The BugBlog -- April 2003

Bugblog

	Rather than chopping the BugBlog up into weekly archives, I'm going to try monthly archives instead. So all the April bugs will remain on this page, and I'll slowly go back and combine the past blog pages into monthly entries as well. The BugBlog is free- but if you want to help support its existence, feel free to make a donation via PayPal using the button at left. Better yet, subscribe to the BugBlog Plus. A three month subscription is only $5.
4/30	The latest Microsoft products that need security patchs are BizTalk Server 2000 and BizTalk Server 2002. One bug, that only affects version 2002, is a buffer overrun that may let an attacker run their own code. A second bug affects both versions and exploits a SQL security hole. You can get links to the patches, a different one for each version, from http://www.microsoft.com/technet/security/bulletin/ms03-016.asp. Cesar Cerrudo gets the credit from Microsoft for finding these problems. There is a security update for Adobe Acrobat 5.0.5. It is needed to patch a way that has been found to deliver a virus to your system via a PDF document. This does not affect the Acrobat Reader, only the full version of Acrobat. You have already been infected if you go to the Acrobat plug-in folder at \Program Files\Adobe\Acrobat 5.0\Acrobat\Plug_ins and find a plug-in called DEATH.API. You may also be infected in you find a file called EVIL.FDF in your root directory. (It's probably safe to say that Adobe wouldn't pick those as file names.) This update was released 4/30/03 and can be downloaded from http://www.adobe.com/support/downloads/detail.jsp?ftpID=2121. There is an update for the English, French, and German versions of Adobe FrameMaker 7.0 for Windows. The new version 7.0p578 fixes a bug that caused this error message after importing TIFF graphics: cannot display some graphics It also fixes a bug that would sometimes cause FrameMaker 7.0p576 to crash when reopening the PDF Setup dialog, if Bookmarks had been expanded to level zero, and a couple other crashes when saving PDF documents. Get the update at http://www.adobe.com/support/downloads/detail.jsp?ftpID=2111. Debian has a new package for kdebase, to incorporate changes the KDE team made for plugging some security holes in PostScript and Adobe Acrobat files. The fixed version of KDE is 2.2.2-14.4, and you can get the upgraded package from Debian at http://www.debian.org/security/2003/dsa-296.
4/29	Microsoft seems to want you to rely on their wizards, rather than doing things yourself. If you try to install Microsoft SharePoint Server, which comes with Windows Server 2003, manually by running ValueAdd\Msft\SharePt\Setupse.exe from the Windows Server 2003 CD, then you will probably get this error message when you are prompted to enter the Product Key Microsoft SharePoint Setup. You have not entered a valid Product Key. Please check the number located on your Certificate of Authenticity or the yellow sticker on the back of the CD case. Microosft says to let the wizard do it. Go to Administrative Tools, Configure Your Server, Server Type, Microsoft SharePoint. If you do it this way, the very same Product Key will be considered valid. There is a new upgrade to the Apple iPod. Version 1.3 mainly adds new features, as opposed to being a bug-fix release. However, it does extend support to Apple's new iTunes 4. The OS 9 version is at http://docs.info.apple.com/article.html?artnum=120198, and the OS X version is at http://docs.info.apple.com/article.html?artnum=122014. If a Red Hat Linux 7.x, 8, or 9 user has configured the LPRng print spooler package to use psbanner, then they have opened up a vulnerability on their system. The problem is that psbanner creates a temporary file with a known filename in an insecure manner. An attacker may be able to use this as a way to cause files to be written as the lp user. Get the updated package at https://rhn.redhat.com/errata/RHSA-2003-142.html. Red Hat has a new SquirrelMail package for Red Hat Linux 8 and 9. The new package fixes a cross-site scripting bug in SquirrelMail, which is a webmail package included by Red Hat. If you use SquirrelMail, get the upgrade at https://rhn.redhat.com/errata/RHSA-2003-112.html.
