caused any issues

elsewhere? We've had a spate of calls from users about problems today,

several servers which were set to auto-update for various reasons have

had varying levels of failure. It's mentally busy here for a Friday, and

the one thing they have in common is that all the machine rebooted for

an update last night.

 

Is it just us ?

 

Olly

 

--

G2 Support

Online Backups

 

Email:  [EMAIL PROTECTED]

Web:http://www.g2support.com

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~

~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~

~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~

~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~

~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

 

 

 

 

 


__
This email has been scanned by the MessageLabs Email Security System.
__


__
This electronic mail message and any attached files contain information 
intended for the exclusive use of the person(s) to whom it is addressed and may 
contain information that is proprietary, privileged, confidential and/or exempt 
from disclosure under applicable law. If you are not the intended recipient, 
you are hereby notified that any viewing, copying, disclosure or distribution 
of this message or its contents may be subject to legal restriction or 
sanction. If you have received this message in error, please notify the sender 
immediately by electronic mail and delete the original message and any 
attachments without retaining any copies. 
_
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Ziots, Edward]

NO they would shoot me in my Cubical :-) 

 

On the Site that I am...

 

Z

 

Edward E. Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP,Security+,Network+,CCA

Phone: 401-639-3505



From: James Rankin [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 9:45 AM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Kennedy, Jim]

Mine, the subject clarified that it was an 'Emergency Update'.

Because of the severity of this update we are going to force this update onto 
your computers differently than we normally do. You will get it very quickly 
the next time you start your computer, and unfortunately it requires that your 
computer restart. It is going to restart it for you automatically.

It will warn you with a pop up box and will give you a 5 minute warning. It 
would be best if you just saved your items at that time and restarted it 
yourself.

We recognize that this will be somewhat disruptive and we do not like to do it 
this way. We would prefer it to be as always; as you finish and shut down your 
computer.  But this update very much warrants this type of quick action. The 
wrong virus on one machine could spread very quickly all by itself from 
computer to computer and across the entire district.

Thank you for your continued support and understanding.


From: David Lum [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 10:07 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

I hit 400 our our desktops last night, here's what went out:


All Staff:

In order to apply a critical update to our computers, a patch will be applied 
tonight at 7:00pm Pacific Time.

It is critical that you log off after saving and closing all applications 
before 7:00pm tonight. Do not turn off your computer.

Please contact the Service Desk with questions or concerns.

I patched my other networks, and the only issues I saw was one 2K3 R2 server I 
had to restart the LogMeIn service, andother server (SBS 2K3) I had to go 
manually hit the power button because it didn't power up - looks unrelated but 
the NIC didn't want to maintain the IP it had been assigned.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764




-Original Message-
From: Rod Trent [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 6:34 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Here's one:

"Do it, or else!"

-Original Message-
From: Roger Wright [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 9:29 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Anybody have something prepared for all users that you can share with
the group?



Roger Wright
Network Administrator
Evatone, Inc.
727.572.7076  x388
_

-Original Message-
From: Bill Lambert [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 9:10 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Is there any press on this? In the past something this big made it to
the evening news.

Bill Lambert
Concuity
847-941-9206


-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 5:52 AM
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~








~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[David Lum]

I hit 400 our our desktops last night, here's what went out:


All Staff:

In order to apply a critical update to our computers, a patch will be applied 
tonight at 7:00pm Pacific Time.

It is critical that you log off after saving and closing all applications 
before 7:00pm tonight. Do not turn off your computer.

Please contact the Service Desk with questions or concerns.

I patched my other networks, and the only issues I saw was one 2K3 R2 server I 
had to restart the LogMeIn service, andother server (SBS 2K3) I had to go 
manually hit the power button because it didn't power up - looks unrelated but 
the NIC didn't want to maintain the IP it had been assigned.

David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764




-Original Message-
From: Rod Trent [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 6:34 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Here's one:

"Do it, or else!"

-Original Message-
From: Roger Wright [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 9:29 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Anybody have something prepared for all users that you can share with
the group?



Roger Wright
Network Administrator
Evatone, Inc.
727.572.7076  x388
_

-Original Message-
From: Bill Lambert [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 9:10 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Is there any press on this? In the past something this big made it to
the evening news.

Bill Lambert
Concuity
847-941-9206


-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 5:52 AM
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Rod Trent]

I was wondering the same thing.  NYT is the only online non-IT related news
org that seems to have picked it up.

http://search.live.com/news/results.aspx?q=security%20patch&FORM=BNLH 

-Original Message-
From: Bill Lambert [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 9:10 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Is there any press on this? In the past something this big made it to
the evening news.

Bill Lambert
Concuity
847-941-9206
 

-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 5:52 AM
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups 

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: Out of Cycle Critical Windows Patch ?

[James Rankin]

Wow. They have an actual execution area at your workplace? :-) (taking it
you meant 'sight')

2008/10/24 Ziots, Edward <[EMAIL PROTECTED]>

>  Would be shot on site here If I did that, its why doing the server
> patching is hard to get scheduled sometimes.
>
>
>
> Z
>
>
>
> Edward E. Ziots
>
> Network Engineer
>
> Lifespan Organization
>
> MCSE,MCSA,MCP,Security+,Network+,CCA
>
> Phone: 401-639-3505
>   --
>
> *From:* Michael B. Smith [mailto:[EMAIL PROTECTED]
> *Sent:* Friday, October 24, 2008 9:26 AM
> *To:* NT System Admin Issues
> *Subject:* RE: Out of Cycle Critical Windows Patch ?
>
>
>
> You auto-update and auto-reboot servers?
>
>
>
> Now that takes real brass cajones…
>
>
>
> Regards,
>
>
>
> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>
> My blog: http://TheEssentialExchange.com/blogs/michael
>
> Link with me at: http://www.linkedin.com/in/theessentialexchange
>
>
>
> *From:* Oliver Marshall [mailto:[EMAIL PROTECTED]
> *Sent:* Friday, October 24, 2008 9:05 AM
> *To:* NT System Admin Issues
> *Subject:* RE: Out of Cycle Critical Windows Patch ?
>
>
>
> Most of them would have been rebooted as they were all set to auto-update
> and reboot.
>
>
>
> *From:* Michael B. Smith [mailto:[EMAIL PROTECTED]
> *Sent:* 24 October 2008 13:59
> *To:* NT System Admin Issues
> *Subject:* RE: Out of Cycle Critical Windows Patch ?
>
>
>
> Were the boxes you are having trouble with rebooted last week for the
> normal patch cycle?
>
>
>
> Or has it been awhile?
>
>
>
> Regards,
>
>
>
> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>
> My blog: http://TheEssentialExchange.com/blogs/michael
>
> Link with me at: http://www.linkedin.com/in/theessentialexchange
>
>
>
> *From:* Oliver Marshall [mailto:[EMAIL PROTECTED]
> *Sent:* Friday, October 24, 2008 7:33 AM
> *To:* NT System Admin Issues
> *Subject:* RE: Out of Cycle Critical Windows Patch ?
>
>
>
> Oh to have all the boxes running in VMs :S
>
>
>
> I for one am gonna upload myself in to the cloud and just start taking
> snapshots of myself.
>
>
>
> *From:* James Rankin [mailto:[EMAIL PROTECTED]
> *Sent:* 24 October 2008 12:29
> *To:* NT System Admin Issues
> *Subject:* Re: Out of Cycle Critical Windows Patch ?
>
>
>
> I had no issues with my development and pre-prod boxes...however I didn't
> give it long to bed in, having a long memory, I can remember the hell I went
> through with those other two network worms, Blaster and Sasser.
>
> Good job I have snapshots sitting on my ESX boxes though!
>
> 2008/10/24 Ken Schaefer <[EMAIL PROTECTED]>
>
> We are going to push this patch to ~40,000 boxes this weekend alone.
> Hopefully all goes well :-)
>
> From what we are seeing in UAT, no major issues. Certainly nothing with IIS
> (and I'm not seeing that in the IIS forums). DHCP - no issues either. I
> suspect those are unrelated issues that were waiting to manifest, and did so
> via a reboot.
>
> Cheers
> Ken
>
>
> > -Original Message-
> > From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
>
> > Sent: Friday, 24 October 2008 10:09 PM
> > To: NT System Admin Issues
> > Subject: RE: Out of Cycle Critical Windows Patch ?
> >
> > Well so far we have IE7 deciding to stop as and when it feels like it,
> > normally when the user has more than one tab open, almost all are XP
> clients
> > with SP3 on it apart from one which isn't and is on SP2 - no problems on
> that
> > one for some unknown reason.
> >
> > Not seen any DHCP or IIS issues, though a 2K8 server here decided to have
> a
> > lie down at around 3ish this morning, but that could be entirely
> unrelated,
> > one sharepoint install has fallen over and wont get up for love nor money
> (we
> > tried both)
> >
> > John Aaron Shaw-Miller MBCS KtGC OBE
> > IT Consultant, Infrastructure & Exchange Specialist
> > Member of the Microsoft IT Advisory Council
> >
> > Mobile: 07896 740 712
> > Home Office:01952 400511
> > Email:  [EMAIL PROTECTED]
> > MSN:   [EMAIL PROTECTED]
> > Website:  www.servtec.co.uk
> >
> >
> >
> > Remember, inside every old person is a young person wondering what
> happened..
> >
> > idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6
> in
> > progress" || sh ./clooless
> >
> >
> >
> > -Original Message-
> > From: Ol

RE: Out of Cycle Critical Windows Patch ?

[Ziots, Edward]

Would be shot on site here If I did that, its why doing the server
patching is hard to get scheduled sometimes. 

 

Z

 

Edward E. Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP,Security+,Network+,CCA

Phone: 401-639-3505



From: Michael B. Smith [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 9:26 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

You auto-update and auto-reboot servers?

 

Now that takes real brass cajones...

 

Regards,

 

Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP

My blog: http://TheEssentialExchange.com/blogs/michael

Link with me at: http://www.linkedin.com/in/theessentialexchange

 

From: Oliver Marshall [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 9:05 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

Most of them would have been rebooted as they were all set to
auto-update and reboot. 

 

From: Michael B. Smith [mailto:[EMAIL PROTECTED] 
Sent: 24 October 2008 13:59
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

Were the boxes you are having trouble with rebooted last week for the
normal patch cycle?

 

Or has it been awhile?

 

Regards,

 

Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP

My blog: http://TheEssentialExchange.com/blogs/michael

Link with me at: http://www.linkedin.com/in/theessentialexchange

 

From: Oliver Marshall [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 7:33 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

Oh to have all the boxes running in VMs :S

 

I for one am gonna upload myself in to the cloud and just start taking
snapshots of myself.

 

From: James Rankin [mailto:[EMAIL PROTECTED] 
Sent: 24 October 2008 12:29
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

 

I had no issues with my development and pre-prod boxes...however I
didn't give it long to bed in, having a long memory, I can remember the
hell I went through with those other two network worms, Blaster and
Sasser.

Good job I have snapshots sitting on my ESX boxes though!

2008/10/24 Ken Schaefer <[EMAIL PROTECTED]>

We are going to push this patch to ~40,000 boxes this weekend alone.
Hopefully all goes well :-)

>From what we are seeing in UAT, no major issues. Certainly nothing with
IIS (and I'm not seeing that in the IIS forums). DHCP - no issues
either. I suspect those are unrelated issues that were waiting to
manifest, and did so via a reboot.

Cheers
Ken


> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]

> Sent: Friday, 24 October 2008 10:09 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Well so far we have IE7 deciding to stop as and when it feels like it,
> normally when the user has more than one tab open, almost all are XP
clients
> with SP3 on it apart from one which isn't and is on SP2 - no problems
on that
> one for some unknown reason.
>
> Not seen any DHCP or IIS issues, though a 2K8 server here decided to
have a
> lie down at around 3ish this morning, but that could be entirely
unrelated,
> one sharepoint install has fallen over and wont get up for love nor
money (we
> tried both)
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile: 07896 740 712
> Home Office:01952 400511
> Email:  [EMAIL PROTECTED]
> MSN:   [EMAIL PROTECTED]
> Website:  www.servtec.co.uk
>
>
>
> Remember, inside every old person is a young person wondering what
happened..
>
> idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init
6 in
> progress" || sh ./clooless
>
>
>
> -Original Message-
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 12:03
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Fancy detailing the Sh*t ?
>
> So far we have various from workstation users reporting that IE
crashes
> at the drop of a hat (a large number of those, running XP mainly, but
> also vista. We have a server with IIS issues, another which rebooted
> this morning and then had errors about the raid driver, before loosing
> its hard disks (o s*t etc). Another whos DHCP service now
fails
> to start on each restart of the box.
>
> Again, could all be unrelated, but its just odd that each machine
> rebooted at 3am for the update.
>
> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 11:59
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> No 

RE: Out of Cycle Critical Windows Patch ?

[Rod Trent]

Here's one:

"Do it, or else!"

-Original Message-
From: Roger Wright [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 9:29 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Anybody have something prepared for all users that you can share with
the group?

   

Roger Wright
Network Administrator
Evatone, Inc.
727.572.7076  x388
_  

-Original Message-
From: Bill Lambert [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 9:10 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Is there any press on this? In the past something this big made it to
the evening news.

