XML data version = 1.1.4.1040 Last modified on 04/01/2010
Product
– Added support for Mozilla Firefox 3.0.19.
– Added support for Mozilla Firefox 3.5.9.
Security
– Added FF10-007(QFF3019): Firefox 3.0.19 and Firefox 3.5.9.
Patch
New Patch Data Available (1.1.4.1038)
XML data version = 1.1.4.1038 Last modified on 03/30/2010
Product
– Added support for iTunes 9.1.
– Added support for QuickTime 7.6.6.
– Added support for Apple Application Support 1.2.1.
– Added support for Mozilla Thunderbird 3.0.4.
– Added support for Mozilla SeaMonkey.
– Added support for Sun Java 6 Update 19.
– Added support for Windows Small Business Server 2008 (x64).
Security
– Added MS10-018(Q980182): Cumulative Security Update for Internet Explorer.
– Added AI10-002(QAI0910): iTunes 9.1.
– Added AQ10-001 (QAQ7660): QuickTime 7.6.6 for Windows.
– Added AAS01-005(QAAS005): Apple Application Support.
– Added TB10-304(QTB3004): Thunderbird 3.0.4.
– Added SM10-204(QSM2040): SeaMonkey 2.0.4.
– Added March 2010 Security Patches for Windows XP Embedded.
Non Security
– Added MSWU-391(Q979784): Update Rollup 3 for Exchange Server 2007 Service Pack 2 (KB979784).
Revision
– Modified MSWU-309(Q969907): Removed Outlook 2007 Gold as affected Service Pack.
– Modified MSWU-335(Q974332): Fixed an issue where patch is detected as missing after installation of MSWU-382.
New Patch Data Available (1.1.4.1026)
XML data version = 1.1.4.1026 Last modified on 03/25/2010
Non Security
– Added MSWU-390 (Q978637): An application runs in a Windows Vista context instead of in a Windows 7 context on a computer that is running an x64 edition of Windows 7 or of Windows Server 2008 R2.
– Added MSWU-392 (Q969084): Description of the Remote Desktop Connection 7.0 client update for Remote Desktop Services (RDS) for Windows XP SP3, Windows Vista SP1, and Windows Vista SP2.
Revision
– Modified MSWU-367 (Q970430): Fixed international download URLs.
– Modified MSWU-319 (Q968389): Fixed an issue where on some systems patch showed as missing after installation of MSWU-377.
– Modified MSWU-170 (Q929399): Fixed an issue where x86 patch showed missing on some x64 systems.
New Patch Data Available (1.1.4.1024)
XML data version = 1.1.4.1024 Last modified on 03/23/2010
Product
– Added support for Firefox 3.6.2.
– Added support for Citrix XenApp 5.0.
– Added support for Citrix XenApp 5.0 x64 Edition.
Security
– Added FF10-006 (QFF3621): Firefox 3.6.2.
– Added NTCK-002 (Q158650): SKB15865: Patch release for NetChk Protect 7.2.
– Added XA502K8-005 (Q120128): Hotfix XAE500W2K8005 – For Citrix XenApp 5.0 for Windows Server 2008 x86.
– Added XA502K8-015 (Q121482): Hotfix XAE500W2K8015 – For Citrix XenApp 5.0 for Windows Server 2008 x86.
– Added XA502K8-017 (Q121661): Hotfix XAE500W2K8017 – For Citrix XenApp 5.0 for Windows Server 2008 x86.
– Added XA502K8-018 (Q121756): Hotfix XAE500W2K8018 – For Citrix XenApp 5.0 for Windows Server 2008 x86.
– Added XA502K8-030 (Q122563): Hotfix XAE500W2K8030 – For Citrix XenApp 5.0 for Windows Server 2008 x86.
– Added XA502K8-042 (Q123688): Hotfix XAE500W2K8042 – For Citrix XenApp 5.0 for Windows Server 2008 x86.
– Added XA502K8X64-004 (Q120139): Hotfix XAE500W2K8X64004 – For Citrix XenApp 5.0 for Windows Server 2008 x64.
– Added XA502K8X64-014 (Q121483): Hotfix XAE500W2K8X64014 – For Citrix XenApp 5.0 for Windows Server 2008 x64.
– Added XA502K8X64-016 (Q121670): Hotfix XAE500W2K8X64016 – For Citrix XenApp 5.0 for Windows Server 2008 x64.