4/28	If you are getting ready to upgrade from one of the Window 2000 servers to Windows Server 2003, you've got to do some prep work on the old server first. Microsoft says there are a number of hot-fixes and services packs you need to install on Windows 2000 first, before making the upgrade. For the complete list, see http://support.microsoft.com/?kbid=331161. If you upgrade from a Windows 2000 computer to Windows Server 2003, you need to be careful about any System State backup done using Windows Backup. The Windows Backup program may get confused between the C:\Winnt folder, which is the default folder for Windows 2000, and the C:\Windows folder, which is the default choice for a new installation of Windows Server 2003. One workaround is avoidance. Use the Automated System Recovery (ASR) wizard for saving/restoring system settings and files. Other methods are listed at http://support.microsoft.com/?kbid=811944. If you use the Automated System Recovery (ASR) tool of Windows Server 2003 to restore a system to another computer or hard drive, the wizard is going to be picky about the size of the new home. Even if the disk is listed as the same size as the old (both are 20 GB, for instance) there may be differences in sector size or other disk settings that cause the actual capacity of the new disk to be slightly smaller. This may trigger the error message during ASR: The capacity of the current system disk drive is insufficient, and cannot be used to recover the partitions on the original system disk. As a workaround, you either need to make sure the new drive is totally identical, or defintely bigger than the old one. After upgrading a server cluster running Windows 2000, with Service Pack 3 installed, to Windows 2003 Server, you may have problems when starting the Cluster service. Instead of starting, you will get an error message that looks something like this in the Application Event log: Event Type: Error Event Source: VSS Event Category: None Event ID: 8213 Description: Volume Shadow Copy Service error: The process that hosts the writer with name Cluster Service Writer and ID {41e12264-35d8-479b-8e5c-9b23d1dad37e} does not run under a user with sufficient access rights. Consider running this process under a local account which is either Local System, Administrator or Backup operator. The problem, according to Microsoft, is that the Cluster service account needs to be an explicit member of the local Administrators group, and in this case it isn't. There are two possible fixes, either by changing account/group information, or making a Registry edit. For details on both, see http://support.microsoft.com/?kbid=812877.
4/25	Here is the first BugBlog item on Windows Server 2003. Look for a lot more starting next week: If you are running Windows 2000 Server and have Windows Services for UNIX 2.0 installed, you may have problems upgrading to Windows Server 2003. You may see this error message during the upgrade: Schema update failed: attribute in may-contain does not exist. Microsoft has a fix for this -- so if you are running Services for UNIX 2.0 you may need to contact Microsoft Technical Support and ask for the hot-fix described in Knowledge Base article 293783. This hot-fix was still being described in the MSKB even after Windows Server 2003 was released, so it looks like the fix didn't make it into the RTM code. Cisco has found and fixed a bug in their Cisco Catalyst 4000, 6000, and 6500 running Catalyst OS software version 7.5(1). The problem is that anyone who may be able to get command line access to an affected switch may be able to achieve "enable" mode access without knowing the password. Cisco has fixed this in Catalyst OS 7.6(1). To get the upgrade, see http://www.cisco.com/warp/public/707/cisco-sa-20030424-catos.shtml. Novell has released GroupWise 6 Support Pack 3. It has a long list of fixes, enhancements and warnings, which you can find at http://support.novell.com/servlet/tidfinder/2965453. It includes compatibility fixes for Adobe Acrobat PDF files and for Palm OS devices; fixes for Internet Agent memory leaks and abends; and many fixes for the Client API.
4/24	Microsoft has issued another batch of security bulletins on their Internet tools Microsoft has a new Cumulative Patch for Outlook Express 5.5 and 6.0. This includes all the previous fixes for OE, plus it takes care of a new one. In the newly discovered bug, an attacker could exploit a security hole in MIME Encapsulation of Aggregate HTML (MHTML) to run their own program on a target computer. You can get the update at http://www.microsoft.com/windows/ie/downloads/critical/330994/default.asp. Microsoft has released a new Cumulative patch for Internet Explorer 5.01, 5.5, and 6.0. This patch includes all the previous fixes for IE (there's a lot of them) plus it takes care of four new problems, including a buffer overrun, a bug in the file upload control, a problem with third-party file rendering, and a bug in modal dialogs. You can get this fix at http://www.microsoft.com/windows/ie/downloads/critical/813489/default.asp. Here's the Honor Role of independent researchers who found the problems for Microsoft this time: Mark Litchfield of Next Generation Security Software Ltd.; Andreas Sandblad, Sweden; and Jouko Pynnönen of Oy Online Solutions Ltd, Finland. (Squashing bugs is a world-wide effort.) We blogged a bug on 3/18/03 about Microsoft Windows NT 4.0 and Windows 2000, with a security threat via the included web servers. At the time, Microsoft only had a fix for Windows 2000. They now have a fix for Windows NT 4.0. You can get the details at http://www.microsoft.com/technet/security/bulletin/ms03-007.asp.
