Detection and deployment guidance for the March 2006 security release

Article translations Article translations
Article ID: 916557 - View products that this article applies to.
Expand all | Collapse all

On This Page

INTRODUCTION

This article describes the detection and deployment guidance for the security release that is dated March 14, 2006.

As part of an ongoing commitment to provide detection tools and deployment recommendations for security updates, Microsoft is delivering this detection and deployment guidance for all updates that are released during a Microsoft Security Response Center (MSRC) release cycle. This guidance contains recommendations that are based on the types of scenarios that may apply to various Microsoft operating system environments.

This guidance includes information about the use of the following tools:
  • Windows Update
  • Microsoft Update
  • Office Update
  • Microsoft Baseline Security Analyzer (MBSA)
  • Office Detection Tool (ODT)
  • Security Update Inventory Tool (SUIT) for Microsoft Systems Management Server (SMS) 2.0
  • Inventory Tool for Microsoft Updates (ITMU) for Microsoft SMS 2003
  • Extended Security Update Inventory Tool
  • Enterprise Scan Tool (EST)
  • Software Update Services (SUS)
  • Windows Server Update Services (WSUS)
Currently, the guidance in this article does not apply to 64-bit Itanium-based operating systems or to 64-bit x64-based operating systems. Microsoft is looking to add this information in future releases of this guide.

MORE INFORMATION

Detection and deployment

Environments that detect and deploy security updates by using Windows Update, Microsoft Update, and Office Update

All security updates that were released on March 14, 2006 are available through the following Web sites.

Microsoft Windows Update Web site
http://update.microsoft.com/windowsupdate
Products that are supported by this Web site:
  • Microsoft Windows Server 2003
  • Microsoft Windows XP
  • Microsoft Windows 2000
Microsoft Update Web site
http://update.microsoft.com/microsoftupdate
Products that are supported by this Web site:
  • Microsoft Windows Server 2003
  • Microsoft Windows XP
  • Microsoft Windows 2000
  • Microsoft Office
  • Microsoft Exchange
  • Microsoft Internet Security and Acceleration Server 2004
  • Microsoft SQL Server
Office Update Web site
http://officeupdate.microsoft.com
Products that are supported by this Web site:
  • Microsoft Office 2003
  • Microsoft Office XP
  • Microsoft Office 2000
Mactopia Web site
http://www.microsoft.com/mac/
Products that are supported by this Web site:
  • Microsoft Office 2004 for Mac
  • Microsoft Office v. X for Mac
  • Microsoft Office 2001 for Mac
Note Not every update is available on every one of these Web sites.

Environments that detect security updates by using MBSA 2.0 or MBSA 1.2.1

If you use Microsoft Baseline Security Analyzer (MBSA) 2.0 or MBSA 1.2.1 to detect security updates, you can detect most of the security updates that were released on March 14, 2006.

Note MBSA 1.2.1 contains an integrated version of Office Detection Tool (ODT). The ODT part of MBSA 1.2.1 is limited to local scans only.
  • MBSA 2.0 does not detect or deploy security update 905413 for the following products:
    • Office 2000 and associated Multilingual User Interfaces (MUIs)
    • Works Suite 2003, Works Suite 2002, Works Suite 2001, and Works Suite 2000
  • Office v. X for Mac and Office 2004 for Mac are not supported by MBSA 2.0 or MBSA 1.2.1.

Environments that detect and that deploy security updates by using Software Update Services or Windows Server Update Services

If you use Software Update Services (SUS) or Windows Server Update Services (WSUS) to detect and to deploy security updates, you can detect most of the security updates that were released on March 14, 2006.
  • SUS does not support security update 905413. SUS was not designed to support the updating of any Office products.
  • WSUS does not detect or deploy security update 905413 for the following products:
    • Any version of Works Suite
    • Office 2000

Environments that detect and that deploy security updates by using SUIT for SMS 2.0 or ITMU for SMS 2003

If you use Inventory Tool for Microsoft Updates (ITMU) for SMS 2003 or Security Update Inventory Tool (SUIT) for SMS 2.0 to detect and to deploy security updates, you can detect and deploy all security updates that were released on March 14, 2006.

