[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-cryptoapi
Subject:    MS security patch Q328145 and CSPDK
From:       Laszlo Elteto <lelteto () RAINBOW ! COM>
Date:       2002-09-10 18:35:53
[Download RAW message or body]


If you applied the just-released Ms security patch Q328145 on a Win2k system
it replaced your ADVAPI32.dll. If you (like many of us) don't like to fire
up kernel debugger just to test your CSP here is how you can get a patched
dll which will let you do that. (My work is based on the previous SP3 patch
which was provided generously by Petr Kostka, see the 8/15/2002 9:18am email
on this discussion list.)
1. Copy the new advapi32.dll into a temp directory. The size should be
358,160 bytes, the date/time stamp 8/26/2002 9:45a.
2. With your choice of hex editor NOP out a "jnz short" instruction:
        at offset 1523A change the bytes 0x75, 0x0d to 0x90, 0x90.
The resulting new ADVAPI32.dll will be similar to the ones found in the
CSPDK, ie. it will let you test CSPs. Follow the CSPDK instructions how to
replace the dll in your system directory. (Note: the security patch stores
the dll into DLLCACHE, too, so you should either replace it there, too - or
delete from there.)
Hope this helps your testing efforts...

Laszlo Elteto
Fellow Scientist
Rainbow Technologies, Inc.

/Ref: Microsoft Security Bulletin MS02-050: Certificate Validation Flaw
Could Enable Identity Spoofing. URL is
http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS
02-050.asp

----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM

[prev in list] [next in list] [prev in thread] [next in thread]