MS06-071: Vulnerabilities in Microsoft XML Core Services 4.0

(imported topic written by mattp23)

Has this fixlet been re-propagated???

We opened an action the day following release but the relevance is now different between this open action and the source fixlet.

The original relevance contains “exists file “msiexec.exe” whose (version of it >= “3.1”) of system folder” whilst the relevance now seems to state “exists file “msiexec.exe” whose (version of it >= “2”) of system folder”.

(imported comment written by jessewk)

Yes. A Content Modification announcement was sent out to the BES Administrators list. It is recommend that all BES Admins subscribe to the list:

(imported comment written by tim_tsai)

Here’s a link to the BES Admin announcement about the change in relevance to MS06-071:

(imported comment written by mattp23)

Many thanks.

Is there a simple way to tell if an underlying fixlet has changed in relation to an open action?

We constrain actions then leave them active indefinately. This means we may have open actions where the underlying fixlet has changed since opening the action. Subscribing to the BES Administrators list will advise us going forward but ideally I’d like an automated method, perhaps a SQL query…?

(imported comment written by jessewk)


You can make a custom report in web reports with the following definition:

<?relevance unordered list of links of bes actions whose (state of it = "Open" AND exists source fixlet whose (exists default action of it) of it AND action script of it != script of default action of source fixlet of it) ?>

Note, it’s not perfect because it will give false positives if the action taken was not the default action, and it will miss any actions where the source fixlet doesn’t have a default action, but it should be a good spot check.