|
Updates are included
for the following agents:
-
Microsoft Windows 2000 (Server and
Professional)
-
Microsoft Windows Server 2003
-
Red Hat Enterprise Linux (Versions 3
& 4)
-
IBM AIX
-
HP HP-UX 11
-
Sun Solaris on SPARC (Versions 7, 8
& 9)
Date
Execution Prevention (DEP) problem reported in Assuria Bulletin 09.
A
replacement checker.exe file is shipped for the Windows Server 2003
agent. This sets page execution permission so as to avoid
false-positive Data Execution Prevention (DEP) exceptions when
executing System Scanner’s password checking functionality on a
processor running Windows 2003 with service pack 1 installed and
hardware DEP enabled. Without this fix, such exceptions caused the
LSASS system process to crash and the operating system to initiate a
controlled shutdown. The fix resolves the issue described in Assuria
Bulletin 09 and replaces the workarounds described there.
XPU_Config
file.
A
replacement xpu_config file is shipped for the console. Previous XPU
36, shipped by ISS in 2005, replaces the agent service executable (ntsmnetd.exe)
on all Windows platforms. In doing so, it correctly causes the agent
service to shutdown and restart. However when a sequence of XPUs
including XPU 36 was applied to a Windows agent, the console was
failing to wait for this restart before pushing the next XPU to the
agent. The consequence was that the following XPU push could fail in
an unpredictable fashion. It is recommended that customers apply XPU
43 to their consoles before pushing XPU 36 to any agents not yet
updated.
IBM
AIX Fixes
The update to the IBM
AIX agent includes a set of checks, and a policy (aix-fixes) that runs
them, which are being release as a beta release. These checks
introduce a new mechanism for checking for the absence of AIX fixes on
AIX 5.1, 5.2 and 5.3. At this release the aix-fixes policy is not
included into any of the Initial-* or Maintenance-* policies, and
hence these checks will only be run is the aix-fixes policy is
explicitly requested.
|
