Image Mosaics and Cached Image Services Potentailly Affected by KB 3029944

3858
1
02-25-2015 03:14 PM
DavidColey
Frequent Contributor

Hello and potential word to the wise:

We experienced a fairly heavy impact on all of our cache map and image services after applying the February MS update titled above.  I beleive the KB:

https://technet.microsoft.com/library/security/MS15-016

Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3029944)

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow information disclosure if a user browses to a website containing a specially crafted TIFF image. This vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.

Caused some type of conflict that affected the ability of ArcServer to read all of the source rasters from our Imagery Share.  All day we experienced tile draw errors (large and small empty squares) after applying this update to our Windows Server 2008R2 file server. Of course, these tiffs in turn source all of our ImageMosaics that in turn source all of our Image Services.

I suspect once ArcServers ability to read the source rasters was affected, that then affected all of our cache services such that we had suffered draw errors accross the board as the ArcServer logs reported draw errors all day.

We rolled back the updates, rebooted the machine and all seems fine now.

Thanks

David

0 Kudos
1 Reply
DavidColey
Frequent Contributor

Hi all-

It turns out that the above KB is not the above problem. We removed MS15-06 from our update list, re-ran the remaining MS updates, and the problem resurfaced immeditaly AND affected re-draws of dynamic services as well, suggesting some type of communication effect....

While it seemed reasonable that particular KB (MS?) might be the problem for the reasons I outlined, I really have no idea.  Here is the list of updates our IT seleced to apply for our environment (All windows server 2008r2 sp1 for all file, gis tier, web tier and database tier (sql server 2012 rdbms)):

MS15-009

Security Update for Internet Explorer (3034682)

MS15-010

Vulnerabilities in Windows Kernel-Mode Driver Could Allow Remote Code Execution (3036220)

MS15-011

Vulnerability in Group Policy Could Allow Remote Code Execution (3000483)

MS15-012

Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3032328)

MS15-013

Vulnerability in Microsoft Office Could Allow Security Feature Bypass (3033857

MS15-014

Vulnerability in Group Policy Could Allow Security Feature Bypass (3004361)

MS15-016

Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3029944)


Vulnerability in Virtual Machine Manager Could Allow Elevation of Privilege (3035898)

Any one of these (or none of these) could be the problem, but clearly there is more going on with us.  We have suspended server updates for this month until we can figure this out.

0 Kudos