Group of Hotfixes for Exchange 5.5 and IIS 4.0

• Microsoft Windows NT Server version 4.0
• Microsoft Windows NT Server Enterprise Edition version 4.0
• Microsoft Cluster Server version 1.0
• Microsoft Transaction Server version 2.0
• Microsoft Internet Information Server version 4.0
• Microsoft Exchange Server version 5.5

SYMPTOMS

Access Violation in Explorer.exe

An Access Violation occurs in Windows NT Explorer (Explorer.exe) and other applications while running Microsoft Transaction Server (MTS).

During server process (package) shutdown, an uninitialized hWnd stack variable causes a broadcast message with invalid data. This causes currently running programs (including Explorer.exe) to stop responding (hang) or restart due to an Access Violation.

DCOM Fails with 80010111 When Client and Server are on Same Node

If a Distributed COM (DCOM) client and server are on the same computer and the client uses anything other than the computer's NetBIOS name to refer to the server, the call receives errors about invalid headers on packets.

The specific case that impacts Microsoft Cluster Server (MSCS) is when a virtual server name is used. The virtual server name is registered with an IP address that is bound to a node (computer) in the cluster. This is done so the IP address can be failed over to another node in the cluster without clients needing to know of the change.

The problem arises when a server on one of the computers uses the service of another server in the cluster. If, because of failure or administrator action, the two servers end up on the same computer, DCOM fails. The virtual server name and IP address have to be used because the location of the servers may change.

Windows NT 4.0 RPC Binds Hang When the Server Is Restarted

When using RPC over TCP/IP, binds may hang if the server is restarted when a bind is outstanding. It takes about two hours for TCP/IP to recover from this.

IIS/ASP Security Context Becomes Corrupt Under Stress

Under stress, a script that is supposed to run under the security context of a specific user may run as System instead. Running under the wrong security context can result in incorrect file access, incorrect component availability, and incorrect component capabilities.

Problem with calling Out-of-Process Applications using Role-based Security

If there are out-of-process Transaction Server packages using role-based security, it is possible for someone who has access to the computer to spoof the identity that the MTS package believes is calling the package. The scenario described is extremely rare, but the fix eliminates the possibility completely.

A side effect of this fix is that all out-of-process components configured to "Activate as Activator" will now run under the context of the System user, where formerly they would run under a non-deterministic user context.

RESOLUTION

To resolve this problem, obtain the following fix or wait for the next Windows NT service pack.

This hotfix has been posted to the following Internet location (do not install the Roll-up hotfix if you have previously installed the Cluster hotfix):

   ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40/
   hotfixes-postSP3/roll-up/

If you use Cluster Services with Microsoft Exchange Server version 5.5, you must also install the Cluster hotfixes.

This hotfix has been posted to the following Internet location:

   ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40/
   hotfixes-postSP3/roll-up/cluster/

STATUS

Microsoft has confirmed these to be problems in the products listed at the beginning of this article. A supported fix is now available, but has not been fully regression-tested and should be applied only to systems experiencing this specific problem. Unless you are severely impacted by this specific problem, Microsoft recommends that you wait for the next Service Pack that contains this fix. Contact Microsoft Technical Support for more information.