Security Adviser | Roger A. Grimes » MS06-049 causing data corruption problems

September 11, 2006 | Comments: (0)

MS06-049 causing data corruption problems

TAGS: None

Slashdot is reporting that Microsoft's MS06-0498 patch is causing data corruption.

If you have compression activated on any folder, then the compressed data is at risk from corruption. New files that are close to a multiple of 4K in size will have their last 4,000 bytes or so overwritten with 0xDF.

Complete story here.

Thanks to friend Susan Bradley for the hint.

9-15-06 Update:
Microsoft acknowledges the bug and offers a fix.

9-12-06 Update: Taken from a public mailing list:

Microsoft Support confirmed Hotfix 920958 is bad.

"We are aware the issue you are experiencing. A corresponding bugcheck request is currently open, and the develop team is working on this issue. However, the hotfix for this issue is not ready.

0xDF is the data pattern that NTFS returns when it has problem to decompress the file (e.g.. the compression fragments are corrupted and can't be decompressed). Based on my research, the actual raw data on the disk is not changed, it shows as 0xDF because the system cannot decompress the file and display the data correctly. So the corrupt is not permanent.

Further more, the issue only occurs on files which containing Hexadecimal codes."

Posted by Roger Grimes on September 11, 2006 02:42 PM

RATE THIS ARTICLE: