Fixlet Request for Microsoft Security Advisory 2661254

system · August 14, 2012, 11:02pm

(imported topic written by CSL2012)

Can a fixlet be provided for Microsoft Security Advisory 2661254? This patch was released (8/14/2012).

An update (KB2661254) for Microsoft Security Advisory: Update for minimum certificate key length

Affected Software:

• Microsoft Windows XP

• Windows Server 2003

• Windows Vista

• Windows Server 2008

• Windows 7

• Windows Server 2008 R2

Summary:

To reduce the risk of unauthorized exposure of sensitive information, Microsoft has released a nonsecurity update (KB 2661254) for all supported versions of Microsoft Windows. This update will block cryptographic keys that are less than 1024 bits long. This update does not apply to Windows 8 Release Preview or Windows Server 2012 Release Candidate because these operating systems already include the functionality to block the use of weak RSA keys that are less than 1024 bits long.

More Information: http://support.microsoft.com/kb/2661254 & http://technet.microsoft.com/en-us/security/advisory/2661254

Thanks,

Chi

system · August 14, 2012, 11:56pm

(imported comment written by SystemAdmin)

I will “second” this request as our organization will be required to deploy this update.

Thank you.

system · August 15, 2012, 12:23am

(imported comment written by SystemAdmin)

I need this as well!

system · August 15, 2012, 3:25pm

(imported comment written by TerryWeiChao)

Content will be published by this week.

Thanks!

system · August 15, 2012, 10:36pm

(imported comment written by CSL2012)

Awesome. Thanks.

system · August 17, 2012, 12:37pm

(imported comment written by TerryWeiChao)

Content in the Patches for Windows (English) has been modified:

New Fixlet Messages:

2661254: Update For Minimum Certificate Key Length - Windows XP SP3 (ID: 266125401)

2661254: Update For Minimum Certificate Key Length - Windows XP SP2 (x64) (ID: 266125403)

2661254: Update For Minimum Certificate Key Length - Windows Server 2003 SP2 (ID: 266125405)

2661254: Update For Minimum Certificate Key Length - Windows Server 2003 SP2 (x64) (ID: 266125407)

2661254: Update For Minimum Certificate Key Length - Windows Vista SP2 (ID: 266125409)

2661254: Update For Minimum Certificate Key Length - Windows Vista SP2 (x64) (ID: 266125411)

2661254: Update For Minimum Certificate Key Length - Windows Server 2008 SP2 (ID: 266125413)

2661254: Update For Minimum Certificate Key Length - Windows Server 2008 SP2 (x64) (ID: 266125415)

2661254: Update For Minimum Certificate Key Length - Windows 7 Gold/SP1 (ID: 266125417)

2661254: Update For Minimum Certificate Key Length - Windows 7 Gold/SP1 (x64) (ID: 266125419)

2661254: Update For Minimum Certificate Key Length - Windows Server 2008 R2 Gold/SP1 (x64) (ID: 266125421)

Published site version:

Patches for Windows (English), version 1647

system · August 17, 2012, 4:45pm

(imported comment written by CSL2012)

Much appreciate it, thanks.

system · October 15, 2012, 9:10pm

(imported comment written by SystemAdmin)

Hi Guys,

I see that this patch was updated for the “2661254: Update For Minimum Certificate Key Length - Windows XP SP3 (ID: 266125401)” to reflect the update from 10/09. The problem is that I did not see a notification to this and it did not change the fixlet name.

We were just about to open a PMR on this and it was a good thing I checked first

This is a concern to my client when there are updates to fixlets and no notifications being sent. They pretty much depend on these updates to update their baselines and testing. In the case of these changes where there is no notification or change to the fixlet (v2 and superseded) our baselines would not be getting updated. In the case of this specific fixlet, this was not a concern as it was broken anyway, so it was not in a baseline.

Could you please make sure to:

Send the notifications
mark the old as superseded and put a v2 on the new one

If there was a notification and somehow I missed it, could you please post it in reply to this message. Hopefully I can figure out why it was missed.

Thanks

Martin Carnegie

Gulf Breeze Software Partners

http://www.gulfsoft.com

system · October 17, 2012, 1:17pm

(imported comment written by sylviabeing)

Hi Martin,

For the change “2661254: Update For Minimum Certificate Key Length - Windows XP SP3 (ID: 266125401)” on 9 Oct 2012, we updated the relevant fixlet (ID: 266125401) on 15 Oct and re-published it on 15 Oct.

The announcement has also been sent to the BESAdmin group as following:

Content in the Patches for Windows (English) has been released:

New Fixlet Messages:

Security Advisory 2756822: October 2012 cumulative time zone update for Windows operating systems

Modified Fixlet Message:

2661254: Update For Minimum Certificate Key Length - Windows XP SP3 (ID: 266125401)

Reason for Update:

New Security Advisory released by Microsoft and minor revision of a previously released Security Advisory

Actions to Take:

None

Published site version:

Patches for Windows (English), version 1673

Additional links:

None

Application Engineering Team

Tivoli Endpoint Manager

We will continue to do everything we can to minimize the possibility of missed announcements on besadmin.

Regards,