Doug Neal [MSFT]
2005-10-11 17:58:20 UTC
MBSA 2.0 detection is based directly on Microsoft Update, so all inquiries
regarding MBSA 2.0 patch detection for this month's release should by sent
to the public microsoft.public.softwareupdatesvcs newsgroup. This
announcement is specific to MBSA 1.2.1 and the underlying MSSecure.XML file
that services the MBSA 1.2.1 tool.
MSSECURE.XML Data Version 2005.10.11.0 (for use by MBSA 1.2 and SMS SUS
Feature Pack) was last modified today, October 11, 2005, and is now
available
for all supported languages (English, French, German and Japanese). Today's
release contains 9 new bulletins. All 9 new bulletins are fully supported
by MBSA 1.2 with two exceptions noted below for MS05-044 and MS05-050.
New October Bulletins
1) MS05-044 (FTP Transfer) - 905495. Not applicable to Windows XP SP2
or Windows Server 2003 SP1. Detection for this issue is split between MBSA
1.2 and EST. MBSA 1.2 supports detection for Windows XP SP1 and Windows
Server 2003 RTM only - and will report a Note Message for Windows 2000
platforms. Detection for these platforms is provided by the October edition
of the Enterprise Scan Tool (EST) (see below).
2) MS05-045 (Connection Manager) - 905414.
3) MS05-046 (NetWare) - 899589. This bulletin is applicable to all
Windows platforms that contain the vulnerable NWWKS.DLL file - even if
Microsoft Services for NetWare is not enabled on the target machine.
4) MS05-047 (PnP) - 905749. Not applicable to Windows Server 2003 RTM
or SP1. This bulletin replaces all previous versions of MS05-039.
5) MS05-048 (Windows/Exchange CDO) - 901017 (Windows), 906780
(Exchange). Applicable to Exchange 2000 SP3 in addition to applicable
Windows platforms. For the Exchange (906780) vulnerability, registry key
only detection is provided due to the localizable installation path for the
affected file which MBSA 1.2 cannot support.
6) MS05-049 (Shell) - 900725. This patch replaces multiple previous
releases. See the MS05-049 bulletin for details
7) MS05-050 (DirectX) - 904706. Detection for this issue is split
between MBSA 1.2 and EST. MBSA 1.2 supports detection for Windows XP SP2
and Windows Server 2003 SP1 only - and will report a Note Message for all
other Windows platforms (Windows 2000 SP4, Windows XP SP1 and Windows Server
2003 RTM). For the Windows Platforms not supported by MBSA 1.2, an October
edition of the Enterprise Scan Tool (EST) has been provided to detect the
multiple versions of DirectX that may be installed on these platforms (see
below). This bulletin replaces all previous versions of MS03-030.
8) MS05-051 (COM+) - 902400. This patch replaces multiple previous
releases. See the MS05-051 bulletin for details.
9) MS05-052 (IE Cumulative) - 896688. This patch replaces the
previous IE Cumulative Patch (MS05-038) for supported platforms.
----------------------------
What is the Enterprise Update Scanning Tool (EST)?
As part of an ongoing commitment to provide detection tools for complex
updates for bulletin-class issues that are not supported by MBSA 1.2, a
stand-alone tool may be provided for certain bulletins. Microsoft will
evaluate the detection and deployment complexity of each bulletin, and
provide detection support based on the specifics of each release. When a
detection tool is created for a specific bulletin, customers will be able to
script running the tool from a command line interface, and process the
results using an XML output file. Detailed documentation will be provided
with the tool to ensure customers can leverage it quickly. See the
following link for details
http://support.microsoft.com/default.aspx?id=894193
NOTE: Customers who have upgraded to MBSA 2.0 (or SMS ITMU) already have
full detection for all bulletins released this month without the limitations
in MBSA 1.2. There is no EST tool available for MBSA 2.0 since there is no
gap in MBSA 2.0 detection as there is for MBSA 1.2.
