| Groups | Blog | Home |
asp.net announcements : Fix for: 'Server Application Unavailable' Error after Applying Security Update for IE
http://www.asp.net/faq/ms03-32-issue.aspx Fix for: 'Server Application Unavailable' Error after Applying Security Update for IE ------------------------------------------------------------------------------- - We have identified an issue with the recent MS03-32 Security Update for Internet Explorer security patch and ASP.NET V1.0 running on Windows XP. This patch can be installed manually or by obtaining recent critical updates from the Windows Update site. The symptom of this issue is that after installing the patch on a Windows XP machine, all requests to ASP.NET applications running on the local IIS 5.1 web server result in an error message saying "Server Application Unavailable". Requests to remote web servers are unaffected. This issue only impacts installations running ASP.NET V1.0 on Windows XP. It does not impact machines running Windows 2000 or Windows Server 2003. It also does not impact machines running Windows XP with ASP.NET v1.1 installed. Please note that this issue is not a security bug with ASP.NET. It does not open up or allow any malicious attacks against an ASP.NET application or server. Instead, it is purely a functional bug caused by the patch itself. We are working hard on a permanent solution for this issue. In the meantime, you can execute the following batch file as a workaround for the issue. The batch file does the following: Stops the IIS and ASP.NET state services Deletes and recreates the ASPNET account with a known temporary password Uses the Windows runas command to launch an executable that creates an ASPNET user profile Re-registers ASP.NET. This creates a new random password for the account and applies default ASP.NET access control settings for it Restarts the IIS service The batch file contains a hardcoded temporary password of "1pass@word" which you will be prompted to enter for the runas command when the batch file is run. After the runas command completes, the ASPNET account password is recreated with a strong random value. Note that the batch file may fail if the hardcoded password does not meet the password complexity requirements in your environment. If that's the case, you can change it to another value that is appropriate for your environment. Important note: If you have added custom access control settings or database account permissions for the ASPNET account, they will need to be recreated after this batch file completes. This is because when the account is recreated, it will get a new security identifier (SID). Important note: If you are running the ASP.NET worker process with a custom account other than the ASPNET account, then you should not run this batch file. Instead, you should log in interactively or use the runas command with that account which will create a user profile for that account. The batch file is included in the self-extracting archive below. To use it: You must be running as an account with Administrator privileges Download and open the self-extracting executable file Extract the contents to c:\ Select Run... from the start menu, and enter cmd.exe In the open command windows, type c:\fixup.cmd. When prompted, enter 1pass@word as the password. If you have previously custom access control settings or database account permissions for the ASPNET account, you'll need to re-apply these settings now. Ask questions and get answers in the Issues with 'Server Application Unavailable' error on Windows XP forum. Many apologies for the inconvenience that this has caused. We'll post additional information as it becomes available. The matrix below details platforms and versions impacted by this issue. ..NET Framework Version # Platform Affected Version 1.0 Windows 2000 Professional No Version 1.0 Windows 2000 Server No Version 1.0 Windows XP Professional Yes Version 1.0 Windows Server 2003 No Version 1.0 Windows XP Home with Cassini No Version 1.1 Windows 2000 Professional No Version 1.1 Windows 2000 Server No Version 1.1 Windows XP Professional No Version 1.1 Windows Server 2003 No Version 1.1 Windows XP Home with Cassini No Thanks, The ASP.NET Team
I've run the batch file, and now the login is failing for aspnet. Tried
reinstalling it, but that doesn't work. Jon Cosby [quoted text, click to view] "Ken Cox [Microsoft MVP]" <BANSPAMken_cox@sympatico.ca> wrote in message news:#zBAB#XaDHA.1384@TK2MSFTNGP10.phx.gbl... > MS has posted this here: > > http://www.asp.net/faq/ms03-32-issue.aspx > > > Fix for: 'Server Application Unavailable' Error after Applying Security Update > for IE > -------------------------------------------------------------------------- ----- > - > > We have identified an issue with the recent MS03-32 Security Update for > Internet Explorer security patch and ASP.NET V1.0 running on Windows XP. This > patch can be installed manually or by obtaining recent critical updates from > the Windows Update site. > > The symptom of this issue is that after installing the patch on a Windows XP > machine, all requests to ASP.NET