From: Merle Hancock (mah_at_socrates.berkeley.edu)
Date: Thu Jul 31 2003 - 13:23:21 PDT
Hi -
I had the same problem. It turned out the particular machine didn't have NT service pack 6a. After I installed
that, I was able to install all the "critical updates" that I couldn't before because I kept getting "setup cancelled".
Also, the list of critical updates went from 2 to about 15 after the installation of sp6a; the new list included the
rpc exploit patch in question.
Merle
At 12:52 PM 7/31/2003 -0700, you wrote:
>Hi Folks:
>
>First, it appears that the page referenced to obtain the patch leads to the generic Windows Update page...and I don't see any patch there with a recent date that relates to this issue. We are using NT4 and XP on various machines here.
>
>So, then, in spite of that I did get a chance to install other updates...and ran into this on one system (NT4) the download begins (two updates being installed) and after each download, I get a 'Setup cancelled' message...not installed, 'go back and try again'...
>
>haven't encountered this before.
>
>Thanks
>
>Michael
>
>>You are receiving this because your email address appears on our list of campus
>>Security Contacts. It is NOT necessary for you to respond to this notice.
>>
>>THE PROBLEM
>>
>>A vulnerability in Microsoft Windows has recently been detected that constitutes
>>a potential threat to the security of any machine running various versions of
>>the Operating System. In particular, the following software is affected:
>>
>> Microsoft Windows NT 4.0
>> Microsoft Windows NT 4.0 Terminal Services Edition
>> Microsoft Windows 2000
>> Microsoft Windows XP
>> Microsoft Windows Server 2003
>>
>>The following is not affected by this vulnerability:
>>
>> Microsoft Windows Millennium Edition
>>
>>IMPACT
>>
>>The vulnerability would allow an attacker to gain complete control over an
>>affected system, including installing programs, viewing, changing or deleting
>>data, or creating new accounts with full privileges.
>>
>>WHAT SHOULD BE DONE BY THE ADMINISTRATOR OF AN AFFECTED MACHINE
>>
>>Microsoft has released a patch for this problem. Information about how to get
>>the appropriate patch for each version of Windows is available at this URL:
>>
>>http://www.microsoft.com/security/security_bulletins/ms03-026.asp
>>
>>A tool is available that will scan machines on your network and detect which
>>ones are vulnerable. It may be obtained from this site:
>>
>>http://www.eeye.com/html/Press/PR20030725.html
>>
>>--------------------------------------------------------------------------------
>>NOTE: SNS will be sending individual notices to the contacts for specific hosts
>>that we believe have already been compromised as a result of this vulnerability.
>>--------------------------------------------------------------------------------
>>
>>TECHNICAL DESCRIPTION
>>
>>More detailed information about the vulnerability (including possible
>>workarounds if a patch cannot be applied) may be obtained at this URL:
>>
>>http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-026.asp
>>
>>..........................
>>System and Network Security
>
>
>------------------------------------------------------------------------
>The following was automatically added to this message by the list server:
>
>For information about Micronet, including subscribing to
>or unsubscribing from its mailing list and finding out
>about upcoming meetings, please visit the Micronet Web site:
><http://micronet.berkeley.edu/>.
Technical Support Manager
>*<>*<>*<>*<>*<>*<>*<>*<>*<>*<>*<>*<>*<>*<>*<>*<
Richard & Rhoda Goldman School of Public Policy
2607 Hearst Avenue, Room 110
University of California
Berkeley, CA 94720-7320
510-643-7394 ph
510-643-9657 fax
mah_at_socrates.berkeley.edu
http://gspp.berkeley.edu
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
This archive was generated by hypermail 2.1.5 : Thu Jul 31 2003 - 13:29:36 PDT