Results 1 to 8 of 8
  1. #1
    New Lounger
    Join Date
    Aug 2003
    Location
    Patong, Thailand
    Posts
    22
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Baseline Security/Windows Update

    Checking my computer with Baseline I get the following results:
    MS02-055
    Unchecked Buffer in Windows Help Facility Could Enable Code Execution (Q323255) File C:WINDOWSsystem32hhctrl.ocx has a file version [5.2.3735.0] that is greater than what is expected [5.2.3669.0].

    MS03-020
    Cumulative Patch for Internet Explorer (818529) File C:WINDOWSsystem32mshtml.dll has a file version [6.0.2800.1226] that is greater than what is expected [6.0.2800.1170]. - File C:WINDOWSsystem32urlmon.dll has a file version [6.0.2800.1226] that is greater than what is expected [6.0.2800.1188

    MS02-008
    XMLHTTP Control Can Allow Access to Local Files Please refer to Q306460 for a detailed explanation.

    MS03-008
    Flaw in Windows Script Engine could allow code execution (814078) Please refer to Q306460 for a detailed explanation.

    MS03-030
    Unchecked Buffer in DirectX Could Enable System Compromise (819696) Please refer to Q306460 for a detailed explanation

    Checking on Windows Update no critical updates are missing!
    What to believe in??

  2. #2
    New Lounger
    Join Date
    Aug 2003
    Location
    Patong, Thailand
    Posts
    22
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Baseline Security/Windows Update

    Baseline' security assessment reads: Severe Risk (One or more critical checks failed.) Getting that assessment from a Microsoft product would make you think that what you are missing would be in Windows Update as a Critical Update, wouldn't it?
    I am not sure about the assessment: It tells me that I have a security flaw in my DirectX and then refer me to Q306460 for a detailed explanation. I read that one, but the latest DirectX version mentioned in that article is DirectX 9.0a and I have the absolute latest installed 9.0b???
    When you say "why not put on all the fixes? That can't cause any problems? Can it?" I do not totally agree. Think we have seen quite a number of patches and fixes from Microsoft lately which we had been better without!!

  3. #3
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Baseline Security/Windows Update

    I don't suppose it's any consolation to you, but I also get different results from Shavlik's HFNetChk (lite) and Microsoft's Baseline Security Analyser (which is, of course, based on Shavlik's code)!

    I would guess that Windows Update is somewhat less thorough in what it recommends, so the suggested patches that Baseline Security Analyser pulls out are not regarded as critical.

    But, hey, why not put on all the fixes? That can't cause any problems? Can it?? <img src=/S/evilgrin.gif border=0 alt=evilgrin width=15 height=15>

    More seriously, for the non-critical fixes you have to decide whether or not you know enough about the likelihood of a problem in your environment that might be solved by the application of the fix, or whether to leave well alone. As always, your kilometerage may vary...!
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  4. #4
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Baseline Security/Windows Update

    Sorry, I originally left out the [ evilgrin ] <img src=/S/evilgrin.gif border=0 alt=evilgrin width=15 height=15>!

    Yes, I'm puzzled too about what is regarded as a critical fix, or not...
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  5. #5
    New Lounger
    Join Date
    Aug 2003
    Location
    Patong, Thailand
    Posts
    22
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Baseline Security/Windows Update

    <img src=/S/bouncenburn.gif border=0 alt=bouncenburn width=31 height=31> Smilies say it all. This is what I am doing now. Hope to be able to change to <img src=/S/blackteeth.gif border=0 alt=blackteeth width=20 height=20>

  6. #6
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,577
    Thanks
    5
    Thanked 1,057 Times in 926 Posts

    Re: Baseline Security/Windows Update

    There are several threads in the MS newsgroup for MBSA - microsoft.public.security.baseline_analyzer about this subject. Take a look there. Basically, it says that MBSA can mis-report things.

    Joe
    Joe

  7. #7
    New Lounger
    Join Date
    Aug 2003
    Location
    Patong, Thailand
    Posts
    22
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Baseline Security/Windows Update

    Thanks Joe, I will.

  8. #8
    New Lounger
    Join Date
    Aug 2003
    Location
    Patong, Thailand
    Posts
    22
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Baseline Security/Windows Update

    Joe,

    Going through the newsgroup I think I know what is wrong. Baseline and WU simply do not work following the same rules (and Microsoft is fully aware of this). The newsgroup mentions both the MS02-008 and 'the file version being greater than expected' problems.
    I downloaded the new 1.1.1 version to see whether it worked better, but same result. Think we have to wait for Microsoft to get their act together, which they do mention, they are trying to!! <img src=/S/crossfingers.gif border=0 alt=crossfingers width=17 height=16>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •