<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 11 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"MS Mincho";
panose-1:2 2 6 9 4 2 5 8 3 4;}
@font-face
{font-family:"\@MS Mincho";
panose-1:2 2 6 9 4 2 5 8 3 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:Arial;
color:windowtext;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
{page:Section1;}
-->
</style>
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>Microsoft released Security Advisory 926043 on September
28th to warn users of a publicly known vulnerability in Windows Shell that is
exposed by the Microsoft WebViewFolderIcon ActiveX Control (Web View).
Microsoft is working on a security update currently scheduled for an October
10th release. <br>
<br>
Two of Microsoft’s three suggested workarounds involves changing Internet
Explorer’s Web content zone security settings to prompt before running
ActiveX Controls or disable Active X Controls completely. Various tasks and
analyses are available in the “Security Policy Manager” site that
allow you to modify and retrieve Web content zone security settings through
BES.<br>
<br>
The other suggested workaround sets the kill bit specifically for the
WebViewFolderIcon Control by modifying the registry. Custom tasks that
implement and undo this workaround are available to all BES customers and can
be downloaded from the URL listed below. The .bes file can be imported into a
BES 6.0 deployment by double clicking on the file on a machine with the BES
Console installed. Please contact BigFix Technical Support if you have any
questions regarding this announcement.<br>
<br>
Microsoft Security Advisory 926043: <a
href="http://www.microsoft.com/technet/security/advisory/926043.mspx">http://www.microsoft.com/technet/securi
… 26043.mspx</a><br>
.BES File for Kill Bit Workaround: <a
href="http://support.bigfix.com/download/Advisory926043.bes">http://support.bigfix.com/download/Advisory926043.bes</a><o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>BigFix Product Team</span></font><o:p></o:p></p>
</div>
</body>
</html>