Doug Neal [MSFT]
2006-03-30 21:18:34 UTC
The previously-posted March 31, 2006 end-of-life (EOL) date for MBSA 1.2.1
and the MSSecure.XML file has been rescinded. The new End-Of-Life date for
both MBSA 1.2.1 and the MSSecure.XML file is being extended to an
undetermined time.
Microsoft is extending support for the MBSA 1.2.1 tool and updates to the
MSSecure.XML catalog file beyond March 31, 2006 in order to collect customer
feedback on the MBSA suite of tools and security update detection needs. A
new support lifecycle end date for MBSA 1.2.1 will be updated by June 30,
2006.
Communicating this change:
This week the MBSA Home Page and MBSA 1.2.1 FAQ pages will be updated to
explain this change. KB articles 306460 and 914791 will also be updated in
the coming weeks.
Answers to common questions:
Q: Why is the MBSA product team extending the MBSA 1.2.1 EOL date?
A: Removing MBSA 1.2.1 support at this time would create a gap in security
update detection for Microsoft products still in mainstream support but
below the WSUS baseline of supported products (MBSA 2.0 supports only
products supported by WSUS). Since the MBSA 2.0 tool alone does not provide
complete security update detection for customers with products below the
MBSA 2.0/WSUS baseline, support for the MBSA 1.2.1 and Enterprise Scan Tools
are being extended to ensure these customers of continued and complete
update support. Extending the MBSA 1.2.1 EOL date provides customers
additional time to use MBSA 1.2.1 + the Enterprise Scan Tool to detect
current and upcoming security updates while providing additional time for
Microsoft to assess the needs of customers before setting a new EOL date.
Q: Why is there no MBSA 1.2.1 EOL date posted at this time?
A: The MBSA product team is looking for additional customer feedback to
provide the best solution for customers who still require features available
in the MBSA suite of scan tools. Instead of setting a new date that may be
subject to change, the MBSA team is taking additional time to further assess
customer needs to ensure the next solution provides a more comprehensive
patch scanning solution before a new date will be announced. This further
update will come on or before June 30, 2006.
Q: From the updated message, it sounds like you might be planning a survey?
A: Yes. One of the methods the MBSA team will use to gather detailed
customer insights will be through a survey that is planned for posting in
the coming weeks. Check the MBSA home page for updates and a link to the
customer survey when it is available.
Q: Does this affect SMS 2.0 or 2003 customers using Software Update
Inventory Tool?
A: No. SMS customers would have had continued, unbroken SUIT scanning and
deployment support (which is based on MBSA 1.2.1 technologies) even if MBSA
1.2.1 had been end-of-life'd as planned. There is no effect on SMS
customers using the SUIT or Extended SUIT tools.
--
Doug Neal [MSFT]
***@online.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights.
If newsgroup discussion with experts and MVPs is unable to solve a problem
to your satisfaction, feel free to contact PSS for support on the Microsoft
Baseline
Security Analyzer (MBSA). Information is available at the following link:
http://support.microsoft.com/default.aspx
This e-mail address does not receive e-mail, but is used for newsgroup
postings only.
and the MSSecure.XML file has been rescinded. The new End-Of-Life date for
both MBSA 1.2.1 and the MSSecure.XML file is being extended to an
undetermined time.
Microsoft is extending support for the MBSA 1.2.1 tool and updates to the
MSSecure.XML catalog file beyond March 31, 2006 in order to collect customer
feedback on the MBSA suite of tools and security update detection needs. A
new support lifecycle end date for MBSA 1.2.1 will be updated by June 30,
2006.
Communicating this change:
This week the MBSA Home Page and MBSA 1.2.1 FAQ pages will be updated to
explain this change. KB articles 306460 and 914791 will also be updated in
the coming weeks.
Answers to common questions:
Q: Why is the MBSA product team extending the MBSA 1.2.1 EOL date?
A: Removing MBSA 1.2.1 support at this time would create a gap in security
update detection for Microsoft products still in mainstream support but
below the WSUS baseline of supported products (MBSA 2.0 supports only
products supported by WSUS). Since the MBSA 2.0 tool alone does not provide
complete security update detection for customers with products below the
MBSA 2.0/WSUS baseline, support for the MBSA 1.2.1 and Enterprise Scan Tools
are being extended to ensure these customers of continued and complete
update support. Extending the MBSA 1.2.1 EOL date provides customers
additional time to use MBSA 1.2.1 + the Enterprise Scan Tool to detect
current and upcoming security updates while providing additional time for
Microsoft to assess the needs of customers before setting a new EOL date.
Q: Why is there no MBSA 1.2.1 EOL date posted at this time?
A: The MBSA product team is looking for additional customer feedback to
provide the best solution for customers who still require features available
in the MBSA suite of scan tools. Instead of setting a new date that may be
subject to change, the MBSA team is taking additional time to further assess
customer needs to ensure the next solution provides a more comprehensive
patch scanning solution before a new date will be announced. This further
update will come on or before June 30, 2006.
Q: From the updated message, it sounds like you might be planning a survey?
A: Yes. One of the methods the MBSA team will use to gather detailed
customer insights will be through a survey that is planned for posting in
the coming weeks. Check the MBSA home page for updates and a link to the
customer survey when it is available.
Q: Does this affect SMS 2.0 or 2003 customers using Software Update
Inventory Tool?
A: No. SMS customers would have had continued, unbroken SUIT scanning and
deployment support (which is based on MBSA 1.2.1 technologies) even if MBSA
1.2.1 had been end-of-life'd as planned. There is no effect on SMS
customers using the SUIT or Extended SUIT tools.
--
Doug Neal [MSFT]
***@online.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights.
If newsgroup discussion with experts and MVPs is unable to solve a problem
to your satisfaction, feel free to contact PSS for support on the Microsoft
Baseline
Security Analyzer (MBSA). Information is available at the following link:
http://support.microsoft.com/default.aspx
This e-mail address does not receive e-mail, but is used for newsgroup
postings only.