applications running on the local IIS 5.1 web > server result in an error message saying "Server Application Unavailable". > Requests to remote web servers are unaffected. > > This issue only impacts installations running ASP.NET V1.0 on Windows XP. It > does not impact machines running Windows 2000 or Windows Server 2003. It also > does not impact machines running Windows XP with ASP.NET v1.1 installed. > > Please note that this issue is not a security bug with ASP.NET. It does not > open up or allow any malicious attacks against an ASP.NET application or > server. Instead, it is purely a functional bug caused by the patch itself. > > We are working hard on a permanent solution for this issue. In the meantime, > you can execute the following batch file as a workaround for the issue. The > batch file does the following: > Stops the IIS and ASP.NET state services > Deletes and recreates the ASPNET account with a known temporary password > Uses the Windows runas command to launch an executable that creates an ASPNET > user profile > Re-registers ASP.NET. This creates a new random password for the account and > applies default ASP.NET access control settings for it > Restarts the IIS service > > > > > The batch file contains a hardcoded temporary password of "1pass@word" which > you will be prompted to enter for the runas command when the batch file is run. > After the runas command completes, the ASPNET account password is recreated > with a strong random value. Note that the batch file may fail if the hardcoded > password does not meet the password complexity requirements in your > environment. If that's the case, you can change it to another value that is > appropriate for your environment. > > Important note: If you have added custom access control settings or database > account permissions for the ASPNET account, they will need to be recreated > after this batch file completes. This is because when the account is > recreated, it will get a new security identifier (SID). > > Important note: If you are running the ASP.NET worker process with a custom > account other than the ASPNET account, then you should not run this batch file. > Instead, you should log in interactively or use the runas command with that > account which will create a user profile for that account. > > The batch file is included in the self-extracting archive below. To use it: > > You must be running as an account with Administrator privileges > Download and open the self-extracting executable file > Extract the contents to c:\ > Select Run... from the start menu, and enter cmd.exe > In the open command windows, type c:\fixup.cmd. > When prompted, enter 1pass@word as the password. > If you have previously custom access control settings or database account > permissions for the ASPNET account, you'll need to re-apply these settings now. > Ask questions and get answers in the Issues with 'Server Application > Unavailable' error on Windows XP forum. > Many apologies for the inconvenience that this has caused. We'll post > additional information as it becomes available. > > The matrix below details platforms and versions impacted by this issue. > > .NET Framework Version # Platform Affected > Version 1.0 Windows 2000 Professional No > Version 1.0 Windows 2000 Server No > Version 1.0 Windows XP Professional Yes > Version 1.0 Windows Server 2003 No > Version 1.0 Windows XP Home with Cassini No > Version 1.1 Windows 2000 Professional No > Version 1.1 Windows 2000 Server No > Version 1.1 Windows XP Professional No > Version 1.1 Windows Server 2003 No > Version 1.1 Windows XP Home with Cassini No > > > Thanks, > The ASP.NET Team > > > > >
Hi Jon,
Your best place for support on this issue is in the special group at www.asp.net where the ASP.NET team is handling the problems: http://www.asp.net/Forums/ShowForum.aspx?tabindex=1&ForumID=128 Ken -- Microsoft MVPs have a question for *you*: Are you patched against the Worm? http://www.microsoft.com/security/security_bulletins/ms03-026.asp [quoted text, click to view] "Jon Cosby" <jcosby@mindspring.com> wrote in message I've run the batch file, and now the login is failing for aspnet. Triednews:wMp2b.2562$Jh2.24@newsread4.news.pas.earthlink.net... reinstalling it, but that doesn't work. Jon Cosby [quoted text, click to view] "Ken Cox [Microsoft MVP]" <BANSPAMken_cox@sympatico.ca> wrote in message news:#zBAB#XaDHA.1384@TK2MSFTNGP10.phx.gbl... > MS has posted this here: > > http://www.asp.net/faq/ms03-32-issue.aspx > > > Fix for: 'Server Application Unavailable' Error after Applying Security Update > for IE > -------------------------------------------------------------------------- ----- > - > > We have identified an issue with the recent MS03-32 Security Update for > Internet Explorer security patch and ASP.NET V1.0 running on Windows XP. This > patch can be installed manually or by obtaining recent critical updates from > the Windows Update site. > > The symptom of this issue is that after installing the patch on a Windows XP > machine, all requests to ASP.NET applications running on the local IIS 5.1 web > server result in