Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

MS08-059: Vulnerability in the Host Integration Server RPC service could allow remote code execution


View products that this article applies to.

Introduction

Microsoft has released security bulletin MS08-059. To view the complete security bulletin, visit one of the following Microsoft Web sites:

↑ Back to the top


Resolution

How to obtain the latest Host Integration Server 2006 service pack

To resolve this problem, obtain the latest service pack for Host Integration Server 2006. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
979497 How to obtain the latest Host Integration Server 2006 service pack

↑ Back to the top


More information

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

Known issues with this security update

You cannot suppress the progress dialog box during an unattended uninstallation

Symptoms
When you perform an unattended uninstallation of this security update, a progress dialog box is displayed. You cannot suppress the progress dialog box during an unattended uninstallation.
Cause
The option to suppress the progress dialog box is not supported by the hotfix installer.

You may be prompted for the original installation media when you uninstall the Japanese version of this security update

Symptoms
You may have to provide the original installation media if you uninstall the Japanese version of this security update. When you uninstall the Japanese version of this security update, you may be prompted for the location of the original installation media.
Cause
This issue occurs because one of the binaries that is updated is not cached locally on the affected system. During the uninstallation process, Windows Installer must access the original installation media to restore the file.
Workaround
To avoid this issue, make sure that the system has access to the original installation media before you uninstall this security update.

SNA Server services are stopped on multi-node systems

Symptoms
This update stops the following services on Host Integration Server 2006-based servers that use additional Microsoft SNA Server services in a multi-node configuration:
  • SnaSrv02
  • SnaSrv03
  • SnaSrv04
Note This issue does not affect the SNAServer node (SnaServr).
Cause
This issue occurs because these services are part of the same feature as the SNARPC binaries that are updated in Host Integration Server 2006.
Workaround
To avoid interruption of users, this update should only be applied when the additional nodes can be stopped. These services must be manually restarted after the installation of the update is complete.

How to determine if a system has Host Integration Server installed

Use one of the following methods to determine if systems have Host Integration Server installed.

Use the registry to determine if a system has Host Integration Server installed

  • Host Integration Server 2000
    If Host Integration Server 2000 is installed, the following subkey will exist in the registry:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Host Integration Server\5.0
  • Host Integration Server 2004
    If Host Integration Server 2004 is installed, the following subkey will exist in the registry:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Host Integration Server\6.0
  • Host Integration Server 2006
    If Host Integration Server 2006 is installed, the following subkey will exist in the registry:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Host Integration Server\7.0

Use an Active Directory service connection point to identify systems that have Host Integration Server 2006 installed

A service connection point (SCP) is created in Active Directory during the installation of Host Integration Server 2006. This service connection point can be used to identify all of the Host Integration Server 2006 servers in an enterprise. You can use tools such as Active Directory Explorer to query Active Directory for these service connection points. For more information about Active Directory Explorer, visit the following Microsoft Web site: Use the following table to determine the Host Integration Server 2006 service connection point details:
PropertyDescription
serviceClassNameHISServer
serviceBindingInformationName of the HIS Subdomain. This is blank if the SNA Gateway is not installed.
serviceDNSNameType'A' This is the host type.
serviceDNSNameNETBIOS Host name

File information

The English (United States) version of this security update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

For all supported 32-bit editions of Microsoft Host Integration Server 2006

File nameFile versionFile sizeDateTimePlatform
Hisservicelib.dll7.0.2900.035,85615-Aug-200822:00x86
Rpcdetct.dll7.0.2900.052,73615-Aug-200822:02x86
Snarpcsv.exe7.0.2900.036,86415-Aug-200822:01x86

For all supported x64-based editions Host Integration Server 2006

File nameFile versionFile sizeDateTimePlatform
Hisservicelib.dll7.0.2900.050,19215-Aug-200822:00x64
Rpcdetct.dll7.0.2900.057,85615-Aug-200821:59x64
Snarpcsv.exe7.0.2900.045,05615-Aug-200821:59x64

For all supported editions of Host Integration Server 2004 (client)

File nameFile versionFile sizeDateTimePlatform
Hisservicelib.dll6.0.2119.031,24822-Aug-200821:57x86
Snarpcsv.exe6.0.2119.030,20822-Aug-200821:57x86

For all supported editions of Host Integration Server 2004 Service Pack 1 (client)

File nameFile versionFile sizeDateTimePlatform
Hisservicelib.dll6.0.2430.031,24822-Aug-200823:29x86
Snarpcsv.exe6.0.2430.030,20822-Aug-200823:26x86

For all supported editions of Host Integration Server 2004 Service Pack 1 (server)

File nameFile versionFile sizeDateTimePlatform
Hisservicelib.dll6.0.2430.031,24822-Aug-200823:29x86
Rpcdetct.dll6.0.2430.037,88822-Aug-200823:26x86
Snarpcsv.exe6.0.2430.030,20822-Aug-200823:26x86

For all supported editions of Host Integration Server 2000 Administrator Client

File nameFile versionFile sizeDateTimePlatform
Snarpcsv.exe5.0.1.79890,38403-Sep-200820:42x86
Rpcdetct.dll5.0.1.79886,28828-Aug-200818:53x86

For all supported editions of Host Integration Server 2000 Service Pack 2 (server)

File nameFile versionFile sizeDateTimePlatform
Rpcdetct.dll5.0.1.79886,28828-Aug-200818:53x86
Snarpcsv.exe5.0.1.79890,38428-Aug-200818:53x86

↑ Back to the top


Keywords: KB956695, kbsecvulnerability, kbsecurity, kbsecbulletin, kbfix, kbexpertiseinter, kbbug, atdownload

↑ Back to the top

Article Info
Article ID : 956695
Revision : 5
Created on : 5/9/2012
Published on : 5/9/2012
Exists online : False
Views : 449