Microsoft Security Advisory 954474
System Center Configuration Manager 2007 Blocked from Deploying Security Updates
Published: June 13, 2008 | Updated: June 17, 2008
Microsoft has completed the investigation into public reports of a non-security issue that affects environments with all supported versions of System Center Configuration Manager 2007 that deploy updates to Systems Management Services (SMS) 2003 clients. Microsoft has confirmed those reports and has released an update to correct this issue under Microsoft Knowledge Base Article 954474. Microsoft encourages customers affected by this issue to review and install this update.
Purpose of Advisory: The purpose of this advisory is to inform customers of a non-security related issue that they may experience when attempting to install all updates using System Center Configuration Manager 2007 after the Microsoft security update release of June 10, 2008. This issue is limited to all supported versions of System Center Configuration Manager 2007 environments deploying updates to supported SMS 2003 clients.
This issue is not a security vulnerability in System Center Configuration Manager 2007. However, affected System Center Configuration Manager 2007 environments will be unable to deploy any updates to SMS 2003 clients.
Advisory Status: Microsoft Knowledge Base Article and associated update have been released to address this issue.
Recommendation: Review the referenced Knowledge Base Article and apply the appropriate update.
|Microsoft Knowledge Base Article||954474|
This advisory discusses the following software.
|System Center Configuration Manager 2007|
|System Center Configuration Manager 2007 Service Pack 1|
What is the scope of the advisory?
This advisory and the related Microsoft Knowledge Base Article provide additional information on this issue as first described in the SMS and MOM Blog.
How can I verify if my deployments are impacted by the issue described in this advisory?
System Center Configuration Manager 2007 administrators can identify this issue by reviewing the Wsyncmgr.log on the ConfigMgr 2007 site server for the following entries:
- Performing legacy sync
STATMSG: ID=6709 SEV=I LEV=M SOURCE="SMS Server" COMP="SMS_WSUS_SYNC_MANAGER" …
Started with command line: C:\Program Files\Microsoft Configuration Manager\bin\i386\updatewuscatalog.exe …
Processing security catalog C:\Program Files\Microsoft Updates Inventory Tool\PkgSource\wsusscn2.cab ...
Initializing catalog C:\Program Files\Microsoft Updates Inventory Tool\PkgSource\wsusscn2.cab for synchronization.
Error 0x80004005, Unexpected DeploymentAction for update 1293995. Returned from CreateUpdateNode
Updates summary: 0 processed, 0 matched, 0 outdated, 0 updated
Is this a security vulnerability that requires Microsoft to issue a security update?
No. The inability to install updates from System Center Configuration Manager 2007 to SMS 2003 clients is not a security vulnerability. However, we have confirmed the issue and have released Microsoft Knowledge Base Article 954474 to correct the issue.
What versions of SMS are associated with this advisory?
This issue is limited to all supported versions of System Center Configuration Manager 2007 environments deploying updates to supported versions of SMS 2003 clients.
This is a security advisory about a non-security update. Isn’t that a contradiction?
Security advisories address security changes that may not require a security bulletin but may still affect customer’s overall security. Security advisories are a way for Microsoft to communicate security-related information to customers about issues that may not be classified as vulnerabilities and may not require a security bulletin, or about issues for which no security bulletin has been released. In this case, we are communicating the availability of an update that affects your ability to perform subsequent updates, including security updates. Therefore, this advisory does not address a specific security vulnerability; rather, it addresses your overall security.
Review the Microsoft Knowledge Base Article that is associated with this advisory
We encourage customers to install this update. Customers who are interested in learning more about this update should review Microsoft Knowledge Base Article 954474.
- You can provide feedback by completing the form by visiting Microsoft Help and Support: Contact Us.
- Customers in the United States and Canada can receive technical support from Microsoft Product Support Services. For more information about available support options, see Microsoft Help and Support.
- International customers can receive support from their local Microsoft subsidiaries. For more information about how to contact Microsoft for international support issues, visit International Support.
- Microsoft TechNet Security provides additional information about security in Microsoft products.
The information provided in this advisory is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
- June 13, 2008: Advisory published.
- June 17, 2008: Advisory updated to reflect availability of fix.
Built at 2014-04-18T13:49:36Z-07:00