Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×

MS06-049 Causing Silent Data Corruption 205

Uncle Mike writes "It looks like there is a problem with the recently released MS06-049 / KB920958 patch. If you have compression activated on any folder, then the compressed data is at risk from corruption. New files that are close to a multiple of 4K in size will have their last 4,000 bytes or so overwritten with 0xDF. Although this problem has been reported to Microsoft, as yet there appears to have been no official announcement. "
This discussion has been archived. No new comments can be posted.

MS06-049 Causing Silent Data Corruption

Comments Filter:
  • interesting (Score:5, Insightful)

    by Intangion ( 816356 ) on Monday September 11, 2006 @09:33AM (#16080780) Homepage
    its interesting how when they make a patch that corrupts your data you dont hear anything from them.. but when someone makes a program to allow fair use by opening DRM on their movies they come up with a CRITICAL patch within ours to prevent it. i think that speaks to their priorities, protecting their drm IMPORTANT protecting your data hmm.. not so important
    • by Colin Smith ( 2679 ) on Monday September 11, 2006 @10:05AM (#16081036)
      What're your customers going to do?

       
      • Re: (Score:3, Funny)

        by HTH NE1 ( 675604 )
        When you have a monopoly what're your customers going to do?"

        Well I believe I'll invest in a second-party operating system!
        • Well I believe I'll invest in a second-party operating system!
          I think most of them will just say "Please use more lubricant next time."
      • by Tackhead ( 54550 ) on Monday September 11, 2006 @10:28AM (#16081260)
        > When you have a monopoly
        >
        > What're your customers going to do?

        The guy at the keyboard of a Windows Vista box, using Microsoft Office at work, and Windows Media Player at home is not the customer, he is the product. The customers are Dell, AOL, media licensing conglomerates, and so on.

        • by theCoder ( 23772 ) on Monday September 11, 2006 @11:17AM (#16081686) Homepage Journal
          That may be accurate for televion broadcasts, but it isn't so for Microsoft. Customers are people who pay for services. AOL and the media companies aren't paying MS anything, other than licensing fees for the services they use from Microsoft (i.e., their Windows PCs). Microsoft is paid by the guy at the keyboard of the Windows box (or his employer).

          Microsoft may be able to leverage all those customers into a product for another customer (such as advertising or licensing DRM solutions), just like the movie theater leverages their movie watching customers into a product for advertising. Until Windows is free (as in beer), the guy using Windows is a still a customer.
    • maybe one patch was just easier to write.

      --
      Carnage Blender [carnageblender.com]: Meet interesting people. Kill them.
      • Re: (Score:2, Insightful)

        by Alien Being ( 18488 )
        Even if this is a tricky problem to fix, MS could at least warn their customers about the problem.

        After 25 years of dirty tricks from Redmond, you have the gall to call their critics paranoid?
    • Re:interesting (Score:4, Informative)

      by X0563511 ( 793323 ) * on Monday September 11, 2006 @01:06PM (#16082685) Homepage Journal
      Well, if you look closely you find that this patch is for Windows 2000 SP4 only, and all other versions of windows are not affected.

      That does make a big difference, win2k is not MS' top priority.

      Not that I condone their delay or lack of forsight, however.
    • Jesus H. Christ! Do these f'ing idiots test anything?

      And doesn't this just give you warm fuzzies about the reliability of Vista and its 50 million lines of code?
  • by __aaclcg7560 ( 824291 ) on Monday September 11, 2006 @09:35AM (#16080791)
    If data is being silently corrupted, is there a problem if no one can hear it? That could explain Microsoft's silence.
  • How to avoid (Score:5, Informative)

    by neonprimetime ( 528653 ) on Monday September 11, 2006 @09:35AM (#16080793)
    assuming you're using Windows

    It has been confirmed that either turning off the compression attribute (disk space permitting) OR uninstalling KB920958 will prevent further loss of data.
  • RAID (Score:3, Funny)

    by Karma Farmer ( 595141 ) on Monday September 11, 2006 @09:42AM (#16080846)
    As is often pointed out on slashdot, this is why it's so important to have a good backup plan. Like most slashdotters, I recommend RAID.
  • "close to a multiple of 4K in size"

    How close is close? Is 162k close to 164k? Sounds like it is to me. From the examples in the discussion cited, it seems that anything over 4k is at risk, not just things 'near' a 4k boundary.

