Re: Microsoft Numbering System

From: Alun Jones (alun_at_TEXIS.COM)
Date: 09/18/03

  • Next message: Hayes, Ian: "Re: Microsoft change in policy regarding sus-server"
    Date:         Thu, 18 Sep 2003 09:10:56 -0500

    > -----Original Message-----
    > From: Windows NTBugtraq Mailing List
    > [mailto:NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM] On Behalf Of Felix Yan
    > Sent: Wednesday, September 10, 2003 8:30 AM
    > While I was downloading the patches for MS03-035, 036, 037,
    > and 038 from the M$ Office Update Website, I tried to figure
    > out whether I was actually downloading the correct patches
    > but I simply couldn't. The numbering system that M$ used in
    > the Security Bulletin is different from the one used in the
    > Knowledge Base (i.e. KBxxxxxx). So far, I still can't find a
    > page in the M$ site that shows the two corresponding numbers
    > for each patch.

    This is because the two numbers refer to different documents, with different

    > For example, the KB numbers for some of the patches are:
    > - Office XP Security Patch: KB822036 (same as MS03-037: 822715?)

    No. KB822036 is an overview of the Office XP patch and how to install it.
    KB 822715 is, as you note, the same as the bulletin MS03-037, which is a
    description of the bug, its symptoms, and links to patches for different
    versions of the patch. Note that one of the links is to KB822036. Since
    this bulletin affects Office 2000 as well as several other individual
    products, there are links to patch information for that software - 822035,
    822212, 822478, 822211.

    > Can't M$ just use ONE and only ONE numbering system so that
    > fewer people, like me, will get confused? This is certainly
    > one of the many things that M$ needs to put some of its
    > effort in its continuous improvement.

    What you're asking for is that all the detailed information, for several
    different products and several different downloads, should be stuck into one
    massive document. I'd see that as making things _more_ confusing, not less.

    The security bulletin tells you what the general effect of the bug is, what
    software is affected by it, and how critical it is. It includes a link to
    more detailed information and patches for each of the software versions
    affected. How is this confusing?


    Texas Imperial Software   | Find us at or email
    1602 Harvest Moon Place   |
    Cedar Park TX 78613-1419  | WFTPD, WFTPD Pro are Windows FTP servers.
    Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.
    Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER!
    With a growth rate exceeding 110%, the TICSA security practitioner
    certification is one of the hottest IT credentials available.  And now, for
    a limited time, you can save 33% off of the TICSA certification exam! To
    learn more about the TICSA certification, and to register as a TICSA
    candidate online, just go to

  • Next message: Hayes, Ian: "Re: Microsoft change in policy regarding sus-server"