Microsoft KB Archive/908921

= Detection and deployment guidance for the October 11, 2005 security release =

Article ID: 908921

Article Last Modified on 10/27/2006

-

APPLIES TO

 Microsoft Windows Server 2003 Service Pack 1, when used with:  Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)

 Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)

 Microsoft Windows Server 2003, Standard Edition (32-bit x86)

 Microsoft Windows Server 2003, Web Edition</li></ul> </li> Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)</li> Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)</li> Microsoft Windows Server 2003, Standard Edition (32-bit x86)</li> Microsoft Windows Server 2003, Web Edition</li> Microsoft Windows XP Service Pack 2, when used with:  Microsoft Windows XP Professional</li></ul>

 Microsoft Windows XP Home Edition</li></ul> </li> Microsoft Windows XP Service Pack 1, when used with:  Microsoft Windows XP Professional</li></ul>

 Microsoft Windows XP Home Edition</li></ul> </li> Microsoft Windows 2000 Service Pack 4, when used with:  <li>Microsoft Windows 2000 Advanced Server</li></ul>

<ul> <li>Microsoft Windows 2000 Datacenter Server</li></ul>

<ul> <li>Microsoft Windows 2000 Professional Edition</li></ul>

<ul> <li>Microsoft Windows 2000 Server</li></ul> </li> <li>Microsoft Windows Small Business Server 2003 Premium Edition</li> <li>Microsoft Windows Small Business Server 2003 Standard Edition</li> <li>Microsoft Small Business Server 2000 Standard Edition</li></ul>

-

<div class="notice_section">

<div class="summary_section">

SUMMARY
''As part of an ongoing commitment to provide detection tools and deployment recommendations for security updates, Microsoft is delivering this detection and deployment guidance for all updates that are released during a Microsoft Security Response Center (MSRC) release cycle. This guidance contains recommendations that are based on the types of scenarios that may exist in various Microsoft operating system environments. This guidance includes the use of tools such as Windows Update, Office Update, the Microsoft Baseline Security Analyzer (MBSA), the Office Detection Tool, Microsoft Systems Management Server (SMS), the Extended Security Update Inventory Tool, and the Enterprise Update Scan Tool (EST). Currently, the guidance in this document does not apply to 64-bit operating systems. Microsoft is looking to add this information in future releases of this guide.''

<div class="summary_section">

INTRODUCTION
This article describes the detection and deployment guidance for the security release that is dated October 11, 2005.

<div class="moreinformation_section">

Environments that detect and that deploy security updates by using Windows Update, Microsoft Update, and Office Update
Most of the updates that released on October 11, 2005 are available through the following Web sites:
 * Microsoft Windows Update
 * Microsoft Update
 * Office Update Web

However, not all the updates are available through these Web sites. The following are the updates that are not available through these Web sites or that may be partially supported by these Web sites:
 * Security update 906780 and security update 901017 are part of security bulletin MS05-048. Security update 906780 is an update for CDO on Microsoft Exchange 2000 SP3. Security update 901017 is an update for CDO on Microsoft Windows 2000 SP4, on Microsoft Windows XP SP1, on Microsoft Windows XP SP2, on Microsoft Windows Server 2003 RTM, and on Microsoft Windows Server 2003 SP1. Security update 906780 for Exchange 2000 SP3 is supported by Microsoft Update for detection and deployment. However, this update is not supported by Windows Update because Windows Update was not designed to support the Exchange Server product. Security update 901017 is fully supported by Microsoft Update and by Windows Update for detection and deployment. This update applies to Windows 2000 SP4, to Windows XP SP1, to Windows XP SP2, to Windows Server 2003 RTM, and to Windows Server 2003 SP1.

Environments that detect security updates by using the MBSA version 1.2.1 or MBSA version 2.0
If you use the Microsoft Baseline Security Analyzer (MBSA) version 1.2.1 or 2.0 to detect security updates, you can detect most of the updates that were released on October 11, 2005. The following information indicates the versions of MBSA that will detect specific updates, if any:
 * Security update 905495 is an update for FTP on Windows 2000 SP4, on Windows XP SP1, and on Windows Server 2003 RTM as part of security bulletin MS05-044. This security update is supported for detection by MBSA 1.2.1 for Windows XP SP1 and for Windows Server 2003 RTM. However, it is not supported by MBSA 1.2.1 for detection against Windows 2000 SP4. Windows 2000 SP4 is not supported because the detection logic cannot distinguish between Microsoft Windows 2000 with Microsoft Internet Explorer 5.01 installed (not vulnerable) and Windows 2000 with Internet Explorer 6 SP1 installed (vulnerable). The October version of the Enterprise Update Scan Tool will provide detection for Windows 2000 SP4 related to security bulletin MS05-044.
 * Security update 904706 is an update to Microsoft DirectX 7.0, to DirectX 8.1x versions, and to DirectX 8.2 on Windows 2000 SP4; to DirectX 8.1x versions and to DirectX 9.0x versions on Windows XP SP1; to DirectX 9.0c on Windows XP SP2; to DirectX 8.1x versions and to DirectX 9.0x versions on Windows Server 2003 RTM; and to DirectX 9.0c on Windows Server 2003 SP1. These updates are all part of security bulletin MS05-050. MBSA 1.2.1 supports detection of the DirectX 9.0c on Windows XP SP2 and on Windows Server 2003 SP1 only. MBSA 1.2.1 does not support detection on Windows 2000 SP4, on Windows XP SP1, or on Windows Server 2003 RTM for any listed version of DirectX. This is because MBSA 1.2.1 cannot distinguish which version of DirectX may be installed on operating systems that allow multiple versions (DirectX 7, DirectX 8, and DirectX 9). The October version of the Enterprise Update Scan Tool will provide detection for all listed versions of DirectX that are running on Windows 2000 SP4, on Windows XP SP1, or on Windows Server 2003 RTM.