Bill Lambert
Concuity
847-941-9206
 

-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 5:52 AM
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups 

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Roger Wright]

Anybody have something prepared for all users that you can share with
the group?

   

Roger Wright
Network Administrator
Evatone, Inc.
727.572.7076  x388
_  

-Original Message-
From: Bill Lambert [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 9:10 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Is there any press on this? In the past something this big made it to
the evening news.

Bill Lambert
Concuity
847-941-9206
 

-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 5:52 AM
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups 

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Michael B. Smith]

Were the boxes you are having trouble with rebooted last week for the normal
patch cycle?

 

Or has it been awhile?

 

Regards,

 

Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP

My blog: http://TheEssentialExchange.com/blogs/michael

Link with me at: http://www.linkedin.com/in/theessentialexchange

 

From: Oliver Marshall [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 7:33 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

Oh to have all the boxes running in VMs :S

 

I for one am gonna upload myself in to the cloud and just start taking
snapshots of myself.

 

From: James Rankin [mailto:[EMAIL PROTECTED] 
Sent: 24 October 2008 12:29
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

 

I had no issues with my development and pre-prod boxes...however I didn't
give it long to bed in, having a long memory, I can remember the hell I went
through with those other two network worms, Blaster and Sasser.

Good job I have snapshots sitting on my ESX boxes though!

2008/10/24 Ken Schaefer <[EMAIL PROTECTED]>

We are going to push this patch to ~40,000 boxes this weekend alone.
Hopefully all goes well :-)

>From what we are seeing in UAT, no major issues. Certainly nothing with IIS
(and I'm not seeing that in the IIS forums). DHCP - no issues either. I
suspect those are unrelated issues that were waiting to manifest, and did so
via a reboot.

Cheers
Ken


> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]

> Sent: Friday, 24 October 2008 10:09 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Well so far we have IE7 deciding to stop as and when it feels like it,
> normally when the user has more than one tab open, almost all are XP
clients
> with SP3 on it apart from one which isn't and is on SP2 - no problems on
that
> one for some unknown reason.
>
> Not seen any DHCP or IIS issues, though a 2K8 server here decided to have
a
> lie down at around 3ish this morning, but that could be entirely
unrelated,
> one sharepoint install has fallen over and wont get up for love nor money
(we
> tried both)
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile: 07896 740 712
> Home Office:01952 400511
> Email:  [EMAIL PROTECTED]
> MSN:   [EMAIL PROTECTED]
> Website:  www.servtec.co.uk
>
>
>
> Remember, inside every old person is a young person wondering what
happened..
>
> idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6 in
> progress" || sh ./clooless
>
>
>
> -Original Message-
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 12:03
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Fancy detailing the Sh*t ?
>
> So far we have various from workstation users reporting that IE crashes
> at the drop of a hat (a large number of those, running XP mainly, but
> also vista. We have a server with IIS issues, another which rebooted
> this morning and then had errors about the raid driver, before loosing
> its hard disks (o s*t etc). Another whos DHCP service now fails
> to start on each restart of the box.
>
> Again, could all be unrelated, but its just odd that each machine
> rebooted at 3am for the update.
>
> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 11:59
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> No I have some customers who are in the sh*t as well 
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile: 07896 740 712
> Home Office:01952 400511
> Email:  [EMAIL PROTECTED]
> MSN:   [EMAIL PROTECTED]
> Website:  www.servtec.co.uk
>
>
>
> Remember, inside every old person is a young person wondering what
> happened..
>
> idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6
> in progress" || sh ./clooless
>
>
> -Original Message-
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 11:52
> To: NT System Admin Issues
> Subject: Out of Cycle Critical Windows Patch ?
>
> Chaps,
>
> The update that was sent out last night, has that caused any issues
> elsewhere? We've had a spate of calls from users about problems today,
> several servers which were set to auto-update for various reasons have
> had varying levels

RE: Out of Cycle Critical Windows Patch ?

[Michael B. Smith]

You auto-update and auto-reboot servers?

 

Now that takes real brass cajones.

 

Regards,

 

Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP

My blog: http://TheEssentialExchange.com/blogs/michael

Link with me at: http://www.linkedin.com/in/theessentialexchange

 

From: Oliver Marshall [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 9:05 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

Most of them would have been rebooted as they were all set to auto-update
and reboot. 

 

From: Michael B. Smith [mailto:[EMAIL PROTECTED] 
Sent: 24 October 2008 13:59
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

Were the boxes you are having trouble with rebooted last week for the normal
patch cycle?

 

Or has it been awhile?

 

Regards,

 

Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP

My blog: http://TheEssentialExchange.com/blogs/michael

Link with me at: http://www.linkedin.com/in/theessentialexchange

 

From: Oliver Marshall [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 7:33 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

Oh to have all the boxes running in VMs :S

 

I for one am gonna upload myself in to the cloud and just start taking
snapshots of myself.

 

From: James Rankin [mailto:[EMAIL PROTECTED] 
Sent: 24 October 2008 12:29
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

 

I had no issues with my development and pre-prod boxes...however I didn't
give it long to bed in, having a long memory, I can remember the hell I went
through with those other two network worms, Blaster and Sasser.

Good job I have snapshots sitting on my ESX boxes though!

2008/10/24 Ken Schaefer <[EMAIL PROTECTED]>

We are going to push this patch to ~40,000 boxes this weekend alone.
Hopefully all goes well :-)

>From what we are seeing in UAT, no major issues. Certainly nothing with IIS
(and I'm not seeing that in the IIS forums). DHCP - no issues either. I
suspect those are unrelated issues that were waiting to manifest, and did so
via a reboot.

Cheers
Ken


> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]

> Sent: Friday, 24 October 2008 10:09 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Well so far we have IE7 deciding to stop as and when it feels like it,
> normally when the user has more than one tab open, almost all are XP
clients
> with SP3 on it apart from one which isn't and is on SP2 - no problems on
that
> one for some unknown reason.
>
> Not seen any DHCP or IIS issues, though a 2K8 server here decided to have
a
> lie down at around 3ish this morning, but that could be entirely
unrelated,
> one sharepoint install has fallen over and wont get up for love nor money
(we
> tried both)
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile: 07896 740 712
> Home Office:01952 400511
> Email:  [EMAIL PROTECTED]
> MSN:   [EMAIL PROTECTED]
> Website:  www.servtec.co.uk
>
>
>
> Remember, inside every old person is a young person wondering what
happened..
>
> idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6 in
> progress" || sh ./clooless
>
>
>
> -Original Message-
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 12:03
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Fancy detailing the Sh*t ?
>
> So far we have various from workstation users reporting that IE crashes
> at the drop of a hat (a large number of those, running XP mainly, but
> also vista. We have a server with IIS issues, another which rebooted
> this morning and then had errors about the raid driver, before loosing
> its hard disks (o s*t etc). Another whos DHCP service now fails
> to start on each restart of the box.
>
> Again, could all be unrelated, but its just odd that each machine
> rebooted at 3am for the update.
>
> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 11:59
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> No I have some customers who are in the sh*t as well 
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile: 07896 740 712
> Home Office:01952 400511
> Email:  [EMAIL PROTECTED]
> MSN:   [EMAIL PROTECTED]
> Website:  www.servtec.co.uk
>
>
>
> Remember, inside every old person 

RE: Out of Cycle Critical Windows Patch ?

[Bill Lambert]

Is there any press on this? In the past something this big made it to
the evening news.

Bill Lambert
Concuity
847-941-9206
 

-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 5:52 AM
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups 

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Out of Cycle Critical Windows Patch ?

[Oliver Marshall]

Most of them would have been rebooted as they were all set to
auto-update and reboot. 

 

From: Michael B. Smith [mailto:[EMAIL PROTECTED] 
Sent: 24 October 2008 13:59
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

Were the boxes you are having trouble with rebooted last week for the
normal patch cycle?

 

Or has it been awhile?

 

Regards,

 

Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP

My blog: http://TheEssentialExchange.com/blogs/michael

Link with me at: http://www.linkedin.com/in/theessentialexchange

 

From: Oliver Marshall [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 7:33 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

Oh to have all the boxes running in VMs :S

 

I for one am gonna upload myself in to the cloud and just start taking
snapshots of myself.

 

From: James Rankin [mailto:[EMAIL PROTECTED] 
Sent: 24 October 2008 12:29
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

 

I had no issues with my development and pre-prod boxes...however I
didn't give it long to bed in, having a long memory, I can remember the
hell I went through with those other two network worms, Blaster and
Sasser.

Good job I have snapshots sitting on my ESX boxes though!

2008/10/24 Ken Schaefer <[EMAIL PROTECTED]>

We are going to push this patch to ~40,000 boxes this weekend alone.
Hopefully all goes well :-)

>From what we are seeing in UAT, no major issues. Certainly nothing with
IIS (and I'm not seeing that in the IIS forums). DHCP - no issues
either. I suspect those are unrelated issues that were waiting to
manifest, and did so via a reboot.

Cheers
Ken


> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]

> Sent: Friday, 24 October 2008 10:09 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Well so far we have IE7 deciding to stop as and when it feels like it,
> normally when the user has more than one tab open, almost all are XP
clients
> with SP3 on it apart from one which isn't and is on SP2 - no problems
on that
> one for some unknown reason.
>
> Not seen any DHCP or IIS issues, though a 2K8 server here decided to
have a
> lie down at around 3ish this morning, but that could be entirely
unrelated,
> one sharepoint install has fallen over and wont get up for love nor
money (we
> tried both)
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile: 07896 740 712
> Home Office:01952 400511
> Email:  [EMAIL PROTECTED]
> MSN:   [EMAIL PROTECTED]
> Website:  www.servtec.co.uk
>
>
>
> Remember, inside every old person is a young person wondering what
happened..
>
> idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init
6 in
> progress" || sh ./clooless
>
>
>
> -Original Message-
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 12:03
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Fancy detailing the Sh*t ?
>
> So far we have various from workstation users reporting that IE
crashes
> at the drop of a hat (a large number of those, running XP mainly, but
> also vista. We have a server with IIS issues, another which rebooted
> this morning and then had errors about the raid driver, before loosing
> its hard disks (o s*t etc). Another whos DHCP service now
fails
> to start on each restart of the box.
>
> Again, could all be unrelated, but its just odd that each machine
> rebooted at 3am for the update.
>
> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 11:59
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> No I have some customers who are in the sh*t as well 
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile: 07896 740 712
> Home Office:01952 400511
> Email:  [EMAIL PROTECTED]
> MSN:   [EMAIL PROTECTED]
> Website:  www.servtec.co.uk
>
>
>
> Remember, inside every old person is a young person wondering what
> happened..
>
> idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init
6
> in progress" || sh ./clooless
>
>
> -Original Message-
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 11:52
> To: NT System Admin Issues
> Subject: Out of Cycle Critical Windows Patch ?
>
> Chaps,
>
> The update 

RE: Out of Cycle Critical Windows Patch ?

[Glen Johnson]

This could be related.
I used GenConrtol to remotely patch several servers last night.
After the patch and reboot, not problems.
This morning, GenControl can't connect to any of them.  Says something about 
unknown revision level.
Lets hope that is the only problem I have.



From: Ziots, Edward [mailto:[EMAIL PROTECTED]
Sent: Fri 10/24/2008 7:42 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?



None here, 200 Servers+ so far and going strong..

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 6:52 AM
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com <http://www.g2support.com/> 




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Rod Trent]

BTW: Amazon's cloud computing is live.

 

http://aws.amazon.com/ 

 

From: Oliver Marshall [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 7:33 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

 

Oh to have all the boxes running in VMs :S

 

I for one am gonna upload myself in to the cloud and just start taking
snapshots of myself.

 

From: James Rankin [mailto:[EMAIL PROTECTED] 
Sent: 24 October 2008 12:29
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

 

I had no issues with my development and pre-prod boxes...however I didn't
give it long to bed in, having a long memory, I can remember the hell I went
through with those other two network worms, Blaster and Sasser.

Good job I have snapshots sitting on my ESX boxes though!

2008/10/24 Ken Schaefer <[EMAIL PROTECTED]>

We are going to push this patch to ~40,000 boxes this weekend alone.
Hopefully all goes well :-)

>From what we are seeing in UAT, no major issues. Certainly nothing with IIS
(and I'm not seeing that in the IIS forums). DHCP - no issues either. I
suspect those are unrelated issues that were waiting to manifest, and did so
via a reboot.

