Been stung by this too. They have re-released ms05-19 this month. Malcolm -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Rick Mack Sent: 20 June 2005 12:40 To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Client disconnections due to security hotfix MS05-019 and Windows Server 2003 SP1 Hi People, About a month ago one of our customers started having problems with remote terminal server users dropping off and not being able to reconnect, but local users could still connect and work without problems. The problem slowly became more severe, despite the fact the the terminal server wasn't heavily loaded. Tried upgrading to Windows 2003 SP1 and the problem became even worse. Turns out to have been an MTU size issue (with XDSL connections) induced by MSO5-019 and made worse by Windows 2003 SP1. After a period of time the server/client thinks the remote host is unavailable due to retransmissions and timeouts. Microsoft have released a new hotfix to fix the problem. What they don't mention is that it doesn't install on a server with Windows 2003 SP1. Had get another version that was compatible with 2003 SP1. Anyway, the article: KB Article 898060 Note that the Post SP1 hotfix is different to the one offered to fix the problem. Installing security update MS05-019 or Windows Server 2003 Service Pack 1 may cause network connectivity between clients and servers to fail Network connectivity between clients and servers may fail. This failure occurs after the installation of either security update MS05-019 or Microsoft Windows Server 2003 Service Pack 1 (SP1). Any one or more of the following symptoms may occur: â Inability to connect to terminal servers or to file share access. â Failure of domain controller replication across WAN links. â Inability of Microsoft Exchange servers to connect to domain controllers. These symptoms are more likely to occur in WAN and LAN scenarios. These scenarios typically exist where routers and data-link level protocols that have different Maximum Transmission Units (MTUs) are used across the network. In this scenario, the sending host can receive several Internet Control Message Protocol (ICMP) destination unreachable messages that have MTU updates for a destination. These symptoms are most likely to occur if the following conditions are true: 1. During the PathMTUDiscovery process, several routers on the route to the destination send MTU updates to the source host. One of the possible reasons for this could be that source and destination hosts are in different WAN segments. Additionally, these segments are connected through a tunnel with a small MTU. 2. Network load balancing, dynamic routing, or both are used. In this scenario, there are several possible routes to a destination that has MTUs that are different from the MTU of the sending subnet and that are different from each other. Therefore, changing the route of IP packets over time can produce several MTU updates for the destination address regards, Rick Ulrich Mack Volante Systems NÂYÃÂÂ*hÅÃ+z'ÅâÃÂ*'ÂâÃvââ)Ã>ÂrÃÂxâÃÂÂ-ÂÃ-ÂÂâÂ&ÂyÃËÅz/jÃÂÅÃ'r+-âÃ^iÃÂâÅà'^ÂâÃyÂmÅgÂÂxÂÂÂÂÂÂÃÂÂrÃÂzÃÃj ÂÂ[ÂÅâÃ~ÅÃLâÃÂÂ-ÂÃ-ÂÂÂâÃiÃÃ0ÃÃ"Åz/jÃÂÅÃ(âÃÂr+kâmâK~ÃSâ)Ãâ'ÂÂ*&ÂÃbÅÃÅKÂàj)ZnWÅÂmÂÃÃâ)ÃzÃÃÅy,qÃââ)ÃÅHÅÂiÂÅ+râW BIÃÂrÅÂÂÃâ+bzÃmÂÅÃà -â)ÃÅHÅÂah Ãâ+ÃÂÃÅÃâÂÃÃmÃÂnÃ+âÂÂÂà(ÂÃ+UÂÂ*'Åâ^ÂÃÂâÃÃâÅ%Åy!ÂÃÃÃbÅwÂÃÃÂÂ,eÅÃ\ *********************************************************************************** The Royal Bank of Scotland plc. Registered in Scotland No 90312. Registered Office: 36 St Andrew Square, Edinburgh EH2 2YB. Authorised and regulated by the Financial Services Authority This e-mail message is confidential and for use by the addressee only. If the message is received by anyone other than the addressee, please return the message to the sender by replying to it and then delete the message from your computer. Internet e-mails are not necessarily secure. The Royal Bank of Scotland plc does not accept responsibility for changes made to this message after it was sent. Whilst all reasonable care has been taken to avoid the transmission of viruses, it is the responsibility of the recipient to ensure that the onward transmission, opening or use of this message and any attachments will not adversely affect its systems or data. No responsibility is accepted by The Royal Bank of Scotland plc in this regard and the recipient should carry out such virus and other checks as it considers appropriate. Visit our websites at: http://www.rbs.co.uk/CBFM http://www.rbsmarkets.com ******************************************************************************** ******************************************************** This Weeks Sponsor: eg Innovations, Inc. Enabling Proactive Infrastructure Triage eG Innovations, Inc. is the leading provider of real-time monitoring and proactive triage solutions for IT Infrastructures. http://www.eginnovations.com/egcitrix.htm ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm ThinWiki community - Excellent SBC Search Capabilities! http://www.thinwiki.com *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm