[BESAdmin-Announcements] Content Modification Announcement - SANS Update

besadmin-announcements at bigmail.bigfix.com besadmin-announcements at bigmail.bigfix.com
Wed Feb 22 17:07:25 PST 2006 

As announced in a previous email, the SANS Top Vulnerabilities Fixlet
site has been updated today to migrate to the new vulnerability list
published by SANS at the end of last year. This change includes
modifications to existing SANS content, as well as new Fixlet messages,
tasks, and analyses that help customers protect against the new SANS Top
Vulnerabilities in Windows Systems list.

 

Example new SANS content includes:

 

Tasks:

 

"W01: Windows Services - Delete Network Share"

"W03: Windows Libraries - Register OLE controls"

"W03: Windows Libraries - Un-register OLE controls"

"W05: Windows Configuration Weaknesses - Install URLScan 2.5"

"W05: Windows Configuration Weaknesses - Uninstall URLScan 2.5"

"W05: Windows Configuration Weaknesses - Run IIS Lockdown Tool"

"W05: Windows Configuration Weaknesses - Undo IIS Lockdown"

 

Analyses:

 

"W01: Windows Services - Network Shares"

"W01: Windows Services - Service States"

 

Fixlet messages:

 

"W04: Microsoft Office and Outlook Express - "Browse in Same Window"
Enabled - Excel"

"W04: Microsoft Office and Outlook Express - "Browse in Same Window"
Enabled - PowerPoint"

"W04: Microsoft Office and Outlook Express - "Browse in Same Window"
Enabled - Word"

"W04: Microsoft Office and Outlook Express - "Confirm After Download"
Disabled - Excel"

"W04: Microsoft Office and Outlook Express - "Confirm After Download"
Disabled - PowerPoint"

"W04: Microsoft Office and Outlook Express - "Confirm After Download"
Disabled - Word"

 

In addition, SANS information across all "Patches for Windows" sites
have been updated to reflect the new list. More information about SANS
and the new Top Twenty list is available at: http://www.sans.org/top20.
Contact BigFix Technical Support (enterprisesupport at bigfix.com) if you
have any questions regarding these changes.

 

BigFix Product Team

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20060222/9629b78f/attachment.html

More information about the Besadmin-announcements mailing list