Posted on by shavlikdatateam Patch and Bulletin Information

New Patch Data Available (1.1.4.1010)

XML data version = 1.1.4.1010 Last modified on 03/16/2010

Product

– Added support for Safari 4.0.5.

– Added support for Apple Application Support 1.2.0 (included in Safari 4.0.5).

Security

– Added SAFARI-11 (QSAF408): Safari 4.0.5.

– Added AAS01-004 (QAAS004): Apple Application Support 1.2.0.

Non Security

– Added MSWU-378 (Q979099): An update is available to remove the application manifest expiry feature from AD RMS clients.

– Added MSWU-384 (Q976570): .NET Framework 3.0 Service Pack 2 Update for Windows Server 2003 and Windows XP.

– Added MSWU-385 (Q976569): .NET Framework 2.0 Service Pack 2 Update for Windows Server 2003 and Windows XP.

– Added MSWU-386 (Q978044): A USB composite device that supports consumer infrared does not work correctly on a computer that is running Windows 7 and Windows Server 2008 R2.

Revision

– Modified APSB-1002 (QAR0931): Added Operating Systems to software distribution.

Posted on by Byron Enos General, Shavlik Product Announcement

NetChk Protect 7.5 + Power Management Now in BETA

Shavlik Technologies is currently beta testing NetChk Protect 7.5 + Power Management. More than $2.8 billion is wasted annually in the United States powering servers, workstations, and laptops that are not in use. Interested in joining the beta? Contact protect75.beta@shavlik.com to learn how you can join.

Shavlik’s new Power Management capabilities give you centralized control to power off computers when not in use. Shutting down a single computer at night and on weekends can save between $26 and $60 per computer, per year. Shavlik’s Power Management module includes Wake-on-LAN so you can power on computers in your local network for the patch cycle.

Posted on by shavlikdatateam General, Patch and Bulletin Information

New Patch Data Available (1.1.3.5364)

XML data version = 1.1.3.5364 Last modified on 03/2/2010

Product

– Added support for Thunderbird 3.0.

– Added support for Thunderbird 3.0.1.

– Added support for Thunderbird 3.0.2.

– Added support for Thunderbird 3.0.3.

Security

– Added TB09-300(QTB3000): Thunderbird 3.0.

– Added TB10-301(QTB3001): Thunderbird 3.0.1.

– Added TB10-302(QTB3002): Thunderbird 3.0.2.

– Added TB10-303(QTB3003): Thunderbird 3.0.3.

Non Security

– Added MSWU-381(Q976662): An update is available for the native JSON feature in Internet Explorer 8.

– Added MSWU-382(Q976264): Application Compatibility Update for Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2: February 2010.

Revision

– Modified APSB-1006(QAF1045): Fixed Bulletin URL link.

Posted on by shavlikdatateam General, Patch and Bulletin Information

New Patch Data Available (1.1.3.5358)

XML data version = 1.1.3.5358 Last modified on 02/25/2010

Non Security

– Added MSWU-379(Q826161): FIX: You are prompted for password confirmation after you change a standard SQL Server login.

– Added MSWU-380(Q974631): Update for Office Word 2007: January 2010.

Revision

– Modified MS09-048 (Q967723): Fixed an issue where patch was detected as missing after installation on some systems.

– Modified MS09-037(Q973540): Fixed an issue where patch was detected as missing after installation on some systems.

– Modified MS08-004(Q946456): Fixed an issue where patch was detected as missing after installation on some systems.

– Modified MS07-063(Q942624): Fixed an issue where patch was detected as missing after installation on some systems.

Posted on by shavlikdatateam General, Patch and Bulletin Information

New Patch Data Available (1.1.3.5352)

XML data version = 1.1.3.5352 Last modified on 02/23/2010

Product

– Added support for Skype Business 4.1.

– Added support for Skype 4.1.

Security

– Added SKYPE-05(QSKY410): Skype 4.1.

Non Security

– Added MSWU-376(Q978506): A Compatibility View list update is available for Windows Internet Explorer 8: January 26, 2010.

Security Tool

– Added MSWU-377(Q977377): Microsoft Security Advisory: Vulnerability in TLS/SSL could allow spoofing.

Revision

– Modified MSWU-363(Q975364): Fixed an issue where patch was detected as missing after installation on some systems.

Posted on by shavlikdatateam General, Patch and Bulletin Information

New Patch Data Available (1.1.3.5346)

XML data version = 1.1.3.5346 Last modified on 02/18/2010

Product

– Added support for Firefox 3.5.8.

– Added support for Firefox 3.0.18.

Security

– Added FF10-004(QFF3580): Firefox 3.5.8.

– Added FF10-005(QFF3181): Firefox 3.0.18.

Non Security

– Added MSWU-374(Q977074): An update is available to improve the stability and the reliability of Windows 7 and Windows Server 2008 R2.

– Added MSWU-375(Q972076): Update Rollup 2 for Microsoft Exchange Server 2007 Service Pack 2 (KB972076).

Revision

– Modified APSB-1007(QAR0932): Fixed an issue where Adobe Reader patch did not download properly on some version of NetChk Protect.

Posted on by shavlikdatateam General, Patch and Bulletin Information

New Patch Data Available (1.1.3.5338)

XML data version = 1.1.3.5338 Last modified on 02/15/2010

Product

– Added support for Acrobat Reader 9.3.1.

– Added support for Acrobat Reader 8.2.1.

– Added support for Adobe Acrobat 9.3.1 Professional.

