Executive Summary
Summary | |
---|---|
Title | Microsoft Windows Server Update Services (WSUS) Blocked from Deploying Security Updates |
Informations | |||
---|---|---|---|
Name | KB954960 | First vendor Publication | 2008-06-30 |
Vendor | Microsoft | Last vendor Modification | 2008-08-12 |
Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : | |||
---|---|---|---|
Cvss Base Score | Not Defined | Attack Range | Not Defined |
Cvss Impact Score | Not Defined | Attack Complexity | Not Defined |
Cvss Expoit Score | Not Defined | Authentication | Not Defined |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft has completed the investigation into public reports of a non-security issue that prevents the distribution of any updates deployed through Microsoft Windows Server Update Services 3.0 or Microsoft Windows Server Update Services 3.0 Service Pack 1 to client systems that have Microsoft Office 2003 installed in their environment. Microsoft confirmed those reports and has released an update to correct this issue under Microsoft Knowledge Base Article 954960. Microsoft encourages customers affected by this issue to review and install this update. Notes The issue affecting System Center Configuration Manager 2007 first described in Microsoft Security Advisory 954474, where System Center Configuration Manager 2007 systems were blocked from deploying security updates, is separate from the issue described in this advisory. However, there are similarities in the contributing factors in both issues. Customers who wish to verify that the update has been installed properly can check that their version of Microsoft.UpdateServices.WebServices.Client.Dll, located at %ProgramFiles%\Update Services\WebServices\ClientWebService\bin\, is 3.1.6001.66. The update detailed in Microsoft Knowledge Base Article 954960 cannot be uninstalled through Add or Remove Programs. Customers who wish to remove this update must uninstall Windows Server Update Services as detailed in Microsoft Knowledge Base Article 954960. General InformationOverviewPurpose of Advisory: The purpose of this advisory is to inform customers of an update to correct a non-security related issue they may experience when attempting to deploy updates through Microsoft Windows Server Update Services 3.0 or Microsoft Windows Server Update Services 3.0 Service Pack 1 to client systems that have Microsoft Office 2003 installed in their environment. This issue is not a security vulnerability in Microsoft Windows Server Update Services. However, environments that deploy updates through Microsoft Windows Server Update Services will be unable to deploy any updates to client systems. Advisory Status: Microsoft Knowledge Base Article and associated update have been released to address this issue. Recommendation: Review the suggested actions and configure as appropriate.
This advisory discusses the following software.
Frequently Asked QuestionsWhat is the scope of the advisory? Why did Microsoft update this advisory on August 12, 2008? Why did Microsoft update this advisory on August 1, 2008? Does the update offered in Microsoft Knowledge Base Article 954960 apply to all supported versions of Microsoft Windows Server Update Services? How can I verify if my deployments are impacted by the issue described in this advisory?
Is this a security vulnerability that requires Microsoft to issue a security update? What Microsoft products are associated with this advisory? Note This advisory also applies to Microsoft software that ship with or are built on top of Microsoft Windows Server Update Services 3.0 or Microsoft Windows Server Update Services 3.0 Service Pack 1. Microsoft Small Business Server 2003 by default includes Windows Server Update Services 2.0 and is only affected if it has been upgraded to Microsoft Windows Server Update Services 3.0 or Microsoft Windows Server Update Services 3.0 Service Pack 1. System Center Essentials and System Center Configuration Manager 2007 are the only Microsoft software that consume the Microsoft Windows Server Update Services catalog and thus are also affected when used to deploy updates. This is a security advisory about a non-security update. Isnt that a contradiction? Suggested ActionsReview the Microsoft Knowledge Base Article that is associated with this advisory. Microsoft encourages customers to install this update. Customers who are interested in learning more about this update should review Microsoft Knowledge Base Article 954960. |
Original Source
Url : http://www.microsoft.com/technet/security/advisory/954960.mspx |