– Added XA502K8X64-021 (Q121980): Hotfix XAE500W2K8X64021 – For Citrix XenApp 5.0 for Windows Server 2008 x64.
– Added XA502K8X64-030 (Q122566): Hotfix XAE500W2K8X64030 – For Citrix XenApp 5.0 for Windows Server 2008 x64.
– Added XA502K8X64-044 (Q123686): Hotfix XAE500W2K8X64044 – For Citrix XenApp 5.0 for Windows Server 2008 x64.
Revision
– Modified Office 2007 SP1/SP2: Added Office Professional Hybrid 2007 as affected Product.
– Modified MS09-062(Q972581): Removed Microsoft Expression Web and Microsoft Office Groove as affected Product.
New Patch Data Available (1.1.4.1016)
XML data version = 1.1.4.1016 Last modified on 03/18/2010
Product
– Added support for Thunderbird 2.0.0.24.
– Added support for Skype 4.2.
Security
– Added TB10-224 (QTB2024): Thunderbird 2.0.0.24.
– Added SKYPE-06 (QSKY420): Skype 4.2.
Non Security
– Added MSWU-388 (Q977863): February 2010 Windows Media Center Cumulative Update for Windows 7.
– Added MSWU-389 (Q979611): Update Rollup 2 for Exchange Server 2010 (KB979611).
Revision
– Modified MSWU-368 (Q973917): Updated v2 revision of Windows package.
– Modified MSWU-382 (Q976264): Updated v2 revision of Windows 7 and 2008 R2 package.
New Patch Data Available (1.1.4.1000)
XML data version = 1.1.4.1000 Last modified on 03/09/2010
Security
MS10-016: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (975561)
MS10-017: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (980150)
New Patch Data Available (1.1.3.53566)
XML data version = 1.1.3.53566 Last modified on 3/4/2010
Security
– Added February 2010 Security Patches for Windows XP Embedded .
Non Security
– Added MSWU-383(Q979306): February 2010 cumulative time zone update for Windows operating systems.
New Patch Data Available (1.1.3.5364)
XML data version = 1.1.3.5364 Last modified on 03/2/2010
Product
– Added support for Thunderbird 3.0.
– Added support for Thunderbird 3.0.1.
– Added support for Thunderbird 3.0.2.
– Added support for Thunderbird 3.0.3.
Security
– Added TB09-300(QTB3000): Thunderbird 3.0.
– Added TB10-301(QTB3001): Thunderbird 3.0.1.
– Added TB10-302(QTB3002): Thunderbird 3.0.2.
– Added TB10-303(QTB3003): Thunderbird 3.0.3.
Non Security
– Added MSWU-381(Q976662): An update is available for the native JSON feature in Internet Explorer 8.
– Added MSWU-382(Q976264): Application Compatibility Update for Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2: February 2010.
Revision
– Modified APSB-1006(QAF1045): Fixed Bulletin URL link.
New Patch Data Available (1.1.3.5358)
XML data version = 1.1.3.5358 Last modified on 02/25/2010
Non Security
– Added MSWU-379(Q826161): FIX: You are prompted for password confirmation after you change a standard SQL Server login.
– Added MSWU-380(Q974631): Update for Office Word 2007: January 2010.
Revision
– Modified MS09-048 (Q967723): Fixed an issue where patch was detected as missing after installation on some systems.
– Modified MS09-037(Q973540): Fixed an issue where patch was detected as missing after installation on some systems.
– Modified MS08-004(Q946456): Fixed an issue where patch was detected as missing after installation on some systems.
– Modified MS07-063(Q942624): Fixed an issue where patch was detected as missing after installation on some systems.
New Patch Data Available (1.1.3.5352)
XML data version = 1.1.3.5352 Last modified on 02/23/2010
Product
– Added support for Skype Business 4.1.
– Added support for Skype 4.1.
Security
– Added SKYPE-05(QSKY410): Skype 4.1.
Non Security
– Added MSWU-376(Q978506): A Compatibility View list update is available for Windows Internet Explorer 8: January 26, 2010.
Security Tool
– Added MSWU-377(Q977377): Microsoft Security Advisory: Vulnerability in TLS/SSL could allow spoofing.
Revision
– Modified MSWU-363(Q975364): Fixed an issue where patch was detected as missing after installation on some systems.
