New MSSecure.XML Version 2004.08.16.0 Now Available

New MSSecure.XML Version 2004.08.16.0 Now Available

Post by Doug Neal » Wed, 18 Aug 2004 04:13:42


MSSECURE.XML Data Version 2004.08.16.0 (for use by MBSA 1.2 and SMS SUS
Feature Pack) was last modified today, August 16, 2004, and is now available
for all supported languages (English, French, German and Japanese). Public
download locations for these updated versions - pending worldwide
replication and local proxy and caching issues - are listed below. If there
are delays obtaining the latest, updated XML files, be sure you review
KB842432 to troubleshoot potential local proxy and caching issues.


ENU: http://www.yqcomputer.com/
DEU: http://www.yqcomputer.com/
FRN: http://www.yqcomputer.com/
JPN: http://www.yqcomputer.com/


This release includes detection for Windows XP service pack 2 and will also
trigger the MBSA 1.2 notification dialog that a newer version of MBSA
(version 1.2.1) is now available.

Note: unique support for MS03-011 in WinXP SP2. If a copy of Microsoft's
Java Virtual Machine (MSJVM) is present on a target client, MBSA will
correctly determine the state of the latest MSJVM patch MS03-011 (either
"Patched" or "Patch NOT Found"). Although Windows XP Service Pack 2
re-baselines the Windows XP operating system (thus removing unnecessary Note
messages and alerts for all previously-installed patches), the MS03-011
MSJVM patch is unique since this vulnerability can persist beyond the
upgrade to SP2. If MSJVM is present on the machine, the state of MS03-011
will be accurately reported by MBSA as either "Patched" or "Patch NOT Found".
If MSJVM is not present in the machine, MBSA will correctly skip detection
for MS03-011 and not report it as missing or installed since it is
irrelevant.

Details of the added and improved features in MBSA 1.2.1 will be included in
a separate post and can be found at the MBSA home page
( http://www.yqcomputer.com/ ).

This release does not include any other fixes, updates or improvements
beyond the items stated above.


--


Doug Neal [MSFT]
XXXX@XXXXX.COM

This posting is provided "AS IS" with no warranties, and confers no rights.

If newsgroup discussion with experts and MVPs is unable to solve a problem
to your satisfaction, feel free to contact PSS for the Microsoft Baseline
Security Analyzer (MBSA) at the following link:
http://www.yqcomputer.com/ ;en-us;Prodoffer20a

This e-mail address does not receive e-mail, but is used for newsgroup
postings only.
 
 
 

New MSSecure.XML Version 2004.08.16.0 Now Available

Post by RXJ3aW4gTW » Wed, 18 Aug 2004 09:21:02

Is this version of MSXML automaticaly installed? I ran MBSA 1.2.1 and for
"MSXML Security Updates" it reports "No critical security updates are
missing.". Or doesn't MBSA 1.2.1 detect the update yet?

 
 
 

New MSSecure.XML Version 2004.08.16.0 Now Available

Post by Erwin Mich » Wed, 18 Aug 2004 11:36:58

Sorry I mixed up two things in my previous post: MSXML Security Updates and
the Security Update Database Version. In the meantime when I reviewed the
security reports from MBSA 1.2.1 I noticed the warning about the new
security update for the database. So now I understand why there wasn't
anything reported for MSXML (there wasn't any update) and I saw the database
is indeed automatically updated.
 
 
 

New MSSecure.XML Version 2004.08.16.0 Now Available

Post by Doug Neal » Thu, 19 Aug 2004 04:56:45

ou will NOT need to update the SUS Feature Pack. This functionality is
unchanged from an SMS perspective. There's a KB article on this that should
be on its way (if not available already) detailing this shortly. I hope
that helps...

--


Doug Neal [MSFT]
XXXX@XXXXX.COM

This posting is provided "AS IS" with no warranties, and confers no rights.

If newsgroup discussion with experts and MVPs is unable to solve a problem
to your satisfaction, feel free to contact PSS for the Microsoft Baseline
Security Analyzer (MBSA) at the following link:
http://support.microsoft.com/default.aspx?scid=fh;en-us;Prodoffer20a

This e-mail address does not receive e-mail, but is used for newsgroup
postings only.


"dduensing" < XXXX@XXXXX.COM > wrote in message
news: XXXX@XXXXX.COM ...