[BESAdmin-Announcements] Content Modification Announcement - Patches for Windows (English) / Enterprise Security - Pending Restart Behavior
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Tue Nov 4 15:17:23 PST 2008
BigFix has modified content in the Patches for Windows (English) /
Enterprise Security site.
The following Fixlet messages have been modified to detect if the patch
that each applies has already been installed and is pending restart.
These Fixlet messages will not become relevant again unless the
applicability conditions are still satisfied after a system restart, but
other Fixlet messages which would previously have not applied until
after a system restart may now be applied without restart. This is due
to the addition of so-called "named pending restart" statements. Please
note that most recent BigFix content already employs this method where
applicable:
ID: 11203 UPDATE: Windows NT Service Pack 6a Available (High
Encryption)
ID: 11205 UPDATE: Windows NT 4.0, Terminal Server Edition, Service
Pack 6
ID: 13402 UPDATE: Windows XP Service Pack 1a Available
ID: 13404 UPDATE: Windows XP Service Pack 2 Available
ID: 15105 UPDATE: MDAC for SQL Server 6.5 and 7.0 - clustering
ID: 15106 UPDATE: MDAC for SQL Server 6.5 and 7.0 - 2.5 Installed
ID: 15109 UPDATE: MDAC 2.8 - Windows XP
ID: 2000501 MS00-005: "Malformed RTF Control Word" Vulnerability in
Windows 98 and 98 SE
ID: 200901 MS02-009: VBScript Handling Can Allow Web Pages to Read
Local Files - Windows 2000/XP
ID: 200903 MS02-009: VBScript Handling Can Allow Web Pages to Read
Local Files - Windows 98/ME/NT
ID: 200905 MS02-009: VBScript Handling Can Allow Web Pages to Read
Local Files - Windows 2000
ID: 200907 MS02-009: VBScript Handling Can Allow Web Pages to Read
Local Files - Windows 95/98/NT
ID: 200909 MS02-009: VBScript Handling Can Allow Web Pages to Read
Local Files - Windows 2000
ID: 200911 MS02-009: VBScript Handling Can Allow Web Pages to Read
Local Files - Windows 95/98/NT
ID: 204809 MS02-048: Flaw in Certificate Enrollment Control Could Allow
Deletion of Digital Certificates - Windows ME
ID: 205007 MS02-050: Certificate Validation Flaw Could Enable Identity
Spoofing in Windows 98
ID: 205008 MS02-050: Certificate Validation Flaw Could Enable Identity
Spoofing in Windows ME
ID: 205011 MS02-050: Certificate Validation Flaw Could Enable Identity
Spoofing in Windows 2000 - Service Pack 4 Installed
ID: 205405 MS02-054: Unchecked Buffer in File Decompression Functions
Could Lead to Code Execution - Windows 98 Plus!
ID: 205501 MS02-055: Unchecked Buffer in Windows Help Facility -
Windows 98
ID: 205502 MS02-055: Unchecked Buffer in Windows Help Facility -
Windows ME
ID: 205503 MS02-055: Unchecked Buffer in Windows Help Facility -
Windows NT
ID: 206001 MS02-060: Flaw in Windows XP Help and Support Center
ID: 23109 UPDATE: Internet Explorer 5.5 Service Pack 2 Available
ID: 23110 UPDATE: Outlook Express 5.5 Service Pack 2 Available
ID: 300704 MS03-007: Unchecked Buffer Could Cause Web Server Compromise
- Windows NT
ID: 300706 MS03-007: Unchecked Buffer Could Cause Web Server Compromise
- Windows NT Terminal Server
ID: 300707 MS03-007: Unchecked Buffer Could Cause Web Server Compromise
- Windows XP
ID: 300801 MS03-008: Flaw in Windows Script Engine 5.6 Could Allow Code
Execution - Windows XP / Windows 2000
ID: 300805 MS03-008: Flaw in Windows Script Engine 5.6 Could Allow Code
Execution - Windows NT / Windows 98 / Windows ME
ID: 300811 MS03-008: Flaw in Windows Script Engine 5.1 Could Allow Code
Execution - Windows 2000
ID: 300812 MS03-008: Flaw in Windows Script Engine 5.1 Could Allow Code
Execution - Windows NT / Windows 98 / Windows ME
ID: 300817 MS03-008: Flaw in Windows Script Engine 5.5 Could Allow Code
Execution - Windows 2000
ID: 300818 MS03-008: Flaw in Windows Script Engine 5.5 Could Allow Code
Execution - Windows NT / Windows 98 / Windows ME
ID: 301101 MS03-011: Flaw in Microsoft VM Could Enable System
Compromise - Windows 2000 SP2/SP3
ID: 301102 MS03-011: Flaw in Microsoft VM Could Enable System
