[BESAdmin-Announcements] [Patches for Windows (English)] Content Modification Announcement - MS09-051, MS09-054, MS09-055, MS09-056, MS09-057, MS09-061, MS09-062

Announcements for BES Administrators besadmin-announcements at bigmail.bigfix.com
Fri Oct 16 13:28:55 PDT 2009 

Bigfix has modified content in the Patches for Windows (English) / Enterprise Security Site. 

The following fixlets have updated descriptions and titles:

905433                  MS09-054: Cumulative Security Update for Internet Explorer - Internet Explorer 8 - Windows Server 2003 SP2       
905434                  MS09-054: Cumulative Security Update for Internet Explorer - Internet Explorer 8 - Windows Server 2003 SP2 - CORRUPT PATCH   
906103                  MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution - .NET Framework 2.0 SP1/3.5 - Windows 2000 SP4 / XP SP2/SP3 / Server 2003 SP2       
906104                  MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution - .NET Framework 2.0 SP1/3.5 - Windows 2000 SP4 / XP SP2/SP3 / Server 2003 SP2 - CORRUPT PATCH 
906105                  MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution - .NET Framework 2.0 SP2 / 3.5 SP1 - Windows 2000 SP4 / XP SP2/SP3 / Server 2003 SP2             
906106                  MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution - .NET Framework 2.0 SP2 / 3.5 SP1 - Windows 2000 SP4 / XP SP2/SP3 / Server 2003 SP2 - CORRUPT PATCH       
906107                  MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution - .NET Framework 1.0 SP3 (Media Center / Windows XP Tablet PC Edition        
906108                  MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution - .NET Framework 1.0 SP3 (Media Center / Windows XP Tablet PC Edition - CORRUPT PATCH  
906109                  MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution - .NET Framework 1.1 SP1 - Windows Server 2003 SP2                
906110                 MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution - .NET Framework 1.1 SP1 - Windows Server 2003 SP2 - CORRUPT PATCH          
906117                  MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution - .NET Framework 2.0 SP1 Vista SP1/Server 2008 Gold                
906125                 MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution - .NET Framework 2.0 SP1/3.5 -  Windows XP SP2 / Server 2003 SP2 (x64)          
906126                  MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution - .NET Framework 2.0 SP1/3.5 -  Windows XP SP2 / Server 2003 SP2 (x64) - CORRUPT PATCH    
906127                  MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution - .NET Framework 2.0 SP1 - Vista SP1 / Server 2008 Gold (x64)                
906135                  MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution - .NET Framework 2.0 SP2 / 3.5 SP1 - Windows XP SP2 / Windows 2003 SP2 (x64)           
9062123                MS09-062: Vulnerabilities in GDI+ Could Allow Remote Code Execution - Forefront Client Security            
9062124                MS09-062: Vulnerabilities in GDI+ Could Allow Remote Code Execution - Forefront Client Security - CORRUPT PATCH              
9062103                MS09-062: Vulnerabilities in GDI+ Could Allow Remote Code Execution - SQL Server 2005 SP2 - QFE Branch                
9062105                MS09-062: Vulnerabilities in GDI+ Could Allow Remote Code Execution - SQL Server 2005 SP2 - QFE Branch (x64)
9062111                MS09-062: Vulnerabilities in GDI+ Could Allow Remote Code Execution - Report Viewer 2005      
9062113                MS09-062: Vulnerabilities in GDI+ Could Allow Remote Code Execution - Report Viewer 2008      
9062115                MS09-062: Vulnerabilities in GDI+ Could Allow Remote Code Execution - Report Viewer 2008 SP1                              
9062141                MS09-062: Vulnerabilities in GDI+ Could Allow Remote Code Execution - Visual FoxPro 9.0 SP2- Windows 2000 SP4              
9062142                MS09-062: Vulnerabilities in GDI+ Could Allow Remote Code Execution - Visual FoxPro 9.0 SP2- Windows 2000 SP4 - CORRUPT PATCH        
905115                  MS09-051: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution - Windows Media Audio Voice Decoder - Windows XP SP2 (x64)       
905116                  MS09-051: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution - Windows Media Audio Voice Decoder - Windows XP SP2 (x64) - CORRUPT PATCH 
 
The following fixlets restrict narrow the applicability cases to get rid of false positives for Windows Server 2003 SP1 and SP0.
 