--
Doug Neal [MSFT]
***@online.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights.
If newsgroup discussion with experts and MVPs is unable to solve a problem
to your satisfaction, feel free to contact PSS for support on the Microsoft
Baseline
Security Analyzer (MBSA). Information is available at the following link:
http://support.microsoft.com/default.aspx
This e-mail address does not receive e-mail, but is used for newsgroup
postings only.
regarding MBSA 2.0 patch detection for this month's release should by sent
to the public microsoft.public.softwareupdatesvcs newsgroup. This
announcement is specific to MBSA 1.2.1 and the underlying MSSecure.XML file
that services the MBSA 1.2.1 tool.
MSSECURE.XML Data Version 2005.10.11.0 (for use by MBSA 1.2 and SMS SUS
Feature Pack) was last modified today, October 11, 2005, and is now
available
for all supported languages (English, French, German and Japanese). Today's
release contains 9 new bulletins. All 9 new bulletins are fully supported
by MBSA 1.2 with two exceptions noted below for MS05-044 and MS05-050.
New October Bulletins
1) MS05-044 (FTP Transfer) - 905495. Not applicable to Windows XP SP2
or Windows Server 2003 SP1. Detection for this issue is split between MBSA
1.2 and EST. MBSA 1.2 supports detection for Windows XP SP1 and Windows
Server 2003 RTM only - and will report a Note Message for Windows 2000
platforms. Detection for these platforms is provided by the October edition
of the Enterprise Scan Tool (EST) (see below).
2) MS05-045 (Connection Manager) - 905414.
3) MS05-046 (NetWare) - 899589. This bulletin is applicable to all
Windows platforms that contain the vulnerable NWWKS.DLL file - even if
Microsoft Services for NetWare is not enabled on the target machine.
4) MS05-047 (PnP) - 905749. Not applicable to Windows Server 2003 RTM
or SP1. This bulletin replaces all previous versions of MS05-039.
5) MS05-048 (Windows/Exchange CDO) - 901017 (Windows), 906780
(Exchange). Applicable to Exchange 2000 SP3 in addition to applicable
Windows platforms. For the Exchange (906780) vulnerability, registry key
only detection is provided due to the localizable installation path for the
affected file which MBSA 1.2 cannot support.
6) MS05-049 (Shell) - 900725. This patch replaces multiple previous
releases. See the MS05-049 bulletin for details
7) MS05-050 (DirectX) - 904706. Detection for this issue is split
between MBSA 1.2 and EST. MBSA 1.2 supports detection for Windows XP SP2
and Windows Server 2003 SP1 only - and will report a Note Message for all
other Windows platforms (Windows 2000 SP4, Windows XP SP1 and Windows Server
2003 RTM). For the Windows Platforms not supported by MBSA 1.2, an October
edition of the Enterprise Scan Tool (EST) has been provided to detect the
multiple versions of DirectX that may be installed on these platforms (see
below). This bulletin replaces all previous versions of MS03-030.
8) MS05-051 (COM+) - 902400. This patch replaces multiple previous
releases. See the MS05-051 bulletin for details.
9) MS05-052 (IE Cumulative) - 896688. This patch replaces the
previous IE Cumulative Patch (MS05-038) for supported platforms.
----------------------------
What is the Enterprise Update Scanning Tool (EST)?
As part of an ongoing commitment to provide detection tools for complex
updates for bulletin-class issues that are not supported by MBSA 1.2, a
stand-alone tool may be provided for certain bulletins. Microsoft will
evaluate the detection and deployment complexity of each bulletin, and
provide detection support based on the specifics of each release. When a
detection tool is created for a specific bulletin, customers will be able to
script running the tool from a command line interface, and process the
results using an XML output file. Detailed documentation will be provided
with the tool to ensure customers can leverage it quickly. See the
following link for details
http://support.microsoft.com/default.aspx?id=894193
NOTE: Customers who have upgraded to MBSA 2.0 (or SMS ITMU) already have
full detection for all bulletins released this month without the limitations
in MBSA 1.2. There is no EST tool available for MBSA 2.0 since there is no
gap in MBSA 2.0 detection as there is for MBSA 1.2.
--
Doug Neal [MSFT]
***@online.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights.
If newsgroup discussion with experts and MVPs is unable to solve a problem
to your satisfaction, feel free to contact PSS for support on the Microsoft
Baseline
Security Analyzer (MBSA). Information is available at the following link:
http://support.microsoft.com/default.aspx
This e-mail address does not receive e-mail, but is used for newsgroup
postings only.