New Patch Data Available (1.1.3.5346)
XML data version = 1.1.3.5346 Last modified on 02/18/2010
Product
– Added support for Firefox 3.5.8.
– Added support for Firefox 3.0.18.
Security
– Added FF10-004(QFF3580): Firefox 3.5.8.
– Added FF10-005(QFF3181): Firefox 3.0.18.
Non Security
– Added MSWU-374(Q977074): An update is available to improve the stability and the reliability of Windows 7 and Windows Server 2008 R2.
– Added MSWU-375(Q972076): Update Rollup 2 for Microsoft Exchange Server 2007 Service Pack 2 (KB972076).
Revision
– Modified APSB-1007(QAR0932): Fixed an issue where Adobe Reader patch did not download properly on some version of NetChk Protect.
Concerns Regarding MS10-015
There is rising concern regarding MS10-015 causing BSOD on machines. According to Microsoft and other sources in the Security world the issue is linked to Malware already on the machine when the patch is applied. Microsoft has pulled the patch from WU likely to reduce impact to home users who are more likely to have Malware on their machines that could cause this, but the patch is still available in WSUS, SUS, and SCCM. The patch is still available to Shavlik Customers as well.
Shavlik Recommendations:
- Adequate Patch Testing in place – Microsoft tests patches before release and Shavlik does additional testing in our environments to ensure detection logic is correct and there are no widespread issues encountered with patching the machine. Lab testing can only do so much. It is highly recommended to implement any level of testing in your environment as well. This will ensure environment specific variables we cannot reproduce will not cause you issues. Your testing could be a group of Virtual machines representing a cross section of machines in your environment or it could be IT and a select group of users and servers.
- If you are concerned about the patch, are aware of recent Malware outbreaks in your environment, and\or patch testing resulted in machines encountering the BSOD, you can setup a template to scan for all other Security Patches except MS10-015.
Steps to do this:
- Go to Patch Groups on the Navigation Bar and create a new patch group. Call it MS10-015 and click Add Patches
- Scroll down to MS10-015 and check the box and click select then click Save
- Create a New Scan Template. Call it something like “Security Patches Except MS10-015”. This by default is setup to scan for all security patches
- In the Patch section select the Skip Selected and next to Patch Groups click … to browse and select your new patch group.
- Scan using this new template and you wills can for all security patches except MS10-015.
- If customers are experiencing a BSOD as a result of pushing MS10-015 they can contact Microsoft directly for support using the country specific numbers provided at support.microsoft.com/security. In North America, customers can call 1-866-PCSAFETY for this support.
New Patch Data Available (1.1.3.5334)
XML data version = 1.1.3.5334 Last modified on 02/12/2010
Product
– Added support for Adobe Flash Player 10.0.45.2.
– Added support for Adobe Flash Player 9.0.262.0.
Security
– Added APSB-1006(QFM1045): Security updates available for Adobe Flash Player.
Non Security
– Added MSWU-373(Q974561): Update for Office Word 2007: November 2009.
Revision
– Modified MS09-062(Q972580): Added Visio 2003 as affected product.
– Modified MSWU-352(Q976470): Fixed a issue where patch did not download properly in scan view.
New Patch Data Available (1.1.3.5328)
XML data version = 1.1.3.5328 Last modified on 02/09/2010
Security
MS10-010: Vulnerability in Windows Server 2008 Hyper-V Could Allow Denial of Service (977894)
New Patch Data Available (1.1.3.5326)
XML data version = 1.1.3.5326 Last modified on 02/09/2010
Security
MS10-003: Vulnerability in Microsoft Office (MSO) Could Allow Remote Code Execution (978214)
MS10-004: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416)
MS10-005: Vulnerability in Microsoft Paint Could Allow Remote Code Execution (978706)
MS10-006: Vulnerabilities in SMB Client Could Allow Remote Code Execution (978251)
MS10-007: Vulnerability in Windows Shell Handler Could Allow Remote Code Execution (975713)
MS10-008: Cumulative Security Update of ActiveX Kill Bits (978262)
MS10-009: Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (974145)
MS10-011: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (978037)
MS10-012: Vulnerabilities in SMB Server Could Allow Remote Code Execution (971468)
MS10-013: Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (977935)
MS10-014: Vulnerability in Kerberos Could Allow Denial of Service (977290)
MS10-015: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (977165)
Ivanti Patch for Windows 