Compromise - Windows NT/XP/95/98/ME
ID: 301105 MS03-011: Flaw in Microsoft VM Could Enable System
Compromise - Windows 2000 SP4
ID: 301109 MS03-011: Flaw in Microsoft VM Could Enable System
Compromise - Windows Server 2003
ID: 301803 MS03-018: May 2003 Cumulative Patch for Internet Information
Services 5.0
ID: 302201 MS03-022: Flaw in ISAPI Extension for Windows Media Services
Could Cause Code Execution
ID: 304901 MS03-049: Buffer Overrun in the Workstation Service Could
Allow Code Execution - Windows XP
ID: 305105 MS03-051: Buffer Overrun in Microsoft FrontPage Server
Extensions Could Allow Code Execution - FPSE 2000
ID: 305107 MS03-051: Buffer Overrun in Microsoft FrontPage Server
Extensions Could Allow Code Execution - FPSE 2002
ID: 305109 MS03-051: Buffer Overrun in Microsoft FrontPage Server
Extensions Could Allow Code Execution - SPTS 2002
ID: 33101 UPDATE: Front Page 2002 Server Extensions Update
ID: 45201 UPDATE: Windows Server 2003 Service Pack 1 Available
ID: 45204 UPDATE: Windows Server 2003 Service Pack 2 Available -
Windows XP/2003 (x64)
ID: 45302 UPDATE: Windows Server 2003 Service Pack 2 Available
ID: 601703 MS06-017: Vulnerability in Microsoft FrontPage Server
Extensions Could Allow Cross-Site Scripting - FPSE 2002 - Windows
2000/XP
ID: 601705 MS06-017: Vulnerability in Microsoft FrontPage Server
Extensions Could Allow Cross-Site Scripting - SPTS 2002 - Windows
2000/XP
ID: 601706 MS06-017: Vulnerability in Microsoft FrontPage Server
Extensions Could Allow Cross-Site Scripting - SPTS 2002 - Windows Server
2003
ID: 602308 MS06-023: Vulnerability in Microsoft JScript Could Allow
Remote Code Execution - Windows 98/ME
ID: 603301 MS06-033: Vulnerability in ASP.NET Could Allow Information
Disclosure - .NET Framework 2.0
ID: 603303 MS06-033: Vulnerability in ASP.NET Could Allow Information
Disclosure - .NET Framework 2.0 - Windows XP/2003 (x64)
ID: 604016 MS06-040: REVISED PATCH - Windows Server 2003 (v2,
re-released 9/12/2006)
ID: 701709 MS07-017: Vulnerabilities in GDI Could Allow Remote Code
Execution - Windows Vista
ID: 701711 MS07-017: Vulnerabilities in GDI Could Allow Remote Code
Execution - Windows Vista (x64)
ID: 701801 MS07-018: Vulnerabilities in Microsoft Content Management
Server Could Allow Remote Code Execution - MCMS 2001 SP1 - Windows 2000
ID: 701804 MS07-018: Vulnerabilities in Microsoft Content Management
Server Could Allow Remote Code Execution - MCMS 2002 SP2 (v2,
re-released 6/12/2007)
ID: 701805 MS07-018: Vulnerabilities in Microsoft Content Management
Server Could Allow Remote Code Execution - MCMS 2001 SP1 - Windows
XP/2003
ID: 702109 MS07-021: Vulnerabilities in CSRSS Could Allow Remote Code
Execution - Windows Vista
ID: 702111 MS07-021: Vulnerabilities in CSRSS Could Allow Remote Code
Execution - Windows Vista (x64)
ID: 703201 MS07-032: Vulnerability in Windows Vista Could Allow
Information Disclosure - Windows Vista
ID: 703203 MS07-032: Vulnerability in Windows Vista Could Allow
Information Disclosure - Windows Vista (x64)
ID: 703411 MS07-034: Cumulative Security Update for Outlook Express and
Windows Mail - Windows Vista
ID: 703413 MS07-034: Cumulative Security Update for Outlook Express and
Windows Mail - Windows Vista (x64)
ID: 703803 MS07-038: Vulnerability in Windows Vista Firewall Could
Allow Information Disclosure - Windows Vista (v2, re-released 8/14/2007)
ID: 703804 MS07-038: Vulnerability in Windows Vista Firewall Could
Allow Information Disclosure - Windows Vista (x64) (v2, re-released
8/14/2007)
ID: 704011 MS07-040: Vulnerabilities in .NET Framework Could Allow
Remote Code Execution - .NET Framework 2.0 - Windows Vista
ID: 704019 MS07-040: Vulnerabilities in .NET Framework Could Allow
Remote Code Execution - .NET Framework 2.0 - Windows Vista (x64)
ID: 704231 MS07-042: Vulnerability in Microsoft XML Core Services Could
Allow Remote Code Execution - XML Core Services 4.0 SP2
ID: 704233 MS07-042: Vulnerability in Microsoft XML Core Services Could
Allow Remote Code Execution - XML Core Services 4.0 SP2 (x64)
