Microsoft Slips Domain Trust Fix Into SRP1
- By Scott Bekker
Security officials at Microsoft Corp. included the fix for the new domain trust vulnerability in the Windows 2000 Security Rollup Package that Microsoft posted on Wednesday.
The Security Rollup Package (SRP1) was posted a few hours before Microsoft sent out the security bulletin about the domain trust problem. See related story.
Scott Culp, manager of the Microsoft Security Response Center, says the SID Filter tool that addresses the domain trust issue is included in SRP1. The Security Rollup Package includes an additional 43 fixes.
"One of the reasons we delivered this in [SRP1] is you get not only the SID Filtering, but you get all the security fixes since Service Pack 2," Culp says. "Certainly for the past year our strategy has been to release cumulative fixes," he says.
Culp's disclosure Thursday that SRP1 included the SID Filtering tool was a surprise, as the documentation for SRP1 noted that fixes from any security bulletins after MS01-52 would be included in an upcoming SRP2.
Meanwhile, Culp says the discovery and fix of the domain trust vulnerability was more a result of Microsoft's "tried and true" security practices of the past few years than a result of the Trustworthy Computing initiative launched earlier this month via a Bill Gates e-mail.
"There's some dovetailing here through the delivery mechanisms," Culp says.
Scott Bekker is editor in chief of Redmond Channel Partner magazine.