From: "geo" 

"Rich"  wrote in message news:3e3ab22c$1{at}w3.nls.net...
>>   I see no problem tracking the versions of files in updates.

Read the progression of SQL server patches here and see if you can spot the
problem, I'll even give you a clue, read all of (4).

Geo.

1. MS02-039 was the first Security Bulletin hotfix for SQL which addressed
the vulnerability Slammer exploits. The affected file was ssnetlib.dll, and
the first corrected version was 2000.080.0636.00. That was released at the
end of June 2002.

2. MS02-043 was released in August 2002, and it contained the same
ssnetlib.dll as MS02-039.

3. MS02-056 came along in October 2002, and it contained an ssnetlib.dll
versioned 2000.080.0679.00.

4. Q317748 was a SQL hotfix that was not a security bulletin. It addressed
a handle leak that was introduced with SQL SP2. It was released in October
2002. I have had reports from people who have been running many SQL servers
without that patch and have never encountered a problem. The specifics of
the handle leak are such that it does not affect many installations.

Unfortunately, Q317748 has a problem. Despite being released 3 months after
the first SQL patch that corrected the vulnerability Slammer exploits, it
contained the wrong version of ssnetlib.dll. Q317748 contained
2000.080.0568.00.

So if you had applied MS02-039, or MS02-043, or MS02-056 before Q317748
came along, and then applied Q317748, you may have downgraded your
ssnetlib.dll to a version that did not address Slammer. When you run
Q317748 on a system that had an updated ssnetlib.dll, you would have been
prompted that the file you were replacing was newer than the replacement
(if you weren't doing this in unattended mode). If you said don't replace,
you'd be fine, otherwise, you regressed.

5. MS02-061 came along later in October 2002. It *did* contain the MS02-056
version of ssnetlib.dll, a version which addressed Slammer. Unfortunately,
it did not include the ssmslpcn.dll from Q317748.

6. SQL/MSDE SP3 came along January 2003. It contains updates for
ssnetlib.dll and ssmslpcn.dll, both version 2000.080.0760.00.

7. MS02-061 was re-released January 26th, 2003. The only change to it was
that the ssmslpcn.dll from Q317748 (v2000.080.0568.00) was added to the
previously released patch, and a script was wrapped around it to make it
easier to install. As a result, MS02-061 now contains both the handle leak
patch, and the Slammer patch, in one pre-SP3 package.

--- BBBS/NT v4.01 Flag-4