[ISN] Microsoft pulls patch that can slow Windows XP

From: InfoSec News (isnat_private)
Date: Thu Apr 24 2003 - 18:46:42 PDT

  • Next message: InfoSec News: "[ISN] DirecTV mole to plead guilty"

    http://www.nwfusion.com/news/2003/0424micropulls.html
    
    By Joris Evers and Paul Roberts
    IDG News Service, 04/24/03
    
    Microsoft pulled a security patch for Windows XP systems with Service 
    Pack 1 installed after customers complained that installing the patch 
    slowed their systems down to a crawl. 
    
    Microsoft is working on a revised patch for Windows XP Service Pack 1 
    and will re-issue that patch when it has been completed and fully 
    tested, the Redmond, Washington, software maker said in a revised 
    version of its security bulletin MS03-013 posted late Wednesday. 
    
    Originally released on April 16, the security bulletin addressed a 
    buffer overrun vulnerability in the Windows kernel, which manages core 
    services for the operating system such as allocating processor time 
    and memory, as well as error handling. 
    
    A flaw in the way the kernel passes error messages to a debugger could 
    enable a malicious hacker to take any action on a vulnerable system 
    such as deleting data, reconfiguring the device or modifying user 
    accounts and privileges, Microsoft said in its advisory. 
    
    Soon after the patch was released, however, Windows XP users began 
    complaining in online forums of performance problems that appeared 
    after the patch was applied. 
    
    Users reported that Windows XP can take up to 10 seconds or even more 
    to start an application after installation of the patch. Removing the 
    patch brings system speed back to normal, Windows XP users wrote in 
    dozens of postings on several online discussion boards. 
    
    In updating its security bulletin, Microsoft acknowledged those 
    problems, but said that customers running Windows XP Service Pack 1 
    should still consider applying the flawed patch as protection until a 
    new version is released. 
    
    "Customers are encouraged to review this security bulletin... (and) 
    assess whether their particular environments demand that the patch 
    should be applied immediately or whether their particular level of 
    risk permits delaying deployment of the patch until it is revised and 
    the performance problem corrected," the company said. 
    
    Microsoft said it will also publish a knowledge base article that 
    describes what environmental factors produce slow downs when combined 
    with the XP patch and what can be done to reduce the impact of the 
    slow downs should they occur. 
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Fri Apr 25 2003 - 01:38:50 PDT