Did a Security Patch Bust SharePoint Server 3.0?

A recent security patch for Microsoft's SharePoint Server 3.0 seems to be giving systems administrators fits and causing the popular collaboration platform to crash, according to reports on Microsoft's TechNet Forums.

The patch, Microsoft Security Bulletin MS10-039, shipped as part of last week's Patch Tuesday patch release and carried a severity rating of "important" -- the second-highest rating on Microsoft's (NASDAQ: MSFT) security scale. The patch is meant to correct a security hole that could, if successfully exploited, lead to an attacker being able to elevate his or her user privileges on SharePoint Server 3.0.

While system adminsitrators may have been counting on the patch for improved security, multiple posters to the SharePoint forums reported that after installation, they got an error message that said: "Unable to connect to the configuration database." At that point, the software froze.

"None of the suggested fixes worked. I uninstalled and re-installed WSS [Windows SharePoint Server] 3.0, and we could get to our SP [SharePoint] site again. But of course... [the patch] was installed again last night, and now the site is broken, again!!!" said one user with the screen name JohnB352.

Some users were able to fix their problems with help from other forum users -- but others found themselves hamstrung. In some cases, the patch for Microsoft SharePoint Server 3.0 would not uninstall.

"I ran the SharePoint Products and Configuration Wizard after the installation (including a restart) but it got stuck at the 9 of 10 tasks ... The point is that I can't deinstall the [MS10-039] update," said a user who goes by the screen name Barnabeck.

In response, Microsoft said it is taking steps to narrow down the problem.

"Microsoft is investigating new public claims of a possible installation issue involving MS10-039, a bulletin issued in the June update," Jerry Bryant, group manager for response communications in the Microsoft Security Response Center, said in an e-mail to InternetNews.com. "We will make further guidance available if necessary once our investigation is complete."

Microsoft releases most of the security patches it distributes on the second Tuesday of each month -- thus the epithet Patch Tuesday.

June's Patch Tuesday drop was one of the largest in Microsoft's history, although only a handful of patches were rated "critical," the company's highest threat level.

If Microsoft finds a reason to withdraw the new SharePoint update, it wouldn't be the first time it's done so in recent memory.

In February, after a rash of "blue screen" crashes and uncontrolled reboots on Windows XP machines following a patch installation, Microsoft pulled the update from its site and its various updating services. However, it later reinstated the patch after its security researchers discovered that the problems were really caused by rootkit infections on the affected PCs.

SharePoint 2010, which began shipping to enterprise customers in mid-May, is apparently not affected by the problems, and neither is SharePoint 2007.

The problems with MS10-039 were first reported by Woody Leonhard, editor of Woody's Office Watch, in InfoWorld.

Stuart J. Johnston is a contributing writer at InternetNews.com, the news service of Internet.com, the network for technology professionals.

Tags: Microsoft, SharePoint, Patch Tuesday, security