DOCUMENT:Q147222

TITLE   :Group of Hotfixes for Exchange 5.5 and IIS 4.0

PRODUCT :Microsoft Windows NT, Exchange Server, IIS

PROD/VER:4.00

OPER/SYS:WINDOWS

KEYWORDS:kbbug kbfix4.00 kbinterop kbpatch ntinterop ntsrv



--------------------------------------------------------------------------

The information in this article applies to:



 - Microsoft Windows NT Server version 4.0

 - Microsoft Windows NT Server Enterprise Edition version 4.0

 - Microsoft Cluster Server version 1.0

 - Microsoft Transaction Server version 2.0

 - Microsoft Internet Information Server version 4.0

 - Microsoft Exchange Server version 5.5

--------------------------------------------------------------------------



SYMPTOMS

========



Access Violation in Explorer.exe

--------------------------------



An Access Violation occurs in Windows NT Explorer (Explorer.exe) and other

applications while running Microsoft Transaction Server (MTS).



During server process (package) shutdown, an uninitialized hWnd stack

variable causes a broadcast message with invalid data. This causes

currently running programs (including Explorer.exe) to stop responding

(hang) or restart due to an Access Violation.



DCOM Fails with 80010111 When Client and Server are on Same Node

----------------------------------------------------------------



If a Distributed COM (DCOM) client and server are on the same computer and

the client uses anything other than the computer's NetBIOS name to refer to

the server, the call receives errors about invalid headers on packets.



The specific case that impacts Microsoft Cluster Server (MSCS) is when a

virtual server name is used. The virtual server name is registered with an

IP address that is bound to a node (computer) in the cluster. This is done

so the IP address can be failed over to another node in the cluster without

clients needing to know of the change.



The problem arises when a server on one of the computers uses the service

of another server in the cluster. If, because of failure or administrator

action, the two servers end up on the same computer, DCOM fails. The

virtual server name and IP address have to be used because the location of

the servers may change.



Windows NT 4.0 RPC Binds Hang When the Server Is Restarted

----------------------------------------------------------



When using RPC over TCP/IP, binds may hang if the server is restarted when

a bind is outstanding. It takes about two hours for TCP/IP to recover from

this.



IIS/ASP Security Context Becomes Corrupt Under Stress

-----------------------------------------------------



Under stress, a script that is supposed to run under the security context

of a specific user may run as System instead. Running under the wrong

security context can result in incorrect file access, incorrect component

availability, and incorrect component capabilities.



Potential Security Hole With Out-of-Process Applications

--------------------------------------------------------



If there are out-of-process Transaction Server packages using role-based

security, it is possible for someone who has access to the computer to

spoof the identity that the MTS package believes is calling the package.

The scenario described is extremely rare, but the fix eliminates the

possibility completely.



A side effect of this fix is that all out-of-process components configured

to "Activate as Activator" will now run under the context of the System

user, where formerly they would run under a non-deterministic user context.



RESOLUTION

==========



To resolve this problem, obtain the following fix or wait for the next

Windows NT service pack.



This hotfix has been posted to the following Internet location:



   ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40/

   hotfixes-postSP3/roll-up/



NOTE: The above link is one path; it has been wrapped for readability.



If you use Cluster Services with Microsoft Exchange Server version 5.5, you

must also install the Cluster hotfixes.



This hotfix has been posted to the following Internet location:



   ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40/

   hotfixes-postSP3/roll-up/cluster/



NOTE: The above link is one path; it has been wrapped for readability.



STATUS

======



Microsoft has confirmed these to be problems in the products listed at the

beginning of this article. A supported fix is now available, but has not 

been fully regression-tested and should be applied only to systems 

experiencing this specific problem. Unless you are severely impacted by 

this specific problem, Microsoft recommends that you wait for the next 

Service Pack that contains this fix. Contact Microsoft Technical Support 

for more information.



Additional query words: 1.00 2.00 4.00 k2



============================================================================



THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS

PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND.  MICROSOFT DISCLAIMS

ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES

OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  IN NO

EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR

ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL,

CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF

MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE

POSSIBILITY OF SUCH DAMAGES.  SOME STATES DO NOT ALLOW THE EXCLUSION

OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES

SO THE FOREGOING LIMITATION MAY NOT APPLY.