    I would even hazzard to guess that the size matters not at all, but rather the contents of the files. If the contents match a certain pattern, the compression goes awry and adds the garbage to the end. (Accidentally overwriting the real data.)
  • by robpoe ( 578975 ) on Monday September 11, 2006 @09:43AM (#16080863)
    Well, it's interesting that 0xDF0xDF0xDF0xDF0xDF0xDF0xDF0xDF0xDF0xDF0xDF0xDF0x DF0xDF0xDF0xDF0xDF0xDF0xDF
  • Strange (Score:3, Funny)

    by A beautiful mind ( 821714 ) on Monday September 11, 2006 @09:51AM (#16080924)
    I've never heard Windows called MS06-049 before...
  • by Chris Pimlott ( 16212 ) on Monday September 11, 2006 @09:58AM (#16080977)
    The summary blurb is rather cryptic. MS06-049 is a patch to... what? Just Windows 2000 or XP too? And this was a patch for some vulnerability, assumedly? Which?

    After a bit of research, here's what should have been included: MS06-049 [microsoft.com] was an elevation of privledge issue discovered in the kernel of Windows 2000 SP4 only. The patch for the issue, KB920958 [microsoft.com], appears to have a bug resulting in corruption of compressed folder.

    The title is misleading as well. MS06-649 is the issue and KB920958 is the patch; the patch is what's causing the corruption, not the original issue.
  • In the modern age where hard disk space can be had for so cheap, why would you even want to bother with disk based data compression?
    • by Quila ( 201335 )
      Logs? If you have many servers all writing gigabytes of detailed logs, and they have to be kept for a long time, you can save a lot of $$$ worth of space by running compression.
      • by jZnat ( 793348 ) *
        But logrotate will take care of that for you using a user-space program (gzip, or any program you specify). You don't just make /var/log a compressed filesystem...
        • Re: (Score:3, Insightful)

          by Lagged2Death ( 31596 )
          You don't just make /var/log a compressed filesystem...

          I'm no MS fanboy, but... suppose the OS in question had some sort of directory-compression scheme that had a seven-year track record of impressive stability and effectiveness? Why not use it?

          Disk compression earned a terrible rep back in the 90s, when DOS/Windows and Windows 95 themselves were so unstable there was no chance that it could work properly. But MS finally got it right when they swiped tech from Stacker and included directory compression in
    • by 241comp ( 535228 )
      Because processing power is even cheaper. Especially when you are doing archival operations such as backups - write once, read once (maybe).
    • by tylernt ( 581794 )
      Think bigger.

      Hundreds of VMWare virtual disks is one place compression comes in handy. Without compression you'd need a multi-terabyte array. With compression, you only need half a terabyte.

      Another use is for backup servers, where storing hundreds of GB of data is important but speed is not (and you hate tapes).

      Another use is when your server fills up and you don't have a budget for new hardware until the next quarter.

      It all adds up to big hardware savings, and indeed is the only reason some of my servers -
  • by Anonymous Coward on Monday September 11, 2006 @10:05AM (#16081028)
    Those files were important! Sheißßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßß
  • Someone figure out how to apply this problem to Windows Media DRM and we'll get a fix in no time!
  • As a matter of policy, Microsoft generally doesn't fix bugs in already released software, with the exceptions of publicly known security flaws (and then only once a monthg), service packs (notice WinME has had zero service packs), and $50 hotfixes. Since Microsoft now depends on returning customers more than new customers, and their customers have little chance of switching vendors, they have every motivation to make older versions as unpalatable as possible.