4/23	Microsoft Pocket Internet Explorer, part of Windows CE .NET 4.1, may choke when it tries to load a web page that has an <OPTION> tag. The bug may cause IE to quit, or it may only cause part of the page to load. Microsoft has a fix available at their download site. Go to http://www.microsoft.com/downloads/ and search using "QFE" as a keyword. Cisco has had to patch Secure ACS for Windows 2.6.4, 3.0.3, and 3.1.1 to take care of a bug found by the the NSFOCUS Security Team. There is a buffer overflow on the administration service on TCP port 2002, which may allow a denial of service attack. Patches for each version are available at http://www.cisco.com/pcgi-bin/tablebuild.pl/cs-acs-win. Macromedia says that Flash developers need to follow certain best practices if they don't want to open up a security hole for Flash Player users. In particular, Flash advertisements that use clickTAGs need to validate that the clickTAG URL begins with “http:”. If they don't validate, someone may be able sneak some malicious code into the application, which may then violate other user's security. Need more details? See http://www.macromedia.com/support/flash/ts/documents/clicktag_security.htm. Got one of those spiffy new Apple PowerBook G4 laptops with the 17-inch screen? They have an illuminated keyboard, whose settings are controlled by pressing the F8, F9, or F10 key. If you try to adjust the illumination via those keys when you are in a bright room (which deactivates the illumination) you will get a rather cryptic error message that includes the slashed circle universal symbol for "no-no". What it probably should say is "Hey, move into a darker room if you want to change the settings" because you can't make adjustments when the illumination is off.
4/22	There is an upgrade to the System Software Manager for the Compaq (err, I mean HP) iPAQ C500/810e, C700/815e, C800/815e, P500/810e, P733/810e, P866/815e, and P1.0/815e, as well as the iPAQ Legacy-Free C500/810e, C700/815e, C800/815e, P500/810e, P733/810e, P866/815e, and P1.0/815e. The new version 1.60 C fixes bugs that were giving intermittent ROM flash errors or some systems, and a bug that caused a blue screen of death on an E500 machine with a 6/01/2000 ROM. You can get the update at http://h18007.www1.hp.com/support/files/desktopiPAQ/us/download/17851.html. The Directory Service database in Apple Mac OS X Server 10.2 has a command called "dsimportexport" that, according to the Mac OS X Server Administrator Guide and help files, will allow you to import and export data. However, the export part doesn't work, only the importing works with this command. Apple says that if you need to export information from the Directory Services database, use the Workgroup Manager. You may run into a problem with Microsoft .NET Passport 2.x or Passport 2.55. If you enter the value for a host name that is more than 255 characters long, you may see this error message: The value entered for the host name must be a string less than 2048 characters long and cannot be empty. Microsoft says that this has been fixed in Windows .NET Server 2003. You may have trouble when deleting text in a Microsoft Word 2002 document. Although you may be able to delete the text, you may not be able to delete a paragraph mark that is in the header. Microsoft has a fix for this, which will be in a future service pack. To get the fix immediately, contact Microsoft Technical Support and ask for the fix that is discussed in Knowledge Base article 813816, which can only be installed on a system that has the Office XP SP 2 update already installed. Note that you might get charged for this call.
4/21	Back from a long Easter weekend, so here are some more bugs. When using the Server Monitor on the Apple Mac OS X Server 10.2, you may get a message saying that a RAID volume is degraded when a volume is being journaled. According to Apple -- don't panic. Instead use the Disk Utility to see whether the RAID actually has errors. If nothing shows up there, then ignore the first message that something is degraded. Novell has an updated SNMP.NLM for NetWare 5 and 6. This fixes a bug that was causing a wrong SNMP getnext response for the sparse table. Get the update in the file zfs3snmpsparse.exe at http://support.novell.com/servlet/tidfinder/2965493. There is a security bug in: Oracle E-Business Suite 11i, Releases 1 through 8; Oracle Applications 11.0, All Releases; and Oracle Applications 10.7, All Releases. If a potential attacker has direct access to the TNS Listener port of the RRA/FNDFS host machine and there is no intervening firewall and/or application server, they may be able to gain access to either application or operating system files. There are already upgrades that fix this bug for Oracle E-Business Suite 11i, Releases 1 through 8, and Oracle Application 11.0, All Releases. You can find the patch you need by searching at http://metalink.oracle.com. For more details, see http://otn.oracle.com/deploy/security/pdf/2003alert53.pdf. In Microsoft Outlook 2002 you may not be able to edit a task, if it contains a custom field, from the TaskPad within Outlook's Calendar view, although the Task does appear there. This will happen even if Office 2002 Service Pack 1 or 2 are installed. Microsoft has a fix, that will be in a future service pack. You can contact Microsoft Technical Support to get the fix right away (ask for the fix described in Knowledge Base article 290011) but you may get charged for this call. Instead, you may just want to switch over to the Task View to edit the task, rather than mucking around in Calendars view. There may be an incompatibility between Microsoft Outlook 2002 and Symantec WinFax PRO 10.0. This incompatibility may cause Outlook to crash as you shut it down, with an error signature (which you see when you click on the details for an error report) that will look like Outlook.exe 10.0.2627.1 Msmapi32.dll 10.0.2625.0 0001e85d. Microsoft says that you should upgrade to WinFax PRO 10.02 or later to fix this.
