Invalid URL vulnerability & SP4 > (Additional Information)

["Givens, Mike" <MGivens () AEGONUSA COM>]

Here is something I received from the "other" bugtraq list I belong to.
Thought anyone
working on NT should/would like to know this !

Mike

******************************
Post From: Karl Knibbs

Just a quick note regarding MS00-063 (invalid URL vulnerability) and Service
Pack 4. It don't work!

Having obtained the fix from product support I went through my usual round
of testing on my development servers before updating production servers. On
both of my servers still on SP4 the replaced kernel caused a STOP on boot.
On contacting PSS it was confirmed (eventually) that this is a post SP6a
fix. This however is not noted in the security bulletin.

Recovery of these machines was quite a simply affair of replacing the
kernel32.dll in system32 with the back-up placed in the
winnt\$NtUninstallQ271652$ dir.

I have not as of yet tested with SP5 although I have applied to several SP6a
machines without problems.