Windows Update KB885250

By on February 16, 2005

I support an older AppleShare IP Server (ASIP) that has been in service for us for years. It does everything we need it to do, is reasonably fast, and is easy as pie to maintain. So if it ain’t broke, don’t fix it. Right?

This particular ASIP machine primarily serves Mac clients (OS X and OS 9) but is also accessed by a handful of Winders clients, and has done so very well for years. Until last week that is. Any XP machine that has had Windows Update KB885250 applied can’t access the server. At all. Remove the update and all is well again.

I’ve suggested to the guy that maintains the PC’s that he just disable auto update and remove the update on the machines that need to get to the server, but he’s (understandably) reluctant to do that because it’d be a hassle, and other machines may one day need to get access to that machine; he doesn’t want to go back & undo a bunch of updates after the fact. His attitude is a lot like what I’d expect to hear from Microsoft; the client machines work fine for everything else, so the problem lies with the server. Fix the server.

ASIP is pretty much a retired product, having given way to OS X Server a few years back, so there are no forthcoming updates for the server. The only “update” would be to spend $1000 for an unlimited client license for OS X Server, which would be overkill in this case. No response yet to my complaints to Microsoft, and I’m not holding my breath waiting for one. I’m sure they’d be glad to sell me a Windows 2003 server to replace this one.

I’m certainly not the only one in this boat. There are still thousands of ASIP servers still in use around the world… Lots of them in schools with limited budgets. Are all of these places going to dump a perfectly good server that’s worked well for them for years because Microsoft broke something?

Reading Joe’s rant made me think of this issue. How many times does a Microsoft “update” or “bug fix” have serious unintended consequences that end up costing us money?

Gadgetopia

Comments

  1. Dave, I think this page addresses the same issue: http://www.microsoft.com/technet/security/bulletin/ms05-011.mspx

    It sounds like the security flaw being addressed is a bug in SMB, which would explain why it affects your file sharing. Given the apparent severity of the exploit, it may be a bad idea to leave this security update off of the Windows machines.

    Your third option for addressing this at the server level (aside from OSX and Windows Server) would be Linux. If you’re only using this machine as a file server, essentially Apple’s OSX license is a fancy way to pay $1000 for a Samba server, which is free. Then you should never have to pay anyone for it again. (I’m assuming, of course, that the patch in question hasn’t broken file services entirely on the client end.)

  2. Thanks for the thought, Joe. We’d briefly considered Linux, but putting a Linux box together that will do what we’re doing with ASIP involves a goodly amount of work, not to mention the steep learning curve getting to a decent comfort level with it.

    The main reason for my rant though is to point out the bull in a china shop attitude of Microsoft… They patch a security hole in SMB and break a solution that has worked without a hitch for a long time. Is it too much to ask that the OS maintain a consistent level of functionality after a seemingly insignificant update?

    There. I feel a little better getting that off my chest. Not much, but…

  3. I work for a smallish school district . I wasted 6 hours last week trying to find the root of this problem. Glad to finally see someone talking about it. Please post if you find a solution to this problem. We ended up uninstalling KB885250 from the affected machines. Not an ideal solution, particularly since we have 140 new winxp boxes on order. Anyone else with suggestions? Thanks.

  4. Jesse:

    If you’re not subscribed to the ASIP mailing list (link at the top of the page) you should do so now. I think I would’ve blown more than six hours finding this if I hadn’t read about it there first. There has been a bit of discussion there about it, but no solutions. Yet. (I’m hopeful.)

  5. We use a Win 98 machine as a file store on a P2P network. With KB 885250 installed on SP2 our Win XP workstations cannot ‘Save As’ to the Win 98 machine. It took an age to find the problem was an update, then had to search uninstall ten updates and re-install them manually to find the problem. This update requires a reboot so it will tell users there is an update waiting to be installed. If you go to custom install and deselect this update you will have the option of ‘not being reminded about this update again’. This works for us because we only have a few wolrkstations. Obviously a patch to this patch would be a better solution

  6. I have the same problem. I uninstalled Windows Patches one by one until I was able to connect to my Appleshare IP server, then reinstalled the other patches.

  7. Hi, The patch had been put on our SMTP servers.Now it seems the no of pople i can send mail at a time has reduced considerably .Could it be for this windows update ?

    Help me out if anyone can.

    rajiv.ranjan@uk.bp.com

  8. I just got finished resolving this issue on a smaller network. Fortunately, there was a system restore point established to which I rolled back and went the long route of downloading each update individually until I ran into the problem. Thus the birth of KB885250. Basically, I know it’s not the servers fault.

  9. I’ve noticed that adding KB885250 patch disables other network functionality. In particular, you can’t run Portable Thunderbird off of a network drive anymore.

