SSECURE.XML Data Version 2005.02.08.0 (for use by MBSA 1.2 and SMS SUS
Feature Pack) was last modified today, February 8, 2004, and is now
available for all supported languages (English, French, German and
Japanese). Today's release contains 12 new bulletins and 1 re-release - 10
of which are fully supported for MBSA detection and SMS deployment.
This release fully supports the following new bulletins:
MS04-035 (Exchange) - re-release to add Exchange 2000 SP3 support
MS05-004 (ASP .Net) - Not supported by MBSA, but supported by EST
MS05-005 (Word) - supported by MBSA (using ODT) for local scans only
MS05-006 (SharePoint) - STS supported by MBSA (using ODT) for local scans
only. WSS supported by EST
MS05-007 (Session Link) - 888302.
MS05-008 (Shell) - 890047.
MS05-009 (LibPNG) - WMP portion supported, Messenger variants not
supported. EST supports all aspects of LibPNG
MS05-010 (License Logging) - 885834. Also includes Windows NT 4.0 Server
and Windows NT 4.0 TSE support
MS05-011 (SMB) - 885250.
MS05-012 (OLE) - 873333.
MS05-013 (DHTML) - 891781.
MS05-014 (IE) - 867282.
MS05-015 (HLINK) - 888113.
There are a number of technical issues with today's release that may be
valuable to enterprise administrators:
LibPNG and WMP / Messenger Support
The LibPNG vulnerability spans products supported by MBSA (WMP9) and
products not supported by MBSA (Windows and MSN Messenger). Usually,
unsupported products would not generate a warning in MBSA (no 'less than'
warning, no note message - nothing. See KB306460 for details). Since this
could mislead customers with the WMP patch applied to believe they are
patched for all known vulnerabilities (since no message would appear for
vulnerable Messenger versions), the 'Windows OS' security check will report
a Note Message for all potentially affected platforms (i.e., any platform
where an affected version of Messenger could be installed). This is
expected behavior. This Note Message will appear regardless of whether an
affected version of Messenger is installed as a precaution to alert
customers to manually check the applicability of their systems for the
Messenger-based versions of this fix. The Enterprise Scan Tool (EST) can be
used as a single tool to scan for LibPNG vulnerabilities that MBSA cannot
The December 2004 MSSECURE file included unnecessary detection for the
optional KDCSVC.DLL file. This caused the MS04-044 patch to never indicate
it was fully installed for MBSA users and could cause SMS to potentially
re-deploy the package. This issue has been fixed with today's release
MS04-037 no longer replaces (supersedes) MS04-024
In addition to correctly removing the supersedence between MS04-024 and
MS04-037, previously-released MSSECURE files lacked detection for a critical
Security Zone setting detailed in the MS04-024 bulletin.
Internet Explorer 6.0 SP1 no longer supported on NT 4.0
Although MBSA will scan for all Internet Explorer issues detailed in
MS05-014, it will not distiguish between Internet Explorer 6.0 SP1 installed
on a supported Windows operating system and when it is installed on Windows
NT 4.0 platforms that are no longer in support.
More information can be found in the MS05-014 bulletin under the section
titled, "Extended security update support for Microsoft Windows NT 4.0
Workstation Service Pack 6a and Windows 2000 Service Pack 2 ended on June