[BESAdmin-Announcements] Change in superseded patch policy
besadmin-announcements at bigmail.bigfix.com
besadmin-announcements at bigmail.bigfix.com
Wed Jun 14 23:01:38 PDT 2006
We have a slight change in the way that we handle superseded patches
from Microsoft.
Our previous policy marked every superseded Fixlet message to FALSE (so
that no computer would report the Fixlet message as relevant), but the
Fixlet message would stay under "All Fixlet messages" as a reference.
These superseded Fixlet messages would stay indefinitely.
In an effort to reduce the total number of Fixlet messages, our new
superseded patch policy will only keep superseded Fixlet messages for
one year. By removing the older superseded Fixlet messages, the Fixlet
"clutter" will be reduced and overall system performance will be
increased.
We are beginning the process of removing Fixlet messages from the
Patches for Windows sites according to this new policy. Only patches
superseded by an update that was released over a year ago (before June
2005) will be removed during this process. The initial set of superseded
Fixlet messages has already been removed, which includes all superseded
security bulletins released before June 2001.
Here is a list of Fixlet messages that have been removed already:
9800301 MS98-003: File Access Issue with IIS for Windows NT
9904101 MS99-041: RASMAN Security Descriptor Vulnerability
2000502 MS00-005: CORRUPT PATCH - Windows 98 and 98 SE
2003401 MS00-034: "UA Control" Vulnerability for Office 2000 -
(Network/Local/Admin Install)
2009401 MS00-094: Phone Book Service Buffer Overflow Vulnerability -
Windows NT
100101 MS01-001: Web Client Authentication Vulnerability in Office 2000
- (Local Install)
100104 MS01-001: Web Client Authentication Vulnerability in Office 2000
- Windows 2000/NT/XP (Administrative Install)
100105 MS01-001: Web Client Authentication Vulnerability in Office 2000
- Windows 9x/ME (Administrative Install)
100107 MS01-001: Web Client Authentication Vulnerability in Office 2000
- Windows 9x/ME (Network Install)
100108 MS01-001: Web Client Authentication Vulnerability in Office 2000
- Windows NT/2000/XP (Network Install)
100205 MS01-002: "Unchecked Buffer" in PowerPoint File Parser - (Local
Install)
100203 MS01-002: "Unchecked Buffer" in PowerPoint File Parser - Windows
2000/XP/NT (Administrative Install)
100201 MS01-002: "Unchecked Buffer" in PowerPoint File Parser - Windows
2000/XP/NT (Network Install)
100204 MS01-002: "Unchecked Buffer" in PowerPoint File Parser - Windows
95/98/ME (Administrative Install)
100202 MS01-002: "Unchecked Buffer" in PowerPoint File Parser - Windows
95/98/ME (Network Install)
100302 MS01-003: CORRUPT PATCH - Winsock Mutex Vulnerability
100301 MS01-003: Winsock Mutex Vulnerability
NOTE: Because we are only removing superseded Fixlet messages, we don't
expect any operational impact of this change.
We will continue this process of removing superseded Fixlet messages
over the next several weeks. Please contact BigFix Technical Support
(enterprisesupport at bigfix.com) if you have any questions.
BigFix Product Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20060614/db281f97/attachment.html
More information about the Besadmin-announcements
mailing list