4/18	If you are running a new-enough Macintosh (PowerPC G3, or PowerPC G4, with OS X 10.1.5 or newer) there is an update to Apple QuickTime. The new version 6.1.1 has some performance enhancements, better AppleScript compatibility, and iMovie and iDVD audio/video synchronization. You can get it via the Automated Software Update on your Mac. When using the Apple Remote Desktop 1.2 with a client computer that uses Mac OS X 10.1 to 10.1.5, there may be screen problems after you quit sharing with the client computer. According to Apple, there may have a redraw problem that turns the screen purple. They say it is strictly cosmetic, and is cured by restarting the computer. Earlier versions of Microsoft Windows Media Player didn't mind if an MP3 file had an unsynchronized ID3v2 header. Starting with Window Media Player 9, they do care. Try to play one of these files, and you may see this error message: Windows Media Player cannot play the file. The file is either corrupt or the Player does not support the format you are trying to play. 0xC00D1199: Cannot play file Microsoft has a fix that will allow these files to be played. Its going to be in a future Service Pack,but if you want it right away you will need to contact Microsoft Technical Support and ask for the fix described in Knowledge Base article 814129. Note that you may get charged for this call.
4/17	There is nothing "official" from Microsoft yet, but a story in The Register and discussion on SlashDot point to a bug in Office 2000 SR-1a that is causing corporate users of Office (those with a site license) to continually have to register the software after 4/15/2003. Apparently, there is code in Office that prevents it from being registered after this date, but there is a bug in the code (imagine that!) that is causing the registration foul-ups. You can read The Register story , and the Slashdot discussion is here. Red Hat Linux 9 has an updated gtkhtml package, which is used in the Evolution mail reader. This fixes a bug that is in versions of Evolution before 1.2.4, that may allow a malfored HTML message to crash Evolution. Get the update at https://rhn.redhat.com/errata/RHSA-2003-126.html. There is an updated Samba package for Red Hat Linux 7.x, 8.0, and 9. This update fixes a security bug that may allow an anonymous user to get root access to a computer. For links to the correct package for your version of Red Hat, see https://rhn.redhat.com/errata/RHSA-2003-137.html. In both Microsoft FrontPage 2000 and 2002, if you try to import a file into a FrontPage web that is more than 50 MB in size, the import may fail and you may see this error message The server connection timed out This will most likely happen after you have upgraded the SmartHTML Interpreter (Shtml.dll). There are two fixes. The first is to edit your Registry to increase the limit on file imports; the second is to install the FrontPage 2002 Server Extensions. For details on both of these, see http://support.microsoft.com/?kbid=814332. When you use Microsoft FrontPage 2002 to create a "Mouse over" Swap Dynamic HTML (DHTML) effect for a web page, this effect won't work in the Netscape Navigator 7 browser. Instead of the alternative image being shown when highlighted with the mouse, nothing may appear. Microsoft has a fix for this, which will be in a future Office XP Service Pack. They really want for you to wait for the service pack, but you can get the hot-fix if you contact Microsoft Technical Support and ask for the fix described in Knowledge Base document 329679. However, they may charge you for this call. Also, the hot-fix will only work if Office XP Service Pack 2 is installed first.
