From bgreenbaum@SECURITYFOCUS.COM Wed Jan 31 10:56:06 2001 From: Ben Greenbaum X-Sender: To: BUGTRAQ@SECURITYFOCUS.COM Date: Tue, 30 Jan 2001 13:19:08 -0700 Subject: [BUGTRAQ] Microsoft Security Bulletin (MS01-005) (fwd) ---------- Forwarded message ---------- Date: Tue, 30 Jan 2001 11:00:47 -0800 From: Microsoft Product Security To: MICROSOFT_SECURITY@ANNOUNCE.MICROSOFT.COM Subject: Microsoft Security Bulletin (MS01-005) The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. ******************************** -----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Tool and Patch Available to correct Hotfix Packaging Anomalies Date: 30 January 2001 Software: Windows 2000 Bulletin: MS01-005 KB Article: Q281767 and Q282784 (available soon) Microsoft encourages customers to review the Security Bulletin at: http://www.microsoft.com/technet/security/bulletin/ms01-005.asp - ---------------------------------------------------------------------- Issue: ====== Microsoft packages all Windows 2000 hotfixes (including security patches) with a catalog file that lists all of the valid hotfixes that have been issued to date. The catalog is digitally signed to ensure its integrity, and Windows File Protection uses the signed catalog to determine which hotfixes are valid. An error in the production of the catalog files for English language Windows 2000 Post Service Pack 1 hotfixes made available through December 18, 2000 could, under very unlikely circumstances, cause Windows File Protection to remove a valid hotfix from a system. The removal of a hotfix could cause a customer's system to revert to a version of a Windows 2000 module that contained a security vulnerability. Windows File Protection will only remove valid hotfixes from a Windows 2000 system under a very restrictive set of circumstances. The system administrator would have to have applied multiple hotfixes in an order other than that in which Microsoft produced and packaged them. Furthermore, Windows File Protection would only remove hotfixes from a system if it were run explicitly (by running sfc/scannow for instance) or triggered by some administrator action (such as specifying that it be invoked under a group policy). - ---------------------------------------------------------------------- THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.3 iQEVAwUBOncPX40ZSRQxA/UrAQHpWggApgHJ9yJTncAgNlozveulXNSzCkjg6R2I 1WKqtHRtZ8nY8Kqm6YOmpxsBByQqWUmAQ2Lic/V1tca889b5ngCOZuEmwLRRv14V ja+lW8qqSQLqihD9MLU0VWFYVy4t6oOmOOdIWkXYrGrGftJMdwG7xPbCWIvRi65D TBR3iz0J4kChifv1r+EE/ZScn2MS6DSF+xa3F00vvr653ok7Qut6SoAZDiGyytKT 1CwlKyBmYOGTV+jp1ZnQMN+NumKRwklya0N/QqvuhbIp5in+2RZ0yfeQIt+z6YQo bodyj0e82Vnf9tZAAx044kIL0jUWJRHIKxZmP4hSHXup99Hq3JKOKg== =iELH -----END PGP SIGNATURE----- ******************************************************************* You have received this e-mail bulletin as a result of your registration to the Microsoft Product Security Notification Service. You may unsubscribe from this e-mail notification service at any time by sending an e-mail to MICROSOFT_SECURITY-SIGNOFF-REQUEST@ANNOUNCE.MICROSOFT.COM The subject line and message body are not used in processing the request, and can be anything you like. To verify the digital signature on this bulletin, please download our PGP key at http://www.microsoft.com/technet/security/notify.asp. For more information on the Microsoft Security Notification Service please visit http://www.microsoft.com/technet/security/notify.asp. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site at http://www.microsoft.com/security.