NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > FOCUS-MS> 2000-q4

Subject: Re: Bug in MS Win2k - Policy with SP1 install
From: James Ringold III (jringoldYAHOO.COM)
Date: Fri Dec 01 2000 - 11:35:29 CST

Next message: Conor Crowley: "Re: Securing a production box"
Previous message: Erik Thackston: "Re: Securing a production box"
Maybe in reply to: Los, Ralph: "Bug in MS Win2k - Policy with SP1 install"
Maybe reply: James Ringold III: "Re: Bug in MS Win2k - Policy with SP1 install"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ralph -
It appears to me that Microsoft has failed to
digitally sign their service pack. If you received
the warning when you re-attempted the install, but it
still installed, then that would pretty much explain
the problem.

I have encountered this "problem" many times with
hot fixes for Windows 2000 and other products. Each
time I had to re-apply the security policy. Now I
make the change before I start the install of the
patches.

Thank You -
James Ringold
IS - Security Consultant

-----Original Message-----
From: Los, Ralph [mailto:rlosENVESTNET.COM]
Sent: Thursday, November 30, 2000 3:40 PM
To: FOCUS-MSSECURITYFOCUS.COM
Subject: Bug in MS Win2k - Policy with SP1 install

Submitted for the review of the list:

Scenario:
         Windows NT 4.0 server installed clean.
         SP6.0a applied, all relevant hotfixes
applied
         No additional software installed outside
Server core

Installed a Win2k Server upgrade on the
machine
Changed security policy (local) - "Unsigned
non-driver installation
behavior" to "Warn and disallow install".

Problem:
Went to install Service Pack 1 off the web
(windowsupdate.microsoft.com).

Setup FAILS.

Reason:
Windows gives a "Unknown setup package"
error, with a "Tested with
Windows 2000" but gives no other option other than
"OK". At which point in
the install, clicking OK fails the installation.

Question:

WHY does this happen? How could a Service
Pack from MICROSOFT fail
in this situation? I had to set the policy above to
"Warn but allow
installation" to make it work.

Strange? Bug? Feature?

Ralph M. Los
Sr. Internet Systems & Security Admin. (312)
827-3945 (direct)
EnvestNet Advisory Corp.
(312) 296-9003 (wireless)

rlosenvestnet.com

=====
Thanks -
James S. Ringold III
jringoldyahoo.com

__________________________________________________
Do You Yahoo!?
Yahoo! Shopping - Thousands of Stores. Millions of Products.
http://shopping.yahoo.com/

Next message: Conor Crowley: "Re: Securing a production box"
Previous message: Erik Thackston: "Re: Securing a production box"
Maybe in reply to: Los, Ralph: "Bug in MS Win2k - Policy with SP1 install"
Maybe reply: James Ringold III: "Re: Bug in MS Win2k - Policy with SP1 install"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]