an error message saying "Server Application Unavailable". > Requests to remote web servers are unaffected. > > This issue only impacts installations running ASP.NET V1.0 on Windows XP. It > does not impact machines running Windows 2000 or Windows Server 2003. It also > does not impact machines running Windows XP with ASP.NET v1.1 installed. > > Please note that this issue is not a security bug with ASP.NET. It does not > open up or allow any malicious attacks against an ASP.NET application or > server. Instead, it is purely a functional bug caused by the patch itself. > > We are working hard on a permanent solution for this issue. In the meantime, > you can execute the following batch file as a workaround for the issue. The > batch file does the following: > Stops the IIS and ASP.NET state services > Deletes and recreates the ASPNET account with a known temporary password > Uses the Windows runas command to launch an executable that creates an ASPNET > user profile > Re-registers ASP.NET. This creates a new random password for the account and > applies default ASP.NET access control settings for it > Restarts the IIS service > > > > > The batch file contains a hardcoded temporary password of "1pass@word" which > you will be prompted to enter for the runas command when the batch file is run. > After the runas command completes, the ASPNET account password is recreated > with a strong random value. Note that the batch file may fail if the hardcoded > password does not meet the password complexity requirements in your > environment. If that's the case, you can change it to another value that is > appropriate for your environment. > > Important note: If you have added custom access control settings or database > account permissions for the ASPNET account, they will need to be recreated > after this batch file completes. This is because when the account is > recreated, it will get a new security identifier (SID). > > Important note: If you are running the ASP.NET worker process with a custom > account other than the ASPNET account, then you should not run this batch file. > Instead, you should log in interactively or use the runas command with that > account which will create a user profile for that account. > > The batch file is included in the self-extracting archive below. To use it: > > You must be running as an account with Administrator privileges > Download and open the self-extracting executable file > Extract the contents to c:\ > Select Run... from the start menu, and enter cmd.exe > In the open command windows, type c:\fixup.cmd. > When prompted, enter 1pass@word as the password. > If you have previously custom access control settings or database account > permissions for the ASPNET account, you'll need to re-apply these settings now. > Ask questions and get answers in the Issues with 'Server Application > Unavailable' error on Windows XP forum. > Many apologies for the inconvenience that this has caused. We'll post > additional information as it becomes available. > > The matrix below details platforms and versions impacted by this issue. > > .NET Framework Version # Platform Affected > Version 1.0 Windows 2000 Professional No > Version 1.0 Windows 2000 Server No > Version 1.0 Windows XP Professional Yes > Version 1.0 Windows Server 2003 No > Version 1.0 Windows XP Home with Cassini No > Version 1.1 Windows 2000 Professional No > Version 1.1 Windows 2000 Server No > Version 1.1 Windows XP Professional No > Version 1.1 Windows Server 2003 No > Version 1.1 Windows XP Home with Cassini No > > > Thanks, > The ASP.NET Team > > > > >
Hi
Is there anyway to reverse the script? Thanks le'Ke [quoted text, click to view] "Ken Cox [Microsoft MVP]" <BANSPAMken_cox@sympatico.ca> wrote in message news:%23%23c92U1aDHA.2960@tk2msftngp13.phx.gbl... > Hi Jon, > > Your best place for support on this issue is in the special group at > www.asp.net where the ASP.NET team is handling the problems: > > http://www.asp.net/Forums/ShowForum.aspx?tabindex=1&ForumID=128 > > Ken > > > -- > Microsoft MVPs have a question for *you*: Are you patched against the Worm? > http://www.microsoft.com/security/security_bulletins/ms03-026.asp > > > > "Jon Cosby" <jcosby@mindspring.com> wrote in message > news:wMp2b.2562$Jh2.24@newsread4.news.pas.earthlink.net... > I've run the batch file, and now the login is failing for aspnet. Tried > reinstalling it, but that doesn't work. > > Jon Cosby > > > > "Ken Cox [Microsoft MVP]" <BANSPAMken_cox@sympatico.ca> wrote in message > news:#zBAB#XaDHA.1384@TK2MSFTNGP10.phx.gbl... > > MS has posted this here: > > > > http://www.asp.net/faq/ms03-32-issue.aspx > > > > > > Fix for: 'Server Application Unavailable' Error after Applying Security > Update > > for IE > > -------------------------------------------------------------------------- > ----- > > - > > > > We have identified an issue with the recent MS03-32 Security Update for > > Internet Explorer security patch and ASP.NET V1.0 running on Windows XP. > This > > patch can be installed manually or by obtaining recent critical updates > from > > the Windows Update