<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2900.2722" name=GENERATOR></HEAD>
<BODY>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><SPAN class=574052022-16082005><FONT face=Arial size=2>There have been a
number of news stories talking about the new worms that exploit Windows
vulnerabilities from the latest patch release from Microsoft. Because the worms
began to appear very soon after the patches were released (within 1-2 days), we
have had a lot of customers inquiries about the new patches and related worm
activity. </FONT></SPAN></DIV>
<DIV><SPAN class=574052022-16082005></SPAN> </DIV>
<DIV><FONT face=Arial><FONT size=2><SPAN class=574052022-16082005>Due to the
volume of inbound questions we are receiving, we are publishing this
announcement that contains information about the August patches and worms in
relation to BES</SPAN><SPAN
class=574052022-16082005>.</SPAN></FONT></FONT></DIV>
<DIV><SPAN class=574052022-16082005><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=574052022-16082005><FONT face=Arial size=2>The
following applies to customers who have purchased the <STRONG>Patches
for Windows </STRONG>Fixlet sites:</FONT></SPAN></DIV>
<DIV><SPAN class=574052022-16082005><FONT face=Arial size=2>-- The patches were
released from Microsoft on August 9, 2005 at approximately 10am
Pacific Time. The bulletins were named MS05-038 through
MS05-043.</FONT></SPAN></DIV>
<DIV><SPAN class=574052022-16082005><FONT face=Arial size=2>-- The Fixlet
messages for this group of patches were released to the Patches for Windows
(English) at approximately 3pm Pacific Time. </FONT></SPAN></DIV>
<DIV><SPAN class=574052022-16082005><FONT face=Arial size=2>-- There were a
total of 42 Fixlet messages released for the August patches that cover all the
different patches (this includes the Fixlet messages different operating
systems and the corrupt patch Fixlet messages). </FONT></SPAN></DIV>
<DIV><SPAN class=574052022-16082005><FONT face=Arial size=2>-- MS05-038,
MS05-039, and MS05-043 have a maximum Microsoft severity rating of
'Critical'.</FONT></SPAN></DIV>
<DIV><SPAN class=574052022-16082005><FONT face=Arial size=2>-- Microsoft only
released patches for Windows 2000 SP4 computers and not for the earlier versions
of Windows 2000 (SP3 and below). Any Windows 2000 computer pre-SP4 are
vulnerable and you will only see a Fixlet messages for many of the
patches once you update to Windows 2000 SP4. You can use the Fixlet
messages on the Patches for Windows sites to update to Windows 2000
SP4. </FONT></SPAN></DIV>
<DIV><SPAN class=574052022-16082005><FONT face=Arial size=2>-- All the
non-English patches are also available in their respective Fixlet
sites.</FONT></SPAN></DIV>
<DIV><SPAN class=574052022-16082005><FONT face=Arial size=2>-- There were
reports of exploits for these vulnerabilities soon after they were released and
today there are reports of widespread worms that exploit these
vulnerabilities.</FONT></SPAN></DIV>
<DIV><SPAN class=574052022-16082005><FONT face=Arial size=2>-- Many of our
customers have already completed their enterprise-wide deployment of these
patches and we have not heard any reports of issues caused by these
patches. We estimate that there have been over a million computers patched
so-far for the August vulnerabilities using BigFix with no known
issues.</FONT></SPAN></DIV>
<DIV><SPAN class=574052022-16082005><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=574052022-16082005><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=574052022-16082005><FONT face=Arial size=2>The
following applies to customers who have purchased the <STRONG>Client
Manager for AntiVirus</STRONG> Fixlet site:</FONT></SPAN></DIV>
<DIV><SPAN class=574052022-16082005><FONT face=Arial size=2>-- We are continuing
to publish updated virus definitions for the antivirus products we support
(Symantec, McAfee, eTrust, Trend Micro, and Sophos). As the AntiVirus vendors
update their definitions, we will release Fixlet messages for the new
updates.</FONT></SPAN></DIV>
<DIV><SPAN class=574052022-16082005><FONT face=Arial size=2>-- Using the
Analyses, Fixlet messages, and properties on the Client Manager for
AntiVirus Fixlet sites, you can see the current definition version of the
antivirus product as well as the status of the antivirus agent (running, not
running, not installed, etc.). You can also use BES to push updated definitions
to your antivirus agents.</FONT></SPAN></DIV>
<DIV><SPAN class=574052022-16082005></SPAN><SPAN class=574052022-16082005><FONT
face=Arial size=2>-- We have heard that many of our customers are actively
pushing the updated definitions for all the antivirus products using BES with no
known issues. BES can be used to update the virus definitions in conjunction
with the normal antivirus definition update procedures with
no issues.</FONT></SPAN></DIV>
<DIV><SPAN class=574052022-16082005><FONT face=Arial size=2>-- Due to customer
requests and due to the perceived widespread risk, we have published Fixlet
messages to detect the Zotob.A and Zotob.B worms. We will soon update these
Fixlet messages to include the ability to remove the worms using a newly
released tool from Symantec (which will work on computers regardless of the
actual antivirus vendor currently installed).</FONT></SPAN></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><SPAN class=574052022-16082005><FONT face=Arial size=2>If you have any
questions, please contact our support department.</FONT></SPAN></DIV>
<DIV><SPAN class=574052022-16082005><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=574052022-16082005></SPAN> </DIV>
<DIV><SPAN class=574052022-16082005><FONT face=Arial size=2>BigFix Support
Team</FONT></SPAN></DIV></BODY></HTML>