[BESAdmin-Announcements] [Security Configuration Management] Content Modification

[Announcements for BES Administrators]

BigFix has modified the content within several of the Security Configuration Management checklist sites.  The following sites / Fixlet messages have been updated.

SCM Checklist for FDCC on Windows XP
------------------------------------------------

* ID:  90000         Security Patches Up-To-Date - Fixlet updated to resolve an issue with proper encoding of a percent symbol when used in a directory path and referencing a system variable such as %systemroot%.

Note: Although this particular issue has been resolved, we have identified two issues in the SCAP data stream that will prevent the Fixlet from ever becoming relevant.  We have opened a JTRAC issue with NIST to resolve the issue with the data stream and expect an update to the underlying OVAL definitions to resolve this issue in a future release.  The JTRAC tracking numbers are:

SCAPWEB-6 - https://services.nvd.nist.gov/jira/browse/SCAPWEB-6
SCAPWEB-7 - https://services.nvd.nist.gov/jira/browse/SCAPWEB-7


SCM Checklist for FDCC on Windows XP Firewall
----------------------------------------------------------

The following Fixlets were updated to resolve an issue with proper encoding of a percent symbol when used in a directory path and referencing a system variable such as %systemroot%.

* ID: 5002            Allow Logging: Log Path (CCE-2923-1)

SCM Checklist for FDCC on Windows Vista Firewall
-------------------------------------------------------------

The following Fixlets were updated to resolve an issue with proper encoding of a percent symbol when used in a directory path and referencing a system variable such as %systemroot%.

* ID: 5009            Name (CCE-4206-9)
* ID: 5010            Name (CCE-2533-8)
* ID: 5018            Name (CCE-4639-1)

SCM Checklist for FDCC on Internet Explorer 7
--------------------------------------------------------

* ID: 90000          Security Patches Up-to-Date - This configuration check has been confirmed and added to the site.

SCM Checklist for FDCC on Windows Vista
--------------------------------------------------------

* ID: 90000          Security Patches Up-to-Date - This configuration check has been confirmed and added to the site.

SCM Reporting
------------------

* The SCAP Import Wizard was updated to resolve the percent encoding issue for content generated from an SCAP-expressed data stream.   Content that includes reference to a system variable such as %systemroot% will be handled properly.

* Note that the SCAP Import Wizard has a known issue that prevents the successful generation of patch related content, including the Security Patches Up-to-Date check.  This will be resolved in a future content maintenance release.


Although unlikely that baselines are being used with Security Configuration Management content BES administrators are encouraged to verify open actions and synchronize baselines that contain the modified content.  Instructions for synchronizing baselines can be found here: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=401.  Please contact BigFix Technical Support if you have any questions regarding this change.


-- BigFix Application Engineering Team

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20091104/8a67f73c/attachment.htm