Sign in to follow this  
Followers 0
marrone

KB935966 Not showing up

12 posts in this topic

Patch KB935966 is not showing up in autopatcher, and I cannot install it from the august Win2k3 core release.

Microsoft Security Bulletin MS07-029

Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution (935966)

The patch is definitely in the release...it's stored under "Critical", but it's not showing up for me to select it.

DNS is running on the server...it's a domain controller.

I'm afraid to run it manually, in case there really is a reason Autopatcher isn't seeing it as important.

Can anyone help?

Thanks

-Mike

Share this post


Link to post
Share on other sites

Try installing it manually, the worst that can happen is that it'll fail.

Share this post


Link to post
Share on other sites

KB935966 only applies and is listed if you have the DNS component installed (C:\WINDOWS\system32\dns.exe exists)

Share this post


Link to post
Share on other sites
KB935966 only applies and is listed if you have the DNS component installed (C:\WINDOWS\system32\dns.exe exists)

Oh it's definitely there, and running, too. Just verified both.

Any other ideas?

This is happening on my other server as well.

Thanks

-Mike

Share this post


Link to post
Share on other sites

run the installer manually to get your system patched, thats the most important thing right now, don't be afraid, if it didn't apply to your system it would refuse to install. likewise you don't need to be afraid about installing an old update, it'll only replace existing files that are older than the ones it has.

the only thing you need to worry about is uninstalling patches, which is something i don't recommend! see here for why!

it won't be showing up because your system isn't matching the requirements for some reason...

the only requirements for this module are that: 1) system is English, 2) it's 2K3_SP1_X86 or 2K3_SP2_X86 and 3) system32:\dns.exe exists

'system32:' should be pointing to %system32%. lets try to test that...

1) grab the attached file (right click and save), rename the .txt extension to .apm

2) stick it in C:\Program Files\AutoPatcher\modules\

3) temporarily move all *.rti files in C:\Program Files\AutoPatcher\ elsewhere to speed up autopatcher's load time (will skip integrity checks)

4) run autopatcher, allow it to "install" the test module

5) open C:\autopatcher_testdir.txt and see what it contains, it should report that system32: points to C:\WINDOWS\System32. if it doesn't then we may have a bug in autopatcher.exe, if it is, you need to check that dns.exe exists where it's supposed to

test.txt

Share this post


Link to post
Share on other sites
run the installer manually to get your system patched, thats the most important thing right now, don't be afraid, if it didn't apply to your system it would refuse to install. likewise you don't need to be afraid about installing an old update, it'll only replace existing files that are older than the ones it has.

the only thing you need to worry about is uninstalling patches, which is something i don't recommend! see here for why!

it won't be showing up because your system isn't matching the requirements for some reason...

the only requirements for this module are that: 1) system is English, 2) it's 2K3_SP1_X86 or 2K3_SP2_X86 and 3) system32:\dns.exe exists

'system32:' should be pointing to %system32%. lets try to test that...

1) grab the attached file (right click and save), rename the .txt extension to .apm

2) stick it in C:\Program Files\AutoPatcher\modules\

3) temporarily move all *.rti files in C:\Program Files\AutoPatcher\ elsewhere to speed up autopatcher's load time (will skip integrity checks)

4) run autopatcher, allow it to "install" the test module

5) open C:\autopatcher_testdir.txt and see what it contains, it should report that system32: points to C:\WINDOWS\System32. if it doesn't then we may have a bug in autopatcher.exe, if it is, you need to check that dns.exe exists where it's supposed to

Ok, did all that. (And thanks for the testing here)

The output reads:

sys32 dir: C:\WINDOWS\system32\

And, looking in C:\WINDOWS\system32 shows dns.exe at 433KB, dated 2/17/2007 2:50AM, file version 5.2.3790.3959

I'll try manually putting it in now...but I figured if there is indeed a bug, it would be something you would want to know about. Though no-one else seems to be posting about the problem :(.

<edit> it seems to install manually correctly...so the patch itself felt it was necessary. So...who knows?

-Mike

Edited by marrone

Share this post


Link to post
Share on other sites

are you absolutely sure KB935966 does not appear in the critical section f the selection window :s

if so, try this test module, i just want to see if it appears in the selection window. if it doesn't, delete the following two lines, save, and try again

ComponentFile=system32:\dns.exe

ComponentVersion=ANY

don't forget to rename .txt to .apm!

KB935966_test.txt

Share this post


Link to post
Share on other sites
are you absolutely sure KB935966 does not appear in the critical section f the selection window :s

if so, try this test module, i just want to see if it appears in the selection window. if it doesn't, delete the following two lines, save, and try again

ComponentFile=system32:\dns.exe

ComponentVersion=ANY

don't forget to rename .txt to .apm!

Ok, let me first state that after running the patch manually on one of my servers (which seemed successful), and rebooting, it STILL did not appear in the Autopatcher listing. All patches there are blue (with one exception...for outlook express...which either doesn't want ot install, or isn't detecting it...but I'm not concerned with that right now). But 935966 does not appear...even though it's been installed manually.

So I ran your test.

The first time through, nothing showed up.

So I deleted the two lines (I'll assume that checks for dns.exe). Once I deleted your two lines and reran, the "test patch" showed up.

I guess it's not finding dns.exe.

Trust me. It's there. c:\windows\system32\dns.exe

And DNS seems to be working just fine.

Very perplexing!

-Mike

Share this post


Link to post
Share on other sites

what about if you just simply add the first of those two lines back in, does it work then?

i'm probably going to have to report it as a bug to raptor

update: email sent to raptor about it.

please can you confirm the version number of autopatcher.exe

Edited by theblazingangel

Share this post


Link to post
Share on other sites
what about if you just simply add the first of those two lines back in, does it work then?

i'm probably going to have to report it as a bug to raptor

update: email sent to raptor about it.

please can you confirm the version number of autopatcher.exe

Autopatcher file version: 5.6.0.81

Added only first line in. Test module shows up.

closed autopatcher.

Added 2nd line back in. reran autopatcher.

Test module not there.

Verified c:\windows\system32\dns.exe exists.

-Mike

Edited by marrone

Share this post


Link to post
Share on other sites

raptors been a bit busy lately and only surfaces on the internet once every one or two weeks. theres nothing more i can do myself, we're going t have to wait for raptor to surface and respond.

Share this post


Link to post
Share on other sites

I figured that was pretty much all you could troubleshoot.

Hopefully that's enough to go on.

Thanks for the help. Autopatcher is a great product and has helped me immensely!

-Mike

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.