Threat Level: green Handler on Duty: Jim Clausing

SANS ISC: Patch Refresher; MS05-038 Issues SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Patch Refresher; MS05-038 Issues

Patch Refresher

Okay, what else would follow a patch Tuesday, but a chaotic Wednesday. Just as a refresher on the patches were dealing with:

Bulletin Severity Impact

MS05-038 Critical Elevation of Privilege
MS05-039 Critical Remote Code Execution and
Elevation of Privilege
MS05-040 Important Remote Code Execution
MS05-041 Moderate Denial of Service
MS05-042 Moderate Denial of Service,
Information Disclosure,
and Spoofing
MS05-043 Critical Remote Code Execution

For a more in depth review, please see Cory's great diary from yesterday found at

MS05-038 Issues

It seems that there are issues with downloading the MS05-038 patch and it appears as unavailable. Many thanks to Rick Hoppe who pointed us to the following information found at

"Not long after we released this morning, we found out that many of the digital signatures on some of the IE updates for MS05-038 were corrupted and were preventing install. This only impacts those downloading from the Download Center, not Windows Update, Microsoft Update, SUS, or WSUS. At least now we know what the problem is and it should be fixed soon. "

The message that I received when I tried to download it read:

"The download you requested is unavailable. If you continue to see this message when trying to access this download, go to the "Search for a Download" area on the Download Center home page."

We'll keep you posted as we learn more. It looks to be another interesting day in the world of network security.

Lorna Hutcheson

Handler on Duty


165 Posts
ISC Handler
Aug 10th 2005

Sign Up for Free or Log In to start participating in the conversation!