4/16	The latest buffer overrun that affects Microsoft Windows is in the Windows kernel and affects Windows NT 4.0, NT 4.0 TSE, 2000, and XP. An attacker may be able to exploit this buffer overrun to give themselves a higher security level. However, to mount an attack, they either need to be at the computer, or able to log on to the computer interactively. Microsoft has patches available -- you should follow the link for your version of Windows from http://www.microsoft.com/technet/security/bulletin/ms03-013.asp. If you are doing a software search using the Apple Remote Desktop 1.2, when the "Kind" field is set to "Applications", Apple says that only Mac OS 9 applications will be turned up. If you also want Mac OS X applications to be shown, search by "Name", "Ends With" and include ".app" in the text entry field. Microsoft says that when SQL Server 7.0 does query that has a large sort operation, it may start sending this error message to the log 2003-02-10 17:02:54.39 ods The Scheduler 2 appears to be hung. PSS 0x5F8B3110, EC 0x5F8B32C0, UMS Context 0x050D07D8 This may happen as frequently as once per minute during the time the query is running. Microsoft has a fix for this, but you need to contact Microsoft Technical Support for it. Ask them for the fix described in Knowledge Base article 814693, but note that you may get charged for this call. Microsoft has released Systems Management Server 2.0 Service Pack 5. They say it is a cumulative release with all the bug fixes from the previous service packs. However, they also say that either Service Pack 2 or Service Pack 3 needs to be installed first. Links to both the service pack itself, as well as the list of bugs that it fixes, are at http://support.microsoft.com/?kbid=288239. Too may INF files in the \Inf folder of your Windows directory can cause problems for both Windows 2000 and XP. Microsoft says this may interfere with installing driver updates from their Windows Update web site. Instead of just searching currently installed drivers, Windows may search the whole folder, and get bogged down. They have a fix for this at the Microsoft Download Center. Download and install the 814033 package for the fix.
4/15	Apple Mac OS X Server 10.2 comes with a new version of the NetBoot software. Once you install it, Mac OS 9 client computers may not be able to start via NetBoot. Apple says you will first need to restart the server, so that the AppleFileServer process restarts, for OS 9 NetBoot to work. In a few cases, this will not be enough. If the NetBoot CD has the part number 0Z691-3990-A, there is an additional workaround. You can find the details for this at http://docs.info.apple.com/article.html?artnum=107504. If you try to use Microsoft Internet Explorer 6 to check your MSN e-mail account, and you use the IAuthenticate interface for authentication while making your connection through a proxy server, then you may see this error message: The page cannot be displayed. The page you are looking for is currently unavailable. The Web site might be experiencing technical difficulties, or you may need to adjust your browser settings... Cannot find server or DNS Error To fix this, go to the Microsoft Update site at http://windowsupdate.microsoft.com and install the 814506 Critical Update. Microsoft Internet Explorer 5.01, 5.5, and 6.0 all have a setting to "Empty Temporary Internet Files" folders when you close the browser. However, Microsoft says that sometimes this will fail, and files will remain. The two most likely causes for this: an antivirus program may have locked a file in the Temporary folder; or somehow, two or more users are sharing this folder. If the problem is the former, you need to change the antivirus program's configurations; for details on the latter problem, see http://support.microsoft.com/?kbid=814782
4/14	Windows XP Service Pack 1 contains Registry resiliency code. It is supposed to remove corrupt Registry keys, but according to Microsoft it may also delete some crucial subkeys such as HKLM\Software\Classes or HKLM\Software\Classes\CLSID. If that happens, your computer probably isn't going to work. Microsoft has a hot-fix that is going to be in a future service pack. If you want the hot-fix now, you need to contact Microsoft Technical Support and ask for the fix described in Knowledge Base article 814545. Note that this may not be a free call. If Windows XP has already hosed your Registry, then Microsoft says to restore the deleted keys from a backup. (First, or course, you need to figure which part of the Registry they trashed.) The System Restore feature in Windows 2000 and Windows XP does not keep track Windows installer Patch files (.msp). If you had installed one of these patches on an application, and then rolled back to an earlier restore point, it may leave that patched application all muddled with some new and some old file versions, and that application may not work very well. The gory details of what may go wrong are explained by Microsoft at http://support.microsoft.com/?kbid=814833. The only workaround is to re-install any of these patches. That means, of course, that you need an accurate record of which patches were installed before or after restore points. Linksys has a firmware update for their BEFW11S4 ver.2/3/3.2 router. The new version 1.45z makes some adjustments for increased XBOX support, and changes so that you can do a web-based firmware upgrade with Netscape 7.0. There is an update for Novell eDirectory 8.7. It includes an updated DS.NLM v10411.10 that fixes a number of issues, including: an abend with 785 error when used with a NetWare 6.5 tree; bugs that cause problems with multi-processor use; Error -611 when synchronizing a filtered replica; and abends that sometimes happen when opening the database. The update is in edir8703.exe that you can download at http://support.novell.com/servlet/tidfinder/2965389.
