The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. ******************************** Re-release of Microsoft Security Bulletin MS99-046 -------------------------------------------------- In November, we withdrew a previously released patch that improved the randomness of TCP initial sequence numbers in Windows NT 4.0. The patch was withdrawn because it contained the same regression error that was present in Windows NT 4.0 SP6. We have eliminated the regression error and re-released the patch. The security bulletin has been updated and is available at http://www.microsoft.com/Security/Bulletins/ms99-046.asp; the FAQ also has been updated and is available at http://www.microsoft.com/Security/Bulletins/ms99-046faq.asp. All versions of the original patch were affected by the regression error, although the error only manifested itself in certain situations. When applying the new patch, it's not necessary to uninstall the original patch first. Just install the patch as normal. Here's how to determine which patch to apply: - If you are running Windows NT 4.0 SP4 or SP5 on an Intel machine, go to http://www.microsoft.com/Downloads/Release.asp?ReleaseID=16763 and select q243835sp5i.exe. - If you are running Windows NT 4.0 SP6 on an Intel machine, go to http://www.microsoft.com/Downloads/Release.asp?ReleaseID=16764 and select q243835i.exe. - If you are running Windows NT 4.0 SP4 or SP5 on an Alpha machine, go to http://www.microsoft.com/Downloads/Release.asp?ReleaseID=16763 and select q243835sp5a.exe. - If you are running Windows NT 4.0 SP6 on an Alpha machine, go to http://www.microsoft.com/Downloads/Release.asp?ReleaseID=16764 and select q243835a.exe. We are very sorry for any inconvenience caused by the regression error, and will do our best to prevent similar problems in the future. Regards, The Microsoft Security Response Team ******************************************************************* You have received this e-mail bulletin as a result of your registration to the Microsoft Product Security Notification Service. You may unsubscribe from this e-mail notification service at any time by sending an e-mail to MICROSOFT_SECURITY-SIGNOFF-REQUESTat_private The subject line and message body are not used in processing the request, and can be anything you like. For more information on the Microsoft Security Notification Service please visit http://www.microsoft.com/security/services/bulletin.asp. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site at http://www.microsoft.com/security.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:23:22 PDT