CRITICAL ACTION NEEDED FOR SBSers <<<<<How to patch your Network>>>>>>

Discussion in 'Windows Small Business Server' started by Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP], Feb 11, 2004.

  1. There is a security bulletin 04-007 that just came out. It's a nasty
    one. So here's some steps you need to take NOW... SOON.

    1. Reboot your server before patching. [okay I'll admit I don't always
    do that, so I'll let you slide on that one]
    2. Manually go into services and shut off Exchange as a precaution
    [start, admin tools, services, anything with Microsoft Exchange, click STOP]
    3. Using whatever tool of your choice [PREFERABLY www.shavlik.com
    hfnetchkpro limited or MBSA which scans for all sorts of patches but in
    this case with 04-007, Windows update will do just fine] scan for
    patches and apply them.
    4. REBOOT
    5. Scan again to ensure that the patch has been applied.

    We cannot stress enough how critical it is for all SBSers to reboot.

    I've just finished up my SBS2000 network tonight and all is fine and as
    soon as I post messages to various groups.... I'll be patching here at home.
     
    Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP], Feb 11, 2004
    #1
    1. Advertisements

  2. Forgot to add all NT, 2k XP workstations need this patch as well.
     
    Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP], Feb 11, 2004
    #2
    1. Advertisements

  3. SBS2000 Shavlik hfnetchk Pro finds 04-007 and patches
    Windows Update confirms

    SBS2003 Shavlik hfnetchkPro Limited does NOT find 04-007, says I need 03-041
    Windows Update does say I need 04-007, does not say I need 03-041


    Shavlik is not finding 04-007 use Windows Update instead.... I'm
    pinging Eric Schultze.
     
    Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP], Feb 11, 2004
    #3
  4. Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]

    John Bouley Guest

    I tried to access the hotfix and it appears as though Microsoft is down!
    Will try later...


     
    John Bouley, Feb 11, 2004
    #4
  5. Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]

    Chris Thomas Guest

    Ive heard about these big security holes that Microsoft just told us about,
    however Windows Update does not say that I need them, which I find odd.

    This happen to anyone else?
     
    Chris Thomas, Feb 11, 2004
    #5
  6. I loaded from Windows Update last night without drama...

    -Trevor

     
    Trevor OE News, Feb 11, 2004
    #6
  7. Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]

    Chris Thomas Guest

    Is there anyway to tell if the patch has been applied??

     
    Chris Thomas, Feb 11, 2004
    #7
  8. Chris,

    It's highly unlikely you have the most recent security update installed.
    Even if you have WU set to auto-update and install the server (not
    recommended), it would still have requried a restart, and you would have
    noticed that, no?

    There is also the 'View Installation History' link once you connect to WU.

    Anyway, normally you will see these in your event log: (this is one of two
    applied yesterday)

    Event Type: Information
    Event Source: NtServicePack
    Event Category: None
    Event ID: 4377
    Date: 2/10/2004
    Time: 9:36:17 PM
    User: PDL\Administrator
    Computer: SBS
    Description:
    Windows Server 2003 Hotfix KB828028 was installed.

    Control Panel add/remove programs is another way to check, allthough not all
    patches will show up there.

    Tools you can use to check for missing updates, etc. MBSA, hfnetcheck.

    I generally don't restart a server except for patching, I see a restart on
    Jan 2, Feb 2, and Feb 10. Those I believe were all fairly important,
    possibly critical, updates that required a restart.

    If WU isn't working on the SBS, then find out why, use the tools above, and
    or download the updates and install them manually.


    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.


    --
    Les Connor [SBS MVP]
    -------------------------------------
    SBS Rocks !



     
    Les Connor [SBS MVP], Feb 11, 2004
    #8
  9. Much of what you need is linked to on this page:

    http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
    topics/patch/default.asp

    MBSA
    Security Bulletin Notification Service
    Software Update Services
    Security Bulletin Search
    Archive of Summary Bulletins

    --
    Les Connor [SBS MVP]
    -------------------------------------
    SBS Rocks !



     
    Les Connor [SBS MVP], Feb 11, 2004
    #9
  10. Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]

    Chris Thomas Guest

    As it turns out, the update was installed on the 10th.
    I had checked through Add/Remove before but everything was referenced by its
    KB number, and I only knew the patch by is SB number.

    I also installed hfnetcheck so between that and WU i should keep up to date
    with all the patches.

    Thanks

     
    Chris Thomas, Feb 12, 2004
    #10
  11. Hi Chris,

    So, is your SBS configured to dowload and automatically install updates,
    including an automatic server restart? That would be pushing the technology
    a bit past my comfort level, at least.

    --
    Les Connor [SBS MVP]
    -------------------------------------
    SBS Rocks !



     
    Les Connor [SBS MVP], Feb 12, 2004
    #11
  12. Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]

    Ray Joslyn Guest

    Why do you need to manually shut down exchange before installing this patch?
     
    Ray Joslyn, Feb 12, 2004
    #12
  13. Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]

    SuperGumby Guest

    it's not particular to this patch. As a 'best practice' it is just good form
    to not only stop Exchange but also any other non-essential services (AV and
    Backup for example) before patching.

    BTW Susan, I've been bitten when not performing a restart before patching.
    If not necessary it is right up there in the 'highly recommended' area.

    --
    Mick Malloy
    http://www.micropol.com.au

     
    SuperGumby, Feb 13, 2004
    #13
  14. Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]

    Chris Thomas Guest

    I have it set to Download and notify.
    I restarted the server either monday or tuesday (where in the event log does
    it show restarts)
    If it hasnt been restarted since the patch then ill restart it today.

    Chris

     
    Chris Thomas, Feb 13, 2004
    #14
  15. Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]

    Ray Joslyn Guest

    I did go ahead and shut down exchange and applied the patch. When it was
    through it did not ask me to reboot. Looking at the event viewer it says
    that the patch failed. It never told me that after it was done. But I
    suspected something since it did not ask to reboot. Hfnetck along with
    windows update reports the patch is not installed. So how can I get this
    installed?
    Ray
     
    Ray Joslyn, Feb 13, 2004
    #15
  16. Try installing it manually

    Also what's the exact reason it gives for not installing?

     
    Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP], Feb 13, 2004
    #16
  17. Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]

    Ray Joslyn Guest

    When you mean manually do you mean not through windows update. There was no
    reason given in the event viewer for why it did not install.
    Ray

     
    Ray Joslyn, Feb 13, 2004
    #17
  18. Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]

    John Bouley Guest

    Anyone else having problems accessing Microsoft.com? I have tried to
    download the update for the past several days without success!

    John
     
    John Bouley, Feb 13, 2004
    #18
  19. Chris,

    Restarts are easily identified by about 10 system event log errors in a row
    ;-). But the easiest way is to have a look at the DNS event log, it's not
    nearly as busy. Some servers I can see every restart for the past year still
    there in one screen ;-).

    Download and notify is OK. Be sure to log onto the console though, otherwise
    you'll not see the notify. If you subscribe to the bulletins, you'll know
    when to check for updates.

    --
    Les Connor [SBS MVP]
    -------------------------------------
    SBS Rocks !



     
    Les Connor [SBS MVP], Feb 13, 2004
    #19
  20. Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]

    John Bouley Guest

    Am I the only one who can not get to Microsoft.com? I have been trying for
    the past week with no success!

    John
     
    John Bouley, Feb 17, 2004
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.