Re: Microsoft Security Bulletin Data
My question (suggestion) regards the Detailed Bulletin Information that can be downloaded as an Excel spreadsheet. The problem that I'm having is with superseded Bulletins\Advisories. I use this spreadsheet (http://www.microsoft.com/en-us/download/details.aspx?id=36982)
to verify what patches that are identified as missing by my my vulnerability scanning tool, which unfortunately likes to tell me that I have to apply a patch(s) that that has been superseded.
This spreadsheet contains 14 columns, one of which is "Supersedes"... which is great, but I have to search that column to see if a particular patch has itself been superseded. My suggestion is why not ad a column "Superseded
By", this way you can just look up the "Bulletin ID" in question? A simple example of this would be the following:
Date Posted Bulletin ID Severity Title
Supersedes
5/13/2014 MS14-029 Critical Security Update for Internet Explorer MS14-021[2964358]
... which unless I'm wrong, is telling me that MS14-029 supersedes or replaces MS14-021 and its subsequent advisories. Now this is very easy to look up because they both happened withing 15 days of each other, meaning my scanning tool is telling me that
MS14-021 is required, and that's just not true. Now, imagine doing this for older bulletins that may have been released years ago, I have to search the
Supersedes field instead of just looking at that bulletin to get that information. I do understand that this is mostly an issue that I have to solve with my vendor and we are addressing that, but Microsoft posts this spreadsheet for
us to use and I do use it to its full effect, I just want them to make it easier to use, so that I can be more efficient, that's it.
The only reason I posted this message (rant) here is because other than Twitter, I cannot find a way to contact Microsoft regarding this and I've been looking for over an hour this morning, hopefully someone from that area will see this and at least respond.
Thank you,
Donald Jackson
Hi,
Thanks for your advise. I record your feedback.
Juke Chou
TechNet Community Support
Similar Messages
-
Cannot validate pgp signatures of microsoft security bulletins
So I've been getting Microsoft security bulletins for years and I thought I would actually verify the PGP signature. I have not been able to yet. I found two public keys on microsoft sites:https://technet.microsoft.com/en-us/security/dn753714was the first key I imported. My PGP software says it is the wrong key for the June 2015 security bulletin:PHPWrong signature of Microsoft SecurityNotifications (Key ID: BF05BFF43AA549E5)Notably on that link above, the page says it was "Updated: December 15, 2015" (in the future). I found that page linked fromanother page.I found another key and replaced the above key with a slightly older one. I still get an "unknown" key errorTextSigned with unknown key(Key ID: BF05BFF43AA549E5)I also foundboth keyson the MIT key server.What do you get when you verify Microsoft PGP signatures?
This topic first appeared in the Spiceworks CommunityHi,
Thanks for your advise. I record your feedback.
Juke Chou
TechNet Community Support -
Parsing Microsoft Security Bulletin Web Pages
I have been tasked with determining which bulletings are pertintent starting in 2013 to the present. I am placing a link to the bulletin and other information on a spreadsheet. I have a reference to the Internet Controls in my project.
I need to determine which operating systems for each bulletin.
I have been able to parse the security bulletins page by year (https://technet.microsoft.com/en-us/library/security/dn631924.aspx) to get the next level of the bulletin
(https://technet.microsoft.com/library/security/ms13-106).
My problem has come in parsing the affected software table. Not all the bulletins have the same formatting from year to year or even within the same year.
I have been useing the DOM explorer in IE to help me find all the parts, but I have found many of the tags (table name) are empty so I am having to check each and every line and element to find the information I am looking for.
My code is ending up with a number of if/elseif type of checks and is getting very complicated. Does anyone have a solution for this already or am I missing something?
Thanks in advance.Hi Shu Hu,
I am able to parse the table and find all the tr tags.
The problem I am having is the different layouts used on the web pages.
The pages for the security bulletin's for 2013 (https://technet.microsoft.com/en-us/library/security/ms13-106.aspx)
are a different format from the bulletin's for 2014 (https://technet.microsoft.com/library/security/ms14-085).
Initally I thought I could find just tables but the table I am looking to parse is not the same index from page to page. I thought I could use the table name attribute but that was not populated. I started looking at each elelement on the HTML
page until I found the text "Affected Software." Once I found the tag in the innerText field I looked for the next table to process the rows.
I was hoping that the formatting would be the same from year to year but it is not so I was looking to see if there was a solution already but it does not look that way.