Cheers
Ken


> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]

> Sent: Friday, 24 October 2008 10:09 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Well so far we have IE7 deciding to stop as and when it feels like it,
> normally when the user has more than one tab open, almost all are XP
clients
> with SP3 on it apart from one which isn't and is on SP2 - no problems on
that
> one for some unknown reason.
>
> Not seen any DHCP or IIS issues, though a 2K8 server here decided to have
a
> lie down at around 3ish this morning, but that could be entirely
unrelated,
> one sharepoint install has fallen over and wont get up for love nor money
(we
> tried both)
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile: 07896 740 712
> Home Office:01952 400511
> Email:  [EMAIL PROTECTED]
> MSN:   [EMAIL PROTECTED]
> Website:  www.servtec.co.uk
>
>
>
> Remember, inside every old person is a young person wondering what
happened..
>
> idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6 in
> progress" || sh ./clooless
>
>
>
> -----Original Message-
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 12:03
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Fancy detailing the Sh*t ?
>
> So far we have various from workstation users reporting that IE crashes
> at the drop of a hat (a large number of those, running XP mainly, but
> also vista. We have a server with IIS issues, another which rebooted
> this morning and then had errors about the raid driver, before loosing
> its hard disks (o s*t etc). Another whos DHCP service now fails
> to start on each restart of the box.
>
> Again, could all be unrelated, but its just odd that each machine
> rebooted at 3am for the update.
>
> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 11:59
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> No I have some customers who are in the sh*t as well 
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile: 07896 740 712
> Home Office:01952 400511
> Email:  [EMAIL PROTECTED]
> MSN:   [EMAIL PROTECTED]
> Website:  www.servtec.co.uk
>
>
>
> Remember, inside every old person is a young person wondering what
> happened..
>
> idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6
> in progress" || sh ./clooless
>
>
> -Original Message-
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 11:52
> To: NT System Admin Issues
> Subject: Out of Cycle Critical Windows Patch ?
>
> Chaps,
>
> The update that was sent out last night, has that caused any issues
> elsewhere? We've had a spate of calls from users about problems today,
> several servers which were set to auto-update for various reasons have
> had varying levels of failure. It's mentally busy here for a Friday, and
> the one thing they have in common is that all the machine rebooted for
> an update last night.
>
> Is it just us ?
>
> Olly
>
> --
> G2 Support
> Online 

RE: Out of Cycle Critical Windows Patch ?

[Ziots, Edward]

None here, 200 Servers+ so far and going strong..

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 6:52 AM
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups 

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Out of Cycle Critical Windows Patch ?

[Ziots, Edward]

Nice Grep, 

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505
-Original Message-
From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 6:59 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

No I have some customers who are in the sh*t as well 

John Aaron Shaw-Miller MBCS KtGC OBE
IT Consultant, Infrastructure & Exchange Specialist
Member of the Microsoft IT Advisory Council

Mobile: 07896 740 712
Home Office:01952 400511
Email:  [EMAIL PROTECTED]
MSN:   [EMAIL PROTECTED]
Website:  www.servtec.co.uk



Remember, inside every old person is a young person wondering what
happened..

idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6
in progress" || sh ./clooless


-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: 24 October 2008 11:52
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Oliver Marshall]

Oh to have all the boxes running in VMs :S

 

I for one am gonna upload myself in to the cloud and just start taking
snapshots of myself.

 

From: James Rankin [mailto:[EMAIL PROTECTED] 
Sent: 24 October 2008 12:29
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch ?

 

I had no issues with my development and pre-prod boxes...however I
didn't give it long to bed in, having a long memory, I can remember the
hell I went through with those other two network worms, Blaster and
Sasser.

Good job I have snapshots sitting on my ESX boxes though!

2008/10/24 Ken Schaefer <[EMAIL PROTECTED]>

We are going to push this patch to ~40,000 boxes this weekend alone.
Hopefully all goes well :-)

>From what we are seeing in UAT, no major issues. Certainly nothing with
IIS (and I'm not seeing that in the IIS forums). DHCP - no issues
either. I suspect those are unrelated issues that were waiting to
manifest, and did so via a reboot.

Cheers
Ken


> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]

> Sent: Friday, 24 October 2008 10:09 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Well so far we have IE7 deciding to stop as and when it feels like it,
> normally when the user has more than one tab open, almost all are XP
clients
> with SP3 on it apart from one which isn't and is on SP2 - no problems
on that
> one for some unknown reason.
>
> Not seen any DHCP or IIS issues, though a 2K8 server here decided to
have a
> lie down at around 3ish this morning, but that could be entirely
unrelated,
> one sharepoint install has fallen over and wont get up for love nor
money (we
> tried both)
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile: 07896 740 712
> Home Office:01952 400511
> Email:  [EMAIL PROTECTED]
> MSN:   [EMAIL PROTECTED]
> Website:  www.servtec.co.uk
>
>
>
> Remember, inside every old person is a young person wondering what
happened..
>
> idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init
6 in
> progress" || sh ./clooless
>
>
>
> -Original Message-
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 12:03
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Fancy detailing the Sh*t ?
>
> So far we have various from workstation users reporting that IE
crashes
> at the drop of a hat (a large number of those, running XP mainly, but
> also vista. We have a server with IIS issues, another which rebooted
> this morning and then had errors about the raid driver, before loosing
> its hard disks (o s*t etc). Another whos DHCP service now
fails
> to start on each restart of the box.
>
> Again, could all be unrelated, but its just odd that each machine
> rebooted at 3am for the update.
>
> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 11:59
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> No I have some customers who are in the sh*t as well 
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile: 07896 740 712
> Home Office:01952 400511
> Email:  [EMAIL PROTECTED]
> MSN:   [EMAIL PROTECTED]
> Website:  www.servtec.co.uk
>
>
>
> Remember, inside every old person is a young person wondering what
> happened..
>
> idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init
6
> in progress" || sh ./clooless
>
>
> -Original Message-
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 11:52
> To: NT System Admin Issues
> Subject: Out of Cycle Critical Windows Patch ?
>
> Chaps,
>
> The update that was sent out last night, has that caused any issues
> elsewhere? We've had a spate of calls from users about problems today,
> several servers which were set to auto-update for various reasons have
> had varying levels of failure. It's mentally busy here for a Friday,
and
> the one thing they have in common is that all the machine rebooted for
> an update last night.
>
> Is it just us ?
>
> Olly
>
> --
> G2 Support
> Online Backups
>
> Email:  [EMAIL PROTECTED]
> Web:http://www.g2support.com
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/

RE: Out of Cycle Critical Windows Patch ?

[Phil Thompson]

I had 7 servers and no problems so far but it early.

What sort of problems?


Phil
-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 6:52 AM
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Out of Cycle Critical Windows Patch ?

[James Rankin]

I had no issues with my development and pre-prod boxes...however I didn't
give it long to bed in, having a long memory, I can remember the hell I went
through with those other two network worms, Blaster and Sasser.

Good job I have snapshots sitting on my ESX boxes though!

2008/10/24 Ken Schaefer <[EMAIL PROTECTED]>

> We are going to push this patch to ~40,000 boxes this weekend alone.
> Hopefully all goes well :-)
>
> From what we are seeing in UAT, no major issues. Certainly nothing with IIS
> (and I'm not seeing that in the IIS forums). DHCP - no issues either. I
> suspect those are unrelated issues that were waiting to manifest, and did so
> via a reboot.
>
> Cheers
> Ken
>
> > -Original Message-
> > From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
> > Sent: Friday, 24 October 2008 10:09 PM
> > To: NT System Admin Issues
> > Subject: RE: Out of Cycle Critical Windows Patch ?
> >
> > Well so far we have IE7 deciding to stop as and when it feels like it,
> > normally when the user has more than one tab open, almost all are XP
> clients
> > with SP3 on it apart from one which isn't and is on SP2 - no problems on
> that
> > one for some unknown reason.
> >
> > Not seen any DHCP or IIS issues, though a 2K8 server here decided to have
> a
> > lie down at around 3ish this morning, but that could be entirely
> unrelated,
> > one sharepoint install has fallen over and wont get up for love nor money
> (we
> > tried both)
> >
> > John Aaron Shaw-Miller MBCS KtGC OBE
> > IT Consultant, Infrastructure & Exchange Specialist
> > Member of the Microsoft IT Advisory Council
> >
> > Mobile: 07896 740 712
> > Home Office:01952 400511
> > Email:  [EMAIL PROTECTED]
> > MSN:   [EMAIL PROTECTED]
> > Website:  www.servtec.co.uk
> >
> >
> >
> > Remember, inside every old person is a young person wondering what
> happened..
> >
> > idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6
> in
> > progress" || sh ./clooless
> >
> >
> >
> > -Original Message-
> > From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> > Sent: 24 October 2008 12:03
> > To: NT System Admin Issues
> > Subject: RE: Out of Cycle Critical Windows Patch ?
> >
> > Fancy detailing the Sh*t ?
> >
> > So far we have various from workstation users reporting that IE crashes
> > at the drop of a hat (a large number of those, running XP mainly, but
> > also vista. We have a server with IIS issues, another which rebooted
> > this morning and then had errors about the raid driver, before loosing
> > its hard disks (ohhhh s*t etc). Another whos DHCP service now fails
> > to start on each restart of the box.
> >
> > Again, could all be unrelated, but its just odd that each machine
> > rebooted at 3am for the update.
> >
> > -Original Message-
> > From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
> > Sent: 24 October 2008 11:59
> > To: NT System Admin Issues
> > Subject: RE: Out of Cycle Critical Windows Patch ?
> >
> > No I have some customers who are in the sh*t as well 
> >
> > John Aaron Shaw-Miller MBCS KtGC OBE
> > IT Consultant, Infrastructure & Exchange Specialist
> > Member of the Microsoft IT Advisory Council
> >
> > Mobile: 07896 740 712
> > Home Office:01952 400511
> > Email:  [EMAIL PROTECTED]
> > MSN:   [EMAIL PROTECTED]
> > Website:  www.servtec.co.uk
> >
> >
> >
> > Remember, inside every old person is a young person wondering what
> > happened..
> >
> > idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6
> > in progress" || sh ./clooless
> >
> >
> > -Original Message-
> > From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> > Sent: 24 October 2008 11:52
> > To: NT System Admin Issues
> > Subject: Out of Cycle Critical Windows Patch ?
> >
> > Chaps,
> >
> > The update that was sent out last night, has that caused any issues
> > elsewhere? We've had a spate of calls from users about problems today,
> > several servers which were set to auto-update for various reasons have
> > had varying levels of failure. It's mentally busy here for a Friday, and
> > the one thing they have in common is that all the machine rebooted for
> > an update last night.
> >
> > Is it just us ?
> >
> > Olly
> >
>

RE: Out of Cycle Critical Windows Patch ?

[Ken Schaefer]

We are going to push this patch to ~40,000 boxes this weekend alone. Hopefully 
all goes well :-)

>From what we are seeing in UAT, no major issues. Certainly nothing with IIS 
>(and I'm not seeing that in the IIS forums). DHCP - no issues either. I 
>suspect those are unrelated issues that were waiting to manifest, and did so 
>via a reboot.

Cheers
Ken

> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
> Sent: Friday, 24 October 2008 10:09 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Well so far we have IE7 deciding to stop as and when it feels like it,
> normally when the user has more than one tab open, almost all are XP clients
> with SP3 on it apart from one which isn't and is on SP2 - no problems on that
> one for some unknown reason.
>
> Not seen any DHCP or IIS issues, though a 2K8 server here decided to have a
> lie down at around 3ish this morning, but that could be entirely unrelated,
> one sharepoint install has fallen over and wont get up for love nor money (we
> tried both)
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile: 07896 740 712
> Home Office:01952 400511
> Email:  [EMAIL PROTECTED]
> MSN:   [EMAIL PROTECTED]
> Website:  www.servtec.co.uk
>
>
>
> Remember, inside every old person is a young person wondering what happened..
>
> idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6 in
> progress" || sh ./clooless
>
>
>
> -----Original Message-----
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 12:03
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Fancy detailing the Sh*t ?
>
> So far we have various from workstation users reporting that IE crashes
> at the drop of a hat (a large number of those, running XP mainly, but
> also vista. We have a server with IIS issues, another which rebooted
> this morning and then had errors about the raid driver, before loosing
> its hard disks (o s*t etc). Another whos DHCP service now fails
> to start on each restart of the box.
>
> Again, could all be unrelated, but its just odd that each machine
> rebooted at 3am for the update.
>
> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 11:59
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> No I have some customers who are in the sh*t as well 
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile: 07896 740 712
> Home Office:01952 400511
> Email:  [EMAIL PROTECTED]
> MSN:   [EMAIL PROTECTED]
> Website:  www.servtec.co.uk
>
>
>
> Remember, inside every old person is a young person wondering what
> happened..
>
> idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6
> in progress" || sh ./clooless
>
>
> -Original Message-
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 11:52
> To: NT System Admin Issues
> Subject: Out of Cycle Critical Windows Patch ?
>
> Chaps,
>
> The update that was sent out last night, has that caused any issues
> elsewhere? We've had a spate of calls from users about problems today,
> several servers which were set to auto-update for various reasons have
> had varying levels of failure. It's mentally busy here for a Friday, and
> the one thing they have in common is that all the machine rebooted for
> an update last night.
>
> Is it just us ?
>
> Olly
>
> --
> G2 Support
> Online Backups
>
> Email:  [EMAIL PROTECTED]
> Web:http://www.g2support.com
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: Out of Cycle Critical Windows Patch ?

