MS05-019

[Leonard]

Archived from groups: microsoft.public.win2000.security (More info?)

Some news are coming from MS that this patch causes network problems of
several kinds: loosing VPN connections, network slowdown, etc. A re-release
of this patch is expected soon...

 

[alice]

Archived from groups: microsoft.public.win2000.security (More info?)

"Leonard" wrote:

> Some news are coming from MS that this patch causes network problems of
> several kinds: loosing VPN connections, network slowdown, etc. A re-release
> of this patch is expected soon...

Thanks for the heads-up. I was nervous about that patch because of the
TcpWindowSize change documented here:
http://support.microsoft.com/kb/890345
I'm glad to see that Microsoft have expanded on the information originally
detailed in Q890345 as v1.0 wasn't hugely informative.

Alice

 

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

Does anyone know when Microsoft will be reissuing this patch? I found on
BugTraq that the KB number for this patch will be KB898060. I have not found
this KB number on any Microsoft sites so far.

"Alice" wrote:

> "Leonard" wrote:
>
> > Some news are coming from MS that this patch causes network problems of
> > several kinds: loosing VPN connections, network slowdown, etc. A re-release
> > of this patch is expected soon...
>
> Thanks for the heads-up. I was nervous about that patch because of the
> TcpWindowSize change documented here:
> http://support.microsoft.com/kb/890345
> I'm glad to see that Microsoft have expanded on the information originally
> detailed in Q890345 as v1.0 wasn't hugely informative.
>
> Alice
>

 

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

There are two new KB's that I think address both of your questions:

http://support.microsoft.com/default.aspx?kbid=898060

http://support.microsoft.com/kb/897656/

Also, on the TCPWindowSize reg key...our bandwidth management team did some
great metrics on the changes brought on by the patch. There is indeed some
network degredation, but it wasn't enough to warrant huge concern or the
need to change the window size back to 64K (Note: If you do want to revert,
it should be set to 64240, which is not noted in the KB). The most drastic
impact of this new change is if latency is an issue on your network. The
patch seems to have a direct and proportionate degradation as latency
increases. For example, if you have a WAN link that crosses between North
America and Europe, the network degredation may be more noticable, but was
still at an 'acceptable' range overall. The real concern would be if an
application that was very sensitive to latency, the TCPWindowsSize may need
to be bumped back up to 64K.

Side note: The loopback address issue that MS pushed out to Windows Update
as 'Critical', but not via a security bullein, is now included in MS05-019.
Here's the original article:
http://support.microsoft.com/default.aspx?scid=kb;en-us;884020

G