Microsoft has released Service Pack 2 for Internet Security and Acceleration (ISA) Server 2000. This software update definitely increases the security and stability of ISA, and administrators who manage ISA servers need to give it a close look.
Going almost unnoticed, the release of Service Pack 2 for ISA Server 2000 comes in English, French, Japanese, Spanish, and German. ISA SP2 addresses the problems in the following Microsoft Knowledge Base articles:
● 313318: "Cannot relay mail through ISA Server if authentication is required"
● 317122: "Web proxy sends TCP reset instead of only closing session"
● 317822: "Problems with Web browser if ISA Server 2000 is chained to an upstream Web proxy server"
● 323889: "Unchecked buffer in Gopher protocol handler can run code of attacker's choice"
● 324642: "Macintosh clients who use MAPI cannot connect to Exchange 2000 with ISA Server"
● 331062: "Running ISA Server on Windows Server 2003"
● 331068: "ISA firewall causes handle leak in LSASS"
● 331069: "Hotfix to permit URL path redirection in Web publishing rules"
● 331070: "Authentication does not succeed when the user name contains a space"
● 810559: "Slow responses and failures when you use server publishing UDP protocols"
● 813864: "Site and content rules do not filter based on file name extensions"
● 816456: "Flaw in ISA Server error pages could allow cross-site scripting attack"
● 816828: "'Permission Denied' error message when you use rlogin to log on to a server on the Internet"
● 818821: "ISA firewall service stops responding on DNS resolution"
● 821724: "Basic credentials may be sent over an external HTTP connection when SSL is required"
● 822241: "ISA Server Web proxy service maintains a connection after a client session is closed"
● 822970: "Cannot read ISA Server performance data by using an SNMP program"
● 828044: "ISA Server intermittently stops responding to Web proxy client requests"
● 829892: "You cannot connect to external FTP sites by using a WRQ reflection FTP client through ISA Server 2000"
● 829893: "RSA SecurID cookie expires frequently, and clients are repeatedly prompted to authenticate"
● 833009: "ICMP traffic is not blocked during startup period with ISA Server"
● 839019: "White spaces in URL are not correctly encoded or decoded when you log on"
The list above represents some of the most important fixes, but there are others as well. An extensive list of other hot fixes is included in the release notes for SP2. In addition to the hot fixes, the Microsoft Security Bulletin "Vulnerability in Microsoft Internet security and Acceleration Server 2000 H.323 filter could allow remote code execution" (MS04-001) is also covered by ISA SP2.
You can download the English version of ISA SP2 here. For more details on installing SP2, see Microsoft Knowledge Base article 313139. If you experience problems, Microsoft says that ISA SP2 can be removed after installation.
This service pack has nearly gone unnoticed. At least I never saw any notices about it from Microsoft. Perhaps that was intentional because Microsoft's ISA Server 2004 is rumoured to be almost ready to ship. However, I suspect many administrators will want to install ISA 2000 SP2 before leaping to adopt the latest version of the software, even though ISA 2004 incorporates many of these security enhancements and undoubtedly includes many new features as well. Nevertheless, it takes a brave administrator to bet the farm on a brand-new security product.
TechRepublic is the online community and information resource for all IT professionals, from support staff to executives. We offer in-depth technical articles written for IT professionals by IT professionals. In addition to articles on everything from Windows to e-mail to firewalls, we offer IT industry analysis, downloads, management tips, discussion forums, and e-newsletters.
©2004 TechRepublic, Inc.
1%
4%