site. > > > > The symptom of this issue is that after installing the patch on a Windows > XP > > machine, all requests to ASP.NET applications running on the local IIS 5.1 > web > > server result in an error message saying "Server Application Unavailable". > > Requests to remote web servers are unaffected. > > > > This issue only impacts installations running ASP.NET V1.0 on Windows XP. > It > > does not impact machines running Windows 2000 or Windows Server 2003. It > also > > does not impact machines running Windows XP with ASP.NET v1.1 installed. > > > > Please note that this issue is not a security bug with ASP.NET. It does > not > > open up or allow any malicious attacks against an ASP.NET application or > > server. Instead, it is purely a functional bug caused by the patch itself. > > > > We are working hard on a permanent solution for this issue. In the > meantime, > > you can execute the following batch file as a workaround for the issue. > The > > batch file does the following: > > Stops the IIS and ASP.NET state services > > Deletes and recreates the ASPNET account with a known temporary password > > Uses the Windows runas command to launch an executable that creates an > ASPNET > > user profile > > Re-registers ASP.NET. This creates a new random password for the account > and > > applies default ASP.NET access control settings for it > > Restarts the IIS service > > > > > > > > > > The batch file contains a hardcoded temporary password of "1pass@word" > which > > you will be prompted to enter for the runas command when the batch file is > run. > > After the runas command completes, the ASPNET account password is > recreated > > with a strong random value. Note that the batch file may fail if the > hardcoded > > password does not meet the password complexity requirements in your > > environment. If that's the case, you can change it to another value that > is > > appropriate for your environment. > > > > Important note: If you have added custom access control settings or > database > > account permissions for the ASPNET account, they will need to be recreated > > after this batch file completes. This is because when the account is > > recreated, it will get a new security identifier (SID). > > > > Important note: If you are running the ASP.NET worker process with a > custom > > account other than the ASPNET account, then you should not run this batch > file. > > Instead, you should log in interactively or use the runas command with > that > > account which will create a user profile for that account. > > > > The batch file is included in the self-extracting archive below. To use > it: > > > > You must be running as an account with Administrator privileges > > Download and open the self-extracting executable file > > Extract the contents to c:\ > > Select Run... from the start menu, and enter cmd.exe > > In the open command windows, type c:\fixup.cmd. > > When prompted, enter 1pass@word as the password. > > If you have previously custom access control settings or database account > > permissions for the ASPNET account, you'll need to re-apply these settings > now. > > Ask questions and get answers in the Issues with 'Server Application > > Unavailable' error on Windows XP forum. > > Many apologies for the inconvenience that this has caused. We'll post > > additional information as it becomes available. > > > > The matrix below details platforms and versions impacted by this issue. > > > > .NET Framework Version # Platform Affected > > Version 1.0 Windows 2000 Professional No > > Version 1.0 Windows 2000 Server No > > Version 1.0 Windows XP Professional Yes > > Version 1.0 Windows Server 2003 No > > Version 1.0 Windows XP Home with Cassini No > > Version 1.1 Windows 2000 Professional No > > Version 1.1 Windows 2000 Server No > > Version 1.1 Windows XP Professional No > > Version 1.1 Windows Server 2003 No > > Version 1.1 Windows XP Home with Cassini No > > > > > > Thanks, > > The ASP.NET Team > > > > > > > > > > > > >
It would be best to ask that here:
http://www.asp.net/Forums/ShowForum.aspx?tabindex=1&ForumID=128 Ken -- Microsoft MVPs have a question for *you*: Are you patched against the Worm? http://www.microsoft.com/security/security_bulletins/ms03-026.asp [quoted text, click to view] "le'Ke" <ca_dutoit@hotmail.com> wrote in message Hinews:OS32AnWbDHA.1832@TK2MSFTNGP09.phx.gbl... Is there anyway to reverse the script? Thanks le'Ke [quoted text, click to view] "Ken Cox [Microsoft MVP]" <BANSPAMken_cox@sympatico.ca> wrote in message news:%23%23c92U1aDHA.2960@tk2msftngp13.phx.gbl... > Hi Jon, > > Your best place for support on this issue is in the special group at > www.asp.net where the ASP.NET team is handling the problems: > > http://www.asp.net/Forums/ShowForum.aspx?tabindex=1&ForumID=128 > > Ken > > > -- > Microsoft MVPs have a question for *you*: Are you patched against the Worm? > http://www.microsoft.com/security/security_bulletins/ms03-026.asp > > > > "Jon Cosby" <jcosby@mindspring.com> wrote in message > news:wMp2b.2562$Jh2.24@newsread4.news.pas.earthlink.net... > I've run the batch file, and now the login is