OctoberPatchFest: The Postmortem
Opinion: The most interesting advisories and patches aren't necessarily the ones getting the most attention.I was actually unavailable Tuesday at 1:30 p.m. Eastern time, when Microsofts October patches began to release. It was a bad day to be out. The company set a new record with 10 advisories listing dozens of vulnerabilities. I looked them over to separate the ho-hum stuff from the real killers. The first advisory, MS04-029, called "Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service," is important for NT4 Server users, but hopefully there are very few of these left on the Internet. Unfortunately, as Netcrafts survey of the Web servers of the FTSE 100 shows, many large corporations are still running it on publicly available servers. One day, well look back at this patch with nostalgia, since all support for NT4, including security patches, will cease at the end of this year.
MS04-030, called "Vulnerability in WebDAV XML Message Handler Could Lead to a Denial of Service," doesnt strike me as something likely to lead to big problems in the future. How many sites really use WebDAV, anyway? Previous bad experience with WebDAV problems has taught many users to shut it off if theyre not using it. Plus, the worst you can realistically get out of it is a DOS (denial of service).