[James Rankin]

958644

2008/10/24 Oliver Marshall <[EMAIL PROTECTED]>

> What was the kb number of the out-of-cycle update from last night ??
>
> -Original Message-
> From: Rod Trent [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 12:14
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Not seeing any of that here.
>
> -Original Message-
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 24, 2008 7:11 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Interesting what you say about IE7. We are seeing the same here.
>
> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 12:09
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Well so far we have IE7 deciding to stop as and when it feels like it,
> normally when the user has more than one tab open, almost all are XP
> clients with SP3 on it apart from one which isn't and is on SP2 - no
> problems on that one for some unknown reason.
>
> Not seen any DHCP or IIS issues, though a 2K8 server here decided to
> have a lie down at around 3ish this morning, but that could be entirely
> unrelated, one sharepoint install has fallen over and wont get up for
> love nor money (we tried both)
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile: 07896 740 712
> Home Office:01952 400511
> Email:  [EMAIL PROTECTED]
> MSN:   [EMAIL PROTECTED]
> Website:  www.servtec.co.uk
>
>
>
> Remember, inside every old person is a young person wondering what
> happened..
>
> idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6
> in progress" || sh ./clooless
>
>
>
> -Original Message-
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 12:03
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Fancy detailing the Sh*t ?
>
> So far we have various from workstation users reporting that IE crashes
> at the drop of a hat (a large number of those, running XP mainly, but
> also vista. We have a server with IIS issues, another which rebooted
> this morning and then had errors about the raid driver, before loosing
> its hard disks (o s*t etc). Another whos DHCP service now fails
> to start on each restart of the box.
>
> Again, could all be unrelated, but its just odd that each machine
> rebooted at 3am for the update.
>
> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 11:59
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> No I have some customers who are in the sh*t as well 
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile: 07896 740 712
> Home Office:01952 400511
> Email:  [EMAIL PROTECTED]
> MSN:   [EMAIL PROTECTED]
> Website:  www.servtec.co.uk
>
>
>
> Remember, inside every old person is a young person wondering what
> happened..
>
> idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6
> in progress" || sh ./clooless
>
>
> -Original Message-
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 11:52
> To: NT System Admin Issues
> Subject: Out of Cycle Critical Windows Patch ?
>
> Chaps,
>
> The update that was sent out last night, has that caused any issues
> elsewhere? We've had a spate of calls from users about problems today,
> several servers which were set to auto-update for various reasons have
> had varying levels of failure. It's mentally busy here for a Friday, and
> the one thing they have in common is that all the machine rebooted for
> an update last night.
>
> Is it just us ?
>
> Olly
>
> --
> G2 Support
> Online Backups
>
> Email:  [EMAIL PROTECTED]
> Web:http://www.g2support.com
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business

RE: Out of Cycle Critical Windows Patch ?

[Oliver Marshall]

What was the kb number of the out-of-cycle update from last night ??

-Original Message-
From: Rod Trent [mailto:[EMAIL PROTECTED] 
Sent: 24 October 2008 12:14
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Not seeing any of that here.

-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 7:11 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Interesting what you say about IE7. We are seeing the same here. 

-Original Message-
From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED] 
Sent: 24 October 2008 12:09
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Well so far we have IE7 deciding to stop as and when it feels like it,
normally when the user has more than one tab open, almost all are XP
clients with SP3 on it apart from one which isn't and is on SP2 - no
problems on that one for some unknown reason.

Not seen any DHCP or IIS issues, though a 2K8 server here decided to
have a lie down at around 3ish this morning, but that could be entirely
unrelated, one sharepoint install has fallen over and wont get up for
love nor money (we tried both)

John Aaron Shaw-Miller MBCS KtGC OBE
IT Consultant, Infrastructure & Exchange Specialist
Member of the Microsoft IT Advisory Council

Mobile: 07896 740 712
Home Office:01952 400511
Email:  [EMAIL PROTECTED]
MSN:   [EMAIL PROTECTED]
Website:  www.servtec.co.uk



Remember, inside every old person is a young person wondering what
happened..

idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6
in progress" || sh ./clooless



-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: 24 October 2008 12:03
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Fancy detailing the Sh*t ?

So far we have various from workstation users reporting that IE crashes
at the drop of a hat (a large number of those, running XP mainly, but
also vista. We have a server with IIS issues, another which rebooted
this morning and then had errors about the raid driver, before loosing
its hard disks (o s*t etc). Another whos DHCP service now fails
to start on each restart of the box.

Again, could all be unrelated, but its just odd that each machine
rebooted at 3am for the update.

-Original Message-
From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
Sent: 24 October 2008 11:59
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

No I have some customers who are in the sh*t as well 

John Aaron Shaw-Miller MBCS KtGC OBE
IT Consultant, Infrastructure & Exchange Specialist
Member of the Microsoft IT Advisory Council

Mobile: 07896 740 712
Home Office:01952 400511
Email:  [EMAIL PROTECTED]
MSN:   [EMAIL PROTECTED]
Website:  www.servtec.co.uk



Remember, inside every old person is a young person wondering what
happened..

idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6
in progress" || sh ./clooless


-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: 24 October 2008 11:52
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Rod Trent]

Not seeing any of that here.

-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 7:11 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Interesting what you say about IE7. We are seeing the same here. 

-Original Message-
From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED] 
Sent: 24 October 2008 12:09
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Well so far we have IE7 deciding to stop as and when it feels like it,
normally when the user has more than one tab open, almost all are XP
clients with SP3 on it apart from one which isn't and is on SP2 - no
problems on that one for some unknown reason.

Not seen any DHCP or IIS issues, though a 2K8 server here decided to
have a lie down at around 3ish this morning, but that could be entirely
unrelated, one sharepoint install has fallen over and wont get up for
love nor money (we tried both)

John Aaron Shaw-Miller MBCS KtGC OBE
IT Consultant, Infrastructure & Exchange Specialist
Member of the Microsoft IT Advisory Council

Mobile: 07896 740 712
Home Office:01952 400511
Email:  [EMAIL PROTECTED]
MSN:   [EMAIL PROTECTED]
Website:  www.servtec.co.uk



Remember, inside every old person is a young person wondering what
happened..

idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6
in progress" || sh ./clooless



-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: 24 October 2008 12:03
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Fancy detailing the Sh*t ?

So far we have various from workstation users reporting that IE crashes
at the drop of a hat (a large number of those, running XP mainly, but
also vista. We have a server with IIS issues, another which rebooted
this morning and then had errors about the raid driver, before loosing
its hard disks (o s*t etc). Another whos DHCP service now fails
to start on each restart of the box.

Again, could all be unrelated, but its just odd that each machine
rebooted at 3am for the update.

-Original Message-
From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
Sent: 24 October 2008 11:59
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

No I have some customers who are in the sh*t as well 

John Aaron Shaw-Miller MBCS KtGC OBE
IT Consultant, Infrastructure & Exchange Specialist
Member of the Microsoft IT Advisory Council

Mobile: 07896 740 712
Home Office:01952 400511
Email:  [EMAIL PROTECTED]
MSN:   [EMAIL PROTECTED]
Website:  www.servtec.co.uk



Remember, inside every old person is a young person wondering what
happened..

idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6
in progress" || sh ./clooless


-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: 24 October 2008 11:52
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: Out of Cycle Critical Windows Patch ?

[James Rankin]

My users are all using IE7 on Citrix, and the farm hasn't rebooted since the
patches were applied. Hmmm. Not looking forward to Monday now, as our
primary finance application runs in a web interface.

2008/10/24 Oliver Marshall <[EMAIL PROTECTED]>

> Interesting what you say about IE7. We are seeing the same here.
>
> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 12:09
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Well so far we have IE7 deciding to stop as and when it feels like it,
> normally when the user has more than one tab open, almost all are XP
> clients with SP3 on it apart from one which isn't and is on SP2 - no
> problems on that one for some unknown reason.
>
> Not seen any DHCP or IIS issues, though a 2K8 server here decided to
> have a lie down at around 3ish this morning, but that could be entirely
> unrelated, one sharepoint install has fallen over and wont get up for
> love nor money (we tried both)
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile: 07896 740 712
> Home Office:01952 400511
> Email:  [EMAIL PROTECTED]
> MSN:   [EMAIL PROTECTED]
> Website:  www.servtec.co.uk
>
>
>
> Remember, inside every old person is a young person wondering what
> happened..
>
> idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6
> in progress" || sh ./clooless
>
>
>
> -Original Message-
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 12:03
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> Fancy detailing the Sh*t ?
>
> So far we have various from workstation users reporting that IE crashes
> at the drop of a hat (a large number of those, running XP mainly, but
> also vista. We have a server with IIS issues, another which rebooted
> this morning and then had errors about the raid driver, before loosing
> its hard disks (o s*t etc). Another whos DHCP service now fails
> to start on each restart of the box.
>
> Again, could all be unrelated, but its just odd that each machine
> rebooted at 3am for the update.
>
> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 11:59
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> No I have some customers who are in the sh*t as well 
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile: 07896 740 712
> Home Office:01952 400511
> Email:  [EMAIL PROTECTED]
> MSN:   [EMAIL PROTECTED]
> Website:  www.servtec.co.uk
>
>
>
> Remember, inside every old person is a young person wondering what
> happened..
>
> idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6
> in progress" || sh ./clooless
>
>
> -Original Message-
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 11:52
> To: NT System Admin Issues
> Subject: Out of Cycle Critical Windows Patch ?
>
> Chaps,
>
> The update that was sent out last night, has that caused any issues
> elsewhere? We've had a spate of calls from users about problems today,
> several servers which were set to auto-update for various reasons have
> had varying levels of failure. It's mentally busy here for a Friday, and
> the one thing they have in common is that all the machine rebooted for
> an update last night.
>
> Is it just us ?
>
> Olly
>
> --
> G2 Support
> Online Backups
>
> Email:  [EMAIL PROTECTED]
> Web:http://www.g2support.com
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Oliver Marshall]

Interesting what you say about IE7. We are seeing the same here. 

-Original Message-
From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED] 
Sent: 24 October 2008 12:09
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Well so far we have IE7 deciding to stop as and when it feels like it,
normally when the user has more than one tab open, almost all are XP
clients with SP3 on it apart from one which isn't and is on SP2 - no
problems on that one for some unknown reason.

Not seen any DHCP or IIS issues, though a 2K8 server here decided to
have a lie down at around 3ish this morning, but that could be entirely
unrelated, one sharepoint install has fallen over and wont get up for
love nor money (we tried both)

John Aaron Shaw-Miller MBCS KtGC OBE
IT Consultant, Infrastructure & Exchange Specialist
Member of the Microsoft IT Advisory Council

Mobile: 07896 740 712
Home Office:01952 400511
Email:  [EMAIL PROTECTED]
MSN:   [EMAIL PROTECTED]
Website:  www.servtec.co.uk



Remember, inside every old person is a young person wondering what
happened..

idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6
in progress" || sh ./clooless



-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: 24 October 2008 12:03
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Fancy detailing the Sh*t ?

So far we have various from workstation users reporting that IE crashes
at the drop of a hat (a large number of those, running XP mainly, but
also vista. We have a server with IIS issues, another which rebooted
this morning and then had errors about the raid driver, before loosing
its hard disks (o s*t etc). Another whos DHCP service now fails
to start on each restart of the box.

Again, could all be unrelated, but its just odd that each machine
rebooted at 3am for the update.

-Original Message-
From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
Sent: 24 October 2008 11:59
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

No I have some customers who are in the sh*t as well 

John Aaron Shaw-Miller MBCS KtGC OBE
IT Consultant, Infrastructure & Exchange Specialist
Member of the Microsoft IT Advisory Council

Mobile: 07896 740 712
Home Office:01952 400511
Email:  [EMAIL PROTECTED]
MSN:   [EMAIL PROTECTED]
Website:  www.servtec.co.uk



Remember, inside every old person is a young person wondering what
happened..

idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6
in progress" || sh ./clooless


-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: 24 October 2008 11:52
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[John A. Shaw-Miller]

Well so far we have IE7 deciding to stop as and when it feels like it, normally 
when the user has more than one tab open, almost all are XP clients with SP3 on 
it apart from one which isn't and is on SP2 - no problems on that one for some 
unknown reason.

Not seen any DHCP or IIS issues, though a 2K8 server here decided to have a lie 
down at around 3ish this morning, but that could be entirely unrelated, one 
sharepoint install has fallen over and wont get up for love nor money (we tried 
both)

John Aaron Shaw-Miller MBCS KtGC OBE
IT Consultant, Infrastructure & Exchange Specialist
Member of the Microsoft IT Advisory Council

Mobile: 07896 740 712
Home Office:01952 400511
Email:  [EMAIL PROTECTED]
MSN:   [EMAIL PROTECTED]
Website:  www.servtec.co.uk



Remember, inside every old person is a young person wondering what happened..

idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6 in 
progress" || sh ./clooless



-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: 24 October 2008 12:03
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

Fancy detailing the Sh*t ?

So far we have various from workstation users reporting that IE crashes
at the drop of a hat (a large number of those, running XP mainly, but
also vista. We have a server with IIS issues, another which rebooted
this morning and then had errors about the raid driver, before loosing
its hard disks (o s*t etc). Another whos DHCP service now fails
to start on each restart of the box.

Again, could all be unrelated, but its just odd that each machine
rebooted at 3am for the update.

-Original Message-
From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
Sent: 24 October 2008 11:59
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

No I have some customers who are in the sh*t as well 

John Aaron Shaw-Miller MBCS KtGC OBE
IT Consultant, Infrastructure & Exchange Specialist
Member of the Microsoft IT Advisory Council

Mobile: 07896 740 712
Home Office:01952 400511
Email:  [EMAIL PROTECTED]
MSN:   [EMAIL PROTECTED]
Website:  www.servtec.co.uk



Remember, inside every old person is a young person wondering what
happened..

idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6
in progress" || sh ./clooless


-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: 24 October 2008 11:52
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: Out of Cycle Critical Windows Patch ?