  10. I’ve just gone through this problem, removed the hotfix, and now have a new problem that i’m unsure if it’s related or not, but seeing as it did work prior to the hotfix, it has me thinking.

    In MS Word (office XP) on a win2k pro station, i used to be able to convert to pdf (a button in the toolbar), which simply generated a .pdf file.

    This still happens, but now the original word file becomes read-only, and then disappears off the server (appleshare ip 6.3)

  11. Windows XP KB885250 makes Windows CE file server access unusable. When Explorer under XP tries to read content of a Windows CE device, it takes considerable amount of time to respond, some times a failure is declared Rather than uninstall this hot fix, is there any solution. When the 885250 is uninstalled there is no problem.

  12. KB 885250 replaces three files used by the system with different versions. For some reason the newer version used in KB 885250 breaks communications with ASIP and others. I ran into these problems when one of my users installed the update and then tried reaching our G4 server. Uninstalling KB 885250 cured the problem, but with SP2 on windows XP you have to uninstall SP2 to see KB885250 in Add or Remove Programs.

    There is a workaround for this. First, try getting the original files, Cscdll.dll, Mrxsmb.sys, and Rdbss.sys from a working machine or Windows install CD. Place them in a folder. Inside that folder, create a new folder called sp2 or something similar. Copy the files from the machine’s windows directory into the new folder. Create a batch file similar to the following:

    Rem this will replace bad files from KB885250 with known good ones Rem to run this from the computer and not a floppy, remove A:\ Rem and adjust the syntax accordingly. Rem created by Mark Olszewski 6/03/2005 Rem I take no responsibility for damages caused by this fix Rem Furthermore, this is not an approved fix by Microsoft copy A:\mrxsmb.sys “C:\Windows\Driver Cache\i386\Mrxsmb.sys” copy A:\mrxsmb.sys C:\Windows\system32\drivers\Mrxsmb.sys copy A:\Rdbss.sys C:\Windows\system32\drivers\Rdbss.sys copy A:\Cscdll.dll C:\Windows\system32\Cscdll.dll regsvr32 /s C:\Windows\system32\Cscdll.dll Rem Step 2 copy A:\sp2\mrxsmb.sys “C:\Windows\Driver Cache\i386\Mrxsmb.sys” copy A:\sp2\mrxsmb.sys C:\Windows\system32\drivers\Mrxsmb.sys copy A:\sp2\Rdbss.sys C:\Windows\system32\drivers\Rdbss.sys copy A:\Files\sp2\Cscdll.dll C:\Windows\system32\Cscdll.dll regsvr32 /s C:\Windows\system32\Cscdll.dll

    Reboot your machine. It should now work. I do not gaurantee that this will work in all cases;Furthermore, this is not an approved fix by Microsoft, and I take no responsibility for damages caused by this fix. Good Luck.

  13. Thanks for the info, Mark. Unfortunately (or not) I’ve changed jobs and no longer have responsibility for the ASIP server, so I can’t check it out. Anybody else able to give it a go?

  14. If you have SP2 installed, you can uninstall it by looking in your c:\windows directory. there is uninstall information for all patches in there.

  15. By uninstalling the hotfix you leave your pc vunerable to attack. Instead phone the microsoft support line.

    There is a hotfix from Microsoft that will fix this issue. basically the hotfix that you have KB885250 stops any SMB shares in Windows XP… the fix for this from Microsoft is KB895900. Phone them up and request it. It definately works when using a Win XP device connecting to the share on a Win CE device. I have tested it!

  16. Replace the ASIP server. Service Pack 3 will be out in a year and I know Microsoft will include 885250 in SP3. Apple is no different than Microsoft when it comes to forcing customers to upgrade. For example OS X transition to OS 9 and ASIP was dropped like it never existed. Another example is the support cycle for OS X, “you must purchase the upgrade to get all these new features” is what Apple tells you, however with no service packs you must purchase the upgrade to fix bugs.

  17. This is a bug, an Microsoft isn’t able to fix it ^^ I have to uninstall the update for using the ASIP Server of my company, I can use it with FTP, but there are too much differents in the data System for working over FTP. The result is: I like Mac a bit more again and my next computer will be an Apple ;)

  18. I ran the Norton Program to find and fix any window problems and it reported this as a Missing Program: “C:\WINDOWS\$NtUninstallkB898458$\ORUN32.EXE.

    The error message that came with this stated: One or more programs on your computer reference files that are inaccessible or cannot be found. This might cause the program to run inproperly or not at all. I there anything that can be done about this or does it really matter?

Comments are closed. If you have something you really want to say, email editors@gadgetopia.com and we‘ll get it added for you.