These checks should not report as false positives after ms03-040 is applied. Any ones that do can be addressed, though after a quick code check everything looked ok.
I believe this thread is only stating that a performance increase can be gained by turning these checks off. We do not automatically deprecate checks that have been superceded, for various reasons. Some people may not be able to move to ms03-040, or the rollup might not fix all vectors of attack for an older vulnerability. Thanks, Ben Layer ISS XForce -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Dykes, Sandra H Sent: Thursday, October 23, 2003 10:39 AM To: '[EMAIL PROTECTED]' Subject: RE: [ISSForum] Internet Scanner checks superceded by MS03-040 (vulnid 13364) If all of these are taken care of by patch MS03-040, then ISS needs to update what they are looking for so that these Vuls are not reported as false positives. I have reported several in the past and they fixed them. ISS, when can we expect these Vuls to be fixed so they don't report if the machine has patch MS03-040 installed? We should not have to worry about turning these Vuls off. If the fix is installed, the Vuls should not report. Thanks in advance! -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Evans, Mark (Contractor) Sent: Tuesday, October 21, 2003 3:02 PM To: '[EMAIL PROTECTED]' Subject: [ISSForum] Internet Scanner checks superceded by MS03-040 (vulnid 13364) If you are like me, you hate scanning for patches or fixes that are no longer required because a newer fix has replaced them. If you have the requirement to install MS03-040 on your systems, which we do, then I've compiled a list of vulnid's that are superceded and do not require checking any longer. This will speed up the scan. Here are the checks: VulnID VulnName 8118 IeApplicationInvocation 7941 IeCodebaseExecutePrograms 7703 IeFileDownloadExecution 7636 IeFileDownloadExtSpoof 6748 IeFrameVerificationVariant 7702 IeFrameVerificationVariant2 9247 IeGopherBo 8116 IeHtmlDirectiveBo 7258 IeIncorrectSecurityZone 6306 IeMimeExecuteCode 9090 IeMs02023Patch 10809 IeMs02068Patch 11264 IeMs03004Patch 12960 IeObjectCodeExecution 8120 IeScriptingBypass 6230 IeTelnetExecuteCommands 7259 IeUrlHttpRequests 11846 IeUrlmonBo ** The opinions expressed here are my own and do not reflect upon my company or the US Government ** Mark P. Evans Northrop Grumman IT DISA Field Security Operation (OP74) Bldg 1C - LEAD 1 Overcash Ave Chambersburg, PA 17201 _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo
