Microsoft Out-of-Band Release for Internet Explorer

(imported topic written by jeremylam)

Microsoft is planning to release a Security Bulletin on December 17,

2008 to address vulnerabilities detected in Internet Explorer. Microsoft

is targeting a 10:00 AM PST release time on Wednesday. For the official

Microsoft page, see:

http://www.microsoft.com/technet/security/bulletin/ms08-dec.mspx

BigFix is monitoring the situation, and has resources standing by to

provide content when the patches are available.

BigFix Application Engineering Team

(imported comment written by jeremylam)

Microsoft has finally released the patches, and we’ve begun work on associated content.

(imported comment written by chenbr91)

Whats the ETA on completion of the fixlets and publishing the content to the Site?

(imported comment written by bendernet91)

Here on the East coast and its getting near 5pm. May have to download the patch and push it out using SMS or BigFix if the fixlets are not updated soon.

(imported comment written by BenKus)

Hey guys,

The patches were released by Microsoft today around 11:30am PT and we are now (1 pm PT) just releasing the x86 Fixlets. They should go out to your servers within a few minutes from now (once you see the official BigFix Announcement, you can wait for your system to gather the Fixlets on its own or you can go to Tools > Manage Sites > Gather All Sites.

x64 and non-English Fixlets will follow soon-after…

Note that in general, you can always feel free to push the patches yourselves through BigFix Custom Fixlets (just the same as with any other software distribution tool), but most customers prefer to have BigFix write/test the Fixlets and then publish them to get the extra layer of confidence that the patch will go out smoothly (which is what we have been doing for the last 90 minutes)…

Thanks,

Ben

(imported comment written by jeremylam)

Please not that unlike previous Microsoft Security Bulletins, the patch for MS08-078 is not cumulative. Both patches for MS08-078 and MS08-073 (released on 12/9/08) will need to be applied to bring Internet Explorer completely up to date.

(imported comment written by jeremylam)

The content for x64 systems has been released to the Patches for Windows (English) / Enterprise Security site. Non-English and localized content will be released soon after we’re confident that updating will go smoothly on those systems.

(imported comment written by BenKus)

Question for all:

Given that we released most of the Fixlet content at 1pm, when did you guys complete your patch deployment (80%? 90%? 98%)?

Just curious… I am also interested to see who was fastest… :slight_smile:

Ben

(imported comment written by chenbr91)

Am i missing something here…

The ms08-078 for IE7 Server 2003 sp1/sp2 only has very few servers applicable.

The relevance is false when ran manually, but when you look at the MS08-078 site, it has all IE7 versions applicable.?? I’m more curious as to where the ‘qfe’ portion of the relevance came from. We have ‘ldr’ versions of that mshtml.dll file on my 2003 sp2/IE7 servers…

O and Ben… gimme a few hours and i can give you stats :slight_smile:

(imported comment written by rwest23)

chenbr

I’m more curious as to where the ‘qfe’ portion of the relevance came from. We have ‘ldr’ versions of that mshtml.dll file on my 2003 sp2/IE7 servers…

The ‘qfe’ portion of the file relevance is checking for the QFE and GDR branches of that file.

exists value 
"FileVersion" whose (it contains 
"_qfe") of version blocks of <file>

Means the QFE branch, while:

NOT exists value 
"FileVersion" whose (it contains 
"_qfe") of version blocks of <file>

Means GDR.

chenbr

it has all IE7 versions applicable

The version of iexplore.exe, which is specified in the fixlet as 7.0.5730.11 <= iexplore < 7.1.0.0 is taken directly from the .inf file in the patch:

[Test.IE7Installed.Section] GreatOrEqualOp=CheckFileVer,Test.InternetExplorer.Files,iexplore.exe,>=,7.0.5730.11 LessOp=CheckFileVer,Test.InternetExplorer.Files,iexplore.exe,<,7.1.0.0

The patch will not execute on systems that do not meet this requirement, so if our relevance is incorrect, then so is the patch.

I hope this helps clear things up. Please let us know if you believe anything else to be in error and we will do our best to address it.

Thanks,

Randy

(imported comment written by chenbr91)

hmm… then here is a screen shot… am i missing something?

See the screenshot…

Argh! screenshot wont attach… randy can you email me? and i can forward …

brian.w.chen@Morganstanley.com

(imported comment written by jeremylam)

All content for non-English systems have been published to their respective sites.

(imported comment written by snoczp91)

<This discussion moved to: http://forum.bigfix.com/viewtopic.php?id=2698 >

(imported comment written by luis1691)

Microsoft is releasing an out-of-band patch to address a vulnerability in Internet Explorer 6 and 7 on Tuesday, which if exploited would allow an attacker to compromise the targeted system. In addition to the patch addressing the widely known flaw, MS10-018 will also correct nine other vulnerabilities.