[James Rankin]

I find a lot of potential problems don't manifest themselves until the next
restart. FWIW I have patched about 50 servers today and I haven't had any
failures yet. I have snapshots of each one should something bad happen
however, but so far, everything looks cool...

2008/10/24 Oliver Marshall <[EMAIL PROTECTED]>

> Fancy detailing the Sh*t ?
>
> So far we have various from workstation users reporting that IE crashes
> at the drop of a hat (a large number of those, running XP mainly, but
> also vista. We have a server with IIS issues, another which rebooted
> this morning and then had errors about the raid driver, before loosing
> its hard disks (o s*t etc). Another whos DHCP service now fails
> to start on each restart of the box.
>
> Again, could all be unrelated, but its just odd that each machine
> rebooted at 3am for the update.
>
> -Original Message-
> From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 11:59
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch ?
>
> No I have some customers who are in the sh*t as well 
>
> John Aaron Shaw-Miller MBCS KtGC OBE
> IT Consultant, Infrastructure & Exchange Specialist
> Member of the Microsoft IT Advisory Council
>
> Mobile: 07896 740 712
> Home Office:01952 400511
> Email:  [EMAIL PROTECTED]
> MSN:   [EMAIL PROTECTED]
> Website:  www.servtec.co.uk
>
>
>
> Remember, inside every old person is a young person wondering what
> happened..
>
> idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6
> in progress" || sh ./clooless
>
>
> -Original Message-
> From: Oliver Marshall [mailto:[EMAIL PROTECTED]
> Sent: 24 October 2008 11:52
> To: NT System Admin Issues
> Subject: Out of Cycle Critical Windows Patch ?
>
> Chaps,
>
> The update that was sent out last night, has that caused any issues
> elsewhere? We've had a spate of calls from users about problems today,
> several servers which were set to auto-update for various reasons have
> had varying levels of failure. It's mentally busy here for a Friday, and
> the one thing they have in common is that all the machine rebooted for
> an update last night.
>
> Is it just us ?
>
> Olly
>
> --
> G2 Support
> Online Backups
>
> Email:  [EMAIL PROTECTED]
> Web:http://www.g2support.com
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Oliver Marshall]

Fancy detailing the Sh*t ?

So far we have various from workstation users reporting that IE crashes
at the drop of a hat (a large number of those, running XP mainly, but
also vista. We have a server with IIS issues, another which rebooted
this morning and then had errors about the raid driver, before loosing
its hard disks (o s*t etc). Another whos DHCP service now fails
to start on each restart of the box.

Again, could all be unrelated, but its just odd that each machine
rebooted at 3am for the update.

-Original Message-
From: John A. Shaw-Miller [mailto:[EMAIL PROTECTED] 
Sent: 24 October 2008 11:59
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch ?

No I have some customers who are in the sh*t as well 

John Aaron Shaw-Miller MBCS KtGC OBE
IT Consultant, Infrastructure & Exchange Specialist
Member of the Microsoft IT Advisory Council

Mobile: 07896 740 712
Home Office:01952 400511
Email:  [EMAIL PROTECTED]
MSN:   [EMAIL PROTECTED]
Website:  www.servtec.co.uk



Remember, inside every old person is a young person wondering what
happened..

idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6
in progress" || sh ./clooless


-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: 24 October 2008 11:52
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch ?

[Michael B. Smith]

Unfortunately, servers have problems when they reboot sometimes.

I doubt that it is the patch itself. I've not seen issues at any of my
clients...

Regards,

Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
My blog: http://TheEssentialExchange.com/blogs/michael
Link with me at: http://www.linkedin.com/in/theessentialexchange


-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED] 
Sent: Friday, October 24, 2008 6:52 AM
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups 

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Out of Cycle Critical Windows Patch ?

[John A. Shaw-Miller]

No I have some customers who are in the sh*t as well 

John Aaron Shaw-Miller MBCS KtGC OBE
IT Consultant, Infrastructure & Exchange Specialist
Member of the Microsoft IT Advisory Council

Mobile: 07896 740 712
Home Office:01952 400511
Email:  [EMAIL PROTECTED]
MSN:   [EMAIL PROTECTED]
Website:  www.servtec.co.uk



Remember, inside every old person is a young person wondering what happened..

idea=`grep -i clue /dev/brain` ; test -z "$idea" && echo "sorry, init 6 in 
progress" || sh ./clooless


-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: 24 October 2008 11:52
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch ?

Chaps,

The update that was sent out last night, has that caused any issues
elsewhere? We've had a spate of calls from users about problems today,
several servers which were set to auto-update for various reasons have
had varying levels of failure. It's mentally busy here for a Friday, and
the one thing they have in common is that all the machine rebooted for
an update last night.

Is it just us ?

Olly

--
G2 Support
Online Backups

Email:  [EMAIL PROTECTED]
Web:http://www.g2support.com




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Out of Cycle Critical Windows Patch to be released today, stay tuned

[Phil Brutsche]

Thin clients XP Embedded can be altered to not include the affected
components.

Sean Martin wrote:
> Apparently thin clients running XP Embedded need to be patched as well.

-- 

Phil Brutsche
[EMAIL PROTECTED]

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Out of Cycle Critical Windows Patch to be released today, stay tuned

[Sean Martin]

Apparently thin clients running XP Embedded need to be patched as well.

 

- Sean

 

From: Durf [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 5:58 PM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch to be released today, stay
tuned

 

If I had my way at a large enterprise, I'd only be allowing access via RDP
or ICA through SSL VPNs, preferably with two-factor RSA authentication.

Ideally from thin clients.  I'd happily send them home to employees
preconfigured.

-- Durf

On Thu, Oct 23, 2008 at 9:00 PM, Steven Peck <[EMAIL PROTECTED]> wrote:

I mentioned to our security team, that tomorrow, we should do an
announcement encouraging our users to update their home systems.  So
they understand how serious this sort of issue is.  We can use this as
a positive opportunity to maybe, just maybe help prevent them from
getting something infected on their system.  They thought it was an
excellent idea.

Steven


On Thu, Oct 23, 2008 at 5:52 PM, Durf <[EMAIL PROTECTED]> wrote:
> Exactly.  Think of all the poor suckers who install Antivirus XP 2009
> without a care in the world.
>
> As soon as that sucker incorporates this exploit, things will get hopping.
>
> -- Durf
>
> On Thu, Oct 23, 2008 at 8:49 PM, Carl Houseman <[EMAIL PROTECTED]>
wrote:
>>
>> All it takes is a hacked website serving up an .exe to a browser user who
>> happily runs it.
>>
>>
>>
>> Carl
>>
>>
>>
>> From: Michael B. Smith [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 7:22 PM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
>> stay tuned
>>
>>
>>
>> All it takes is one VPN'ed computer that is infected to compromise the
>> enterprise.
>>
>>
>>
>> Regards,
>>
>>
>>
>> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>>
>> My blog: http://TheEssentialExchange.com/blogs/michael
>>
>> Link with me at: http://www.linkedin.com/in/theessentialexchange
>>
>>
>>
>> From: Ken Schaefer [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 7:17 PM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
>> stay tuned
>>
>>
>>
>> I think having firewall enabled by default on Windows XP SP2+ and Windows
>> Vista will help mitigate the issue in consumer land.
>>
>>
>>
>> Some of the orgs I work in now use router ACLs or FW rules to block RPC
>> traffic across subnets/VLANs. That will help mitigate the issue as well
>>
>> Cheers
>>
>> Ken
>>
>>
>>
>> From: Kennedy, Jim [mailto:[EMAIL PROTECTED]
>> Sent: Friday, 24 October 2008 8:42 AM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
>> stay tuned
>>
>>
>>
>> Prior to me being here this district ignored Code Red. They got nailed
bad
>> and had to shut down for a week and go re-image 3000 computers. Feel free
to
>> quote me on that if you need to J
>>
>>
>>
>>
>>
>>
>>
>> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 5:28 PM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
>> stay tuned
>>
>>
>>
>> I work at a hospital too, and this situation is a ohh well take NO for an
>> answer, I have ran it all the way to the top here, and said its getting
>> done, I don't care about the downtime its better to swallow the pill now
>> then clean up the mess laters.
>>
>>
>>
>> I also come in early in mornings ( Like 3:00am or earlier to patch my
>> systems each month)
>>
>>
>>
>> So I feel your pain.
>>
>>
>>
>> Z
>>
>>
>>
>> Edward E. Ziots
>>
>> Network Engineer
>>
>> Lifespan Organization
>>
>> MCSE,MCSA,MCP,Security+,Network+,CCA
>>
>> Phone: 401-639-3505
>>
>> 
>>
>> From: Chinnery, Paul [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 5:26 PM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
>> stay tuned
>>
>>
>>
>> Must be nice. I work in a hospital so all of the clinical pc's are always
>> on.  The only thing we could do was to set up the reboot for 3:30 AM
(same
>> time as when I or my buddy have to do a

Re: Out of Cycle Critical Windows Patch to be released today, stay tuned

[Durf]

If I had my way at a large enterprise, I'd only be allowing access via RDP
or ICA through SSL VPNs, preferably with two-factor RSA authentication.

Ideally from thin clients.  I'd happily send them home to employees
preconfigured.

-- Durf

On Thu, Oct 23, 2008 at 9:00 PM, Steven Peck <[EMAIL PROTECTED]> wrote:

> I mentioned to our security team, that tomorrow, we should do an
> announcement encouraging our users to update their home systems.  So
> they understand how serious this sort of issue is.  We can use this as
> a positive opportunity to maybe, just maybe help prevent them from
> getting something infected on their system.  They thought it was an
> excellent idea.
>
> Steven
>
> On Thu, Oct 23, 2008 at 5:52 PM, Durf <[EMAIL PROTECTED]> wrote:
> > Exactly.  Think of all the poor suckers who install Antivirus XP 2009
> > without a care in the world.
> >
> > As soon as that sucker incorporates this exploit, things will get
> hopping.
> >
> > -- Durf
> >
> > On Thu, Oct 23, 2008 at 8:49 PM, Carl Houseman <[EMAIL PROTECTED]>
> wrote:
> >>
> >> All it takes is a hacked website serving up an .exe to a browser user
> who
> >> happily runs it.
> >>
> >>
> >>
> >> Carl
> >>
> >>
> >>
> >> From: Michael B. Smith [mailto:[EMAIL PROTECTED]
> >> Sent: Thursday, October 23, 2008 7:22 PM
> >> To: NT System Admin Issues
> >> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
> >> stay tuned
> >>
> >>
> >>
> >> All it takes is one VPN'ed computer that is infected to compromise the
> >> enterprise.
> >>
> >>
> >>
> >> Regards,
> >>
> >>
> >>
> >> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
> >>
> >> My blog: http://TheEssentialExchange.com/blogs/michael
> >>
> >> Link with me at: http://www.linkedin.com/in/theessentialexchange
> >>
> >>
> >>
> >> From: Ken Schaefer [mailto:[EMAIL PROTECTED]
> >> Sent: Thursday, October 23, 2008 7:17 PM
> >> To: NT System Admin Issues
> >> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
> >> stay tuned
> >>
> >>
> >>
> >> I think having firewall enabled by default on Windows XP SP2+ and
> Windows
> >> Vista will help mitigate the issue in consumer land.
> >>
> >>
> >>
> >> Some of the orgs I work in now use router ACLs or FW rules to block RPC
> >> traffic across subnets/VLANs. That will help mitigate the issue as well
> >>
> >> Cheers
> >>
> >> Ken
> >>
> >>
> >>
> >> From: Kennedy, Jim [mailto:[EMAIL PROTECTED]
> >> Sent: Friday, 24 October 2008 8:42 AM
> >> To: NT System Admin Issues
> >> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
> >> stay tuned
> >>
> >>
> >>
> >> Prior to me being here this district ignored Code Red. They got nailed
> bad
> >> and had to shut down for a week and go re-image 3000 computers. Feel
> free to
> >> quote me on that if you need to J
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> >> Sent: Thursday, October 23, 2008 5:28 PM
> >> To: NT System Admin Issues
> >> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
> >> stay tuned
> >>
> >>
> >>
> >> I work at a hospital too, and this situation is a ohh well take NO for
> an
> >> answer, I have ran it all the way to the top here, and said its getting
> >> done, I don't care about the downtime its better to swallow the pill now
> >> then clean up the mess laters.
> >>
> >>
> >>
> >> I also come in early in mornings ( Like 3:00am or earlier to patch my
> >> systems each month)
> >>
> >>
> >>
> >> So I feel your pain.
> >>
> >>
> >>
> >> Z
> >>
> >>
> >>
> >> Edward E. Ziots
> >>
> >> Network Engineer
> >>
> >> Lifespan Organization
> >>
> >> MCSE,MCSA,MCP,Security+,Network+,CCA
> >>
> >> Phone: 401-639-3505
> >>
> >> 
> >>
> >> From: Chinnery, Paul [mailto:[EMAIL PROTECTED]
> 

Re: Out of Cycle Critical Windows Patch to be released today, stay tuned

[Steven Peck]

I mentioned to our security team, that tomorrow, we should do an
announcement encouraging our users to update their home systems.  So
they understand how serious this sort of issue is.  We can use this as
a positive opportunity to maybe, just maybe help prevent them from
getting something infected on their system.  They thought it was an
excellent idea.