4/12	There would be more bugs up this week if it wasn't tax time. There is a new product update patch for Sun Microsystems StarOffice 6.0 - with separate updates for all supported platforms. It includes many bug fixes. Here are some of the highlights for some of major bugs: it fixes a crash in StarOffice when opening a file via fastweb; it fixes a crash in Calc when you use a Contextmenu about an OLE-Object; it fixes a crash when saving a file on a Windows 98 peer to peer network; it fixes a database crash inserting eight fields in a row while in CJK locales; it fixes a crash in Outline view when dragging text. To get the patch, go to http://sunsolve.sun.com/pub-cgi/show.pl?target=patches/xprod-StarOffice&nav=pub-patches. Linksys has a firmware update for their WAP51AB wireless router. This update fixes a problem with low signals in the 802.11b side of things. Microsoft Exchange 2000 Server has a feature in the Exchange System Manager that lets you configure the Virtual Memory Threshold notification. Unfortunately, your settings may cause the wrong value to be displayed. If the available virtual memory values are more than one gigabyte, they will be truncated and you won't see the correct value. At this time, there is no fix or workaround.
4/10	If you are using Lotus iNotes Web Access for mail, and your mail file has a rule which uses the Send Copy To action, this may cause iNotes to hang with this error message iNotes Warning. Sorry, we were unable to process your request at this time. If you are unable to continue working in your mail file, please dismiss this warning and then select View, Refresh from your browser's menu." According to Lotus, mail rules are actually a feature of the Notes client, and may or may not work in iNotes. In this particular case, the error is caused by the DisplayCopyTo_Icon field set to a value of "1". If you are using Microsoft's MSN Messenger on a Windows 2000 or Windows XP computer, and you double-click a contact name in the MSN Messenger window, the Microsoft Windows Journal Viewer repair process will start up by mistake. Microsoft says this is because of an error in the Registry -- both Messenger and the Journal Viewer share components, and apparently fight over possession of them. Microsoft's workaround is to issue a deep sigh and let the repair process run its course. They say it should only happen once, but that is once per user account on the computer. If you still get error messages, then a permanent fix is to get rid of Windows Journal Viewer, via the Control Panel's Add or Remove Programs icon. After installing Windows XP Service Pack 1 on a computer that is behind a Microsoft Internet Security and Acceleration (ISA) Server 2000-based firewall, you may no longer get the alert in Microsoft Outlook that you have new mail. In addition, if you start Outlook in the Inbox folder, the new mail won't show up until you go to another folder first. The problem is an error in the ISA Server's Local Domain Table (LDT), and needs to be fixed within the ISA Management Utility. For details on how to do this, see http://support.microsoft.com/?kbid=815052
4/9	Apple's Security update of 3/24/03 for the Mac OS X includes fixes for both Samba and OpenSSL. Samba had a bug that may allow someone to gain access remotely to a host system who shouldn't be allowed in. The OpenSSL fix is to plug a security hole that may allow RSA private keys to be compromised. Get the update at http://docs.info.apple.com/article.html?artnum=61798. There is a security bug in the Microsoft VM (virtual machine) which is their implementation of Java. If you are using version 5.0.3809 or earlier of the VM, a bug in the ByteCode Verifier component may allow an attacker to sneak their own code onto the computer. How do you know what version of VM you are running? Go to the command prompt and give the command jview which will give your version number. If you are not running the Microsoft VM, you will get an error message -- but you will be safe from this bug. Windows Update will get you the new version. A bug in the Microsoft Proxy Server 2.0 and the Internet Security and Acceleration Server 2000 may allow an attacker to mount a denial of service attack against these two servers. Microsoft has issued updates for the two products, with links to the various language versions available from http://www.microsoft.com/technet/security/bulletin/ms03-012.asp.
4/8	If you quickly insert and remove a PCMCIA card into a laptop running Windows XP Home/Pro, you may get a blue screen of death with this error message: DRIVER_IRQL_NOT_LESS_OR_EQUAL As a workaround, don't yank out the card right after you insert it. Microsoft has a permanent fix that will be in a future service pack. You can contact Microsoft Technical Support and ask for the hot-fix described in Knowledge Base article 816500. Note that you might get charged for this call. The Apache HTTP Server 2.0.45 fixes two security holes. The first is a denial of service bug identified as CAN-2003-0132 and found by David Endler. The second is a leak that disclosed the file descriptors to child processes. When running the Novell Client 4.83 on Windows computers, some old versions of Srvloc.sys may cause blue screens, according to Novell. They have an upgraded version of this file that should fix this. Get srvloc.exe at http://support.novell.com/servlet/tidfinder/2965379. You still have to pay attention to Microsoft's implementation of digital rights management even when using another media player. MusicMatch says that if you want to use their Jukebox program to play the free audio tracks in WMA format that you can find in their Music Guide, you need to have the latest version of Windows Media Digital Rights Management installed. You don't have to get it from Microsoft, you can get it from http://techsupp.musicmatch.com/techtools/wma.inp.mmz If you are helping to search for intelligent life in the universe with the SETI@home program, it would be smart to get the latest security release. Version 3.08 of SETI@home fixes a buffer overun that may let an attacker trick you into connecting to their server rather than the SETI server. SETI credits Dutch researcher Berend-Jan Wever and Steffen Zahn for finding this bug. Get the update at http://setiathome.berkeley.edu/download.html.
