> HOW DO I UNINSTALL THIS PATCH
> ______________________________
>
>
> "Michael D. Ober" wrote:
>
>> "Alun Jones" <alun[ at ]texis.invalid> wrote in message
>> news:uqiWTX2OJHA.4480[ at ]TK2MSFTNGP05.phx.gbl...
>> > "Al Dunbar" <AlanDrub[ at ]hotmail.com.nospaam> wrote in message
>> > news:eRFLIvwOJHA.780[ at ]TK2MSFTNGP05.phx.gbl...
>> >>
>> >> "Michael D. Ober" <obermd.[ at ].alum.mit.edu.nospam.> wrote in message
>> >> news:Buqdnf-pDZCZoZTUnZ2dnUVZ_h6dnZ2d[ at ]earthlink.com...
>> >>> "Greg H" <gphalpin[ at ]gmail.com> wrote in message
>> >>> news:82977544-5fce-493b-990a-0439ebf5d7c5[ at ]u75g2000hsf.googlegroups.com...
>> >>>> On Oct 28, 10:57 am, Greg H <gphal...[ at ]gmail.com> wrote:
>> >>>>> On Oct 27, 7:24 pm, "Michael D. Ober"
>> >>>>> <obermd.[ at ].alum.mit.edu.nospam.>
>> >>>>> wrote:
>> >>>>>
>> >>>>> > After installing MS08-067 (last weeks emergency RPC patch) none
>> >>>>> > of
>> >>>>> > my domain
>> >>>>> > controllers could talk to each other. When I uninstalled this
>> >>>>> > patch,
>> >>>>> > everything started working again. My DCs are Windows Server 2003
>> >>>>> > R2
>> >>>>> > SP2
>> >>>>> > running on VMWare Server 1.05. Has anyone else seen this
>> >>>>> > behavior
>> >>>>> > or have
>> >>>>> > any ideas on how to avoid it? The errors indicated that RPC
>> >>>>> > failed
>> >>>>> > to allow
>> >>>>> > new connections.
>> >>>>>
>> >>>>> > Thanks,
>> >>>>> > Mike Ober.
>> >>>> Restarting the servers solved my problem. I can remote to them
>> >>>> again.
>> >>>>
>> >>>>> The problem I'm having is that I cannot remote desktop to a couple
>> >>>>> of
>> >>>>> my Windows 2003 R2 SP2 Servers. I haven't found a solution yet.
>> >>>>> The RDP services are running.
>> >>>>> The firewall is off.
>> >>>>> I disabled and then renabled Remote Desktop on the My Computer
>> >>>>> Properties.
>> >>>>> I haven't restarted the server yet but will be trying that after 5
>> >>>>> PM
>> >>>>> today.
>> >>>>> There are no errors in the logs regarding RDP.
>> >>>>>
>> >>>>> I'm going to restart the server at the end of the day to see if
>> >>>>> that
>> >>>>> resolves it. If that resolves it, I'll post again.
>> >>>>>
>> >>>>> Greg
>> >>>>
>> >>>
>> >>> It wasn't just Remote Desktop for me. Group Policy didn't work,
>> >>> Kerberos didn't work. Basically, nothing that required RPC calls to
>> >>> operate, which is almost all of Active Directory's communications,
>> >>> worked until I uninstalled this patch.
>> >>
>> >> That's odd. We didn't have any issues with it at all.
>> >
>> > Well, you probably followed the instructions and rebooted the server
>> > after
>> > installing the patch.
>> >
>> > I've seen a number of sites suggest you install the patch without
>> > restarting, and simply stop and restart the Server service.
>> >
>> > That doesn't do the trick. When the Server service starts up again, it
>> > reuses the copy of the DLL that is in the svchost.exe memory. Still
>> > flawed.
>> >
>> > What if you stop every service in the same SvcHost group, and then
>> > restart
>> > them?
>> >
>> > It fixes the _one_ specific path to exploit this flaw, but it leaves
>> > the
>> > flawed function loaded in dozens of processes - can you guarantee that
>> > none of these processes call the same function? [ tasklist /m
>> > netapi32.dll
>> > shows you the processes using the DLL ]
>> >
>> > And if Netapi32.dll expects to talk to its other instances, can it?
>> > Nope.
>> > And that will cause random breakage.
>> >
>> > So, you just apply the patch, restart, and everything will be better.
>> >
>> > Alun.
>> > ~~~~
>> > --
>> > Texas Imperial Software | Web:
http://www.wftpd.com/>> > 23921 57th Ave SE | Blog:
http://msmvps.com/alunj/>> > Woodinville WA 98072-8661 | WFTPD, WFTPD Pro are Windows FTP servers.
>> > Fax/Voice +1(425)807-1787 | Try our NEW client software, WFTPD
>> > Explorer.
>> >
>> I rebooted multiple times after the patches, since I have seen previous
>> MS
>> patches that require two reboots to really get installed correctly.
>>
>> Mike.
>>
>>
>>
>