OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: HFNetchk Feedback (hfnetchkMICROSOFT.COM)
Date: Wed Apr 10 2002 - 19:47:11 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Current version of HFNetChk doesn't differentiate between DCs and
    non-DCs, (it does differentiate between different SKUs of the product -
    Pro, Server, Adv Server, etc.). A future version of hfnetchk might be
    able to do this, the XML schema would probably be changed to support
    notation that a patch was only applicable to DCs. (MS01-011, 24,36 were
    DC only patches as well.)

    In the meantime, consider a DC like a service on the system. Example:
    There have been patches for the tlntsvr service - most people don't use
    the service, but if we find earlier versions of tlntsvr.exe on the
    system, we'll recommend that it be updated - because although you're not
    using the service today, you might tomorrow, and the file should be the
    most recent. DCs are a little different, you don't casually decide to
    turn on a DC service, however.

    The files for 02-016 are marked in the XML file as change if exist, so
    if any of those files in the patch are on your server system, and they
    aren't the most recent (ie what's in the patch) it will tell you you
    need to install the patch. It doesn't hurt a server to apply this
    patch, but it's not necessary for this issue. Future versions of
    hfnetchk will have a -ignore flag where you can specify issues that you
    don't want to report on.

    At 04:34 PM 4/10/2002 -0400, Francis Favorini wrote:
    Hi,
            Just thought I'd pass this along. Microsoft has silently
    changed
    the patch in MS02-008 (at least the MSXML 3.0 version). The old patch I
    downloaded on 2/22/02 had version 8.20.9307.0 of msxml3.dll. The
    version I
    downloaded today has version 8.20.9415.0. There is no indication in the
    security bulletin that anything has changed. HFNetChk alerted me that
    the
    file version did not match.
            The same thing happened last month with MS02-009. The patch
    silently changed, although the bulletin did get updated later. It's
    possible that this is simply due to a delay in the revised bulletin
    getting
    propagated to all the web servers. I hope this is the case.
            On a semi-related note, does anyone know why HFNetChk complains
    that
    MS02-016 is not applied to a Win2K server that is not a domain
    controller?
    Is it just because it can't identify DC's, or is there some reason to
    apply
    it?

    -Francis