Microsoft KB Archive/816457

= Description of ISA Server changes that are included in Small Business Server 2003 Premium Edition =

Article ID: 816457

Article Last Modified on 12/3/2007

-

APPLIES TO


 * Microsoft Internet Security and Acceleration Server 2000 Standard Edition
 * Microsoft Internet Security and Acceleration Server 2000 Service Pack 1
 * Microsoft Windows Small Business Server 2003 Premium Edition
 * Microsoft Windows Small Business Server 2003 Standard Edition

-



SUMMARY
The version of Microsoft Internet Security and Acceleration (ISA) Server 2000 that is included with Microsoft Small Business Server (SBS) 2003 Premium Edition installs with a predefined set of updates. Generally, they include ISA Server 2000 Service Pack 1 and all ISA security patches that were released between Service Pack 1 and the release of SBS 2003 Premium Edition.

This article describes the difference between the release version of ISA Server 2000 and the version that is included with SBS 2003 Premium Edition.



MORE INFORMATION
If you select to install ISA Server 2000 under SBS 2003 Premium Edition, the release version of ISA Server 2000 is installed together with the updates that appear later in this article. Therefore, the version information of the ISA Server 2000 files that are included with SBS 2003 Premium Edition may be different from the release version numbers depending on whether the updated file is included with SBS 2003 Premium Edition.

ISA Server 2000 updates that are included in SBS 2003 Premium Edition
If you select to install ISA Server 2000 under SBS 2003 Premium Edition, ISA Server 2000 is installed with the following updates:

313249 List of bugs fixed by Internet Security and Acceleration Server 2000 service packs

323889 Unchecked buffer in Gopher protocol handler can run code of attacker's choice

331062 Running ISA Server on Windows Server 2003

331065 MS03-009: A problem in the ISA Server DNS intrusion detection filter may cause denial of service

331066 MS03-012: Flaw in Winsock proxy service can cause denial of service

815051 The Firewall client does not support the ConnectEx and WSARecvMsg APIs

816456 MS03-028: Flaw in ISA Server error pages could allow cross-site scripting attack

Note If you install ISA Server 2000 under SBS 2003 Premium Edition, you cannot remove any of the fixes that appear in the previous list by using the Add or Remove Programs tool in Control Panel. Also, to run ISA Server 2000 under SBS 2003 Premium Edition, you must have these fixes installed.

Note If you upgrade from SBS 2000 to SBS 2003 Premium Edition by using the SBS Upgrade Wizard, any existing ISA Server installation will remain unchanged. Therefore, Microsoft highly recommends that you run ISA Setup from the SBS 2003 Premium Edition CD-ROM in this scenario because this ISA Setup installs ISA Server 2000 with all the updates that appear in the previous list included.

The version of ISA Server 2000 that is included with SBS 2003 Premium Edition also includes a fix for the Simple Mail Transfer Protocol (SMTP) Application Filter sample that is included with the Microsoft ISA Server Software Development Kit (SDK). The issue that is fixed is related to a potential buffer overrun.

ISA Server 2000 Setup that is included with SBS 2003 Premium Edition also contains some differences from a typical ISA Server setup. The files that have been modified to make these changes have the version number &quot;3.0.1200.290&quot;. The English versions of these files have the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.   Date         Time   Version       Size     File name ---  10-Aug-2003  23:43  3.0.1200.290   58,128  Latui.dll 10-Aug-2003 23:43  3.0.1200.290  516,880  Stpsrvex.dll 10-Aug-2003 23:41  3.0.1200.290   30,992  W3pinet.dll

ISA Server 2000 Setup differences in SBS 2003 Premium Edition
The following changes have been made to the version of ISA Server 2000 Setup that is included with SBS 2003 Premium Edition:
 * ISA Server 2000 Setup has been modified to automatically include the 192.168. . subnet in the Local Address Table (LAT) to make this subnet the internal network from an ISA point of view. The other private ranges will not be included in the LAT unless you specifically select them when you construct the LAT.
 * At the end of the ISA Server 2000 Setup process, the SBS 2003 Internet Connection Wizard starts automatically. By default, the check box for the option to start ISA Management after Setup has completed is cleared in SBS 2003 Premium Edition.

Note The H.323 hotfix that is included with SBS 2003 Premium Edition is hotfix 3.0.1200.285. The H.323 hotfix that the following Microsoft Knowledge Base (KB) article describes is a later version (3.0.1200.291) that includes other fixes:

816458 Hotfix Rollup Package For H.323 Application Filter

Therefore, Microsoft highly recommends that SBS 2003 Premium users upgrade to the latest version of this fix by following the instructions in Microsoft Security Bulletin MS04-001. For more information, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/bulletin/MS04-001.mspx

If you try to install ISA Server 2000 from the SBS 2003 Premium Edition Evaluation version on a computer that is not running the Evaluation version of SBS 2003 Premium Edition, you will receive the following error message:

The system’s version could not be verified by Setup. The following error was returned: Access is denied.

Keywords: kbinfo KB816457

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.