New MSSecure.XML Version 2004.09.14.0 Now Available

From: Doug Neal [MSFT] (
Date: 09/14/04

Date: Tue, 14 Sep 2004 11:21:54 -0700

MSSECURE.XML Data Version 2004.09.14.0 (for use by MBSA 1.2 and SMS SUS
Feature Pack) was last modified today, September 14, 2004, and is now
available for all supported languages (English, French, German and
Japanese). Public download locations for these updated versions - pending
worldwide replication and local proxy and caching issues - are listed below.
If there are delays obtaining the latest, updated XML files, be sure you
review KB842432 to troubleshoot potential local proxy and caching issues.


This release supports the following new bulletins (with only limited support
as detailed below and in today's web cast):

  a.. MS04-027 (WordPerfect Converter) - 884933. This bulletin is not
supported for detection in MBSA. See KB306460 for more details on supported
  b.. MS04-028 (GDI+) - 833987. This bulletin will generate a Note message
on the applicable platforms indicated in the MS04-028 bulletin. This is
critical to understand since even though some operating systems may be
affected by having a vulnerable Microsoft product installed on an otherwise
unaffected operating system, the only platforms that will show a Note
message are the Affected Operating Systems (Windows Server 2003 and Windows
XP RTM and SP1) and Affected Components (Internet Explorer 6 SP1) as called
out in the MSRC bulletin. See KB306460 for more details on supported

This XML is fully supported for use with MBSA 1.2, MBSA 1.2.1 and the SMS
SUS Feature Pack. To get the latest updates, features and Windows XP SP2
compatibility, be sure to upgrade to MBSA 1.2.1. SMS SUS Feature Pack users
do NOT need to upgrade since all of the features are already provided by

Details of the added and improved features in MBSA 1.2.1 can be found on the
MBSA home page

This release does not include any other fixes, updates or improvements
beyond the items stated above.

Doug Neal [MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights.
If newsgroup discussion with experts and MVPs is unable to solve a problem
to your satisfaction, feel free to contact PSS for the Microsoft Baseline
Security Analyzer (MBSA) at the following link:;en-us;Prodoffer20a
This e-mail address does not receive e-mail, but is used for newsgroup
postings only.