failing for aspnet. Tried > reinstalling it, but that doesn't work. > > Jon Cosby > > > > "Ken Cox [Microsoft MVP]" <BANSPAMken_cox@sympatico.ca> wrote in message > news:#zBAB#XaDHA.1384@TK2MSFTNGP10.phx.gbl... > > MS has posted this here: > > > > http://www.asp.net/faq/ms03-32-issue.aspx > > > > > > Fix for: 'Server Application Unavailable' Error after Applying Security > Update > > for IE > > -------------------------------------------------------------------------- > ----- > > - > > > > We have identified an issue with the recent MS03-32 Security Update for > > Internet Explorer security patch and ASP.NET V1.0 running on Windows XP. > This > > patch can be installed manually or by obtaining recent critical updates > from > > the Windows Update site. > > > > The symptom of this issue is that after installing the patch on a Windows > XP > > machine, all requests to ASP.NET applications running on the local IIS 5.1 > web > > server result in an error message saying "Server Application Unavailable". > > Requests to remote web servers are unaffected. > > > > This issue only impacts installations running ASP.NET V1.0 on Windows XP. > It > > does not impact machines running Windows 2000 or Windows Server 2003. It > also > > does not impact machines running Windows XP with ASP.NET v1.1 installed. > > > > Please note that this issue is not a security bug with ASP.NET. It does > not > > open up or allow any malicious attacks against an ASP.NET application or > > server. Instead, it is purely a functional bug caused by the patch itself. > > > > We are working hard on a permanent solution for this issue. In the > meantime, > > you can execute the following batch file as a workaround for the issue. > The > > batch file does the following: > > Stops the IIS and ASP.NET state services > > Deletes and recreates the ASPNET account with a known temporary password > > Uses the Windows runas command to launch an executable that creates an > ASPNET > > user profile > > Re-registers ASP.NET. This creates a new random password for the account > and > > applies default ASP.NET access control settings for it > > Restarts the IIS service > > > > > > > > > > The batch file contains a hardcoded temporary password of "1pass@word" > which > > you will be prompted to enter for the runas command when the batch file is > run. > > After the runas command completes, the ASPNET account password is > recreated > > with a strong random value. Note that the batch file may fail if the > hardcoded > > password does not meet the password complexity requirements in your > > environment. If that's the case, you can change it to another value that > is > > appropriate for your environment. > > > > Important note: If you have added custom access control settings or > database > > account permissions for the ASPNET account, they will need to be recreated > > after this batch file completes. This is because when the account is > > recreated, it will get a new security identifier (SID). > > > > Important note: If you are running the ASP.NET worker process with a > custom > > account other than the ASPNET account, then you should not run this batch > file. > > Instead, you should log in interactively or use the runas command with > that > > account which will create a user profile for that account. > > > > The batch file is included in the self-extracting archive below. To use > it: > > > > You must be running as an account with Administrator privileges > > Download and open the self-extracting executable file > > Extract the contents to c:\ > > Select Run... from the start menu, and enter cmd.exe > > In the open command windows, type c:\fixup.cmd. > > When prompted, enter 1pass@word as the password. > > If you have previously custom access control settings or database account > > permissions for the ASPNET account, you'll need to re-apply these settings > now. > > Ask questions and get answers in the Issues with 'Server Application > > Unavailable' error on Windows XP forum. > > Many apologies for the inconvenience that this has caused. We'll post > > additional information as it becomes available. > > > > The matrix below details platforms and versions impacted by this issue. > > > > .NET Framework Version # Platform Affected > > Version 1.0 Windows 2000 Professional No > > Version 1.0 Windows 2000 Server No > > Version 1.0 Windows XP Professional Yes > > Version 1.0 Windows Server 2003 No > > Version 1.0 Windows XP Home with Cassini No > > Version 1.1 Windows 2000 Professional No > > Version 1.1 Windows 2000 Server No > > Version 1.1 Windows XP Professional No > > Version 1.1 Windows Server 2003 No > > Version 1.1 Windows XP Home with Cassini No > > > > > > Thanks, > > The ASP.NET Team > > > > > > > > > > > > >
Don't see what you're looking for? Try a search.
|
July 2003
August 2003
September 2003
October 2003
November 2003
December 2003
January 2004
February 2004
March 2004
May 2004
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
August 2006
February 2007
March 2007
August 2007
September 2007
June 2008
| home · blog · groups | Questions? Comments? Contact the dn |