Installing MS05 51: pain if you do, pain if you dont


The issues surrounding an October patch from Microsoft, MS05-51, are growing from a short story to a novel.

First, MS05-51 was the one Windows patch (out of nine) rated Critical last week. Then, as we reported Friday, attackers have targeted the flaws that the patch corrects (vulnerabilities in MSDTC and COM+) with exploit code circulating in the hacker underground. That raises the urgency of installing an already-critical patch.

Over the weekend, we've learned that the MS05-51 patch creates system instability if you've modified your Access Control List (ACL) settings. Since just about every diligent administrator we know liberally customizes ACLs, when Microsoft says there are a "limited number of affected customers," we guess "limited" in this sense means "as opposed to infinite." WatchGuard Wire: RSS Feed | WatchGuard Technologies, Inc.

Linked by shanmuga Monday, 17th October 2005 10:00PM