Steven

On Thu, Oct 23, 2008 at 5:52 PM, Durf <[EMAIL PROTECTED]> wrote:
> Exactly.  Think of all the poor suckers who install Antivirus XP 2009
> without a care in the world.
>
> As soon as that sucker incorporates this exploit, things will get hopping.
>
> -- Durf
>
> On Thu, Oct 23, 2008 at 8:49 PM, Carl Houseman <[EMAIL PROTECTED]> wrote:
>>
>> All it takes is a hacked website serving up an .exe to a browser user who
>> happily runs it.
>>
>>
>>
>> Carl
>>
>>
>>
>> From: Michael B. Smith [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 7:22 PM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
>> stay tuned
>>
>>
>>
>> All it takes is one VPN'ed computer that is infected to compromise the
>> enterprise.
>>
>>
>>
>> Regards,
>>
>>
>>
>> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>>
>> My blog: http://TheEssentialExchange.com/blogs/michael
>>
>> Link with me at: http://www.linkedin.com/in/theessentialexchange
>>
>>
>>
>> From: Ken Schaefer [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 7:17 PM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
>> stay tuned
>>
>>
>>
>> I think having firewall enabled by default on Windows XP SP2+ and Windows
>> Vista will help mitigate the issue in consumer land.
>>
>>
>>
>> Some of the orgs I work in now use router ACLs or FW rules to block RPC
>> traffic across subnets/VLANs. That will help mitigate the issue as well
>>
>> Cheers
>>
>> Ken
>>
>>
>>
>> From: Kennedy, Jim [mailto:[EMAIL PROTECTED]
>> Sent: Friday, 24 October 2008 8:42 AM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
>> stay tuned
>>
>>
>>
>> Prior to me being here this district ignored Code Red. They got nailed bad
>> and had to shut down for a week and go re-image 3000 computers. Feel free to
>> quote me on that if you need to J
>>
>>
>>
>>
>>
>>
>>
>> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 5:28 PM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
>> stay tuned
>>
>>
>>
>> I work at a hospital too, and this situation is a ohh well take NO for an
>> answer, I have ran it all the way to the top here, and said its getting
>> done, I don't care about the downtime its better to swallow the pill now
>> then clean up the mess laters.
>>
>>
>>
>> I also come in early in mornings ( Like 3:00am or earlier to patch my
>> systems each month)
>>
>>
>>
>> So I feel your pain.
>>
>>
>>
>> Z
>>
>>
>>
>> Edward E. Ziots
>>
>> Network Engineer
>>
>> Lifespan Organization
>>
>> MCSE,MCSA,MCP,Security+,Network+,CCA
>>
>> Phone: 401-639-3505
>>
>> ____
>>
>> From: Chinnery, Paul [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 5:26 PM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
>> stay tuned
>>
>>
>>
>> Must be nice. I work in a hospital so all of the clinical pc's are always
>> on.  The only thing we could do was to set up the reboot for 3:30 AM (same
>> time as when I or my buddy have to do a real early shift to install patches
>> and reboot servers.)
>>
>>
>>
>> 
>>
>> From: Tim Vander Kooi [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 11:16 AM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
>> stay tuned
>>
>> And it does require a reboot after install. I hate when out of cycle
>> patches require reboots. I prefer when my users don't know.
>>
>>
>>
>>
>>
>> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 6:28 AM
>> To: NT System Admin Issues
>> Subject: Out of Cycle Critical Windows Patch to be released today, stay
>> tuned
>> Importance: High
>>
>>
>>
>> Heads up gang, more patching for this month, this one out of cycle and
>> critical no additional information yet.
>>
>> Z
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> --
> Give a man a fish, and he'll eat for a day.
> Give a fish a man, and he'll eat for weeks!
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: Out of Cycle Critical Windows Patch to be released today, stay tuned

[Durf]

Exactly.  Think of all the poor suckers who install Antivirus XP 2009
without a care in the world.

As soon as that sucker incorporates this exploit, things will get hopping.

-- Durf

On Thu, Oct 23, 2008 at 8:49 PM, Carl Houseman <[EMAIL PROTECTED]> wrote:

>  All it takes is a hacked website serving up an .exe to a browser user who
> happily runs it.
>
>
>
> Carl
>
>
>
> *From:* Michael B. Smith [mailto:[EMAIL PROTECTED]
> *Sent:* Thursday, October 23, 2008 7:22 PM
>
> *To:* NT System Admin Issues
> *Subject:* RE: Out of Cycle Critical Windows Patch to be released today,
> stay tuned
>
>
>
> All it takes is one VPN'ed computer that is infected to compromise the
> enterprise.
>
>
>
> Regards,
>
>
>
> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>
> My blog: http://TheEssentialExchange.com/blogs/michael
>
> Link with me at: http://www.linkedin.com/in/theessentialexchange
>
>
>
> *From:* Ken Schaefer [mailto:[EMAIL PROTECTED]
> *Sent:* Thursday, October 23, 2008 7:17 PM
> *To:* NT System Admin Issues
> *Subject:* RE: Out of Cycle Critical Windows Patch to be released today,
> stay tuned
>
>
>
> I think having firewall enabled by default on Windows XP SP2+ and Windows
> Vista will help mitigate the issue in consumer land.
>
>
>
> Some of the orgs I work in now use router ACLs or FW rules to block RPC
> traffic across subnets/VLANs. That will help mitigate the issue as well
>
>
> Cheers
>
> Ken
>
>
>
> *From:* Kennedy, Jim [mailto:[EMAIL PROTECTED]
> *Sent:* Friday, 24 October 2008 8:42 AM
> *To:* NT System Admin Issues
> *Subject:* RE: Out of Cycle Critical Windows Patch to be released today,
> stay tuned
>
>
>
> Prior to me being here this district ignored Code Red. They got nailed bad
> and had to shut down for a week and go re-image 3000 computers. Feel free to
> quote me on that if you need to J
>
>
>
>
>
>
>
> *From:* Ziots, Edward [mailto:[EMAIL PROTECTED]
> *Sent:* Thursday, October 23, 2008 5:28 PM
> *To:* NT System Admin Issues
> *Subject:* RE: Out of Cycle Critical Windows Patch to be released today,
> stay tuned
>
>
>
> I work at a hospital too, and this situation is a ohh well take NO for an
> answer, I have ran it all the way to the top here, and said its getting
> done, I don't care about the downtime its better to swallow the pill now
> then clean up the mess laters.
>
>
>
> I also come in early in mornings ( Like 3:00am or earlier to patch my
> systems each month)
>
>
>
> So I feel your pain.
>
>
>
> Z
>
>
>
> Edward E. Ziots
>
> Network Engineer
>
> Lifespan Organization
>
> MCSE,MCSA,MCP,Security+,Network+,CCA
>
> Phone: 401-639-3505
>   --
>
> *From:* Chinnery, Paul [mailto:[EMAIL PROTECTED]
> *Sent:* Thursday, October 23, 2008 5:26 PM
> *To:* NT System Admin Issues
> *Subject:* RE: Out of Cycle Critical Windows Patch to be released today,
> stay tuned
>
>
>
> Must be nice. I work in a hospital so all of the clinical pc's are always
> on.  The only thing we could do was to set up the reboot for 3:30 AM (same
> time as when I or my buddy have to do a real early shift to install patches
> and reboot servers.)
>
>
>  --
>
> *From:* Tim Vander Kooi [mailto:[EMAIL PROTECTED]
> *Sent:* Thursday, October 23, 2008 11:16 AM
> *To:* NT System Admin Issues
> *Subject:* RE: Out of Cycle Critical Windows Patch to be released today,
> stay tuned
>
> And it does require a reboot after install. I hate when out of cycle
> patches require reboots. I prefer when my users don't know.
>
>
>
>
>
> *From:* Ziots, Edward [mailto:[EMAIL PROTECTED]
> *Sent:* Thursday, October 23, 2008 6:28 AM
> *To:* NT System Admin Issues
> *Subject:* Out of Cycle Critical Windows Patch to be released today, stay
> tuned
> *Importance:* High
>
>
>
> Heads up gang, more patching for this month, this one out of cycle and
> critical no additional information yet.
>
> Z
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>


-- 
--
Give a man a fish, and he'll eat for a day.
Give a fish a man, and he'll eat for weeks!

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch to be released today, stay tuned

[Carl Houseman]

All it takes is a hacked website serving up an .exe to a browser user who
happily runs it.

 

Carl

 

From: Michael B. Smith [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 7:22 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
tuned

 

All it takes is one VPN'ed computer that is infected to compromise the
enterprise.

 

Regards,

 

Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP

My blog: http://TheEssentialExchange.com/blogs/michael

Link with me at: http://www.linkedin.com/in/theessentialexchange

 

From: Ken Schaefer [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 7:17 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
tuned

 

I think having firewall enabled by default on Windows XP SP2+ and Windows
Vista will help mitigate the issue in consumer land.

 

Some of the orgs I work in now use router ACLs or FW rules to block RPC
traffic across subnets/VLANs. That will help mitigate the issue as well


Cheers

Ken

 

From: Kennedy, Jim [mailto:[EMAIL PROTECTED] 
Sent: Friday, 24 October 2008 8:42 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
tuned

 

Prior to me being here this district ignored Code Red. They got nailed bad
and had to shut down for a week and go re-image 3000 computers. Feel free to
quote me on that if you need to J

 

 

 

From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 5:28 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
tuned

 

I work at a hospital too, and this situation is a ohh well take NO for an
answer, I have ran it all the way to the top here, and said its getting
done, I don't care about the downtime its better to swallow the pill now
then clean up the mess laters. 

 

I also come in early in mornings ( Like 3:00am or earlier to patch my
systems each month) 

 

So I feel your pain. 

 

Z

 

Edward E. Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP,Security+,Network+,CCA

Phone: 401-639-3505

  _  

From: Chinnery, Paul [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 5:26 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
tuned

 

Must be nice. I work in a hospital so all of the clinical pc's are always
on.  The only thing we could do was to set up the reboot for 3:30 AM (same
time as when I or my buddy have to do a real early shift to install patches
and reboot servers.)

 

  _  

From: Tim Vander Kooi [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 11:16 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
tuned

And it does require a reboot after install. I hate when out of cycle patches
require reboots. I prefer when my users don't know.

 

 

From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 6:28 AM
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch to be released today, stay
tuned
Importance: High

 

Heads up gang, more patching for this month, this one out of cycle and
critical no additional information yet. 

Z

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch to be released today, stay tuned

[Ken Schaefer]

And which part of "some orgs I work in now use router ACLs or FW rules to 
restrict RPC traffic between VLANs" is difficult to understand?

Current organisation I am working in places each LOB application into a 
separate VLAN (of which there are now hundreds) and each VLAN has FW rules that 
permit traffic only from designated infrastructure servers (e.g. DCs for that 
security zone) and from nominated admin workstations. Admin workstations exist 
in VLANs that are similarly restricted from other VLANs.

So, the idea that one VPNed machine can take down the entire enterprise is 
still a possibility, but much more remote. And there is pretty much no VPN 
access anyway - only a handful of users have the necessary access (RSA tokens + 
Citrix access + unfettered traffic)

Cheers
Ken

From: Michael B. Smith [mailto:[EMAIL PROTECTED]
Sent: Friday, 24 October 2008 10:22 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay 
tuned

All it takes is one VPN'ed computer that is infected to compromise the 
enterprise.

Regards,

Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
My blog: http://TheEssentialExchange.com/blogs/michael
Link with me at: http://www.linkedin.com/in/theessentialexchange

From: Ken Schaefer [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 23, 2008 7:17 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay 
tuned

I think having firewall enabled by default on Windows XP SP2+ and Windows Vista 
will help mitigate the issue in consumer land.

Some of the orgs I work in now use router ACLs or FW rules to block RPC traffic 
across subnets/VLANs. That will help mitigate the issue as well

Cheers
Ken

From: Kennedy, Jim [mailto:[EMAIL PROTECTED]
Sent: Friday, 24 October 2008 8:42 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay 
tuned

Prior to me being here this district ignored Code Red. They got nailed bad and 
had to shut down for a week and go re-image 3000 computers. Feel free to quote 
me on that if you need to :)



From: Ziots, Edward [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 23, 2008 5:28 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay 
tuned

I work at a hospital too, and this situation is a ohh well take NO for an 
answer, I have ran it all the way to the top here, and said its getting done, I 
don't care about the downtime its better to swallow the pill now then clean up 
the mess laters.

I also come in early in mornings ( Like 3:00am or earlier to patch my systems 
each month)

So I feel your pain.

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

From: Chinnery, Paul [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 23, 2008 5:26 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay 
tuned

Must be nice. I work in a hospital so all of the clinical pc's are always on.  
The only thing we could do was to set up the reboot for 3:30 AM (same time as 
when I or my buddy have to do a real early shift to install patches and reboot 
servers.)


From: Tim Vander Kooi [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 23, 2008 11:16 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay 
tuned
And it does require a reboot after install. I hate when out of cycle patches 
require reboots. I prefer when my users don't know.


From: Ziots, Edward [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 23, 2008 6:28 AM
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch to be released today, stay tuned
Importance: High


Heads up gang, more patching for this month, this one out of cycle and critical 
no additional information yet.

