KB939373 Breaks IIS

21 01 2008

I currently work in an environment where Windows XP is deployed across the organisation. Consequently, it is also the OS on which we write code. Today I booted my machine to find my IIS 5.0 web server was no longer functioning. When I attempted to fire up the service, I received a handy “The World Wide Web Publishing service terminated with the following error: The specified procedure could not be found”. Interesting…my box has been nice and stable for the last few months. What gives?

A quick google of the event id and error, I soon discovered that the KB939373 security update for Windows XP has been the cause of this behaviour for many others. Here is a description of the patch:

A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system using Internet Information Services (IIS) and gain control over it.

Removal of this patch restored full IIS functionality for my box. To uninstall, a script is neatly tucked away in C:\WINDOWS\$NtUninstallKB939373$\spuninst directory. Running this will reinstate the original dll’s that were badly patched.




Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: