Microsoft Reissues Windows XP SMB Security Hotfix

Microsoft Reissues Windows XP SMB Security Hotfix
As many of you noted a few weeks ago, the Windows XP Server Message Block (SMB) security hotfix wouldn't install on XP Service Pack 1 (SP1) systems. I've since discovered that Microsoft released a new version of the MS02-070 (Flaw in SMB Signing May Permit Group Policy to Be Modified) security hotfix on January 22. If you missed my earlier column about this subject, you need to know that in addition to eliminating a Group Policy-based vulnerability, this security fix should also eliminate numerous errors that XP SP1 users experience when they attempt to access (i.e., create, open, or save) files on Windows 2000 systems with SMB signing enabled. You can download the new version of this fix. I haven't yet tested the fix, so let me know whether it works.

Win2K Eject PC Bug Fix
Last week, I tried the Eject PC command on a laptop plugged into a docking station. The docking station hosted several devices, including a network card, a printer, and a Palm Pilot. Expecting the system to respond immediately, I tapped my foot for 10 minutes while the machine attempted, unsuccessfully, to save its state. After another few minutes, I ran out of patience and rebooted. The system restarted, displayed the standard logon screen, then displayed a message box stating that the system was still attempting to go into standby mode. In this hung state, the machine didn't respond to Ctrl+Alt+Del nor to any other keyboard or mouse input. Because the battery still had a charge, disconnecting the laptop from the docking station did nothing. To recover the machine, I disconnected the external power source and waited for the battery to drain completely. When I reconnected the power, the system restarted as usual.

Microsoft documents similar, but not identical, behavior in the Microsoft article "The 'Eject PC' Command May Not Work Intermittently". The article states that this problem occurs when the docking station supports an Enhanced Capabilities Port (ECP) Printer Port. In this case, you might see the error message You cannot eject your computer because one of the devices in the docking station, "ECP Printer Port (LPT1"’ cannot be stopped. According to Microsoft, if you disable the ECP port, this error shouldn't occur. I presume that the same bug caused the behavior I experienced because the docking station supported a printer.

A timing error in the Win2K kernel causes this system hang: The OS attempts to asynchronously close all docking station devices, but the Plug and Play (PnP) code expects docking station devices to be disconnected immediately. This creates a deadlock between two pieces of code, each waiting for the other to complete its task. Microsoft has a bug fix that eliminates this problem on all Win2K versions. The patch updates four kernel files: ntkrnlmp.exe, ntkrnlpa.exe, ntkrpamp.exe, and ntoskrnl.exe; all files have a release date of November 20.

Win2K Task Scheduler Forgets Batch Jobs
I’ll be surprised if readers haven’t noticed this behavior already. The Win2K Task Scheduler process has a coding error that crops up when you schedule a batch job to run multiple times at a specific interval—for example, every 8 hours or every 24 hours, but not at a specific time of day. In this case, the scheduler stops resubmitting the batch job after the batch job has run successfully 12 times. Microsoft Product Support Services (PSS) released a bug fix that corrects this problem in all Win2K versions. The Microsoft article "Task Scheduler Stops Scheduling Repeating Jobs" indicates the update contains two files, new versions of mstask.dll and mstask.exe, which both have a release date of October 4, 2002. You must obtain this patch directly from PSS.

Disk Subsystem Blue Screen
A bug in the Win2K disk driver subsystem might cause a blue screen with a stop code of 0x1E in the component disk.sys. Although details about the frequency or circumstances that provoke the crash are sketchy, the Microsoft article " Disk.sys Causes an ‘0x0000001E’ Error" states that the disk driver performs a test for drive functionality in the wrong place. You can eliminate this blue screen in all versions of Win2K by installing the bug fix, updated versions of classpnp.sys and disk.sys. Classpnp.sys has a file release date of August 1, 2002, and disk.sys has a release date of December 16, 2002. You must get this fix directly from PSS.

USB Device Bug Fix
Systems that use USB 2.0 controllers might experience compatibility problems with earlier USB 1.1 devices. If you support systems that have either of two types of IBM USB-based hardware—the 32MB memory key or the removable CD-ROM—the devices might be inoperable after a system resumes from hibernation. To diagnose this problem, start Device Manager and locate the device. The device should have a red X and the description This device is not working properly because Windows cannot load the drivers required for this device. (Code 31). To eliminate the problem, call PSS.and ask for the updated USB drivers. The patch contains three files: usbehci.sys, usbhub20.sys, and usbport.sys. All three files have a release date of November 13, 2002. Use the Microsoft article "USB Memory Stick Is Not Recognized After the Computer Resumes from Hibernation" as a reference.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.