RE: Critical Updates and hot-fixes

  • From: "Alfonso Lopez de Ayala" <alopezdeayala@xxxxxxxxxxxx>
  • To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
  • Date: Thu, 23 May 2002 08:04:09 -0700

I know this doesn't solve your problem... but just to relate my
experience: I recently had finished configuring a box with W2k AD DC,
Exchange and ISA in it (including the stringent HISECDC.inf high
security settings)... last thing I did was connect the server to the
Internet (with a static public routable IP address) and run Windows
Update... well, it did its thing, downloading and installing patches and
hotfixes and among other things it asked a couple of times for that
familiar "Digital signature not found, do you want to install?", to
which I just clicked ok... after Windows Update finished I reboot the
computer (and disconnect it from the Internet)... it starts up fine...
then I start noticing odd errors... I explore around and see that the
GUEST account had been enabled and made a member of the ADMINISTRATORS
group!!! ...explore around some more and notice lots of group policy and
registry settings relating to rights and permissions totally changed...
my computer had been hacked and taken control of!!! ...only way this
could have happened is thru some program that came from the net and I
let run in my server... I decided to wipe out the whole server and
reinstall everything from scratch after a disk scrub and reformat...
lesson learned: NEVER DO ANYTHING ON THE WEB WHEN LOGGED IN AS
ADMINISTRATOR... DOWNLOAD (in another machine) ANY UPDATES AND FIXES AND
SERVICE PACKS FROM MICROSOFT AND THEN, OFFLINE, RUN THOSE SPECIFIC FILES
TO INSTALL THEN IN THE SERVER...

-----Original Message-----
From: Chhatwal, Raminder S. [mailto:Raminder.Chhatwal@xxxxxxxxxxx] 
Sent: Thursday, May 23, 2002 7:30 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Critical Updates and hot-fixes

http://www.ISAserver.org


I just used Windows Update to put on the latest Critical Updates and
hot-fixes on the server. Soon after that event log is filled with errors
about the ISA Server Control Service failing to start.  I tried to start
the service manually and it says invalid handle.

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
alopezdeayala@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 05-2002