Windows 2000 patch : Dec 27

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

eddie5659

Thread Starter
Moderator
Malware Specialist
Joined
Mar 19, 2001
Messages
37,298
Hiya

This update resolves the "Malformed Data Frame Sent to a Windows 2000 Computer Through an Infrared Port Causes Stop Error" security vulnerability in Windows 2000, and is discussed in Microsoft Security Bulletin MS01-046. Download now to prevent a malicious user from causing your computer to crash by sending a malformed data frame to your computer's infrared port.

System Requirements
This update applies to Windows 2000

http://www.microsoft.com/windows2000/downloads/security/q252795/default.asp

Regards

eddie
 

Max19

Account Disabled
Joined
Jul 31, 2001
Messages
1,222
Eddie, where do you get your information? This patch was released August 19, 2001. Why are you posting about it here over 4 months later?
 

eddie5659

Thread Starter
Moderator
Malware Specialist
Joined
Mar 19, 2001
Messages
37,298
Max

Its an update to the patch, direct from Microsoft's update site.

This update resolves the "Malformed Data Frame Sent to a Windows 2000 Computer Through an Infrared Port Causes Stop Error" security vulnerability in Windows 2000, and is discussed in Microsoft Security Bulletin MS01-046
if you go to http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms01-046.asp

at the bottom it says:

Revisions:


V1.0 (August 21, 2001): Bulletin Created.
V1.1 (December 27, 2001): Caveats section added
eddie
 

Max19

Account Disabled
Joined
Jul 31, 2001
Messages
1,222
It's not an update to the patch, it's an update to the documentation for the patch.
 

eddie5659

Thread Starter
Moderator
Malware Specialist
Joined
Mar 19, 2001
Messages
37,298
Okay

It was just that I read this:

Note This update also includes functionality that allows Windows 2000 to communicate with infrared-enabled mobile devices in order to establish a dial-up networking connection via an infrared port.

And usually when I see the word Update, I assume it means a new update on the patch. Microsoft do do that from time to time, but I guess that this isn't one of those times.

eddie
 

Max19

Account Disabled
Joined
Jul 31, 2001
Messages
1,222
Eddie, in all the years I've been working with Microsoft Security bulletins and patches, I've never known Microsoft to update a patch without changing its name, thereby causing IT departments to wonder if they have the latest version of a patch or not. Could you point to a specific example of this?

And before anyone panics over this vulnerability:

"Do all Windows 2000 users need to apply the patch?

No, only those who have systems with IrDA capabilities need to apply the patch."

That means if you don't have an infrared port on your computer, it is NOT at all vulnerable.

Also,

"This vulnerability is unusual because it could only be exploited if the user was in close physical proximity to the attacker. It cannot be remotely exploited from the network. It also cannot be locally exploited from the console. Any attempt to maliciously exploit this vulnerability would require that the attacker be within a clear line of site of the victim's machine or be able to transmit the IrDA packets through reflection directly to the victim's I port and that the attacker have a machine with him to exploit the vulnerability."

For those security conscious folks running Windows NT/2000/XP, get a copy of HFNetCheck, and run it to determine what patches are available for your system.
 

eddie5659

Thread Starter
Moderator
Malware Specialist
Joined
Mar 19, 2001
Messages
37,298
Okay Max

I admit, I was wrong, but there you go. However, looking at one of the articles that Microsoft have done, I remember posting this one:

http://forums.techguy.org/showthread.php?threadid=60947

The original patch was to do with Exchange 5.5 with IE. Apparenlty, some users were installing this patch whose IE was lower than 5. The original bulletin didn't mention this.

The update did, but they didn't change the name, just said Updated. Also, it gave instructions for people who had already applied the patch.

I realise that 99% of the time they do change it, but on occasion they may not.

Anyway, as I say, it was an honest mistake.

Sorry for any inconvenience

eddie
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top