906101  MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution - .NET Framework 1.1 SP1               
906102  MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution - .NET Framework 1.1 SP1 - CORRUPT PATCH         
 
The following fixlet had it's detection relevance updated to improve detection accuracy:
 
906016  MS09-060: Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution - Visio Viewer 2007 SP1/SP2          
 
The following fixlet have had it's action updated:
 
906121  MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution - .NET Framework 2.0 SP2 - Windows Vista SP2/2008 SP2 
906273  MS09-062: Vulnerabilities in GDI+ Could Allow Remote Code Execution - Office XP SP3 (Local/Network Install)    
 
 
The following fixlets have modified registry checks to improve detection accuracy:
 
905101  MS09-051: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution - DirectShow WMA Voice Codec - Windows 2000 SP4 / 2003 SP2 / XP SP2/SP3             
905102  MS09-051: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution - DirectShow WMA Voice Codec - Windows 2000 SP4 / 2003 SP2 / XP SP2/SP3 - CORRUPT PATCH       
905113  MS09-051: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution - DirectShow WMA Voice Codec - Windows Server 2003 SP2 (x64)    
905114  MS09-051: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution - DirectShow WMA Voice Codec - Windows Server 2003 SP2 (x64) - CORRUPT PATCH              
905143  MS09-051: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution - DirectShow WMA Voice Codec - Windows XP SP2 (x64)      
905144  MS09-051: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution - DirectShow WMA Voice Codec - Windows XP SP2 (x64) - CORRUPT PATCH                
905507  MS09-055: Cumulative Security Update of ActiveX Kill Bits - Windows 2003 SP2 (x64)        
905508  MS09-055: Cumulative Security Update of ActiveX Kill Bits - Windows 2003 SP2 (x64) - CORRUPT PATCH  
906277  MS09-062: Vulnerabilities in GDI+ Could Allow Remote Code Execution - Office 2003 SP3 (Local/Network Install)                
906278  MS09-062: Vulnerabilities in GDI+ Could Allow Remote Code Execution - Office 2003 SP3 (Administrative Install)                
 
The following fixlets have modified file relevance changes to improve detection accuracy:
 
905901  MS09-059: Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service - Windows XP SP2/SP3               
905902  MS09-059: Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service - Windows XP SP2/SP3 - CORRUPT PATCH         
905609  MS09-056: Vulnerabilities in Windows CryptoAPI Could Allow Spoofing - Windows Server 2003 SP2 (x64)               
905610  MS09-056: Vulnerabilities in Windows CryptoAPI Could Allow Spoofing - Windows Server 2003 SP2 (x64) - CORRUPT PATCH  
905709  MS09-057: Vulnerability in Indexing Service Could Allow Remote Code Execution - Windows Server 2003 SP2 (x64)                
905710  MS09-057: Vulnerability in Indexing Service Could Allow Remote Code Execution - Windows Server 2003 SP2 (x64) - CORRUPT PATCH              
 
The following fixlets are duplicates of other fixlets published. They've been removed from Enterprise Security:
 
905147  MS09-051: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution - Windows Media Audio Voice Decoder - Windows Server 2003 SP2 (x64)               
905148  MS09-051: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution - Windows Media Audio Voice Decoder - Windows Server 2003 SP2 (x64) - CORRUPT PATCH         


Patches for Windows (English) / Enterprise Security published version: 1267

BES administrators are encouraged to verify open actions and synchronize baselines that contain the modified content.  Instructions for synchronizing baselines can be found here: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=401.  Please contact BigFix Technical Support if you have any questions regarding this change.

-- 
BigFix Application Engineering Team

More information about the Besadmin-announcements mailing list