VMDg / MountV resources fail to online or probe when the 'Microsoft MS10-066: Vulnerability in remote procedure call could allow remote code execution' security fix is applied
|Article:TECH140245|||||Created: 2010-09-17|||||Updated: 2013-10-07|||||Article URL http://www.symantec.com/docs/TECH140245|
|NOTE: If you are experiencing this particular known issue, we recommend that you Subscribe to receive email notification each time this article is updated. Subscribers will be the first to learn about any releases, status changes, workarounds or decisions made.|
When Microsoft Security Patch - MS10-066 - Vulnerability in Remote Procedure Call Could Allow Remote Code Execution (KB982802) or MS10-084 - Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege (KB2360937 or KB2849470) is installed on Microsoft Windows 2003 SP2 x64 or IA64, the following symptoms can occur:
- An existing Volume Manager Disk group (VMDg) resource in a Microsoft Cluster Server (MSCS) configuration cannot be brought online.
- A new VMDG resource in a MSCS configuration cannot be created.
- An existing VMDg or MountV resource in a Veritas Storage Foundation for Windows High Availability (SFW-HA) configuration cannot be probed.
- An existing VMDG or MountV resource in a SFW-HA configuration cannot be brought online.
- An existing VMDG or MountV resource in a SFW-HA configuration cannot be created using any wizards.
Examples of errors found within Microsoft Windows, MSCS, SFW, and SFW-HA logs:
Microsoft Windows Server 2003 SP2 x64 or IA64 with KB982802, KB2360937, or KB2849470 hotfix installed.
Veritas Storage Foundation for Windows with the Microsoft Cluster Server option 4.3 MP1 x64 or IA64 thru 5.1SP1
Veritas Storage Foundation for Windows High Availability 4.3 MP1 x64 or IA64 thru 5.1SP1
Veritas Cluster Server 4.3 MP1 x64 or IA64 thru 5.1SP1
Exception occurs during an RPC request between VxBridge.exe and cluscmd.dll upon applying the MS10-066 or MS10-084 Security Patch.
Symantec has identified the issue and is addressing the issue with patches specific to installed product listed below. This issue has also been resolved with installing SFW 5.1 SP2 or higher.
Please subscribe to this technical article and/or via the Symantec Operations Readiness Tools site (SORT) for updates regarding the issue and additional fixes for additional versions.
Please contact Symantec Technical Support for additional questions or concerns regarding this update.
Patches are now available some versions.
SFW 5.1 SP1 (64-bit) and SFW 5.1 SP1AP1 (64-bit) - sfw-Hotfix_5_1_10037_585_2147847
SFW 5.1 AP1 (64-bit)
SFW 5.1 GA (64-bit) - sfw-Hotfix.5_1.00058.400.2144064
SFW 5.0 RP2 (64-bit) - sfw-win64-5.0.307.326.2147879
SFW 5.0 RP1a (64-bit) - sfw-win64-220.127.116.119.2159443
SFW 5.0 GA (64-bit) - sfw-18.104.22.1687.2164117HF
SFW 4.3 MP2 (64-bit) - sfw-4.3.2055.359.2165203HF
SFW 4.3 MP1 (64-bit) - sfw-win64-4.3.1067.350.2165003a
SFW 4.3 GA (64-bit)
This version is not supported on Windows Server 2003 SP2 on any platform so the issue should not be present. If this version is installed on Windows Server 2003 SP2 and is experiencing the issues described in this KB article, please upgrade to a supported version of SFW or SFW-HA that runs on Windows Server 2003 SP2 where a fix is available.
Please use the following URL to check for currently available patches:
5.1 SP1 and 5.1 SP1AP1- Installation of MS Hotfix 982802 RPC vulnerability causes issues with MSCS VMDg resources and SFW-HA MountV resources failing to probe or online.
5.1 GA - Installation of MS Hotfix 982802 RPC vulnerability causes issues with MSCS VMDg resources and SFW-HA MountV resources failing to probe or online.
5.0 RP2 - Installation of MS Hotfix 982802 RPC vulnerability causes issues with MSCS VMDg resources and SFW-HA MountV resources failing to probe or online.
4.3 MP1 - Installation of MS Hotfix 982802 RPC vulnerability causes issues with MSCS VMDg resources and SFW-HA MountV resources failing to probe or online.
Article URL http://www.symantec.com/docs/TECH140245