Z













~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch to be released today, stay tuned

[Ziots, Edward]

Its OK marc, I am used to the abuse, I got a friend at one of the major
online mages that wants me to write a column about patch management and
its ugly internals, and security vetting. After we get past this, I
think I might do a diatribe on this one...

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Marc Maiffret [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 7:17 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today,
stay tuned

Hahah :-) sorry man had to! :-)

> -Original Message-
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 3:15 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
> stay tuned
> 
> 0,
> 
> But we already knew that going in Marc, thanks for the reminder tho, I
> am sure the stab wound is fresh right now... ( Just kidding)
> 
> Z
> 
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
> 
> -Original Message-
> From: Marc Maiffret [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 6:11 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
> stay tuned
> 
> So how many of your anti-virus super security suites protect you from
> today's critical vulnerability?
> 
> You should indeed drop everything and patch. As someone whom has been
a
> part
> of a team that has found more of these types of vulnerabilities than
> most
> any other organization I can tell you this is extremely serious and
> being
> that there has not been a good remote SYSTEM in a while of this nature
> it is
> likely someone will want to write a worm for it simply for nostalgic
> sake.
> 
> Also this is another example of a zeroday vulnerability being used in
> the
> wild. Just as I mentioned the other day on the Secunia anti-virus
> testing
> thread, zeroday attacks are on the rise in a big way and will
continue.
> This
> exploit was being used against many Microsoft customers in the wild
for
> some
> time now. The real number is completely unknown because against most
of
> the
> security you all have in place would never detect this type of an
> attack.
> 
> http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx
> http://www.nytimes.com/external/idg/2008/10/23/23idg-Microsoft-
> says.html
> http://www.theregister.co.uk/2008/10/23/emergency_windows_update/
> 
> 
> -
> Marc Maiffret
> Director of Professional Services
> The DigiTrust Group, LLC.
> 5757 W. Century Blvd, Ste. 700
> Los Angeles, CA 90045
> p: 310.348.2901
> f: 310.469.0103
> e: [EMAIL PROTECTED]
> w: http://www.thedigitrustgroup.com
> 
> 
> 
> 
> 
> 
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch to be released today, stay tuned

[Ziots, Edward]

U got that right or one B2b vpn with a vendor that doesn't have a
firewall and IPS in front of it, it means all there unpatched systems
could be coming knocking on your doorstep really quick. 

 

Z

 

Edward E. Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP,Security+,Network+,CCA

Phone: 401-639-3505



From: Michael B. Smith [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 7:22 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today,
stay tuned

 

All it takes is one VPN'ed computer that is infected to compromise the
enterprise.

 

Regards,

 

Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP

My blog: http://TheEssentialExchange.com/blogs/michael

Link with me at: http://www.linkedin.com/in/theessentialexchange

 

From: Ken Schaefer [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 7:17 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today,
stay tuned

 

I think having firewall enabled by default on Windows XP SP2+ and
Windows Vista will help mitigate the issue in consumer land.

 

Some of the orgs I work in now use router ACLs or FW rules to block RPC
traffic across subnets/VLANs. That will help mitigate the issue as well


Cheers

Ken

 

From: Kennedy, Jim [mailto:[EMAIL PROTECTED] 
Sent: Friday, 24 October 2008 8:42 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today,
stay tuned

 

Prior to me being here this district ignored Code Red. They got nailed
bad and had to shut down for a week and go re-image 3000 computers. Feel
free to quote me on that if you need to :-)

 

 

 

From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 5:28 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today,
stay tuned

 

I work at a hospital too, and this situation is a ohh well take NO for
an answer, I have ran it all the way to the top here, and said its
getting done, I don't care about the downtime its better to swallow the
pill now then clean up the mess laters. 

 

I also come in early in mornings ( Like 3:00am or earlier to patch my
systems each month) 

 

So I feel your pain. 

 

Z

 

Edward E. Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP,Security+,Network+,CCA

Phone: 401-639-3505



From: Chinnery, Paul [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 5:26 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today,
stay tuned

 

Must be nice. I work in a hospital so all of the clinical pc's are
always on.  The only thing we could do was to set up the reboot for 3:30
AM (same time as when I or my buddy have to do a real early shift to
install patches and reboot servers.)

 



From: Tim Vander Kooi [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 11:16 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today,
stay tuned

And it does require a reboot after install. I hate when out of cycle
patches require reboots. I prefer when my users don't know.

 

 

From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 6:28 AM
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch to be released today, stay
tuned
Importance: High

 

Heads up gang, more patching for this month, this one out of cycle and
critical no additional information yet. 

Z

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch to be released today, stay tuned

[Michael B. Smith]

All it takes is one VPN'ed computer that is infected to compromise the
enterprise.

 

Regards,

 

Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP

My blog: http://TheEssentialExchange.com/blogs/michael

Link with me at: http://www.linkedin.com/in/theessentialexchange

 

From: Ken Schaefer [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 7:17 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
tuned

 

I think having firewall enabled by default on Windows XP SP2+ and Windows
Vista will help mitigate the issue in consumer land.

 

Some of the orgs I work in now use router ACLs or FW rules to block RPC
traffic across subnets/VLANs. That will help mitigate the issue as well


Cheers

Ken

 

From: Kennedy, Jim [mailto:[EMAIL PROTECTED] 
Sent: Friday, 24 October 2008 8:42 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
tuned

 

Prior to me being here this district ignored Code Red. They got nailed bad
and had to shut down for a week and go re-image 3000 computers. Feel free to
quote me on that if you need to J

 

 

 

From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 5:28 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
tuned

 

I work at a hospital too, and this situation is a ohh well take NO for an
answer, I have ran it all the way to the top here, and said its getting
done, I don't care about the downtime its better to swallow the pill now
then clean up the mess laters. 

 

I also come in early in mornings ( Like 3:00am or earlier to patch my
systems each month) 

 

So I feel your pain. 

 

Z

 

Edward E. Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP,Security+,Network+,CCA

Phone: 401-639-3505

  _  

From: Chinnery, Paul [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 5:26 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
tuned

 

Must be nice. I work in a hospital so all of the clinical pc's are always
on.  The only thing we could do was to set up the reboot for 3:30 AM (same
time as when I or my buddy have to do a real early shift to install patches
and reboot servers.)

 

  _  

From: Tim Vander Kooi [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 11:16 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
tuned

And it does require a reboot after install. I hate when out of cycle patches
require reboots. I prefer when my users don't know.

 

 

From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 6:28 AM
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch to be released today, stay
tuned
Importance: High

 

Heads up gang, more patching for this month, this one out of cycle and
critical no additional information yet. 

Z

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch to be released today, stay tuned

[Ken Schaefer]

I think having firewall enabled by default on Windows XP SP2+ and Windows Vista 
will help mitigate the issue in consumer land.

Some of the orgs I work in now use router ACLs or FW rules to block RPC traffic 
across subnets/VLANs. That will help mitigate the issue as well

Cheers
Ken

From: Kennedy, Jim [mailto:[EMAIL PROTECTED]
Sent: Friday, 24 October 2008 8:42 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay 
tuned

Prior to me being here this district ignored Code Red. They got nailed bad and 
had to shut down for a week and go re-image 3000 computers. Feel free to quote 
me on that if you need to :)



From: Ziots, Edward [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 23, 2008 5:28 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay 
tuned

I work at a hospital too, and this situation is a ohh well take NO for an 
answer, I have ran it all the way to the top here, and said its getting done, I 
don't care about the downtime its better to swallow the pill now then clean up 
the mess laters.

I also come in early in mornings ( Like 3:00am or earlier to patch my systems 
each month)

So I feel your pain.

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

From: Chinnery, Paul [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 23, 2008 5:26 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay 
tuned

Must be nice. I work in a hospital so all of the clinical pc's are always on.  
The only thing we could do was to set up the reboot for 3:30 AM (same time as 
when I or my buddy have to do a real early shift to install patches and reboot 
servers.)


From: Tim Vander Kooi [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 23, 2008 11:16 AM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay 
tuned
And it does require a reboot after install. I hate when out of cycle patches 
require reboots. I prefer when my users don't know.


From: Ziots, Edward [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 23, 2008 6:28 AM
To: NT System Admin Issues
Subject: Out of Cycle Critical Windows Patch to be released today, stay tuned
Importance: High


Heads up gang, more patching for this month, this one out of cycle and critical 
no additional information yet.

Z



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Out of Cycle Critical Windows Patch to be released today, stay tuned

[Marc Maiffret]

Hahah :-) sorry man had to! :-)

> -Original Message-
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 3:15 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
> stay tuned
> 
> 0,
> 
> But we already knew that going in Marc, thanks for the reminder tho, I
> am sure the stab wound is fresh right now... ( Just kidding)
> 
> Z
> 
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> MCSE,MCSA,MCP,Security+,Network+,CCA
> Phone: 401-639-3505
> 
> -Original Message-
> From: Marc Maiffret [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 6:11 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
> stay tuned
> 
> So how many of your anti-virus super security suites protect you from
> today's critical vulnerability?
> 
> You should indeed drop everything and patch. As someone whom has been a
> part
> of a team that has found more of these types of vulnerabilities than
> most
> any other organization I can tell you this is extremely serious and
> being
> that there has not been a good remote SYSTEM in a while of this nature
> it is
> likely someone will want to write a worm for it simply for nostalgic
> sake.
> 
> Also this is another example of a zeroday vulnerability being used in
> the
> wild. Just as I mentioned the other day on the Secunia anti-virus
> testing
> thread, zeroday attacks are on the rise in a big way and will continue.
> This
> exploit was being used against many Microsoft customers in the wild for
> some
> time now. The real number is completely unknown because against most of
> the
> security you all have in place would never detect this type of an
> attack.
> 
> http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx
> http://www.nytimes.com/external/idg/2008/10/23/23idg-Microsoft-
> says.html
> http://www.theregister.co.uk/2008/10/23/emergency_windows_update/
> 
> 
> -
> Marc Maiffret
> Director of Professional Services
> The DigiTrust Group, LLC.
> 5757 W. Century Blvd, Ste. 700
> Los Angeles, CA 90045
> p: 310.348.2901
> f: 310.469.0103
> e: [EMAIL PROTECTED]
> w: http://www.thedigitrustgroup.com
> 
> 
> 
> 
> 
> 
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: Out of Cycle Critical Windows Patch to be released today, stay tuned

[Kurt Buff]

Yes, but will it stop an infection from spreading, that's the real question.

On Thu, Oct 23, 2008 at 3:41 PM, Joseph L. Casale
<[EMAIL PROTECTED]> wrote:
> Prolly nothing, my clients all have the browser disabled and none of them 
> except maybe two with thermal printers share anything...
>
> -Original Message-
> From: Kurt Buff [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 4:30 PM
> To: NT System Admin Issues
> Subject: Re: Out of Cycle Critical Windows Patch to be released today, stay 
> tuned
>
> H..
>
> I wonder what the impact would be if I put "net stop server" in the
> login script for my users...
>
> Kurt
>
> On Thu, Oct 23, 2008 at 9:19 AM, Michael B. Smith
> <[EMAIL PROTECTED]> wrote:
>> I completely agree it is a major pain in the tookus.
>>
>>
>>
>> Regards,
>>
>>
>>
>> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>>
>> My blog: http://TheEssentialExchange.com/blogs/michael
>>
>> Link with me at: http://www.linkedin.com/in/theessentialexchange
>>
>>
>>
>> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 12:00 PM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
>> tuned
>>
>>
>>
>> Ok not so much of a trend, problem is they probably knew of the issue before
>> this months patch cycle, and didn't release it with Critical rating on patch
>> Tuesday but a week afterwards, during everyone(s) patching cycle for there
>> information systems. Now we have to validate yet another patch and ask yet
>> again for more downtime from the business on servers and workstations etc
>> etc to get required patches on the machines to protect against the latest
>> threat.
>>
>>
>>
>> What compounds it this month that there is already 11 patches to be tested,
>> validated and deployed and vetted for issues afterwards, one of these
>> patches is exploitable and could definitely lead to a worm (SMB flaw) now
>> you add this remote exploitable, wormable patch, quiet possibly with public
>> exploit code in the wild and active exploits, the risk factor goes up
>> through the dam roof.
>>
>>
>>
>> Now imagine if you was the only person responsible for accomplishing all (4)
>> tasks above, and this new exploit on top. That doesn't make for a happy
>> camper in anyones reguards.
>>
>>
>>
>> Then factor the number of assets to protect by about 10,000.
>>
>>
>>
>> I think you start to get the idea, its pretty crystal clear in my mind.
>>
>>
>>
>> Z
>>
>>
>>
>> Edward E. Ziots
>>
>> Network Engineer
>>
>> Lifespan Organization
>>
>> MCSE,MCSA,MCP,Security+,Network+,CCA
>>
>> Phone: 401-639-3505
>>
>> 
>>
>> From: Michael B. Smith [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 11:48 AM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
>> tuned
>>
>>
>>
>> Trend? This is the first out-of-cycle patch from MSFT since April 2007.
>>
>>
>>
>> Regards,
>>
>>
>>
>> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>>
>> My blog: http://TheEssentialExchange.com/blogs/michael
>>
>> Link with me at: http://www.linkedin.com/in/theessentialexchange
>>
>>
>>
>> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 11:39 AM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
>> tuned
>>
>>
>>
>> I am just pissed that they couldn't get this one out last week> Don't be
>> surprised if you see a column in a leading magazine from me about this trend
>> with M$ and other vendors.
>>
>>
>>
>> Z
>>
>>
>>
>> Edward E. Ziots
>>
>> Network Engineer
>>
>> Lifespan Organization
>>
>> MCSE,MCSA,MCP,Security+,Network+,CCA
>>
>> Phone: 401-639-3505
>>
>> 
>>
>> From: Tim Vander Kooi [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, October 23, 2008 11:25 AM
>> To: NT System Admin Issues
>> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
>> tuned
>>
>>
>>
>> The report on line shows R

RE: Out of Cycle Critical Windows Patch to be released today, stay tuned

[Ziots, Edward]

Probably not much, it's the net stop workstation that will kick em, and
you might as well disable the Computer BROWSER SERVICE TOO. ( which
might cause them some issues)

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Kurt Buff [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 6:30 PM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch to be released today,
stay tuned

H..