I will take a closer look at the article you provided to see if that will help. -
Microsoft Security Bulletin Advance Notificati​on for April 2011
Wow! Microsoft's April Patch is planning 17 Bulletins to Fix 64 Bugs. As always it includes some security updates.
https://www.microsoft.com/technet/security/bulletin/ms11-apr.mspx
ThinkPad: T530 / X1 Gen 2 / Helix - Yoga: Tablet 2 Pro (Win) / Yoga 3 Pro
If you find a post helpful and it answers your question, please click the "Accept As Solution" button.
Lenovo Advocate ~ I am not employed by Lenovo or Microsoft. I am a volunteer.
Microsoft MVP - Consumer Security
SpywareHammerHi Shu Hu,
I am able to parse the table and find all the tr tags.
The problem I am having is the different layouts used on the web pages.
The pages for the security bulletin's for 2013 (https://technet.microsoft.com/en-us/library/security/ms13-106.aspx)
are a different format from the bulletin's for 2014 (https://technet.microsoft.com/library/security/ms14-085).
Initally I thought I could find just tables but the table I am looking to parse is not the same index from page to page. I thought I could use the table name attribute but that was not populated. I started looking at each elelement on the HTML
page until I found the text "Affected Software." Once I found the tag in the innerText field I looked for the next table to process the rows.
I was hoping that the formatting would be the same from year to year but it is not so I was looking to see if there was a solution already but it does not look that way.
I will take a closer look at the article you provided to see if that will help. -
Microsoft Security Bulletin Installation Prerequisites
Hi Team,
Just wanted to know that, is there any Prerequisites before installing / deploying any Microsoft patches to Servers 2003/2008/2012. Thanks
Regards,
PaviHi,
You could consider to using Microsoft Baseline Security Analyzer tools,
MBSA 2.3 runs on Windows 8.1, Windows Server 2012, and Windows Server 2012 R2, Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP systems and will scan for missing security updates, rollups and service
packs using Microsoft Update technologies. To assess missing security updates, MBSA will only scan for missing security updates, update rollups and service packs available from Microsoft Update. MBSA will not scan or report missing non-security updates, tools
or drivers.
http://www.microsoft.com/en-us/download/details.aspx?id=7558
Regards.
Vivian Wang -
Microsoft Security Bulletin MS15-022 - Critical and Windows XP
I have a legacy Windows XP machine that I applied MD15-022 to, it took the Office 2007 patch
I do not see it in Add / Remove, but in the Event Logs under Application, there are multiple entries.
With doing this, how do I know the patch is there?
Thanks
b.Find your situation here.
https://support.microsoft.com/en-us/kb/3038999
then goto KB, scroll to File Information section and compare with what you have.
Regards, Dave Patrick ....
Microsoft Certified Professional
Microsoft MVP [Windows]
Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. -
The three hotfixes just will not install. I have used manual and automatic download to no avail
As this is not a Firefox issue, you will be better off asking in a forum that specializes in Windows, such as Eileen's Lounge - http://eileenslounge.com
-
Microsoft security patch KB834707 side effects in NW. SAP Note 785308
I figured we should make a thread with information known about this problem.
Since the problem comes in the javascripts, I would belive the problem is on the client-side, not server side.
Does anyone know exactly what the problem is (what has Microsoft changed) ?
Please contribute with information you get from OSS's.
I'll update this first post with all available information
Information:
15.11: Microsoft
have to provide a solution to this problem and that it could take
some time. The problem lies on the
Microsoft side so we must wait for them before a solution can be
provided.
- Development has found that by adding the site to the intranet zones of
the client browser, the problem is solved, some experience of late has
shown that in some cases you have to add the full machine name to the
intranet sites and not just in the form of *.somedomain.com.
Microsoft and SAP are currently working on the problem and a proper and
long term solution is expected shortly. However no exact date has been
specified.
- It is possible that the problems are caused by event handlers pointing directly to a DOM function:
http://support.microsoft.com/kb/887741
- I've noticed that we don't have a problem on a portal running EP 6 SP2 P3 Hf4 , after installing the hotfix on the client side. Maybe the problem is on the server side or maybe because it is an intranet portal only(however, I had no problems when setting it to be in the internet security zone). Awaiting confirmation from SAP
SAP Note 785308
http://service.sap.com/~form/sapnet?_FRAME=CONTAINER&_OBJECT=012006153200001521102004
(direct link I think, albeit very slow)
Microsoft KB834707
http://support.microsoft.com/?id=834707
Microsoft Security Bulletin 04-038
http://www.microsoft.com/technet/security/bulletin/ms04-038.mspx
Last edited 2004-11-15 13:27
Message was edited by: Dagfinn Parnas
More information> Does anyone know exactly what the problem is (what has Microsoft changed) ?
