MS03-039 after installing Service pack 1 for Windows 2003

MS03-039 after installing Service pack 1 for Windows 2003
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
MS03-039 after installing Service pack 1 for Windows 2003 Pat 10-12-2005
Posted by =?Utf-8?B?UGF0?= on October 12, 2005, 4:59 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
I have a web server that is currectly being scanned by a third party using
ISS, they are flagging one exploit which is WinRpcssDcomBo: Microsoft Windows
RPCSS DCOM buffer overflow (824146-MS03-039)

I have seen other posts where people are reporting that SP1 somehow removes
this patch? But I see that this patch should be included in SP1

When I look in the registry I do not see any of the folders referenced like:

Window Server 2003\SP1\KB824146
nor do I see
Window Server 2003\SP1\KB823980
and the file versions are greater then the ones discussed to verify patch
has been installed

1. I would like to know is there a issue with SP1 and detection of this
patch? (As I have seen simliar posts with same issue)

2. What can I use for a reference to verify this patch with SP1 ?(all
documented are no good)

3. Can the patch be reapplied when the system already has SP1 installed?

Thanks







Posted by Torgeir Bakken \(MVP\) on October 13, 2005, 11:23 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Pat wrote:

> I have a web server that is currectly being scanned by a third party using
> ISS, they are flagging one exploit which is WinRpcssDcomBo: Microsoft Windows
> RPCSS DCOM buffer overflow (824146-MS03-039)
>
> I have seen other posts where people are reporting that SP1 somehow removes
> this patch? But I see that this patch should be included in SP1
>
> When I look in the registry I do not see any of the folders referenced like:
>
> Window Server 2003\SP1\KB824146
> nor do I see
> Window Server 2003\SP1\KB823980
> and the file versions are greater then the ones discussed to verify patch
> has been installed
>
> 1. I would like to know is there a issue with SP1 and detection of this
> patch? (As I have seen simliar posts with same issue)

This is not a known issue, the SP1 installation overwrites the files
that is included in MS03-039 with newer versions of those files.

I would think the third party scanning program have a logical flaw for
this issue.


> 2. What can I use for a reference to verify this patch with SP1 ?(all
> documented are no good)

824146 (MS03-039) is listed here as included in SP1:

Windows Server 2003 Service Pack 1 list of updates
http://support.microsoft.com/kb/824721/

As long as the following files (in the System32 folder) have a version
number of 5.2.3790.1830 or higher, you are good:

ole32.dll
rpcrt4.dll
rpcss.dll

(MS05-051/KB902400 will upgrade the version number to 5.2.3790.2492 for
ole32.dll and rpcss.dll).


>
> 3. Can the patch be reapplied when the system already has SP1 installed?


No, but installing MS05-051/KB902400 is an option, it supersedes
MS03-039:

Vulnerabilities in MSDTC and COM+ Could Allow Remote Code
Execution (902400)
http://www.microsoft.com/technet/security/Bulletin/MS05-051.mspx



--
torgeir, Microsoft MVP Scripting, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/scriptcenter/default.mspx

Similar ThreadsPosted
Service Pack 2 October 19, 2006, 10:22 am
service pack 2 January 11, 2007, 12:14 am
Service Pack 2 problem October 25, 2006, 6:00 pm
Need advice about reinstallation of XP with Service Pack I. November 6, 2005, 6:37 pm
Re: Service Pack interference with iTunes August 16, 2006, 9:53 am
Re: Service Pack interference with iTunes August 12, 2006, 5:15 pm
Service Pack Win2k KB912919 broke CAD program functions - Why and January 6, 2006, 3:18 pm
help-Security Update for SQL Server 2005 Service Pack 2 (KB948109) July 17, 2008, 5:38 pm
Security precautions to take while installing windows 2000 November 1, 2005, 5:40 am
Windows applications aren't installing from Group Polcies? May 22, 2006, 6:59 pm

The site map in XML format XML site map

Contact Us | Privacy Policy