 |
|
|
 Welcome to the Virus.Org Mailing List Archive |
||
 |
||
|
||
|
Why, oh why, would Microsoft have a binary value (true or false) as a binary registry data type for disabling PCT? REG_DWORD isn't good enough anymore? Anyway, while we're testing the most recent flood of vulnerability patches, I'd like to disable the use of pct on our web servers. Following the workaround instrux from the advisory is ambiguous though. Can anyone confirm what the value should actually look like? After manually creating it on one server and exporting it, I see: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHAN NEL\Protocols\PCT 1.0\Server] "Enabled"=hex:00,00,00,00 But it could also be: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHAN NEL\Protocols\PCT 1.0\Server] "Enabled"=hex:00 Depending on whether I am in hex or binary mode in the binary editor. Does it matter? I'll go with the latter if no one answers as that's what the following command adds: reg add "\\machinename\hklm\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHAN NEL\Protocols\PCT 1.0\Server" /v Enabled /t REG_BINARY /d 0 (NOTE: you need the newer version of reg.exe to do this. Old one does not support REG_BINARY, but if you're used to the ease of the old reg.exe, have fun with adjusting to the syntax of the new one and don't replace the old if you've got scripts that use it.) Bill -----Original Message----- From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 13, 2004 1:38 PM To: Patch Management Mailing List Subject: This months patches... do you have a patch managment plan in place? April 13, 2004 Today Microsoft released the following Security Bulletins. Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details. Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided. Bulletin Summaries: Windows: http://www.microsoft.com/technet/security/Bulletin/winapr04.mspx Critical Bulletins: MS04-011 - Security Update for Microsoft Windows (835732) http://www.microsoft.com/technet/security/Bulletin/MS04-011.mspx MS04-012 - Cumulative Update for Microsoft RPC/DCOM (828741) http://www.microsoft.com/technet/security/Bulletin/MS04-012.mspx MS04-013 - Cumulative Security Update for Outlook Express (837009) http://www.microsoft.com/technet/security/Bulletin/MS04-013.mspx Important Bulletins: MS04-014 - Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution (837001) http://www.microsoft.com/technet/security/Bulletin/MS04-014.mspx Re-Released Bulletins: The following bulletins have been re-released to advise of the availability of updates for various versions of Microsoft Exchange Server. Please see the bottom of each bulletin for revision information. MS00-082 - Patch Available for 'Malformed MIME Header' Vulnerability http://www.microsoft.com/technet/security/Bulletin/MS00-082.mspx MS01-041 - Malformed RPC Request Can Cause Service Failure http://www.microsoft.com/technet/security/Bulletin/MS01-041.mspx MS02-011 - Authentication Flaw Could Allow Unauthorized Users To Authenticate To SMTP Service http://www.microsoft.com/technet/security/Bulletin/MS02-011.mspx MS03-046 - Vulnerability in Exchange Server Could Allow Arbitrary Code Execution (829436) http://www.microsoft.com/technet/security/Bulletin/MS03-046.mspx This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so. If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary. -- http://www.sbslinks.com/really.htm --- To unsubscribe send a blank email to [EMAIL PROTECTED] --- To unsubscribe send a blank email to [EMAIL PROTECTED]
|
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.