Ugh. WebDAV patch on SP4?

F

finalgt

Supreme [H]ardness
Joined
Aug 3, 2002
Messages
5,506
So I noticed I started getting weird errors after I reinstalled Windows 2000, so I ran netstat to see what the problem could have been; yup, a huge amount of unsolicited hits on TCP port 80. So I did a quick Google search for the Microsoft patch of the WebDAV vulnerability (it's a Welchia variant) and found the MS page for it...this is where the stupidity comes in. I have SP4, and the WebDAV patch actually requires SP3 to install. What in the hell is the point in that?

Anyway, anybody know how to patch this stupidass virus on an SP4 system?
 
Originally posted by finalgt
So I noticed I started getting weird errors after I reinstalled Windows 2000, so I ran netstat to see what the problem could have been; yup, a huge amount of unsolicited hits on TCP port 80. So I did a quick Google search for the Microsoft patch of the WebDAV vulnerability (it's a Welchia variant) and found the MS page for it...this is where the stupidity comes in. I have SP4, and the WebDAV patch actually requires SP3 to install. What in the hell is the point in that?

Anyway, anybody know how to patch this stupidass virus on an SP4 system?
Click to expand...

Did you install or setup a firewall before you connected it to the internet to download windows updates?
 
Nope, sure didn't. I'm not about to get a firewall just because of this, either. :>
 
Originally posted by finalgt
Nope, sure didn't. I'm not about to get a firewall just because of this, either. :>
Click to expand...

You'll need to download the patches individually from MS website , burn them to CD, then apply them to your server before you connect it to the internet.

If your not willing to minimally secure your server before downloading patches, then nor I or anyone else can help you.
 
Well, odds are, if the patch for the vulnerability is only available for SP3, it's already included in SP4. You see, one of the main points of an SP is to collect all the patches so you don't have to install 500 different updates separately.


Odds are, your strange errors are completely unrelated to this problem. Look harder.
 
Originally posted by ameoba
Odds are, your strange errors are completely unrelated to this problem. Look harder.
Click to expand...

Speaking of which it would be helpful if he posted the exact errors he was getting and how he determined it's a webdav vulnerability.
 
a) It's not a server, it's Win2k Pro being used on a desktop. For some reason that godawful IIS is enabled by default, apparently.

b) The error is that svchost.exe crashes and burns. I read somewhere that the amount of requests you get on port 80 can cause this. I don't know if I fixed the WebDAV vulnerability, but I added some string to my registry, and I don't get the svchost error any more, nor do I notice an assload of connections in netstat any more. So it's all good, thanks for the help.
 
Originally posted by finalgt
a) It's not a server, it's Win2k Pro being used on a desktop. For some reason that godawful IIS is enabled by default, apparently.

b) The error is that svchost.exe crashes and burns. I read somewhere that the amount of requests you get on port 80 can cause this. I don't know if I fixed the WebDAV vulnerability, but I added some string to my registry, and I don't get the svchost error any more, nor do I notice an assload of connections in netstat any more. So it's all good, thanks for the help.
Click to expand...

if you don't need IIS, then *remove* it.
 
You must log in or register to reply here.
Back
Top