[BESAdmin-Announcements] Content Modification Announcement

Fri Sep 2 08:37:29 PDT 2005

Due to customer demand, significant content modifications will now be
announced to this list in an effort to keep BES Administrators informed of
changes in your BES environment. Several modifications are documented in
this announcement.

Virus Detection Fixlet Messages:

We currently publish virus detection Fixlet messages for major worms and
viruses. They are available on the "Client Manager for AntiVirus" Fixlet
site. Previously, the Fixlet message relevance considered a computer
infected if any trace of the virus or worm was detected on the computer
(registry keys, files, etc.). However, this would sometimes lead to
false-positives if virus removal products did not fully clean out all the
traces or if the registry keys or files existed for other reasons (as was
the case with the latest W32.Esbot.A Fixlet message that had false positives
on some computers due to an existing file). All the virus detection Fixlet
messages have been updated and we have changed our Fixlet creation practices
for the virus detection content to reduce the likelihood of these
false-positives in the future. We apologize for any inconveniences that
these may have caused.

Outlook Express Patch Supersedence:

Several modifications have been made in the "Enterprise Security" Fixlet
site to properly address the supersedence relationship in Outlook Express
security patches (MS04-013, MS04-018, and MS05-030). Some of these changes
were made due to a modification to Microsoft security bulletin MS05-030
regarding patch replacement and installation order. See the FAQ section of
the security bulletin for more information:
<http://www.microsoft.com/technet/security/bulletin/MS05-030.mspx>
http://www.microsoft.com/technet/security/bulletin/MS05-030.mspx

In particular, the following changes were made:

-          MS05-030 - Added additional warning text regarding patch
installation order. (Fixlet ID's 503001 ~ 503006)

-          MS04-018 - Added additional warning text regarding patch
installation order. (Fixlet ID's 401803 ~ 401810)

-          MS04-018 - Fixlet messages that were previously "partially
superseded" are now reverted to be relevant on all supported operating
systems. (401807, 401808 will now be relevant on Windows 2000 SP3/SP4 and
Windows XP, 401803, 401804 will now be relevant on Windows 2000 SP3/SP4)

-          MS04-013 - Content superseded by MS04-018 (401301, 401302
partially superseded, will now only be relevant on Windows ME and Windows
2000 SP2, 401303 ~ 401308 have been completely superseded)

MS05-035 Office XP SP3 Relevance:

Several weeks ago, an additional relevance was added to the MS05-035 Office
XP content in the "Enterprise Security" Fixlet site to restrict the
relevance to computers with Office XP SP3 installed. The relevance was
discovered to not correctly detect Office XP SP3 on certain Office XP
products. The relevance has been updated to address this issue. BES
Administrators are encouraged to verify relevant computers for MS05-035, as
computers previously not reporting relevant may now be relevant.

Please contact BigFix Technical Support (
<mailto:enterprisesupport at bigfix.com> enterprisesupport at bigfix.com) if you
have any questions regarding any of the above content modifications.

BigFix Product Team

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20050902/2c59c309/attachment.html