Microsoft fixes buggy patch for Windows Server 2008

Windows Server 2000 users also reported that the buggy patch breaks SMTP, but the new patch is only for WS2008

As part of its routine Patch Tuesday updates, Microsoft re-released patch MS10-024 for Windows Server 2008 and R2 that was itself causing problems. The revised patch was not mentioned in the company's heads-up alerts issued on Thursday. However, some users are claiming that the patch also breaks Windows Server 2000. Microsoft disagrees.

The Microsoft Security Response Center blog that detailed Patch Tuesday fixes mentions the revised patch:

"We also include one bulletin re-release, MS10-024, in this cycle. The re-release will address the issue previously noted in KB976323, in which the installation of the bulletin reset user-configured settings for SMTP servers on Windows Server 2008-based systems with Internet Information Services (IIS) installed. Users who have previously installed MS01-024 will not be offered the re-released update."

The original patch caused some servers to stop sending e-mails. Microsoft knew the patch broke SMTP when it issued it. Shortly after the patch was pushed out in April, users began reporting the problem to Microsoft's Windows Help forum. Users were flummoxed, saying Microsoft's description of the problem and the fix didn't work. The only workaround they could find for the important patch was to uninstall it, particularly for Windows 2000. Wrote one user identified as "peterhoa":

"... The SMTP server could send mail from ASP and ASP .Net applications but not from other applications that had to be authenticated by the server and it would no longer relay mail from external applications connecting to the SMTP server (eg remote outlook clients).  It seemed to be an authentication issue.  If I set the authentication method (from the Access tab on properties) to Anonymous I found it would send email correctly, but of course anonymous is not a solution.  With both Basic authentication and Windows security packaged selected the SMTP server would not relay mail.  The only solution I could find after spending hours on it was to uninstall KB976323.  That immediately fixed the problem. ...

The SMTP settings were NOT reset.  The server just would not send mail.  If the settings were reset I could have simply set them again.  This would have been very simple -- I understand what the settings should be.  However the settings were not changed at all. The problem was that the patch PREVENTED THE SMTP SERVER ON WINDOWS 2000 FROM RELAYING MAIL."

So, as of today, for Windows Server 2008 customers, the patch works fine, Microsoft says. But for Windows Server 2000 customers who also reported the problem (and support for Windows 2000 had not ended at the time of these reports), Microsoft's official response is to deny the patch caused the problem. Here is what Scott Landry, Exchange Server Product Quality, Customer Support, said:

"Correct, the SMTP settings issue only affects Windows 2008 and Windows 2008 R2, no other version.  Any other issues are probably not directly related to the fix, but if you need our assistance investigating, do not hesitate to contact us."

Since Windows Server 2000 is no longer eligible for updates, if this patch doesn't work, it's a hole that won't be fixed.

Check out these other posts from Microsoft Subnet

Like RSS? Subscribe to all Microsoft Subnet bloggers. Like e-mail? Sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert.) Like Twitter?

Follow All Microsoft Subnet bloggers on Twitter @microsoftsubnet

Follow Julie Bort on Twitter @Julie188 or connect with me on my Facebook Like Page

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Related:

Copyright © 2010 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)