Re: Microsoft Baseline Security Analyzer not seeing KB887742 and KB88 6185 Correction

From: Joe Granto (Joe.Granto_at_MCI.COM)
Date: 02/16/05

  • Next message: Paul Wobbe: "Outlook exploit"
    Date:         Wed, 16 Feb 2005 15:09:58 -0500
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    Enterprise Update Scan Tool:
    http://support.microsoft.com/?id=894193

    This tool seems to be a solution between MBSA releases. This tool may be
    what you need to detect those fixes. From the URL above:

    "Why does this tool exist?
    Microsoft delivers this tool for certain bulletins in an MSRC release
    cycle that cannot be detected by the MBSA or the ODT. Each tool is
    specific to an MSRC release cycle."

    and

    "Why do the MBSA and the ODT not detect this update?
    The MBSA and the ODT may not offer full detection for certain bulletins
    in an MSRC release cycle. Full detection may not be available because of
    a limitation of the detection engine or because the product that is
    affected is not supported by the MBSA or the ODT. We are working to
    resolve this issue in future versions of the MBSA through the Windows
    Update Server infrastructure. In the meantime, the Enterprise Update Scan
    Tool is designed to complement the MBSA and the ODT for security update
    detection. Whenever MBSA or ODT cannot offer detection, we plan to
    release an Enterprise Update Scan Tool."

    ------------------------------------------------------------------------
    Joe Granto, Senior Engineer
    Intel Engineering, MCI (back in black)
    Marimba Jedi
    Office: (954)377-5632 VNET: 377-5632
    Pager: (888)500-6340 or joe.granto+page@mci.com
    FAX: (954)377-5793

    LINUX is only free if your time is worthless.

    "There is no estimated time of resolution."

    Fear my three minute POP time-out.

    There is no WorldCom, only Zuul.

    WorldCom... it was all a bad dream.

    What's $11 billion between friends?

    Complete <adj.>: having all necessary parts, elements, or steps

    Sprint, BP, WorldCom, Qwest, Verizon.. someone make the pain stop.

    --
    NTBugtraq Editor's Note:
    Most viruses these days use spoofed email addresses. As such, using an Anti-Virus product which automatically notifies the perceived sender of a message it believes is infected may well cause more harm than good. Someone who did not actually send you a virus may receive the notification and scramble their support staff to find an infection which never existed in the first place. Suggest such notifications be disabled by whomever is responsible for your AV, or at least that the idea is considered.
    --
    

  • Next message: Paul Wobbe: "Outlook exploit"

    Relevant Pages