Re: New MSSecure.XML Version 2005.10.11.0 Now Available

From: Doug Neal [MSFT] (dugn_at_online.microsoft.com)
Date: 10/12/05 

Date: Wed, 12 Oct 2005 07:52:48 -0700

This was made available the moment the previous announcement was made - and
was confirmed downloadable by a number of tests immediately afterward.

You may want to clear your internet cache and/or examine your proxy servers.
If there are continued delays obtaining the latest, updated XML files, be
sure you review KB842432 to troubleshoot potential local proxy and caching
issues to see if that will resolve your issue. 

-- 
Doug Neal [MSFT]
dugn@online.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights.
If newsgroup discussion with experts and MVPs is unable to solve a problem
to your satisfaction, feel free to contact PSS for support on the Microsoft 
Baseline
Security Analyzer (MBSA). Information is available at the following link:
http://support.microsoft.com/default.aspx
This e-mail address does not receive e-mail, but is used for newsgroup
postings only.
"Christine Jackson" <ChristineJackson@discussions.microsoft.com> wrote in 
message news:7F5A3AAB-1867-4E88-994B-1210627ACE04@microsoft.com...
> Hi Doug,
>
> I have been trying to download this latest version of mssecure.xml but 
> still
> keep getting the version from last month dated 08/18/05. Have also tried
> downloading it from go.microsoft.com/fwlink/?linkid=18922 but that still
> brings down the old version I stated above. I am using mbsacli.exe version
> 1.2.3316.1
>
> Has something changed?? or is the version not loaded yet?
>
> Cheers
>
> Christine
>
> "Doug Neal [MSFT]" wrote:
>
>> MBSA 2.0 detection is based directly on Microsoft Update, so all 
>> inquiries
>> regarding MBSA 2.0 patch detection for this month's release should by 
>> sent
>> to the public microsoft.public.softwareupdatesvcs newsgroup.  This
>> announcement is specific to MBSA 1.2.1 and the underlying MSSecure.XML 
>> file
>> that services the MBSA 1.2.1 tool.
>>
>> MSSECURE.XML Data Version 2005.10.11.0 (for use by MBSA 1.2 and SMS SUS
>> Feature Pack) was last modified today, October 11, 2005, and is now
>> available
>> for all supported languages (English, French, German and Japanese). 
>> Today's
>> release contains 9 new bulletins.  All 9 new bulletins are fully 
>> supported
>> by MBSA 1.2 with two exceptions noted below for MS05-044 and MS05-050.
>>
>>
>> New October Bulletins
>>
>>
>> 1)       MS05-044 (FTP Transfer) - 905495.  Not applicable to Windows XP 
>> SP2
>> or Windows Server 2003 SP1.  Detection for this issue is split between 
>> MBSA
>> 1.2 and EST.  MBSA 1.2 supports detection for Windows XP SP1 and Windows
>> Server 2003 RTM only - and will report a Note Message for Windows 2000
>> platforms.  Detection for these platforms is provided by the October 
>> edition
>> of the Enterprise Scan Tool (EST) (see below).
>>
>> 2)       MS05-045 (Connection Manager) - 905414.
>>
>> 3)       MS05-046 (NetWare) - 899589.  This bulletin is applicable to all
>> Windows platforms that contain the vulnerable NWWKS.DLL file - even if
>> Microsoft Services for NetWare is not enabled on the target machine.
>>
>> 4)       MS05-047 (PnP) - 905749.  Not applicable to Windows Server 2003 
>> RTM
>> or SP1.  This bulletin replaces all previous versions of MS05-039.
>>
>> 5)       MS05-048 (Windows/Exchange CDO) - 901017 (Windows), 906780
>> (Exchange).  Applicable to Exchange 2000 SP3 in addition to applicable
>> Windows platforms.  For the Exchange (906780) vulnerability, registry key
>> only detection is provided due to the localizable installation path for 
>> the
>> affected file which MBSA 1.2 cannot support.
>>
>> 6)       MS05-049 (Shell) - 900725.  This patch replaces multiple 
>> previous
>> releases.  See the MS05-049 bulletin for details
>>
>> 7)       MS05-050 (DirectX) - 904706.  Detection for this issue is split
>> between MBSA 1.2 and EST.  MBSA 1.2 supports detection for Windows XP SP2
>> and Windows Server 2003 SP1 only - and will report a Note Message for all
>> other Windows platforms (Windows 2000 SP4, Windows XP SP1 and Windows 
>> Server
>> 2003 RTM).  For the Windows Platforms not supported by MBSA 1.2, an 
>> October
>> edition of the Enterprise Scan Tool (EST) has been provided to detect the
>> multiple versions of DirectX that may be installed on these platforms 
>> (see
>> below).  This bulletin replaces all previous versions of MS03-030.
>>
>> 8)       MS05-051 (COM+) - 902400.  This patch replaces multiple previous
>> releases.  See the MS05-051 bulletin for details.
>>
>> 9)       MS05-052 (IE Cumulative) - 896688.  This patch replaces the
>> previous IE Cumulative Patch (MS05-038) for supported platforms.
>>
>>
>>
>> ----------------------------
>>
>> What is the Enterprise Update Scanning Tool (EST)?
>> As part of an ongoing commitment to provide detection tools for complex
>> updates for bulletin-class issues that are not supported by MBSA 1.2, a
>> stand-alone tool may be provided for certain bulletins.  Microsoft will
>> evaluate the detection and deployment complexity of each bulletin, and
>> provide detection support based on the specifics of each release.  When a
>> detection tool is created for a specific bulletin, customers will be able 
>> to
>> script running the tool from a command line interface, and process the
>> results using an XML output file.  Detailed documentation will be 
>> provided
>> with the tool to ensure customers can leverage it quickly.  See the
>> following link for details
>> http://support.microsoft.com/default.aspx?id=894193
>>
>> NOTE: Customers who have upgraded to MBSA 2.0 (or SMS ITMU) already have
>> full detection for all bulletins released this month without the 
>> limitations
>> in MBSA 1.2.  There is no EST tool available for MBSA 2.0 since there is 
>> no
>> gap in MBSA 2.0 detection as there is for MBSA 1.2.
>>
>> -- 
>>
>>
>> Doug Neal [MSFT]
>> dugn@online.microsoft.com
>>
>> This posting is provided "AS IS" with no warranties, and confers no 
>> rights.
>>
>> If newsgroup discussion with experts and MVPs is unable to solve a 
>> problem
>> to your satisfaction, feel free to contact PSS for support on the 
>> Microsoft
>> Baseline
>> Security Analyzer (MBSA). Information is available at the following link:
>> http://support.microsoft.com/default.aspx
>>
>> This e-mail address does not receive e-mail, but is used for newsgroup
>> postings only.
>>
>>
>>
>>