    I personally haven't seen any files corrupted tho
    • by dtfinch ( 661405 ) *
      After a bit of checking, we have a 2000 server with the patch, and it has a number of compressed files, but none of the compressed files that were updated since the patch are roughly a multiple of 4k and mostly uncompressible, the two other requirements for corruption.
    • As a matter of policy, Microsoft generally doesn't fix bugs in already released software, with the exceptions of publicly known security flaws (and then only once a monthg)

      Not true; updates are released every tuesday.

      service packs (notice WinME has had zero service packs)

      While Win2k and XP have at least two each. ME was a crumby OS which was meant to have a new OS for people that had to have a new OS every couple of years.

      and $50 hotfixes

      I've never had to pay for a hotfix, nor has anyone that has gotten th
      • Most don't buy Windows; Windows comes with their new PC. Its 2006. Why is someone running a six year old operating system anyway?

        Uh, well, WinXP was released in 2001, so its only about a year and a half newer than Win2K. I really don't see a huge difference between running a 6.5 year old OS and running a 5 year old OS.

        Certainly they can if they want, but to expect support from the manufacter is silly. Hell, cars have warranties which expire sooner than that.

        So? Cars aren't very much like computer oper

        • Uh, well, WinXP was released in 2001, so its only about a year and a half newer than Win2K. I really don't see a huge difference between running a 6.5 year old OS and running a 5 year old OS.

          I dunno perhaps because there are a lot of changes in XP; namely that SP2 adds a bunch of stuff and fixes a huge amount of features. At the very least because they actually still sell XP.

          So? Cars aren't very much like computer operating systems.

          Yes. For some reason computer users expect their computer to be supported
  • by dave562 ( 969951 ) on Monday September 11, 2006 @11:25AM (#16081751) Journal
    This is a bit of a tangent, but a somewhat relevant one none the less. But first of all, bad Microsoft! You freaking imbilices (probably misspelled to show how dumb I am too.)

    Is anyone out there seriously using disk compression in a production environment? Didn't anyone teach you guys that disk compression is a crutch and not a solution? For as long as I've been working with servers, all of my mentors have led me to believe that it is pretty much generally accepted practice not to use disk compression due to the potential for data corruption and the performance hit your servers take. If you need to compress files to save space, throw them onto some LTO or DLT media and pull them completely offline.

    If you're working for a company that can't come up with more money for disk space, maybe you need to click on the Dice.com adds that are all over /. here.

    • Re: (Score:3, Informative)

      By default windows compresses all windowsupdate/service pack uninstall directories (i.e. c:\winnt\$NtUninstallKB123456$), it also compresses the dllcache directory (which keeps backups of system dlls and drivers)
      • by dave562 ( 969951 )
        In both instances, it makes sense to compress that data on a case by case basis. I'd draw the analogy to using .zip compression to compress a few files. The kind of compression that I'm saying is a bad idea to use is the compression that compresses EVERYTHING on the entire volume / partition. That's the kind of compression that will come back and bite you in the ass. I'm not sure if you remember the days of DOS 6.2 and DoubleSpace, but after experiencing that shoddy product first hand, I'm wary of trust
    • I have some compressed files. They're sparse files generated by a program that doesn't actually handle sparse files well. Conveniently, the program is smart enough to write all 0's to them, so I just compress the directory and be done with it. As I write this, I'm saving about 80% of the disk space they would otherwise use.

      They're not performance-critical, so in this case, Windows' compression is incredibly handy.

      Similarly, I have a few disc images that I keep around solely so I don't have to put DVDs in th
  • This is completely unacceptaLAMER!LAMER!LAMER!LAMER!...
  • ... makes such massive changes to the VM of a stable kernel that allows this sort of thing to happen in the first place?

    Oh wait...

Fast, cheap, good: pick two.

Working...