For more information about how to obtain the Enterprise Update Scan Tool, click the following article number to view the article in the Microsoft Knowledge Base:

894193 How to obtain and use the Enterprise Update Scan Tool

Environments that detect and that deploy security updates by using Software Update Services or Windows Server Update Services
If you use Software Update Services (SUS) or Windows Server Update Services (WSUS) to detect and to deploy security updates, you can detect most of the updates that were released on October 11, 2005. The following are the updates that SUS and WSUS do not detect or that are partially supported by SUS and WSUS:
 * Security update 906780 and security update 901017 are part of security bulletin MS05-048. Security update 906780 is an update for CDO on Exchange 2000 SP3. Security update 901017 is an update for CDO on Windows 2000 SP4, on Windows XP SP1, on Windows XP SP2, on Windows Server 2003 RTM, and on Windows Server 2003 SP1. Security update 906780 for Exchange 2000 SP3 is supported by WSUS for detection and deployment. However, this update is not supported by SUS because SUS was not designed to support the Exchange Server product. Security update 901017 is fully supported by SUS and by WSUS for detection and deployment. This update applies to Windows 2000 SP4, to Windows XP SP1, to Windows XP SP2, to Windows Server 2003 RTM, and to Windows Server 2003 SP1.

Environments that detect and that deploy security updates by using SMS with the Software Update Services Feature Pack and with the Extended Security Update Inventory Tool
If you use Microsoft Systems Management Server (SMS) to detect and to deploy security updates, you can detect all the security updates that were released on October 11, 2005.

Some of the security updates may be fully detected only if you use the latest cumulative version of the Extended Security Update Inventory Tool. To obtain this tool, visit the following Microsoft Web site:

http://www.microsoft.com/downloads/details.aspx?FamilyId=2C93DA1D-48A0-4E5C-991F-87E08954F61B&displaylang=en

Summary of detection and deployment guidance
The following table summarizes the detection and deployment guidance for each new security update.

Re-released security updates
There are no security updates that are being re-released this month.

Frequently asked questions
<ol> <li>What is Microsoft doing to provide guidance about how to deploy these updates?

Microsoft encourages system administrators to join the monthly technical webcast to learn more about security updates. The webcast for these security update airs on October 11, 2005 at 11:00 A.M. (Pacific Time). To register, visit the following Microsoft Web site:

http://msevents.microsoft.com/cui/WebCastEventDetails.aspx?EventID=1032282125&EventCategory=4&culture=en-US&CountryCode=US

</li> <li>Is the Enterprise Update Scan Tool also cumulative like the Extended Security Update Inventory Tool is for SMS?

No, the Enterprise Update Scan tool is not cumulative. There are no plans to make the Enterprise Update Scan tool cumulative.</li> <li>Can I use the Microsoft Baseline Security Analyzer (MBSA) tool to determine whether these updates are required?

Yes, you can use the MBSA 1.2.1 and 2.0 to fully detect the need for the following security updates that were released in October 2005, except where noted.

For more information regarding security update 905495 and security update 904706 about why MBSA 1.2.1 does not have full detection for all affected software or components, see the &quot;Environments that detect security updates by using the MBSA version 1.2.1 and MBSA version 2.0&quot; section in this article.

For more information about the programs that the MBSA currently does not detect, click the following article numbers to view the articles in the Microsoft Knowledge Base:

306460 Microsoft Baseline Security Analyzer 1.2.1(MBSA) returns note messages for some updates

895660 Microsoft Baseline Security Analyzer 2.0 is Available

If you installed a program that is listed in the &quot;Affected software&quot; section of a security bulletin that is mentioned in the related article, you may have to manually determine whether you must install the required security update. For more information about the MBSA, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/tools/mbsahome.mspx

</li> <li>Which security updates require that I use the Enterprise Update Scan Tool together with the MBSA to identify vulnerable systems on my network?

The following security updates are partially supported by the Enterprise Update Scan Tool together with the MBSA under certain conditions:

For more information, see the &quot;Environments that detect security updates by using the MBSA version 1.2.1 and MBSA version 2.0&quot; section in this article.</li> <li>Can I use Systems Management Server (SMS) to determine whether the updates are required?

Yes. SMS helps detect and deploy these security updates. SMS uses the MBSA for detection. Therefore, SMS does not detect the same programs that MBSA does not detect. For more information about SMS, visit the following Microsoft Web site:

http://www.microsoft.com/smserver/default.mspx

The Security Update Inventory Tool together with the Extended Security Update Inventory Tool are required for detection of all the security updates on Microsoft Windows and on other affected Microsoft products.

For more information about the limitations of the Security Update Inventory Tool, click the following article number to view the article in the Microsoft Knowledge Base:

306460 Microsoft Baseline Security Analyzer (MBSA) returns note messages for some updates

SMS also uses the Microsoft Office Inventory Tool to detect the required security updates for Microsoft Office programs such as Microsoft Word.</li></ol>

Additional query words: kbmustloc kblangall

Keywords: kbhowto kbinfo KB908921

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.