4/7	If you have a Compact Flash Card installed in an Apple Mac OS X 10.2.4 computer, it may disappear from the Finder. The reason, according to Apple, is that an invisible file in the /Volumes directory is keeping the card from showing up. The workaround is to delete that invisible file. Need to know how to do that? See the details at http://docs.info.apple.com/article.html?artnum=75509. If you are using Adobe InDesign 2.0.2 for either Windows or Macintosh, a long text document may take a long time to re-flow through frames. There is a Long Document Performancee update that fixes this. The Macintosh update is at http://www.adobe.com/support/downloads/detail.jsp?ftpID=2100, and the Windows version is at http://www.adobe.com/support/downloads/detail.jsp?ftpID=2101. If you have upgraded to Cisco IOS Release 12.2(15)T, and are running it on a Cisco router that is being used as an NAS (network access server), you may have problems if you configure a "large number" of L2F tunnels and sessions. According to Cisco, the L2F NAS may pause indefinitely while not giving or logging any error messages. There is no fix or workaround yet -- Cisco says you may just have to do a control-break via the console, and then reset the router.
4/4	Some of the security precautions put in place by default in Microsoft Outlook 2002, and optionally in Outlook Express 6 in Windows XP, may actually trip up Microsoft Internet Explorer 6. Within IE, giving the command File, Send, Link by E-mail may ony send an incomplete link. The reason? Outlook treats it as an unsafe attachment. Microsoft has a fix, which will be in a future service pack. If you can't wait for your fix, contact Microsoft Technical Support and ask for the hot-fix described in Knowledge Base article 327010. Note that you may be charged for this call. If a web site uses a custom HTTP header to include a post-check directive to do a lazy update, this may cause problems for Microsoft Internet Explorer 6 Service Pack 1, running on Window 98/98SE/ME/2000/XP. It may cause IE to crash, or it may just cause the site not to be displayed correctly. Microsoft has a fix, which will be in a future service pack. If you frequent sites that use this custom header, and get frequent crashes, you may want to contact Microsoft Technical Support and ask for the hot-fix described in Knowledge Base article 812989. Note that you may get charged for this call. There is an incompatibility between Microsoft Internet Explorer 6, running either Service Pack 1 or the 8/22/02 cumulative patch for IE, and Divago Surfairy. If the Surfairy is installed, you may not be able to either print or Print Preview in IE. Instead, you may see this error message Internet Explorer Script Error An error has occurred in the script on this page. Line: 93 Char: 1 Error: Access is denied. Code: 0 Microsoft's workaround is to either uninstall Surfairy, or disable third-party browser extensions. For details on how to do that, see http://support.microsoft.com/?kbid=811165. RealNetworks says that both RealOne Player and RealPlayer 8 have a security bug that can be exploited via a malicious PNG (Portable Network Graphics) file. An attacker may be able to corrupt a computer's heap and then use that corruption to run their own code. To avoid this bug, upgrade to these versions from Real: RealOne Player (6.0.10.505), RealOne Player version 2 (6.0.11.853), RealPlayer 8 (version 6.0.9.584). They are all linked from http://service.real.com/help/faq/security/securityupdate_march2003.html.
