Re: [Full-Disclosure] RE: Microsoft Baseline Security Analyzer no t seeing KB887742 and KB886185

From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpa_at_pacbell.net)
Date: 02/16/05

  • Next message: Xavier Beaudouin: "Re: [Full-Disclosure] New Internet Explorer Beta"
    Date: Tue, 15 Feb 2005 22:05:19 -0800
    To: "Randal, Phil" <prandal@herefordshire.gov.uk>
    
    

    Ping Microsoft.. they were not classified as Security patches [not
    assigned 05-### numbers ergo they aren't on MBSA]

    As Richard stated, they aren't security bulletins.

    Heck I'd LOVE to get 835734 for the SBS 2003 platform merely on Windows
    Update and honestly I can't wait for WUS or whatever. Right now there
    are tons of unpatched SBS boxes that are spam machines.
    http://www.sbslinks.com/popconnector.htm

    I know at least 886185 is on Windows update so count your blessings.

    Randal, Phil wrote:

    >KB887742: "A computer that is running Microsoft Windows XP Service Pack
    >2 (SP2), Microsoft Windows XP Tablet PC Edition 2005, or Microsoft
    >Windows Server 2003 unexpectedly stops. Additionally, the following Stop
    >error message appears on a blue screen: Stop 0x05
    >(INVALID_PROCESS_ATTACH_ATTEMPT)".
    >
    >That's a denial of service. There are security implications there.
    >
    >KB886185: "After you set up Windows Firewall in Microsoft Windows XP
    >Service Pack 2 (SP2), you may discover that anyone on the Internet can
    >access resources on your computer when you use a dial-up connection to
    >connect to the Internet."
    >
    >That looks like a major security hole to me.
    >
    >Cheers,
    >
    >Phil
    >
    >----
    >Phil Randal
    >Network Engineer
    >Herefordshire Council
    >Hereford, UK
    >
    >
    >
    >>-----Original Message-----
    >>From: full-disclosure-bounces@lists.netsys.com
    >>[mailto:full-disclosure-bounces@lists.netsys.com] On Behalf
    >>Of Threlkeld, Richard
    >>Sent: 15 February 2005 00:19
    >>To: James Lay; BuqtraqNT (E-mail); BugtraqSecurity (E-mail);
    >>Full-Disclosure (E-mail)
    >>Subject: [Full-Disclosure] RE: Microsoft Baseline Security
    >>Analyzer not seeing KB887742 and KB886185
    >>
    >>These are not security updates. KB887742 is for a stop error
    >>(http://support.microsoft.com/kb/887742) and KB886185 is an
    >>update for network scope on the Windows Firewall
    >>(http://support.microsoft.com/default.aspx?scid=kb;en-us;886185) .
    >>
    >>The MBSA scans for Security Updates only, not every hotfix
    >>ever released. Note that a "Critical" patch is not
    >>necessarily a "Security"
    >>patch. You may be thinking of the "Maximum severity" levels
    >>of the MS*-xxx security bulletins which are not the same thing.
    >>
    >>Best,
    >>
    >>Richard Threlkeld
    >>Microsoft MVP - SMS
    >>http://myitforum.techtarget.com/blog/rthrelkeld/
    >>
    >>
    >>
    >>-----Original Message-----
    >>From: James Lay [mailto:jlay@ameriben.com]
    >>Sent: Monday, February 14, 2005 10:24 AM
    >>To: BuqtraqNT (E-mail); BugtraqSecurity (E-mail); Full-Disclosure
    >>(E-mail)
    >>Subject: Microsoft Baseline Security Analyzer not seeing KB887742 and
    >>KB886185
    >>
    >>Subject line says it all....just did a fresh install of WinXP
    >>SP2....was using MBSAFU to make sure it would patch...which
    >>it did. However Windows Update shows still needing KB887742
    >>and KB886185. MBSA shows no critical patches need updated.
    >>Systeminfo shows that both KB887742 and
    >>KB886185 are NOT installed. I'm using latest MBSA. Anyone
    >>else see this? Kinda sucks :(
    >>
    >>James Lay
    >>Network Manager/Security Officer
    >>AmeriBen Solutions/IEC Group
    >>Deo Gloria!!!
    >>
    >>
    >>_______________________________________________
    >>Full-Disclosure - We believe in it.
    >>Charter: http://lists.netsys.com/full-disclosure-charter.html
    >>
    >>
    >>
    >
    >
    >

    -- 
    An open letter to the Security Community:: 
    http://msmvps.com/bradley/archive/2004/12/12/23540.aspx
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html
    

  • Next message: Xavier Beaudouin: "Re: [Full-Disclosure] New Internet Explorer Beta"