ID: 704235 MS07-042: Vulnerability in Microsoft XML Core Services Could
Allow Remote Code Execution - XML Core Services 6.0 - Windows
2000/XP/2003
ID: 704239 MS07-042: Vulnerability in Microsoft XML Core Services Could
Allow Remote Code Execution - XML Core Services 6.0 - Windows XP/2003
(x64)
ID: 704263 MS07-042: Vulnerability in Microsoft XML Core Services Could
Allow Remote Code Execution - XML Core Services 3.0 - Windows Vista
ID: 704267 MS07-042: Vulnerability in Microsoft XML Core Services Could
Allow Remote Code Execution - XML Core Services 6.0 - Windows Vista
ID: 704269 MS07-042: Vulnerability in Microsoft XML Core Services Could
Allow Remote Code Execution - XML Core Services 6.0 - Windows Vista
(x64)
ID: 704271 MS07-042: Vulnerability in Microsoft XML Core Services Could
Allow Remote Code Execution - XML Core Services 3.0 - Windows Vista
(x64)
ID: 704711 MS07-047: Vulnerabilities in Windows Media Player Could
Allow Remote Code Execution - Windows Media Player 11 - Windows Vista
ID: 704715 MS07-047: Vulnerabilities in Windows Media Player Could
Allow Remote Code Execution - Windows Media Player 11 - Windows Vista
(x64)
ID: 704803 MS07-048: Vulnerabilities in Windows Gadgets Could Allow
Remote Code Execution - Windows Vista (x64)
ID: 704925 MS07-049: Vulnerability in Virtual PC and Virtual Server
Could Allow Elevation of Privilege - Virtual Server 2005 Standard
Edition (v2, re-released 11/13/2007)
ID: 704927 MS07-049: Vulnerability in Virtual PC and Virtual Server
Could Allow Elevation of Privilege - Virtual Server 2005 Enterprise
Edition (v2, re-released 11/13/2007)
ID: 704929 MS07-049: Vulnerability in Virtual PC and Virtual Server
Could Allow Elevation of Privilege - Virtual Server 2005 Standard
Edition R2 (v2, re-released 11/13/2007)
ID: 704931 MS07-049: Vulnerability in Virtual PC and Virtual Server
Could Allow Elevation of Privilege - Virtual Server 2005 Enterprise
Edition R2 (v2, re-released 11/13/2007)
ID: 704933 MS07-049: Vulnerability in Virtual PC and Virtual Server
Could Allow Elevation of Privilege - Virtual Server 2005 Standard
Edition R2 (x64) (v2, re-released 11/13/2007)
ID: 704935 MS07-049: Vulnerability in Virtual PC and Virtual Server
Could Allow Elevation of Privilege - Virtual Server 2005 Enterprise
Edition R2 (x64) (v2, re-released 11/13/2007)
ID: 705013 MS07-050: Vulnerability in Vector Markup Language Could
Allow Remote Code Execution - IE 7 - Windows Vista
ID: 705019 MS07-050: Vulnerability in Vector Markup Language Could
Allow Remote Code Execution - IE 7 - Windows Vista (x64)
ID: 800815 MS08-008: Vulnerability in OLE Automation Could Allow Remote
Code Execution - Visual Basic 6.0 SP6
ID: 800817 MS08-008: Vulnerability in OLE Automation Could Allow Remote
Code Execution - Visual Basic 6.0 SP6 (x64)
ID: 82802601 828026: Update for Windows Media Player Script
Commands - WinXP, Win2000, 2003 Server
ID: 82802602 828026: Update for Windows Media Player Script
Commands - WinME
ID: 82802603 828026: Update for Windows Media Player Script
Commands - Win NT 4 Server
ID: 83235301 832353: URL Script commands - WinXP, Win2000, Win2003
Server
ID: 83235302 832353: URL Script commands - WinME
ID: 83235303 832353: URL Script commands - WinNT 4.0 Server
ID: 92530801 925308: Compressed files that are larger than 4
kilobytes may be corrupted when you create or update the files - Windows
2000 SP4
ID: 9904901 MS99-049: "File Access URL" Vulnerability in Windows 98
ID: 9904902 MS99-049: "File Access URL" Vulnerability in Windows 95
ID: 9905201 MS99-052: Legacy Credential Caching Vulnerability in Windows
98
BES administrators are encouraged to verify open actions and synchronize
baselines that contain the modified content. Instructions for
synchronizing baselines can be found here:
http://support.bigfix.com/cgi-bin/kbdirect.pl?id=401. Please contact
BigFix Technical Support if you have any questions regarding this
change.
--
BigFix Product Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20081104/dffd7a92/attachment.htm
More information about the Besadmin-announcements
mailing list