The MS08-068 patch introduced behavior changes in IIS 5.1 and above, particularly the inability to resolve the FQDN or host headers when browsing (or making a web service call) on the same machine to IIS sites using Windows Authentication.
KB Article ID: 896861 (http://support.microsoft.com/kb/896861 describes two methods to enable FQDN and host header name resolution when on the same server. Method #1: Specify Host Names, is stated
as the preferred method to fix this issue with name resolution.
My questions however are:
1) Does Method #1 in KB Article 896861 cause the server to again be vulnerable to SMB reflection attacks?
2) Does the MS08-068 patch represent a fix for SMB relay attacks (note relay not reflection)?