RE: [inbox] Problems with MS03-042 (KB826232) patch?

["Curt Purdy" <purdy () tecman com>]

> For example, on one computer that had Windows 2000 SP2, we installed
> KB826232 and then the other critical patches from 10/15. We then
> installed SP4. When attempting later to uninstall KB826232, we get a
> warning that Internet Explorer, Windows Media Player, and 
> other patches
> installed after KB826232 might be non-functional if we proceeded. We
> tested Windows Media Player and it was, in fact, non-functional (it
> could download a video clip and display that it was playing, it just
> couldn't display any video... a minor inconvenience I guess).

Though referring to patch 40 and not 42 this from Brian Livingston's
newsletter is likely relevant:

Update HTML Help. As was the case with MS03-032 and a few other recent
patches, installing MS03-040 will cause problems with Windows' HTML Help
engine unless you also install a fix to update the help feature. This is
explained in Microsoft Knowledge Base article 811630. 

Update Windows Media Player. After installing MS03-040, you also need to
install an update for Windows Media Player versions 6.4, 7.1, and 9, and
Media Player for XP. Microsoft-style audio and video data files are allowed
(stupidly, in my opinion) to command Media Player to open Web pages. These
pages might be malicious or infected. The update allows administrators to
shut down this feature by making changes to the Registry. I don't believe
this capability should ever have been shipped, but I recommend that you
install the patch and implement the more-secure policies, as described in KB
828026. 

Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA
Information Security Engineer
DP Solutions

----------------------------------------

If you spend more on coffee than on IT security, you will be hacked. 
What's more, you deserve to be hacked.
-- White House cybersecurity adviser Richard Clarke

<<attachment: winmail.dat>>