4/3	Here is a bug that isn't critical, but it can be annoying. If you are using the Alarm clock that came in Microsoft Plus! For Windows XP, the clock may not turn off after ringing. This may happen if the alarm clock title has more than twenty characters in the name, or has special characters. The workaround is to rename the clock to something short. If you insist on having a long, complicated name for your alarm clock (and leave it to Microsoft to build in such an unneccesary feature anyway) then you should download this fix: http://download.microsoft.com/download/2/f/9/2f93ca82-9e69-465d-ad02-043274791706/plusdmeupdate1.exe. Novell has bundled up a whole bunch of fixes to their Client 4.83 that have come out since they released Support Pack 1 for that client. It includes fixes for a number of bugs in printing, including critical errors in SPOOLSV.EXE and in the printer driver. Get the file nt483pt6.exe at http://support.novell.com/servlet/tidfinder/2965032. CERT says that there are security problems with the Sun Microsystems network services library (libnsl), the BSD-derived libraries that use XDR/RPC routines, and the GNU C library with sunrpc. An integer overflow causes a buffer overflow, which may allow attackers an entry for running their own code on a computer. Go to http://www.cert.org/advisories/CA-2003-10.html to find links to these vendors with fixes: Red Hat, IBM AIX, MIT Kerberos, Openwall GNU Linux, Sun Microsystems. If you try to shut down a Windows XP workstation remotely using Remote Desktop Connection software, you may get this error message instead Device Not Ready The Winlogon software apparently has a bug that will show up when you try to log off. Microsoft has a hot-fix, which will be in a future service pack. If you do a lot of remote shutdowns, and this is a problem, you can contact Microsoft Technical Support and ask for the hot-fox described in Knowledge Base article 816938. Note that you may get charged for this call.
4/2	Here is what could be a particularly damaging incompatibility between Windows XP Home/Pro (with or without Service Pack 1) and hard drives with 48-bit logical block addressing turned on. According to Microsoft, the flush cache command isn't given to a large hard drive, so hard drive data may become damaged when going to standby or hibernation. If you are in this situation, get the fix in the file Q331958_WXP_SP2_x86_ENU.exe from the Microsoft Download Center. For more details, see http://support.microsoft.com/?kbid=331958 . The most recent security bug in Sendmail affects all versions of Sendmail Pro; Sendmail Switch 2.1 prior to 2.1.6; Sendmail Switch 2.2 prior to 2.2.6; Sendmail Switch 3.0 prior to 3.0.4; Sendmail for NT 2.X prior to 2.6.3; Sendmail for NT 3.0 prior to 3.0.4; and open-source sendmail versions prior to 8.12.9. This bug could allow denial of service attacks as well as letting an attacker run their own code at the privilege level of the sendmail daemon. There are patches you can get directly from Sendmail at ftp://ftp.sendmail.org/pub/sendmail/prescan.tar.gz.uu or ftp://ftp.sendmail.org/pub/sendmail/prescan.tar.gz.uu.asc. If Sendmail came in a package from some other vendor, that vendor may have the patch as well.
4/1	Red Hat Linux 9 is either going to be released any day now, or already out there if you know where to look. In either case, they have already started to release fixes for it. Red Hat has released an updated Samba package for Red Hat Linux 7.x, 8.0, and 9. These fix a security bug found by Sebastian Krahmer that may allow an attacker to get root access to a computer. You can get the update at https://rhn.redhat.com/errata/RHSA-2003-095.html. Red Hat has an updated OpenSSL package for Red Hat Linux 7.x, 8.0, and 9. A bug may make timing attack on RSA keys a possibility, where it may be possible for a bad guy to get a private key. Get the update at https://rhn.redhat.com/errata/RHSA-2003-101.html. Red Hat has a fix for the ISC DHCPD Server that is included in Red Hat Linux 8.0. A bug in the DHCP Server, discovered by Florian Lohoff, may allow a denial of service attack against the server. Get the update at https://rhn.redhat.com/errata/RHSA-2003-034.html. Red Hat has an updated package for Evolution, included with Red Hat Linux 7.3, 8.0, and 9.0. The new package includes fixes to a number of security bugs that may allow an attacker to crash a system and also to evade security. Find the links for your version at https://rhn.redhat.com/errata/RHSA-2003-108.html.
3/31	If you are still using Novell NetWare 4.11 or 4.2,there is an NDS update for you. DS.NLM 6.17 takes care of some problems with synchronization with a server on a mixed ring. Look for it at http://support.novell.com/servlet/tidfinder/2963473. Apple has new firmware for the AirPort Extreme Base Station. Note that this is for the Extreme, and not for the Graphite (the original) or the Snow (dual-Ethernet) version. It fixes some problems that may be caused by interference in the 2.4 Ghz band (such as from your neighbor's wireless phone.) It doesn't lessen the interference, but it lets the base station recover better after the interference. Get it at http://docs.info.apple.com/article.html?artnum=120191. There is a new release of mod_python for the Apache HTTP Server. This is a bug fix release, taking care of the problems in the last release, which was 3.0.1. They don't specify what the fixes are in this version, which can be downloaded at http://httpd.apache.org/modules/python-download.cgi.