Microsoft has released security bulletin MS07-058. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites:
After you apply this security update on a Windows Server 2003 Service Pack 1-based computer, an access violation error may occur in the W3wp.exe process. This problem may occur if the remote procedure call (RPC) over HTTP proxy networking component is enabled.
When this problem occurs, the following events are logged in the Application log:
Event Type: Error Event Source: Application Error Event Category: (100) Event ID: 1000 Date: Date Time: Time User: N/A Computer: ComputerName Description: Faulting application w3wp.exe, version 6.0.3790.1830, faulting module rpcrt4.dll, version 5.2.3790.2568, fault address 0x000362ba.
Event Type: Error Event Source: W3SVC Event Category: None Event ID: 1002 Date: Date Time: Time User: N/A Computer: ComputerName Description: Application pool 'DefaultAppPool' is being automatically disabled due to a series of failures in the process(es) serving that application pool.
This problem occurs because a notification is incorrectly sent to the application by using RPC over HTTP.
To resolve this problem, use one of the following methods:
Install Windows Server 2003 Service Pack 2 (SP2). For more information, click the following article number to view the article in the Microsoft Knowledge Base:
889100 How to obtain the latest service pack for Windows Server 2003
Install hotfix 917781.For more information about hotfix 917781, click the following article number to view the article in the Microsoft Knowledge Base:
917781 An access violation error may occur in the W3wp.exe process after you install hotfix 908521 or Security Update 933729 in Windows Server 2003 with Service Pack 1
Force the default branch to QFE at installation.For more information, click the following article number to view the article in the Microsoft Knowledge Base:
824994 Description of the contents of Windows XP Service Pack 2 and Windows Server 2003 software update packages
In this Microsoft Knowledge Base article, see the information in the "How to force the default branch to QFE at installation" section.
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000