Re: WARNING: IE Security update KB963027 Breaks Companyweb (SBS 2003)
- From: "Cliff Galiher" <cgaliher@xxxxxxxxx>
- Date: Sat, 18 Apr 2009 16:37:05 -0600
Agreed. But what I was trying to convey (obviously ineffectively) is that because this *was* a security patch, MS has to support it all the way back to SBS2k3 RTM, not just the current SP as per their product support lifecycle.
It is reasonable to assume that MS did test against an RTM machine (which would have IE6), and SP1 machine, an SP2 machine, and a machine fully updated with all patches. And in all of those cases, this problem would not have surfaced.
It is *not* reasonable for MS to test against every possible combination of patch that could be applied to a system. If you recall your high-school algebra on combinations and permutations, each additional patch causes the total combination possibilities to grow exponentially. When you consider how many patches have been released for Win2k3, it would *literally* be millions of combinations to test against. Things like this *will* slip through the cracks and it is not a sign of poor quality control.
It requires a person to install *on the server* IE7 and then pass on related updates, which I would argue is probably a significant edge-case. It has even been debated in this newsgroup in the past whether IE7 should be installed on the server. Or silverlight. Or any other client enhancement.
So should the optional patch have been bumped? Of course. Am I going to get pissy with MS for releasing a half-baked patch? C'mon...I'm surprised these types of conflicts don't arise *more* often. That's all I was trying to point out.
-Cliff
"SuperGumby [SBS MVP]" <not@xxxxxxxxxxx> wrote in message news:#V1jN1GwJHA.5392@xxxxxxxxxxxxxxxxxxxxxxx
Critical patches should not have a dependence on 'optional' patches. The criticality of the final patch raises the (previously) optional patch's status to 'required', or the critical patch should include the code from the optional..
--
SBS remote support services. (Fees apply)
mickm at mickmalloy dot dyndns dot org
"Cliff Galiher" <cgaliher@xxxxxxxxx> wrote in message news:emA$inGwJHA.5516@xxxxxxxxxxxxxxxxxxxxxxxA couple of random thoughts here, in no particular order:
1) The hotfix changes some core DLL's to fix security flaw in IE. There was *no way* to release this without breaking companyweb because the underlying NTLM authentication *needed* to be fixed. No amount of "testing" would change that.
2) Security is always a critical fix.
3) IE 7 is, itself, an optional upgrade on a server. There is nothing stopping you from blissfully running IE6 on SBS2k3 indefinitely.
4) Any patches to IE7 that aren't security related, or to the OS that improves compatibility for a non-security product (IE7, IE8 beta) is also optional.
5) Reading the KB articles should be a standard practice.
6) Testing your server after applying a patch should be a standard practice.
7) If you saw this on 20 servers, you failed to follow steps 5 or 6 (or both.)
8) This just isn't that big of a deal. The optional upgrade only impacts IE.....
-Cliff
"Leythos" <spam999free@xxxxxxxxxx> wrote in message news:MPG.2453d2ea9bc00d27989b29@xxxxxxxxxxxxxxxxxxxxxxxIn article <OfuyEREwJHA.5672@xxxxxxxxxxxxxxxxxxxx>, sbradcpa@xxxxxxxxxxx
says...
Leythos wrote:
> I have just confirmed this on more than 20 SBS 2003 servers, IE > security
> update KB963027 breaks the Companyweb.
>
> The primary symptom is that that you are prompted for credentials
> (user/password) that will not be accepted under any conditions.
>
> I have also seen this cause accounts to be locked out because of the
> rejected user/password.
>
> After removing IE 7 Security update KB963027, the entire server > returns
> to normal and works properly.
>
Post 09-014 Companyweb wants a password, install 961143 - THE OFFICIAL
BLOG OF THE SBS "DIVA":
http://msmvps.com/blogs/bradley/archive/2009/04/16/post-09-014-company-web-wants-a-password-install-961143.aspx
Why the HE!! would microsoft issue a critical update that requires an
OPTIONAL update to operate properly.
I'm really starting to get ticked off with MS for breaking a lot of
things with UPDATES that appear to be RUSHED OUT WITHOUT BASIC TESTING.
Thanks for the resolution Susan.
Maybe you could pass it up the chain that common development practices,
decades old, mandate that patches and software NOT BE RELEASED before
proper testing.
--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@xxxxxxxxxx (remove 999 for proper email address)
- Follow-Ups:
- Re: WARNING: IE Security update KB963027 Breaks Companyweb (SBS 20
- From: picturepete
- Re: WARNING: IE Security update KB963027 Breaks Companyweb (SBS 2003)
- From: Gary Karasik
- Re: WARNING: IE Security update KB963027 Breaks Companyweb (SBS 2003)
- From: SuperGumby [SBS MVP]
- Re: WARNING: IE Security update KB963027 Breaks Companyweb (SBS 2003)
- From: Leythos
- Re: WARNING: IE Security update KB963027 Breaks Companyweb (SBS 20
- References:
- WARNING: IE Security update KB963027 Breaks Companyweb (SBS 2003)
- From: Leythos
- Re: WARNING: IE Security update KB963027 Breaks Companyweb (SBS 2003)
- From: Susan Bradley
- Re: WARNING: IE Security update KB963027 Breaks Companyweb (SBS 2003)
- From: Leythos
- Re: WARNING: IE Security update KB963027 Breaks Companyweb (SBS 2003)
- From: Cliff Galiher
- Re: WARNING: IE Security update KB963027 Breaks Companyweb (SBS 2003)
- From: SuperGumby [SBS MVP]
- WARNING: IE Security update KB963027 Breaks Companyweb (SBS 2003)
- Prev by Date: Re: WARNING: IE Security update KB963027 Breaks Companyweb (SBS 2003)
- Next by Date: Re: WARNING: IE Security update KB963027 Breaks Companyweb (SBS 2003)
- Previous by thread: Re: WARNING: IE Security update KB963027 Breaks Companyweb (SBS 2003)
- Next by thread: Re: WARNING: IE Security update KB963027 Breaks Companyweb (SBS 2003)
- Index(es):
Relevant Pages
|
