Monthly Security Bulletin Webcast Q&A - November 2010
Hosts: Jerry Bryant, Group Manager, Response Communications
Dustin Childs, Senior Security Program Manager, MSRC
Website: TechNet/security
Chat Topic: November 2010 Security Bulletin Release
Date: Wednesday, November 10, 2010
Q: Will the patches for MS10-089 be detectable by Microsoft Baseline Security Analyzer (MBSA)? If so, do you have an estimate on when support will be added?
A: Forefront Unified Access Gateway will eventually be available via Microsoft Update, which is what MBAS relies on for detection.Q: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2293386) indicates it's just for the PowerPoint 2007 viewer, but I was still prompted to install it even though I have a full copy of PowerPoint 2007, which is not affected by the vulnerabilities described in MS10-088. Why am I being offered this update?A: We have a FAQ in the bulletin that explains this scenario. Microsoft PowerPoint 2007 is not affected by the vulnerabilities described in MS10-088; however, the vulnerable Microsoft PowerPoint Viewer 2007 is delivered with Microsoft PowerPoint 2007 and will be offered this security update. See http://www.microsoft.com/technet/security/bulletin/ms10-088.mspx for more information.
Q: Is MS10-087 for applicable for Office 2007 RTM or SP1? There seems to be conflicting information given. I have a system with Office 2007 SP1 and both MBSA and Windows Update show that KB2289158 is applicable. The download site states that MS10-087 applies to RTM/SP1/SP2. However, the Security Bulletin and KB article states you must have Office 2007 SP2. When I deploy the installer file (Office2007-kb2289158-fullfile-x86-glb.exe) to my system with Office SP1. I get the error, “The expected version of the product was not found on the system.”
A: Office 2007 RTM and SP1 are currently out of support. MBSA should not be detecting these updates as applicable to your system. We will investigate this issue and make sure that MBSA is only detecting updates on supported platforms and related documentation is corrected.
Q: Is MS10-087 applicable to Project 2010, SharePoint Designer 2010, Visio 2010, and PowerPoint Viewer 2010?
A: Yes, the update for MS10-087 is applicable to Project 2010, SharePoint Designer 2010, Visio 2010 and PowerPoint Viewer.
Q: About MS10-089, is detection for this bulletin using MBSA 2.1 tied to a release via AU/MU/WSUS? I would like to be able to scan for this vulnerability without deploying the patch to it automatically.
A: We understand that customers would like to detect this update via MBSA. Unfortunately at this time MBSA is not supported for this update. The bulletin will be updated when more information is available.
Q: Why do I get a pile of non-optional Updates for Office 2007 when the only 2007 item I have is Live Meeting 2007? (The rest is Office 2010.)A: You more than likely have a qualifying 2007 office product installed on your machine. If you think this is an error we recommend opening a support incident -- 1-866-PC-Safety.Q: Should MS10-087 applicable to Expression Web SP1 or higher and/or Expression Web 2? They are not listed in the KB article; however, it is showing in both Microsoft Update as well as MBSA.A: If you are running Office products you will receive updates, as these products relate to Microsoft Office. Please read the FAQ items in the bulletin for further information on this offering. Only products with known attack vectors to these vulnerabilities are listed in the bulletin as affected software.