[BigFix-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for Windows (English)'
autonotify at us.ibm.com
autonotify at us.ibm.com
Fri Oct 31 02:04:40 PDT 2014
Fixlet Site - 'Patches for Windows (English)'
Current Version: 2113 Published: Fri, 31 Oct 2014 02:39:57 GMT
New Fixlets:
============
***************************************************************
Title: 3009008: Security Advisory: Vulnerability in SSL 3.0 Could Allow Information Disclosure - Enable Workaround for Client Software (Disable SSL 3.0 in Windows)
Severity: N/A
Fixlet ID: 300900811
Fixlet Link: https://technet.microsoft.com/library/security/3009008
Fixlet Description: Microsoft is aware of detailed information that has been published describing a new method to exploit a vulnerability in SSL 3.0. This is an industry-wide vulnerability affecting the SSL 3.0 protocol itself and is not specific to the Windows operating system. All supported versions of Microsoft Windows implement this protocol and are affected by this vulnerability. Microsoft is not aware of attacks that try to use the reported vulnerability at this time. Considering the attack scenario, this vulnerability is not considered high risk to customers. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.
***************************************************************
Title: 3009008: Security Advisory: Vulnerability in SSL 3.0 Could Allow Information Disclosure - Disable Workaround for Client Software (Disable SSL 3.0 in Windows)
Severity: N/A
Fixlet ID: 300900813
Fixlet Link: https://technet.microsoft.com/library/security/3009008
Fixlet Description: Microsoft is aware of detailed information that has been published describing a new method to exploit a vulnerability in SSL 3.0. This is an industry-wide vulnerability affecting the SSL 3.0 protocol itself and is not specific to the Windows operating system. All supported versions of Microsoft Windows implement this protocol and are affected by this vulnerability. Microsoft is not aware of attacks that try to use the reported vulnerability at this time. Considering the attack scenario, this vulnerability is not considered high risk to customers. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.
***************************************************************
Title: 3009008: Security Advisory: Vulnerability in SSL 3.0 Could Allow Information Disclosure - Enable Workaround for IE Settings (Disable SSL 3.0 in Internet Explorer)
Severity: N/A
Fixlet ID: 300900815
Fixlet Link: https://support.microsoft.com/kb/3009008
Fixlet Description: Microsoft is aware of detailed information that has been published describing a new method to exploit a vulnerability in SSL 3.0. This is an industry-wide vulnerability affecting the SSL 3.0 protocol itself and is not specific to the Windows operating system. All supported versions of Microsoft Windows implement this protocol and are affected by this vulnerability. Microsoft is not aware of attacks that try to use the reported vulnerability at this time. Considering the attack scenario, this vulnerability is not considered high risk to customers. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.
***************************************************************
Title: 3009008: Security Advisory: Vulnerability in SSL 3.0 Could Allow Information Disclosure - Disable Workaround for IE Settings (Disable SSL 3.0 in Internet Explorer)
Severity: N/A
Fixlet ID: 300900817
Fixlet Link: https://support.microsoft.com/kb/3009008
Fixlet Description: Microsoft is aware of detailed information that has been published describing a new method to exploit a vulnerability in SSL 3.0. This is an industry-wide vulnerability affecting the SSL 3.0 protocol itself and is not specific to the Windows operating system. All supported versions of Microsoft Windows implement this protocol and are affected by this vulnerability. Microsoft is not aware of attacks that try to use the reported vulnerability at this time. Considering the attack scenario, this vulnerability is not considered high risk to customers. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.
More information about the BigFix-Announcements
mailing list