Some security updates may be fully detected by using SUIT for SMS 2.0 only if you use the latest cumulative Extended Security Update Inventory Tool. To obtain this tool, visit the following Microsoft Web site:
http://www.microsoft.com/downloads/details.aspx?FamilyId=2C93DA1D-48A0-4E5C-991F-87E08954F61B&displaylang=en

Summary of detection and deployment guidance

The following table summarizes the detection and deployment guidance for each new security update.
Collapse this tableExpand this table
Security updateSecurity bulletinComponentOffice UpdateWindows UpdateMicrosoft UpdateMBSA 1.2.1 and ODTMBSA 2.0SUSWSUSESTSUITITMU
914798MS06-011DACLNot applicable.Detects and deploys.Detects and deploys.Detection only.Detection only.Detects and deploys.Detects and deploys.Not applicable.Detects and deploys.Detects and deploys.
905413MS06-012OfficeDetects and deploys.Not applicable.Partially detects and deploys.Detection only. Local ODT scan only.Detection only is partially supported.Not applicable.Partially detects and deploys.Not applicable.Detects and deploys.Detects and deploys.
Note For more information about partial detection or deployment for a certain tool, see the applicable section earlier in this article.

Re-released security updates

There are no security updates that are being re-released this month.

Frequently asked questions

Q1: What is Microsoft doing to provide guidance about how to deploy these updates?

A1: Microsoft encourages system administrators to join the monthly technical webcast to learn more about security updates. The webcast for this security update airs on March 15, 2006 at 11:00 A.M. (Pacific Time). To register, visit the following Microsoft Web site:
http://msevents.microsoft.com/cui/EventDetail.aspx?culture=en-US&EventID=1032290677&EventCategory=4
Q2: Is EST also cumulative like the Extended Security Update Inventory Tool is for SMS?

A2: No, Enterprise Scan Tool (EST) is not cumulative. There are no plans to make EST cumulative.

Q3: Can I use MBSA to determine whether these updates are required?

A3: Yes, you can use MBSA 2.0 and MBSA 1.2.1 to fully detect the need for the following security updates that were released on March 14, 2006, except where noted:
Collapse this tableExpand this table
Security updateSecurity bulletinComponentDetection capabilities
914798MS06-011DACLNot applicable
905413MS06-012 Office See the "Environments that detect security updates by using MBSA 2.0 or MBSA 1.2.1" section earlier in this article for more information.
For more information about the programs that MBSA currently does not detect, click the following article numbers to view the articles in the Microsoft Knowledge Base:
306460 Microsoft Baseline Security Analyzer 1.2.1 (MBSA) returns note messages for some updates
895660 Microsoft Baseline Security Analyzer 2.0 is available
Q4: Which security updates require that I use EST together with MBSA to identify vulnerable systems on my network?

A4: No security updates released on March 14, 2006 require EST for detection.

Q5: Can I use SMS to determine whether the updates are required?

A5: Yes. SMS helps detect and deploy these security updates. SMS 2003 and SMS 2.0 together with SUIT use MBSA 1.2.1 technology for detection. Therefore, SMS 2003 and SMS 2.0 together with SUIT have similar limitations as does MBSA 1.2.1. For more information about SMS, visit the following Microsoft Web site:
http://www.microsoft.com/smserver/default.mspx
SUIT together with the Extended Security Update Inventory Tool are required for detection of all the security updates on Microsoft Windows and on other affected Microsoft products. For more information about the limitations of SUIT, click the following article number to view the article in the Microsoft Knowledge Base:
306460 Microsoft Baseline Security Analyzer (MBSA) returns note messages for some updates
Alternatively, you can use ITMU for SMS 2003 to detect and deploy these security updates. ITMU uses technology from Microsoft Updates. For more information, visit the following Microsoft Web site:
http://technet.microsoft.com/en-us/sms/bb676783.aspx

Properties

Article ID: 916557 - Last Review: December 3, 2007 - Revision: 1.8
APPLIES TO
  • Microsoft Windows Server 2003 Service Pack 1, when used with:
    • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
    • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
    • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
    • Microsoft Windows Server 2003, Web Edition
  • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
  • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
  • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
  • Microsoft Windows Server 2003, Web Edition
  • Microsoft Windows Small Business Server 2003 Premium Edition
  • Microsoft Windows Small Business Server 2003 Standard Edition
  • Microsoft Windows XP Service Pack 2, when used with:
    • Microsoft Windows XP Professional
    • Microsoft Windows XP Home Edition
  • Microsoft Windows XP Service Pack 1, when used with:
    • Microsoft Windows XP Professional
    • Microsoft Windows XP Home Edition
  • Microsoft Windows 2000 Service Pack 4, when used with:
    • Microsoft Windows 2000 Advanced Server
    • Microsoft Windows 2000 Datacenter Server
    • Microsoft Windows 2000 Professional Edition
    • Microsoft Windows 2000 Server
  • Microsoft Small Business Server 2000 Standard Edition
Keywords: 
kbhowto kbinfo kbexpertiseadvanced KB916557

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com