This is a multi-part message in MIME format.
--------------2E10AD1967AEFBC652083E1F
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
This just in from Novell in response to the NT ZEN client bug.
Bert
--
/^^^\ As usual, my opinions
/~O~O~\ are my own and most likely
\ / not those of my company.
-oOo-------oOo-
--------------2E10AD1967AEFBC652083E1F
Content-Type: message/rfc822
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
>From TPETERSONat_private Thu Jul 30 13:00:35 1998
Received: from gate2.citicorp.com (gate2.citicorp.com [163.39.250.200])
by magnolia.citicorp.com (8.8.5/8.8.5) with SMTP id NAA24433;
Thu, 30 Jul 1998 13:00:34 -0400 (EDT)
Received: from orm-mh.orem.novell.com (orm-mail20.orem.novell.com) by gate2.citicorp.com with SMTP id NAA05509
(InterLock SMTP Gateway 3.0); Thu, 30 Jul 1998 13:00:36 -0400
Received: from INET-ORM-Message_Server by orm-mh.orem.novell.com
with Novell_GroupWise; Thu, 30 Jul 1998 10:58:57 -0600
Message-Id: <s5c051f1.069@orm-mh.orem.novell.com>
X-Mailer: Novell GroupWise 5.5
Date: Thu, 30 Jul 1998 10:58:49 -0600
From: "Thayne Peterson" <TPETERSONat_private>
Subject: Winnt 4.3 has been updated
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Disposition: inline
Apparently-To: <ramodolat_private>
Apparently-To: <janderseat_private>
Apparently-To: <hgrootheat_private>
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by magnolia.citicorp.com id NAA24433
Using the Novell Client v4.3 for Windows NT there is the possibility that individuals could access information on the local NT Workstation without having to authenticate. If a user clicks on the "?" button in the Novell GUI Login, selects open from the file menu, then right clicks on anything in the active dialog box they can gain access to files on the local hard drive with system-level rights.
Novell has already released an update to correct the issue.
The Novell Client v4.3 for Windows NT that can currently be downloaded from www.novell.com\download has been modified to prevent this from occurring. The patch file NT430I1.EXE is also available on from www.novell.com\download and contains the updated code that prevents this issue as well as solves other known issues with the 4.3 Client. The Z.E.N.works boxes that are currently in the channel will all be rotated to incorporate the updates.
The best way for a customer to verify if they have the Client that has this issue is to check the version of the files LOGINW32.DLL in the WINNT\SYSTEM32 directory, and the LOGINW32.RLL in the WINNT\SYSTEM32\NLS\ENGLISH. If the version of these files is 2.00.00 then you could see this problem. If the version of the files is anything later than 2.00.00, you have the files that eliminate the problem. You can verify the version of the files by right clicking on the files, going to properties and looking at the File Version.
The updated NT Client can be distributed rapidly and efficiently through the Automatic Client Upgrade (ACU) or through the Novell Application Launcher (NAL) which is a component of the Z.E.N.works Starter Pack and Z.E.N.works product. The patch file NT430IT.EXE ships with a NAL template that can then be imported into NDS and associated with the desired users. The Automatic Client Upgrade is well documented in the online help that ships with the Novell Clients.
Issues like this clearly demonstrate the need and value of desktop administration suites such as Z.E.N.works. Without Z.E.N.works, distributing updates such as this to workstations across an Enterprise can be very expensive.
--------------2E10AD1967AEFBC652083E1F--
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:14:42 PDT