Beginning later this week and through the course of the next few weeks, we will be undergoing internal workflow changes for the BigFix Windows Patch sites.
Once the workflow changes are in place for a given site, a new version of the site will be published.
A corresponding announcement will be released for each site when this occurs.
Impact:
As part of these changes, legacy display templates that are part of existing fixlets will be removed.
Any baselines containing fixlets from these sites will be need to be re-synced. However, there will be no functional changes to the fixlets.
Relevance, actionscript, fixlet names, fixlet descriptions, and all standard fixlet fields will remain the same.
These will be removed and in cases where the contents of the template are still necessary, the contents will be placed directly into the fixlet.
You should not expect to see any visual differences in currently supported versions of BigFix console.
Templates like “1_0.txt” (http://sync.bigfix.com/bfsites/bessecurity_3409/1_0.txt), which will be removed, are only visible in much older versions of BigFix.
So the raw description from the above link would look something like this instead:
<!-- StartBESFixletMessage -->Microsoft has released a patch that fixes vulnerabilities in Exchange 5.0 NNTP Service and SMTP Service. An attacker could send a series of incorrect data to either service. In the case of the NNTP Service (TCP/IP port 119), it would cause the Server Information Store to fail. This could in turn cause other Exchange Services to fail and prevent users from connecting to their mail folders. In the case of the SMTP Service (TCP/IP port 25), it would cause the Internet Mail Service to fail, but would not affect other Exchange Services.
<b>Note: </b>Due to the complexity of this upgrade, installation of this patch must be completed manually.
<b>Note:</b> This Fixlet message does not have a default action. For more information on default actions, see BigFix KB #474.<!-- EndBESFixletMessage →
<!-- StartFixletButtonArea →
<!-- StartBESFixletPrelink -->Click <!-- EndBESFixletPrelink → <a href=“Microsoft Security Bulletin MS98-007 - Important | Microsoft Learn”>here<!-- EndBESFixletLink → </a><!-- StartBESFixletPostlink → to view Microsoft Security Bulletin MS98-007.<!-- EndBESFixletPostlink → <!-- StartBESFixletPrelink -->Click <!-- EndBESFixletPrelink → <a href=“cid:Action2”><!-- StartBESFixletLink -->here<!-- EndBESFixletLink → </a><!-- StartBESFixletPostlink → if you wish to remove this Fixlet message and mark it as fixed on affected computers. In doing so, you accept the risk of not closing this vulnerability on affected computers.<!-- EndBESFixletPostlink → <!-- EndFixletButtonArea →
The display name for the Patches for Windows Site got changed and there was no notification about this change.
Can someone clarify if that was expected?
That could be confusing for our operators and we may need to send an internal communication.
While this situation unfolds, here is some relevance that can be used to determine if you have any fixlets/tasks/baselines with “Patches for Windows” hardcoded into the relevance, and another for analysis properties.
Fixlets, Tasks, Baselines
names of bes fixlets whose (exists relevance clause whose (it as lowercase contains "patches for windows") of it)
Analysis Properties
(names of source analyses of it, names of it) of bes properties whose (exists definition whose (it as lowercase contains "patches for windows") of it)
This was not intentional.
Enterprise Security is the default internal site name. We’re working on correcting the display and this should be corrected shortly.
Thanks! All my custom reports are no longer functioning because of the site name change…hopefully this will be resolved soon back to the original name.
