Saturday, June 17, 2006

MS06-025 (KB911280) The Microsoft patch that prevents users from using a dial-up connection

Click Image to see a larger version.

The Microsoft patch that causes problems this month is MS06-025 (KB911280). This was supposed to fix critical vulnerabilities in the Routing and Remote Access Service. As well as fixing these issues, the patch also prevents users from using a dial-up connection. It also breaks dial-up functionality in software applications and also prevents scripts from running.

This puts dial-up users in a bad spot. Install the patch and be safe (so safe in fact that the Internet is totally out of bounds), or try to patch up the vulnerability manually using a firewall (by restricting access to TCP ports 135, 139, 445, and 593 and UDP ports 135, 137, 138, and 445 and monitoring inbound traffic on TCP/UDP ports greater than 1024).

If you have installed this patch and have problems then go to Add / Remove Programs in Control Panel and put a check mark in "Show Updates" see image in this post, click remove and then re-boot to fix the problem.

Microsoft has reissued a critical security patch, MS06-025, after users of dial-up Internet systems that use the terminal window or dial-up scripting experienced incompatibilities. The patch addresses known vulnerabilities in Windows 2000 and XP routing and remote access functionality; it does not affect Windows 98 or Me editions. The updated patch can be obtained here.

No comments: