[Cobo] FW: IT Message

[LeFlore, Bobby]

-----Original Message-----
From: owner-core-general at youroklahoma.com
[mailto:owner-core-general at youroklahoma.com]On Behalf Of
jeanie.robards at osf.state.ok.us
Sent: Thursday, February 12, 2004 12:39 PM
To: core-general at youroklahoma.com
Subject: IT Message






Communication liaisons - please forward this information to your technical
department:

We have received several calls over the last week related to users being
kicked out of the system.  We have worked with a couple of agencies and it
appears that the latest Internet Explorer (IE) patch is causing the
problem.  When the agencies backed out the upgrades, the problem
disappeared.  We have been testing with users using Windows XP and Windows
2000.

Internet Explorer has released additional patches to fix the error caused
by the first patch.  There are a couple of agencies applying these patches
in order to test the fix.  Obviously, installing patches can sometimes
cause unpredictable results so please continue to contact the help desk
when you encounter these issues.

Thank you to all of the agencies who have worked through these issues and
provided information and resources.

I am including the information from the Information Week website:

Internet Explorer Patch Gets Patched


Fixes come in the wake of an earlier "critical" browser update


By TechWeb News,  InformationWeek
Feb. 9, 2004
URL:
http://www.informationweek.com/story/showArticle.jhtml?articleID=17602665
Microsoft has released a series of follow-on fixes to its Internet Explorer
patch of last week that allow Web sites and companies to continue to use
the XMLHTTP control for authentication.


Last Monday, Microsoft rolled out a patch for IE to plug a hole that could
allow an attacker to "spoof" a URL by disguising a malicious site as a
legitimate address showing in the Web browser's address bar.


After the patch debuted, reports quickly began surfacing of users who were
unable to access corporate sites or some of those on the Web. The trouble,
which didn't affect all users, stemmed from an inability to access URLs in
the format of "username:password at host.com," which some sites and intranets
rely on to provide one-step authentication.


The updates, posted without fanfare on Thursday, restore Microsoft
Extensible Markup Language functionality to machines that have been patched
with the IE correction.


The update, which Microsoft characterized as "critical" on its Web site, is
composed of three separate downloads: Microsoft XML 3.0 Service Pack 2,
Service Pack 3, and Service Pack 4.


The affected operating systems include Windows 2000 (SR2, SR3, and SR4)
Windows NT, Windows Server 2003, and Windows XP.




Lisa McKeithan
Office of State Finance
Program Development - 405.521.3772



Jeanie Robards
CORE Project
3812 North Santa Fe, Suite 100
Oklahoma City, OK 73118
Phone: 405 962-2420
Fax:      405 524-9983
E-Mail: Jeanie.Robards at osf.state.ok.us