[ news_security_news ]
Microsoft Trying To Sew Up Holey Patches
John Stith
Staff Writer
2005-10-18
 Insider Reports RSS Feed
Microsoft released its regular monthly patch in October and while it was supposed to clear up some major security problems in Windows, it created whole slew of other problems that including locking users out of their PCs.
Patch Tuesday had become a regular event for pretty much anyone using Microsoft products, which is just about everybody. Back in September, they called it off because of some problems. They ran with one in October and have had serious problems with the new patch.
Here's the jist of the problem from Microsoft:
SYMPTOMS
On a computer that is running Microsoft Windows XP, Microsoft Windows 2000 Server, or Windows Server 2003, one or more problems may occur after you install the critical update that is discussed in Microsoft Security Bulletin MS05-051. These problems include the following:
• The Windows Installer service may not start.
• The Windows Firewall Service may not start.
• The Network Connections folder is empty.
• The Windows Update Web site may incorrectly recommend that you change the Userdata persistence setting in Microsoft Internet Explorer.
• Active Server Pages (ASP) pages that are running on Microsoft Internet Information Services (IIS) return an "HTTP 500 - Internal Server Error" error message.
• The Microsoft COM+ EventSystem service will not start.
• COM+ applications will not start.
• The computers node in the Microsoft Component Services Microsoft Management Console (MMC) tree will not expand.
• Authenticated users cannot log on, and a blank screen appears after the users apply the October Security Updates.
This problem can occur if any COM applications or COM+ applications cannot access the COM+ catalog files. The application cannot access the COM+ catalog files because the default permissions on the COM+ catalog directory and files have been changed from the default settings. Before Microsoft Security Bulletin MS05-051, explicit permissions to the COM+ catalog were not required. The COM+ catalog files are .clb files and are located in the %windir%registration folder.
RESOLUTION
To resolve this problem, restore the default permissions to the COM+ catalog. To do this, follow these steps:
1. In the %windir%/registration folder, make sure that the Everyone group has READ permissions.
2. In the %windir%/registration folder, make sure that the SYSTEM account has FULL CONTROL permissions.
3. In the %windir%/registration folder, make sure that the Administrators group has FULL CONTROL permissions.
4. In the advanced security properties of the .clb files in the %windir%/registration folder, make sure that the Inherit from parent the permission entries that apply to child objects. Include these with entries explicitly defined here option is selected.
Make sure that the Everyone group has one of the following permissions:•
5. Traverse permissions ("List Folder Contents") on all parent directories, including %systemdrive%, %windir%, and %windir%registration
The Bypass Traverse Checking permission
This should help people get over this hump. Keep in mind the problems look like the only occur when the default permission settings on Windows have been changed. Microsoft is continuing to work on the problem however.
About the Author:
John is a staff writer for SecurityProNews covering cyber security.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
