[BESAdmin-Announcements] [Patches for Windows (English)] Content Modification Announcement - MS09-046 and MS09-062

[Announcements for BES Administrators]

Bigfix has modified content in the Patches for Windows (English) / Enterprise Security Site.

1.       The following Fixlet messages have modified descriptions to advise customers about Known Issues with applying MS09-046.

904601          MS09-046: Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution - Windows 2000 SP4
904602          MS09-046: Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution - Windows 2000 SP4 - CORRUPT PATCH
904603          MS09-046: Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution - Windows XP SP2/SP3
904604          MS09-046: Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution - Windows XP SP2/SP3 - CORRUPT PATCH
904605          MS09-046: Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution - Windows XP SP2 (x64)
904606          MS09-046: Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution - Windows XP SP2 (x64) - CORRUPT PATCH
904607          MS09-046: Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution - Windows Server 2003 SP2
904608          MS09-046: Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution - Windows Server 2003 SP2 - CORRUPT PATCH
904609          MS09-046: Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution - Windows Server 2003 SP2 (x64)
904610          MS09-046: Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution - Windows Server 2003 SP2 (x64) - CORRUPT PATCH

2.       The following Fixlet message has been modified to advise customers about the discrepancy between the applicability of the patch and published information about MS09-062 from Microsoft:

906279          MS09-062: Vulnerabilities in GDI+ Could Allow Remote Code Execution - Word Viewer 2003, Excel Viewer 2003

While Microsoft says that the patch is for Word Viewer 2003 Gold and Excel viewer 2003 Gold, only Office Word Viewer, Word Viewer 2003 SP3, and Excel Viewer 2003 SP3 will apply the patch correctly.

Patches for Windows (English) / Enterprise Security published version:  1296

BES administrators are encouraged to verify open actions and synchronize baselines that contain the modified content.  Instructions for synchronizing baselines can be found here: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=401.  Please contact BigFix Technical Support if you have any questions regarding this change.


--
BigFix Application Engineering Team

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20091202/445a6916/attachment.htm