I wonder what the impact would be if I put "net stop server" in the
login script for my users...

Kurt

On Thu, Oct 23, 2008 at 9:19 AM, Michael B. Smith
<[EMAIL PROTECTED]> wrote:
> I completely agree it is a major pain in the tookus.
>
>
>
> Regards,
>
>
>
> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>
> My blog: http://TheEssentialExchange.com/blogs/michael
>
> Link with me at: http://www.linkedin.com/in/theessentialexchange
>
>
>
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 12:00 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
stay
> tuned
>
>
>
> Ok not so much of a trend, problem is they probably knew of the issue
before
> this months patch cycle, and didn't release it with Critical rating on
patch
> Tuesday but a week afterwards, during everyone(s) patching cycle for
there
> information systems. Now we have to validate yet another patch and ask
yet
> again for more downtime from the business on servers and workstations
etc
> etc to get required patches on the machines to protect against the
latest
> threat.
>
>
>
> What compounds it this month that there is already 11 patches to be
tested,
> validated and deployed and vetted for issues afterwards, one of these
> patches is exploitable and could definitely lead to a worm (SMB flaw)
now
> you add this remote exploitable, wormable patch, quiet possibly with
public
> exploit code in the wild and active exploits, the risk factor goes up
> through the dam roof.
>
>
>
> Now imagine if you was the only person responsible for accomplishing
all (4)
> tasks above, and this new exploit on top. That doesn't make for a
happy
> camper in anyones reguards.
>
>
>
> Then factor the number of assets to protect by about 10,000.
>
>
>
> I think you start to get the idea, its pretty crystal clear in my
mind.
>
>
>
> Z
>
>
>
> Edward E. Ziots
>
> Network Engineer
>
> Lifespan Organization
>
> MCSE,MCSA,MCP,Security+,Network+,CCA
>
> Phone: 401-639-3505
>
> 
>
> From: Michael B. Smith [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 11:48 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
stay
> tuned
>
>
>
> Trend? This is the first out-of-cycle patch from MSFT since April
2007.
>
>
>
> Regards,
>
>
>
> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>
> My blog: http://TheEssentialExchange.com/blogs/michael
>
> Link with me at: http://www.linkedin.com/in/theessentialexchange
>
>
>
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 11:39 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
stay
> tuned
>
>
>
> I am just pissed that they couldn't get this one out last week> Don't
be
> surprised if you see a column in a leading magazine from me about this
trend
> with M$ and other vendors.
>
>
>
> Z
>
>
>
> Edward E. Ziots
>
> Network Engineer
>
> Lifespan Organization
>
> MCSE,MCSA,MCP,Security+,Network+,CCA
>
> Phone: 401-639-3505
>
> 
>
> From: Tim Vander Kooi [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 11:25 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
stay
> tuned
>
>
>
> The report on line shows Reboot Required if you open all the drop
downs. It
> is for Remote Code Execution. It is Critical for Server 2003 all SPs
and XP
> all SPs, Important for Vista/SP1 and Server 2008.
>
> TVK
>
>
>
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 10:19 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today,
stay
> tuned
>
>
>
> We wont know until 2:00est, I am assuming it is, and it's a bad one so
there
> is probably exploit code for it roaming the internet and its probably
> wormable on top of it.

RE: Out of Cycle Critical Windows Patch to be released today, stay tuned

[Joseph L. Casale]

Prolly nothing, my clients all have the browser disabled and none of them 
except maybe two with thermal printers share anything...

-Original Message-
From: Kurt Buff [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 4:30 PM
To: NT System Admin Issues
Subject: Re: Out of Cycle Critical Windows Patch to be released today, stay 
tuned

H..

I wonder what the impact would be if I put "net stop server" in the
login script for my users...

Kurt

On Thu, Oct 23, 2008 at 9:19 AM, Michael B. Smith
<[EMAIL PROTECTED]> wrote:
> I completely agree it is a major pain in the tookus.
>
>
>
> Regards,
>
>
>
> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>
> My blog: http://TheEssentialExchange.com/blogs/michael
>
> Link with me at: http://www.linkedin.com/in/theessentialexchange
>
>
>
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 12:00 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
> tuned
>
>
>
> Ok not so much of a trend, problem is they probably knew of the issue before
> this months patch cycle, and didn't release it with Critical rating on patch
> Tuesday but a week afterwards, during everyone(s) patching cycle for there
> information systems. Now we have to validate yet another patch and ask yet
> again for more downtime from the business on servers and workstations etc
> etc to get required patches on the machines to protect against the latest
> threat.
>
>
>
> What compounds it this month that there is already 11 patches to be tested,
> validated and deployed and vetted for issues afterwards, one of these
> patches is exploitable and could definitely lead to a worm (SMB flaw) now
> you add this remote exploitable, wormable patch, quiet possibly with public
> exploit code in the wild and active exploits, the risk factor goes up
> through the dam roof.
>
>
>
> Now imagine if you was the only person responsible for accomplishing all (4)
> tasks above, and this new exploit on top. That doesn't make for a happy
> camper in anyones reguards.
>
>
>
> Then factor the number of assets to protect by about 10,000.
>
>
>
> I think you start to get the idea, its pretty crystal clear in my mind.
>
>
>
> Z
>
>
>
> Edward E. Ziots
>
> Network Engineer
>
> Lifespan Organization
>
> MCSE,MCSA,MCP,Security+,Network+,CCA
>
> Phone: 401-639-3505
>
> 
>
> From: Michael B. Smith [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 11:48 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
> tuned
>
>
>
> Trend? This is the first out-of-cycle patch from MSFT since April 2007.
>
>
>
> Regards,
>
>
>
> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>
> My blog: http://TheEssentialExchange.com/blogs/michael
>
> Link with me at: http://www.linkedin.com/in/theessentialexchange
>
>
>
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 11:39 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
> tuned
>
>
>
> I am just pissed that they couldn't get this one out last week> Don't be
> surprised if you see a column in a leading magazine from me about this trend
> with M$ and other vendors.
>
>
>
> Z
>
>
>
> Edward E. Ziots
>
> Network Engineer
>
> Lifespan Organization
>
> MCSE,MCSA,MCP,Security+,Network+,CCA
>
> Phone: 401-639-3505
>
> 
>
> From: Tim Vander Kooi [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 11:25 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
> tuned
>
>
>
> The report on line shows Reboot Required if you open all the drop downs. It
> is for Remote Code Execution. It is Critical for Server 2003 all SPs and XP
> all SPs, Important for Vista/SP1 and Server 2008.
>
> TVK
>
>
>
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 10:19 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
> tuned
>
>
>
> We wont know until 2:00est, I am assuming it is, and it's a bad one so there
> is probably exploit code for it roaming the internet and its probably
> wormable on top of it.
>
>
>
> Z
>
>
>
> Edward E. Ziots
>
> Network Engineer
>
> Lifespan Organization
>
> MCSE,MCSA,MCP,Security+,Netwo

Re: Out of Cycle Critical Windows Patch to be released today, stay tuned

[Kurt Buff]

H..

I wonder what the impact would be if I put "net stop server" in the
login script for my users...

Kurt

On Thu, Oct 23, 2008 at 9:19 AM, Michael B. Smith
<[EMAIL PROTECTED]> wrote:
> I completely agree it is a major pain in the tookus.
>
>
>
> Regards,
>
>
>
> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>
> My blog: http://TheEssentialExchange.com/blogs/michael
>
> Link with me at: http://www.linkedin.com/in/theessentialexchange
>
>
>
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 12:00 PM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
> tuned
>
>
>
> Ok not so much of a trend, problem is they probably knew of the issue before
> this months patch cycle, and didn't release it with Critical rating on patch
> Tuesday but a week afterwards, during everyone(s) patching cycle for there
> information systems. Now we have to validate yet another patch and ask yet
> again for more downtime from the business on servers and workstations etc
> etc to get required patches on the machines to protect against the latest
> threat.
>
>
>
> What compounds it this month that there is already 11 patches to be tested,
> validated and deployed and vetted for issues afterwards, one of these
> patches is exploitable and could definitely lead to a worm (SMB flaw) now
> you add this remote exploitable, wormable patch, quiet possibly with public
> exploit code in the wild and active exploits, the risk factor goes up
> through the dam roof.
>
>
>
> Now imagine if you was the only person responsible for accomplishing all (4)
> tasks above, and this new exploit on top. That doesn't make for a happy
> camper in anyones reguards.
>
>
>
> Then factor the number of assets to protect by about 10,000.
>
>
>
> I think you start to get the idea, its pretty crystal clear in my mind.
>
>
>
> Z
>
>
>
> Edward E. Ziots
>
> Network Engineer
>
> Lifespan Organization
>
> MCSE,MCSA,MCP,Security+,Network+,CCA
>
> Phone: 401-639-3505
>
> 
>
> From: Michael B. Smith [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 11:48 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
> tuned
>
>
>
> Trend? This is the first out-of-cycle patch from MSFT since April 2007.
>
>
>
> Regards,
>
>
>
> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP
>
> My blog: http://TheEssentialExchange.com/blogs/michael
>
> Link with me at: http://www.linkedin.com/in/theessentialexchange
>
>
>
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 11:39 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
> tuned
>
>
>
> I am just pissed that they couldn't get this one out last week> Don't be
> surprised if you see a column in a leading magazine from me about this trend
> with M$ and other vendors.
>
>
>
> Z
>
>
>
> Edward E. Ziots
>
> Network Engineer
>
> Lifespan Organization
>
> MCSE,MCSA,MCP,Security+,Network+,CCA
>
> Phone: 401-639-3505
>
> 
>
> From: Tim Vander Kooi [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 11:25 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
> tuned
>
>
>
> The report on line shows Reboot Required if you open all the drop downs. It
> is for Remote Code Execution. It is Critical for Server 2003 all SPs and XP
> all SPs, Important for Vista/SP1 and Server 2008.
>
> TVK
>
>
>
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 10:19 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
> tuned
>
>
>
> We wont know until 2:00est, I am assuming it is, and it's a bad one so there
> is probably exploit code for it roaming the internet and its probably
> wormable on top of it.
>
>
>
> Z
>
>
>
> Edward E. Ziots
>
> Network Engineer
>
> Lifespan Organization
>
> MCSE,MCSA,MCP,Security+,Network+,CCA
>
> Phone: 401-639-3505
>
> 
>
> From: Tim Vander Kooi [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2008 11:16 AM
> To: NT System Admin Issues
> Subject: RE: Out of Cycle Critical Windows Patch to be released today, stay
> tuned
>
>
>
> And it does require a reb

RE: Out of Cycle Critical Windows Patch to be released today, stay tuned

[Ziots, Edward]

0, 

But we already knew that going in Marc, thanks for the reminder tho, I
am sure the stab wound is fresh right now... ( Just kidding)

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP,Security+,Network+,CCA
Phone: 401-639-3505

-Original Message-
From: Marc Maiffret [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 23, 2008 6:11 PM
To: NT System Admin Issues
Subject: RE: Out of Cycle Critical Windows Patch to be released today,
stay tuned

So how many of your anti-virus super security suites protect you from
today's critical vulnerability?

You should indeed drop everything and patch. As someone whom has been a
part
of a team that has found more of these types of vulnerabilities than
most
any other organization I can tell you this is extremely serious and
being
that there has not been a good remote SYSTEM in a while of this nature
it is
likely someone will want to write a worm for it simply for nostalgic
sake.

Also this is another example of a zeroday vulnerability being used in
the
wild. Just as I mentioned the other day on the Secunia anti-virus
testing
thread, zeroday attacks are on the rise in a big way and will continue.
This
exploit was being used against many Microsoft customers in the wild for
some
time now. The real number is completely unknown because against most of
the
security you all have in place would never detect this type of an
attack.

http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx
http://www.nytimes.com/external/idg/2008/10/23/23idg-Microsoft-says.html
http://www.theregister.co.uk/2008/10/23/emergency_windows_update/


-
Marc Maiffret
Director of Professional Services
The DigiTrust Group, LLC.
5757 W. Century Blvd, Ste. 700
Los Angeles, CA 90045
p: 310.348.2901
f: 310.469.0103
e: [EMAIL PROTECTED]
w: http://www.thedigitrustgroup.com








~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~