[BigFix-Announcements-Japan] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for Windows (Japanese)'

autonotify at us.ibm.com autonotify at us.ibm.com
Sat Nov 5 01:32:11 PST 2011 

Fixlet Site - 'Patches for Windows (Japanese)'
Current Version: 446	Published: Fri, 04 Nov 2011 11:38:03  GMT

New Fixlets:
============

***************************************************************
Title: UPDATE: SQL Server 2008 R2 Service Pack 1 Available (Japanese)
Severity: <Unspecified>
Fixlet ID: 73004
Fixlet Link: http://social.technet.microsoft.com/wiki/contents/articles/microsoft-sql-server-2008-r2-sp1-release-notes.aspx

Fixlet Description: Microsoft has released SQL Server 2008 R2 Service Pack 1. SQL Server 2008 R2 Service Pack 1 is primarily a Roll-up of Cumulative Update 1 to 6, Quick Fix Engineering (QFE) updates, and fixes to issues reported through the SQL Server community. Several new features have also been added:  Dynamic Management Views for increased supportability  ForceSeek for improved querying performance  Data-tier Application Component Framework (DAC Fx) for improved database upgrades Disk space control for PowerPivot 

Important Note: SQL Server instances operating in a non-Microsoft cluster environment should be upgraded using the CLUSTERPASSIVE option. Please use the second action below to upgrade in these environments.

***************************************************************
Title: UPDATE: SQL Server 2008 R2 Service Pack 1 Available (x64) (Japanese)
Severity: <Unspecified>
Fixlet ID: 73005
Fixlet Link: http://social.technet.microsoft.com/wiki/contents/articles/microsoft-sql-server-2008-r2-sp1-release-notes.aspx

Fixlet Description: Microsoft has released SQL Server 2008 R2 Service Pack 1. SQL Server 2008 R2 Service Pack 1 is primarily a Roll-up of Cumulative Update 1 to 6, Quick Fix Engineering (QFE) updates, and fixes to issues reported through the SQL Server community. Several new features have also been added:  Dynamic Management Views for increased supportability  ForceSeek for improved querying performance  Data-tier Application Component Framework (DAC Fx) for improved database upgrades Disk space control for PowerPivot 

Important Note: SQL Server instances operating in a non-Microsoft cluster environment should be upgraded using the CLUSTERPASSIVE option. Please use the second action below to upgrade in these environments.

***************************************************************
Title: MS11-074: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege - SharePoint Server 2010 Gold/SP1 (pplwfe) (x64) (Japanese)
Severity: Important
Fixlet ID: 1107457
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-074

Fixlet Description: Microsoft has released a security update that resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in Microsoft SharePoint and Windows SharePoint Services. The most severe vulnerabilities could allow elevation of privilege if a user clicked on a specially crafted URL or visited a specially crafted Web site. For the most severe vulnerabilities, Internet Explorer 8 and Internet Explorer 9 users browsing to a SharePoint site in the Internet Zone are at a reduced risk because, by default, the XSS Filter in Internet Explorer 8 and Internet Explorer 9 helps to block the attacks in the Internet Zone. The XSS Filter in Internet Explorer 8 and Internet Explorer 9, however, is not enabled by default in the Intranet Zone. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS11-078: Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution - Microsoft Silverlight 4 (Japanese)
Severity: Critical
Fixlet ID: 1107829
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-078

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a Web hosting scenario. This vulnerability could also be used by Windows .NET applications to bypass Code Access Security (CAS) restrictions. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: MS11-078: Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution - Microsoft Silverlight 4 for Developers (Japanese)
Severity: Critical
Fixlet ID: 1107831
Fixlet Link: http://technet.microsoft.com/JA-JP/security/bulletin/MS11-078

Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a Web hosting scenario. This vulnerability could also be used by Windows .NET applications to bypass Code Access Security (CAS) restrictions. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. 

Important Note: There are known issues associated with the installation of this update. See the Known Issues section of the security bulletin for more information.

***************************************************************
Title: UPDATE: SQL Server 2008 Service Pack 3 Available (Japanese)
Severity: <Unspecified>
Fixlet ID: 228506802
Fixlet Link: http://social.technet.microsoft.com/wiki/contents/articles/microsoft-sql-server-2008-sp3-release-notes.aspx

Fixlet Description: Microsoft SQL Server 2008 Service Pack 3 (SP3) is now available for download. A few key enhancements for customers in Microsoft SQL Server 2008 Service Pack 3 are: Enhanced upgrade experience from previous versions of SQL Server to SQL Server 2008 SP3; In SQL Server Integration Services logs will now show the total number of rows sent in Data Flows; Enhanced warning messages when creating the maintenance plan if the Shrink Database option is enabled. SQL Server 2008 SP3 contains the cumulative updates of SQL Server 2008 SP2 cumulative update package 1 to 4, and fixes to issues that have been reported through our customer feedback platforms. These include supportability enhancements and issues that have been reported through Windows Error Reporting. 

Important Note: SQL Server instances operating in a non-Microsoft cluster environment should be upgraded using the CLUSTERPASSIVE option. Please use the second action below to upgrade in these environments.

***************************************************************
Title: UPDATE: SQL Server 2008 Service Pack 3 Available (x64) (Japanese)
Severity: <Unspecified>
Fixlet ID: 228506804
Fixlet Link: http://social.technet.microsoft.com/wiki/contents/articles/microsoft-sql-server-2008-sp3-release-notes.aspx

Fixlet Description: Microsoft SQL Server 2008 Service Pack 3 (SP3) is now available for download. A few key enhancements for customers in Microsoft SQL Server 2008 Service Pack 3 are: Enhanced upgrade experience from previous versions of SQL Server to SQL Server 2008 SP3; In SQL Server Integration Services logs will now show the total number of rows sent in Data Flows; Enhanced warning messages when creating the maintenance plan if the Shrink Database option is enabled. SQL Server 2008 SP3 contains the cumulative updates of SQL Server 2008 SP2 cumulative update package 1 to 4, and fixes to issues that have been reported through our customer feedback platforms. These include supportability enhancements and issues that have been reported through Windows Error Reporting. 

Important Note: SQL Server instances operating in a non-Microsoft cluster environment should be upgraded using the CLUSTERPASSIVE option. Please use the second action below to upgrade in these environments.

More information about the BigFix-Announcements-Japan mailing list