[BESAdmin-Announcements] Content updates in multiple SCM sites (FDCC, DISA, and SCM Reporting)

Announcements for BES Administrators besadmin-announcements at bigmail.bigfix.com
Thu Mar 10 00:33:17 PST 2011 

Dear BESAdmin Community,

The following updates have been applied to SCM sites:

----AFFECTED SITES----
   SCM Checklist for DISA STIG on AIX 5.1
   SCM Checklist for DISA STIG on AIX 5.2
   SCM Checklist for DISA STIG on AIX 5.3
   SCM Checklist for DISA STIG on AIX 6.1
   SCM Checklist for DISA STIG on HPUX 11.00
   SCM Checklist for DISA STIG on HPUX 11.11
   SCM Checklist for DISA STIG on HPUX 11.23
   SCM Checklist for DISA STIG on RHEL 3
   SCM Checklist for DISA STIG on RHEL 4
   SCM Checklist for DISA STIG on RHEL 5
   SCM Checklist for DISA STIG on Solaris 8
   SCM Checklist for DISA STIG on Solaris 9
   SCM Checklist for DISA STIG on Solaris 10

----CHANGES----
   Each check in the DISA STIG for Unix sites now includes a corresponding
   analysis property that reports the actual value (aka "measured value")
   of the configuration element being checked. These analysis values are
   useful in the new Tivoli Endpoint Manager for Security and Compliance
   Analytics application when examining the reason a particular computer
   reports compliance or non-compliance for a given check.



----AFFECTED SITES----
   DISA STIG on Windows 2008 DC v6r1.11
   DISA STIG on Windows 2008 MS v6r1.11
   DISA STIG on Windows 2003 DC v6r1.18
   DISA STIG on Windows 2003 MS v6r1.18
   DISA STIG on Windows Vista v6r1.18
   DISA STIG on Windows XP v6r1.18
   DISA STIG on Windows 7 v1r2

----CHANGES----
The following fixes were applied:
      Several file names referenced by several checks in the DISA STIG for
      XP site were misspelled. (ref 41379)
      Several log file path names referenced by several checks in the DISA
      STIG for Windows 7 were incorrect. (ref 41320)
      Checks in multiple DISA STIG sites did not reference both x64 and x32
      file paths for several files. (ref 41321)
      Remediation actions on x64 systems for several checks in multiple
      DISA STIG sites were not functional. (ref 41362)



----AFFECTED SITES----
   SCM Checklist for FDCC on Windows XP
   SCM Checklist for FDCC on Windows XP Firewall
   SCM Checklist for FDCC on Windows Vista
   SCM Checklist for FDCC on Windows Vista Firewall
   SCM Checklist for FDCC on Internet Explorer 7

----CHANGES----
      ALL FIXLETS - Metadata has been updated in all fixlets and tasks to
      support the Tivoli Endpoint Manager for Security and Compliance
      Analytics component.
      Multiple fixlets - some relevance has been added or modified in part
      due to recent changes in OVAL (used in the source guidance files from
      NIST) and in part to help determine applicability for more accurate
      compliance evaluation reported through Tivoli Endpoint Manager for
      Security and Compliance Analytics.
      SCM Checklist for FDCC on Windows XP  -  Fixlet ID: 9000 Security
      Patches Up-To-Date – Updated to reflect the SCAP-expressed data
      stream updated by NIST on 02.22.2011.
      SCM Checklist for FDCC on Internet Explorer 7 - Fixlet ID: 9000
      Security Patches Up-to-Date – Updated to reflect the SCAP-expressed
      data stream updated by NIST on 02.22.2011.
      SCM Checklist for FDCC on Windows Vista -  Fixlet ID: 9000 Security
      Patches Up-to-Date – Updated to reflect the SCAP-expressed data
      stream updated by NIST on 02.22.2011.



----AFFECTED SITES----
SCM Reporting

----CHANGES----
      A new wizard -- the Create Custom Checklist Wizard --  is available
      in the Security Configuration domain under the Configuration
      Management Checklist Tools folder. The new wizard provides an easy
      way to copy an entire SCM checklist from an externally-gathered site
      to a custom site where it can be parameterized and otherwise
      modified.
      Certain functions in the SCM Management Report Template were broken
      by a recent propagation of the site. This error has been corrected.
      (ref 41247)




----ACTIONS TO TAKE----
All customers that currently license the Tivoli Endpoint Manager for
Security and Compliance product, the BigFix SCMv3 solution module, the
BigFix SCVM solution pack, or the BigFix SLM+SCVM solution bundle may
gather these content updates. Administrators are encouraged to verify open
actions as necessary. If you are using custom sites based on the affected
content, you will need to manually update the content in those sites with
the corresponding content from the external sites.


Thank you!

  -- The IBM Tivoli Endpoint Manager Product Team

More information about the Besadmin-announcements mailing list