Relevant Pages

  • New MSSecure.XML Version 2005.04.12.0 Now Available
    ... release contains 8 new bulletins, 7 of which are fully supported by MBSA. ... Windows Server 2003 Small Business Server Detection: ... provide detection support based on the specifics of each release. ...
    (microsoft.public.security)
  • RE: New MSSecure.XML Version 2005.10.11.0 Now Available
    ... Detection for these platforms is provided by the October edition ... This bulletin replaces all previous versions of MS03-030. ... > provide detection support based on the specifics of each release. ...
    (microsoft.public.security)
  • New MSSecure.XML Version 2005.07.12.0 Now Available
    ... MSSECURE.XML Data Version 2005.07.12.0 (for use by MBSA 1.2 and SMS SUS ... There is also a single re-release for previously released bulletins listed ... Full support in SMS. ... As part of an ongoing commitment to provide detection tools for complex ...
    (microsoft.public.security)
  • Re: New MSSecure.XML Version 2005.02.08.0 Now Available
    ... Explorer 6.0 for Windows XP SP2 and another for Windows Server 2003 that is ... In MBSA results, your Internet Explorer ... >> LibPNG and WMP / Messenger Support ... >> Security Zone setting detailed in the MS04-024 bulletin. ...
    (microsoft.public.security)
  • Re: New MSSecure.XML Version 2005.02.08.0 Now Available
    ... Explorer SP2 installed or that I had Windows Media Player 10 installed. ... > of which are fully supported for MBSA detection and SMS deployment. ... > LibPNG and WMP / Messenger Support ... > Security Zone setting detailed in the MS04-024 bulletin. ...
    (microsoft.public.security)