Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Patch Tuesday Fallout - Internet Security | DShield SANS ISC InfoSec Forums

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Patch Tuesday Fallout
Microsoft published a knowledge base article about issues with MS06-015. The two main culprits appear to be HP's "Share-to-Web" software and Kerio Personal Firewall.

In order to implement the MS06-015 fix, Microsoft created a special binary (VERCLSID.EXE) which will validate extensions before the windows shell or explorer is able to instantiate them. If VERCLSID.EXE fails to run, many functions are disructed (e.g. open files in applications using the 'File'->'Open' menu).

More stories about patch MS06-013 can be found in a recent Inforworld article. This patch was expected to cause issues due to the changes in ActiveX functionality. Again, see the respective Microsoft statement. Let us know if you experience any issues. So far, everything appears to center around 'Siebel 7'. Given the lack of outcries so far, I don't expect a lot of problems with other applications.

(Thanks to Susan and Juha-Matti for their contributions!)
I will be teaching next: Defending Web Applications Security Essentials - SANS Brussels September 2019


3603 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!