Article ID: 899277
Article Last Modified on 10/27/2006
APPLIES TO
- Microsoft Windows 2000 Service Pack 4, when used with:
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Professional Edition
- Microsoft Windows 2000 Service Pack 3, when used with:
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Professional Edition
INTRODUCTION
As part of an ongoing commitment to provide detection tools and deployment recommendations for security updates, Microsoft delivers detection and deployment guidance for all bulletins during a Microsoft Security Response Center (MSRC) release cycle. The guidance in this article contains recommendations that are based on the types of scenarios that may be used in various Microsoft Windows environments. This guidance applies to the use of tools such as Windows Update, Microsoft Office Update, the Microsoft Baseline Security Analyzer (MBSA), the Office Detection tool, Microsoft Systems Management Server (SMS), the Extended Security Update Inventory tool, and the Enterprise Update Scan tool.
MORE INFORMATION
Detection and deployment strategies
Environments that detect and deploy security updates by using the Windows Update Web site and the Office Update Web site
If you use the Windows Update Web site or the Office Update Web site to detect and to deploy security updates, you are covered for the detection and the deployment of all May 10, 2005 releases.
Environments that detect security updates by using MBSA
If you are using MBSA to detect security updates, you are covered for the detection of all May 10, 2005 releases.
Environments that detect and deploy security updates by using Software Update Services
If you use Software Update Services (SUS) to detect and to deploy security updates, you are covered for the detection and deployment of all May 10, 2005 releases.
Environments that detect and deploy security updates by using SMS with the SUS Feature Pack
If you use SMS to detect and to deploy security updates, you are covered for all May 10, 2005 releases.
The detection and deployment matrix
Office Update | Windows Update or Automatic Update | MBSA and the Office Detection tool | SUS | The stand-alone Enterprise Update Scan tool | SMS with the SUS Feature Pack | |
Security bulletin MS05-024 | Detect and deploy | Detect and deploy | Detect only | Detect and deploy | Detect only | Detect and deploy |
MS05-024 Web View | N/A | Yes | Yes | Yes | N/A | Yes |
Frequently asked questions
Q1: What is Microsoft doing to provide guidance on how to deploy these updates?
A1: Microsoft encourages system administrators to join the monthly technical webcast to learn more about the May 2005 security update. This webcast airs on May 11, 2005 at 11:00 A.M. Pacific Time. To register, visit the following Microsoft Web site:
Q2: Is the Enterprise Update Scan tool cumulative as the Extended Security Update Inventory tool is for SMS?
A2: No, the Enterprise Update Scan tool is not cumulative. No plans exist to make the tool cumulative.
Q3: Can I use MBSA to determine whether the updates are required?
A3: You can use MBSA to detect security update MS05-024. This update was released in May 2005.
Notes
- For more information about the programs that MBSA does not currently detect, click the following article number to view the article in the Microsoft Knowledge Base:
306460 Microsoft Baseline Security Analyzer (MBSA) returns note messages for some updates
- If you installed any one of the programs that are listed in the "Affected software" section of security bulletin MS05-024, you may have to manually determine whether to install the required security update. For more information about MBSA, visit the following Microsoft Web site:
Q4: Which bulletins require that I use the Enterprise Update Scan tool in combination with MBSA to identify vulnerable systems on my network?
A4: You do not need the Enterprise Update Scan tool this month because MBSA fully detects security update MS05-024.
Q5: Can I use SMS to determine whether the updates are required?
A5: Yes. SMS can help detect and deploy these security updates.
Note SMS uses MBSA for detection. Therefore, SMS does not detect the programs that MBSA does not detect. For more information about SMS, visit the following Microsoft Web site:
The Security Update Inventory tool is required to detect the required security updates for Microsoft Windows and for other affected Microsoft products.
For more information about the limitations of the Security Update Inventory tool, click the following article number to view the article in the Microsoft Knowledge Base:
306460 Microsoft Baseline Security Analyzer (MBSA) returns note messages for some updates
SMS can also use the Office Inventory tool to detect the required security updates for Office programs, such as Microsoft Word.
Keywords: kbexpertiseadvanced kbsecurity kbhowto kbdeployment kbinfo KB899277