– Added support for Adobe Acrobat 9.3.1 Standard.

– Added support for Adobe Acrobat 9.3.1 Pro Extended.

– Added support for Adobe Acrobat 8.2.1 Professional.

– Added support for Adobe Acrobat 8.2.1 Standard.

Security

– Added APSB-1007(QAR0932): Security Updates Available for Adobe Reader and Acrobat.

Revision

– Modified MSRT-001(Q890830): Added Windows 7 as affected products.

Posted on by shavlikdatateam General

Concerns Regarding MS10-015

There is rising concern regarding MS10-015 causing BSOD on machines.  According to Microsoft and other sources in the Security world the issue is linked to Malware already on the machine when the patch is applied.  Microsoft has pulled the patch from WU likely to reduce impact to home users who are more likely to have Malware on their machines that could cause this, but the patch is still available in WSUS, SUS, and SCCM.  The patch is still available to Shavlik Customers as well.

 Shavlik Recommendations:

  • Adequate Patch Testing in place – Microsoft tests patches before release and Shavlik does additional testing in our environments to ensure detection logic is correct and there are no widespread issues encountered with patching the machine.  Lab testing can only do so much.  It is highly recommended to implement any level of testing in your environment as well.  This will ensure environment specific variables we cannot reproduce will not cause you issues.  Your testing could be a group of Virtual machines representing a cross section of machines in your environment or it could be IT and a select group of users and servers.

 

  • If you are concerned about the patch, are aware of recent Malware outbreaks in your environment, and\or patch testing resulted in machines encountering the BSOD, you can setup a template to scan for all other Security Patches except MS10-015.

Steps to do this:

  1. Go to Patch Groups on the Navigation Bar and create a new patch group.  Call it MS10-015 and click Add Patches
  2. Scroll down to MS10-015 and check the box and click select then click Save
  3. Create a New Scan Template.  Call it something like “Security Patches Except MS10-015”. This by default is setup to scan for all security patches
  4. In the Patch section select the Skip Selected and next to Patch Groups click … to browse and select your new patch group.
  5. Scan using this new template and you wills can for all security patches except MS10-015. 
  • If customers are experiencing a BSOD as a result of pushing MS10-015 they can contact Microsoft directly for support using the country specific numbers provided at support.microsoft.com/security. In North America, customers can call 1-866-PCSAFETY for this support.
Posted on by shavlikdatateam General, Patch and Bulletin Information

New Patch Data Available (1.1.3.5334)

XML data version = 1.1.3.5334 Last modified on 02/12/2010

Product

– Added support for Adobe Flash Player 10.0.45.2.

– Added support for Adobe Flash Player 9.0.262.0.

Security

– Added APSB-1006(QFM1045): Security updates available for Adobe Flash Player.

Non Security

– Added MSWU-373(Q974561): Update for Office Word 2007: November 2009.

Revision

– Modified MS09-062(Q972580): Added Visio 2003 as affected product.

– Modified MSWU-352(Q976470): Fixed a issue where patch did not download properly in scan view.

Posted on by shavlikdatateam General, Patch and Bulletin Information

New Patch Data Available (1.1.3.5326)

XML data version = 1.1.3.5326 Last modified on 02/09/2010

Security

MS10-003: Vulnerability in Microsoft Office (MSO) Could Allow Remote Code Execution (978214)

MS10-004: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416)

MS10-005: Vulnerability in Microsoft Paint Could Allow Remote Code Execution (978706)

MS10-006: Vulnerabilities in SMB Client Could Allow Remote Code Execution (978251)

MS10-007: Vulnerability in Windows Shell Handler Could Allow Remote Code Execution (975713)

MS10-008: Cumulative Security Update of ActiveX Kill Bits (978262)

MS10-009: Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (974145)

MS10-011: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (978037)

MS10-012: Vulnerabilities in SMB Server Could Allow Remote Code Execution (971468)

MS10-013: Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (977935)

MS10-014: Vulnerability in Kerberos Could Allow Denial of Service (977290)

MS10-015: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (977165)

Posted on by shavlikdatateam General, Patch and Bulletin Information

New Patch Data Available (1.1.3.5312)

XML data version = 1.1.3.5312 Last modified on 02/04/2010

Product

– Added support for iTunes 9.0.3.

Security

– Added AI10-001(QAI0903): iTunes 9.0.3.

Revision

– Modified MSWU-235(Q951978): Fixed an issue where after installation patch shows as missing on some systems.

– Modified MSWU-305(Q953026): Fixed an issue where after installation patch shows as missing on some systems.

– Modified RP12-001(QRP1200): Fixed an issue where after installation patch shows as missing on some systems.

Posted on by shavlikdatateam General, Patch and Bulletin Information

New Patch Data Available (1.1.3.5304)

XML data version = 1.1.3.5304 Last modified on 02/02/2010

Product

– Added support for Vista Business N.

Software Distribution

– Added SUN-JAVA(QJAVA61): Sun Java 6 update 18.

Revisions

– Modified MS10-002 (Q978207): Fixed an issue where patch did not uninstall successfully on some systems with IE7 or IE8.

– Modified MS10-002 (Q978207): Fixed an issue where patch did not show as missing on some systems running Windows XP x64 SP2 with IE6 SP1.

– Modified AI09-004 (QAI0900): Fixed an issue where patch did not download on some systems running Windows x64.

– Modified APSB-0603(Q916208): Patch is no longer supported by vendor. Added superceded by APSB-0720.