Can a fixlet be provided for Microsoft Security Advisory 2661254? This patch was released (8/14/2012).
An update (KB2661254) for Microsoft Security Advisory: Update for minimum certificate key length
Affected Software:
• Microsoft Windows XP
• Windows Server 2003
• Windows Vista
• Windows Server 2008
• Windows 7
• Windows Server 2008 R2
Summary:
To reduce the risk of unauthorized exposure of sensitive information, Microsoft has released a nonsecurity update (KB 2661254) for all supported versions of Microsoft Windows. This update will block cryptographic keys that are less than 1024 bits long. This update does not apply to Windows 8 Release Preview or Windows Server 2012 Release Candidate because these operating systems already include the functionality to block the use of weak RSA keys that are less than 1024 bits long.
I see that this patch was updated for the “2661254: Update For Minimum Certificate Key Length - Windows XP SP3 (ID: 266125401)” to reflect the update from 10/09. The problem is that I did not see a notification to this and it did not change the fixlet name.
We were just about to open a PMR on this and it was a good thing I checked first
This is a concern to my client when there are updates to fixlets and no notifications being sent. They pretty much depend on these updates to update their baselines and testing. In the case of these changes where there is no notification or change to the fixlet (v2 and superseded) our baselines would not be getting updated. In the case of this specific fixlet, this was not a concern as it was broken anyway, so it was not in a baseline.
Could you please make sure to:
Send the notifications
mark the old as superseded and put a v2 on the new one
If there was a notification and somehow I missed it, could you please post it in reply to this message. Hopefully I can figure out why it was missed.
For the change “2661254: Update For Minimum Certificate Key Length - Windows XP SP3 (ID: 266125401)” on 9 Oct 2012, we updated the relevant fixlet (ID: 266125401) on 15 Oct and re-published it on 15 Oct.
The announcement has also been sent to the BESAdmin group as following:
Content in the Patches for Windows (English) has been released:
New Fixlet Messages:
Security Advisory 2756822: October 2012 cumulative time zone update for Windows operating systems
Modified Fixlet Message:
2661254: Update For Minimum Certificate Key Length - Windows XP SP3 (ID: 266125401)
Reason for Update:
New Security Advisory released by Microsoft and minor revision of a previously released Security Advisory
Actions to Take:
None
Published site version:
Patches for Windows (English), version 1673
Additional links:
None
Application Engineering Team
Tivoli Endpoint Manager
We will continue to do everything we can to minimize the possibility of missed announcements on besadmin.