a) Go to <http://www.ciac.org/ciac/bulletins/p-006.shtml> and search for the "CAN-" links. Each component has a one paragraph description.
b) According to <http://patch-info.de/IE/2004/10/12/20-35-16.html> it contains:
mshtml.dll (6,0,2800,1476 - 29,09,2004)
urlmon.dll (6,0,2800,1474 - 23,09,2004)
shdocvw.dll (6,0,2800,1584 - 27,08,2004)
wininet.dll (6,0,2800,1468 - 23,08,2004)
browseui.dll (6,0,2800,1584 - 22,08,2004)
shlwapi.dll (6,0,2800,1584 - 20,08,2004)
c) Some of the things that could be breaking are DOM references and DHTML, which are advanced features that not every application uses.
From <http://www.microsoft.com/technet/security/bulletin/MS04-038.mspx>:
"Caveats: Microsoft Knowledge Base Article 834707 <http://support.microsoft.com/?id=834707> documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues."
Among other issues, that page says [<b>emphasis</b> added]:
- After you install the MS04-038 security updates for Internet Explorer, some dynamic HTML (DHTML) <b>drag-and-drop operations are blocked</b> by Internet Explorer.
- Security update 834707 includes a change to the way that Internet Explorer handles function pointers. This change in functionality occurs when an event handler points directly to a Document Object Model (DOM) function [...] Change in Internet Explorer function pointer behavior <b>causes code to not be executed</b> when an event handler is set to directly reference a DOM function after installing MS04-038 security updates.
BTW, Note 785308 has been updated with a workaround.
Regards,
Sean -
Critical Windows Exploit Microsoft Security Bulle...
Microsoft Security Bulletin Advance Notification for August 2010
Published: July 30, 2010
Microsoft Security Bulletin Advance Notification issued: July 30, 2010
Microsoft Security Bulletin to be issued: August 2, 2010
This is an advance notification of one out-of-band security bulletin that Microsoft is intending to release on August 2, 2010. The bulletin addresses a security vulnerability in all supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2, that is currently being exploited in malware attacks.
Microsoft Security Bulletin Advance Notification for August 2010
"I have this awful feeling someone is watching every move I make (one of my pet hates is router location tagging)." Marvin (A paranoid Android)Important note on the Microsoft Patch
Quote:-
Product Information dated August 03, 2010:
Important note on the Microsoft Patch
The Microsoft Patch just prevents that the trojan is installed automatically on the system. If a user with admin-rights (Microsoft Patch is installed) opens an infected LNK-file by mouse click, the computer will be infected - if no virus scanner has been installed. In order to avoid such an infection it is strongly recommended that users only come with power user rights. Power user don´t have the necessary rights in order to start code from another drive. Additional security gives the use of an actual virus scanner.
Great Work .LNK Files are there to Launch Applications NOT the Trojans sitting in the .LNK extension!
"I have this awful feeling someone is watching every move I make (one of my pet hates is router location tagging)." Marvin (A paranoid Android) -
Select Data Source and Microsoft Security Issue
Hi,
Tool- Xcelsius 2008, QAaWS
When I open dashboard, it gives message "Microsoft Office has identified a potential security concern" "Data Connection have been blocked. If you choose to enable data connection, your computer may no longer be secure. Do not enable this content unless you trust the source of this file." with <Enable> and <Discable> buttons.
If it Enabled then leads to "Select Data Source" screen and asks details for DSN.
At every open it shows same messages.
Please, help if anyone knows or faced this issue.
Regards,
Ashishhi,
this is a really old post.
please could you specify your exact workflow ?
what connectors your dashboard is using?
also, what version and SP and patch are you using for Xcelsius client?
i.e. Are you up to date with latest compatibility updates?
regards,
H -
Subscribe to only coldfusion security bulletins
How can I subscribe to *ONLY* coldfusion security bulletins. Preferably CF9 only.
thanks,
jbeeIs Microsoft is still releasing security bulletins for pre-SP1 Windows Server 2008 R2? My guess is no. The "service pack support end date" is listed as 4/9/2013.
Which is exactly what that date means. No more updates for the previous SP level(s) of the product; no more
support for systems running the previous SP level(s) of the product.
But the admin thinks pre-SP1 is still eligible for security bulletins until the end of its Extended Support
The 'admin' is incorrect, and this behavior is no different than it has been since the updates for Windows Server 2003 Service Pack 1 were cut off in April 2007. Following the cutoff date, updates are explicitly coded to ignore older SP level(s) of the product.
This should be very easy to prove to your 'admin'. Show your 'admin' a WS2008R2 *RTM* machine in the WSUS console with one of those current updates released after April 2013 and observe very closely the
Not Applicable status that is reported, and have the 'admin' contemplate why that is. Or, if no WSUS, just scan WU and try to find anything released after April 2013 in the list of available updates (assuming there are actually
any available updates at all).
Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
SolarWinds Head Geek
Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
http://www.solarwinds.com/gotmicrosoft
The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds. -
Security Bulletin for SharePoint 2013??
Microsoft released the SharePoint 2013 version 5 Security bulletins.....in our enviorment do we need to apply all old bulletin or patching latest one will affect it.
MS14-001 (Latest One) - 1/14/2014
MS13-100
MS13-084
MS13-067
MS13-030 (4/9/2013)
The bulletins will notate if they've superseded any patches. If not, you'll want to apply each one.
Trevor Seward
Follow or contact me at...
  
This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs. -
SharePoint Security Bulletin same downloads......
This SharePoint Security Bulletin has 4 same download available on below site....which we should download?
https://technet.microsoft.com/en-us/library/security/ms14-050.aspxThere are versions for SharePoint Foundation, SharePoint Server, SharePoint Foundation SP1 and SharePoint Server Sp1. Pick the option that best describes your environment.
You shouldn't need to install the Foundation and Server patch for MS14, just the Server package should suffice. -
Microsoft Securiity Bulletin MS15-021 reports vulnerability within Adobe font driver
Forum readers:
Are you aware that Microsoft has released a Security Bulletin MS15-021 in which it claims that vulnerabilities within Adobe font driver could allow an attacker to gain control of another’s personal computer?
Ryan R.I think the term "Adobe font driver" is potentially confusing. But just as an "HP printer driver" is a driver for an HP printer, no matter who writes it, an "Adobe font driver" is a driver FOR Adobe fonts (which is to say fonts in the Adobe PFB format, properly called PostScript type 1 fonts).
This driver was originally written by Adobe, but it became part of Windows much more than 10 years ago and it's fully Microsoft's responsibility. And, indeed, they have fixed it. -
Microsoft Security Client EventID 2003 0x80041016
We have a couple of 2003 servers with SCEP AV installed and fully up to date, but we're still getting the following event logged. Reinstalled EP but still no luck getting rid of this event. Please help.
Event Type: Error
Event Source: Microsoft Security Client
Event Category: None
Event ID: 2003
Date: 10/30/2014
Time: 8:39:13 AM
User: N/A
Computer:
Description:
The description for Event ID ( 2003 ) in Source ( Microsoft Security Client ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the
/AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: 0x80041016.Hi,
According to the error code and Event ID above, it seems to be a WMI issue.
You could try to use WMI Diagnosis Utinity to troubleshoot this issue.
Reference:
WMI Troubleshooting
http://msdn.microsoft.com/en-us/library/aa394603(v=vs.85).aspx
Best Regards,
Joyce
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.
Maybe you are looking for
-
Hi can anyone help with this issue regarding my wireless magic mouse? When im on google chrome and scrolling down the page i always have youtube running in the background but the audio cuts/spits/pops can anyone help me with this?
-
Error while creating Adaptive Webservice model
Hi , I am getting errors when trying to create an adaptive webservice model. I am working in NWDI environment. When i tried to create adaptive webservice model in local development it was successful. But when i tried to create the same using the com
-
Error: illegal start of expression
Hi, when I compile my program, I get an error that says "A6Q1.java:96:illegal start of expression public static int IndexOf(int comma) " and ^ points to the p in public. Here is a copy of the program (CSI1100 is a class that enables the read-in from
-
PI AAE = IDOC control data to ECC
Hi All, I am using the JAVA IDOC receiver adapter to send idoc's to CRM as a test to just send idocs Need help on the control records. Things done 1. Passing data manually. 2. Idoc begin =1 and all segments = 1 3. Created Logical system in WE20 in CR
-
Plz guide me on the formula of PCTUSED
Hi I read in a blog to find out blocks available for insert are Blocks with total filled volume < (BLOCKSIZE – overhead – (blocksize*(1-(PCTFREE/100))) In the above formula I am unable to understand the meaning of blocksize*(1-(PCTFREE/100)) Please e