[Jochen]

gestern Abend wurde folgende Sicherheitsempfehlung veröffentlicht - sie betrifft ein kumulatives Sicherheitsupdate von ActiveX-Kill Bits. Weitere Infos entnehmt bitte der Mail unten oder online unter: http://www.microsoft.com/germany/tec...en/953839.mspx

Darüber hinaus Microsoft die Untersuchung zu öffentlichen Meldungen über ein nicht sicherheitsrelevantes Problem abgeschlossen, das die Verteilung von durch Microsoft Windows Server Update Services 3.0 oder Microsoft Windows Server Update Services 3.0 Service Pack 1 bereitgestellten Updates auf Clientsystemen, die Microsoft Office 2003 in ihrer Umgebung installiert haben, verhindert. Microsoft hat diese Meldungen bestätigt und ein Update veröffentlicht, um dieses Problem mit dem Microsoft Knowledge Base-Artikel 954960<http://support.microsoft.com/kb/954960> zu korrigieren. Microsoft rät Benutzern, die von diesem Problem betroffen sind, dieses Update zu lesen und zu installieren.
Weitere Infos entnehmt bitte auch der Mail unten oder online unter: http://www.microsoft.com/germany/tec...en/954960.mspx

______________________________________________
What is the purpose of this alert?
This alert is to notify you that Microsoft has released Security Advisory 953839 - Cumulative Security Update of ActiveX Kill Bits - on August 12, 2008.

This alert also notifies you of a revision Security Advisory 954960 - Microsoft Windows Server Update Services (WSUS) Blocked from Deploying Security Updates - on August 12, 2008.

New Security Advisory (953839)

Microsoft is releasing a new set of ActiveX kill bits with Security Advisory 953839. The update includes kill bits for the following third-party software:

* Aurigma Image Uploader. Aurigma has issued an advisory<http://go.microsoft.com/fwlink/?LinkId=122004> and an update that addresses vulnerabilities. Please see the advisory from Aurigma for more information. These kill bits are being set at the request of the owner of the ActiveX control. Customers who require support should contact Aurigma. The class identifiers (CLSIDs) for this ActiveX control are as listed in the Frequently Asked Questions section of this advisory.

* HP Instant Support. HP<http://www.hp.com/> has issued an advisory<http://go.microsoft.com/fwlink/?LinkId=122005> and an update that addresses vulnerabilities. Please see the advisory from HP for more information and download locations. This kill bits are being set at the request of the owner of the ActiveX control. Customers who require support should contact HP<http://www.hp.com/>. The class identifiers (CLSIDs) for this ActiveX control are as listed in the Frequently Asked Questions section of this advisory.

* For more information about installing this update, see Microsoft Knowledge Base Article 953839<http://support.microsoft.com/kb/953839>.

Answers to Common Questions (953839)

Q: Why is Microsoft releasing this Cumulative Update of ActiveX Kill Bits with a security advisory when previous kill bit updates were released with a security bulletin?

A: Microsoft is releasing this Cumulative Security Update of ActiveX Kill Bits with an advisory because the new kill bits do not affect Microsoft software.

Q: Why does this new advisory not have a security rating associated with it?

A: This update contains kill bits for third-party controls not owned by Microsoft. Microsoft does not provide a security rating for vulnerable third-party controls.

Revised Security Advisory (954960)

Microsoft updated this Security Advisory 954960 - Microsoft Windows Server Update Services (WSUS) Blocked from Deploying Security Updates - on August 12, 2008 to communicate that the updated packages released via the Microsoft Download Center on August 1, 2008 are now also available via Microsoft Update. Customers who have already successfully installed the update do not need to reinstall.

Recommendations

Review new security advisory 953839 and revised security advisory 954960 for an overview of the issues, details on affected components, mitigating factors, suggested actions, frequently asked questions (FAQ) and links to additional resources.

Additional Resources

* Microsoft Security Advisory 953839 - Cumulative Security Update of ActiveX Kill Bits - http://www.microsoft.com/technet/sec...ry/953839.mspx

* Microsoft Security Advisory 954960 - Microsoft Windows Server Update Services (WSUS) Blocked from Deploying Security Updates - http://www.microsoft.com/technet/sec...ry/954960.mspx

* MSRC Blog: http://blogs.technet.com/msrc

Regarding Information Consistency

We strive to provide you with accurate information in static (this mail) and dynamic (web-based) content. Security Advisories posted to the web are occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in the web-based Security Advisory, the information in the web-based Security Advisory is authoritative.

If you have any questions regarding this alert please contact your Technical Account Manager or Application Development Consultant.

Thank you,
Microsoft CSS Security Team