(imported topic written by SystemAdmin)
We’re seeing about 87 Windows 2000 PCs today reporting relevant for MS08-003.
Looking at the details on technet, it doesn’t look like it should be relevant since Windows 2000 doesn’t have the AD server components.
http://www.microsoft.com/technet/security/Bulletin/MS08-003.mspx
Should BigFix change the relevance for this?
Paul
(imported comment written by MY6591)
Hi Paul,
Are your relevant Windows 2000 PCs servers or 2000 pro?
MS08-003 affects Windows 2000 Server SP4 with AD component.
Please let us know.
Thanks
(imported comment written by SystemAdmin)
They’re all Windows 2000 Professional with SP4
-Paul
(fixlet ref #800301)
(imported comment written by MY6591)
If they are Win2k Pro SP4, then they have the registry key indicating AD is present, and they have the vulnerable file this patch is relevant for. We tested applying the patch on Windows 2000 Pro SP4, and the patch applied successfully.
Also on the download page for this patch:
it stated:
System Requirements
Supported Operating Systems: Windows 2000 Service Pack 4
So we will leave the fixlet as is for now. If you need to exclude the Windows 2000 Pro computers, we can provide a relevance to detect Windows 2000 Server only. You can create a custom fixlet with that in place.
I hope this helps.
(imported comment written by SystemAdmin)
That’s interresting that the technet article says one thing, yet they supply a patch for it anyhow.
Ok, thanks.
(imported comment written by MY6591)
MS does that all the time =)