INTRODUCTION
This article describes the detection and deployment guidance for the security release that is dated March 14, 2006.
As part of an ongoing commitment to provide detection tools and deployment recommendations for security updates, Microsoft is delivering this detection and deployment guidance for all updates that are released during a Microsoft Security Response Center (MSRC) release cycle. This guidance contains recommendations that are based on the types of scenarios that may apply to various Microsoft operating system environments.
This guidance includes information about the use of the following tools:
- Windows Update
- Microsoft Update
- Office Update
- Microsoft Baseline Security Analyzer (MBSA)
- Office Detection Tool (ODT)
- Security Update Inventory Tool (SUIT) for Microsoft Systems Management Server (SMS) 2.0
- Inventory Tool for Microsoft Updates (ITMU) for Microsoft SMS 2003
- Extended Security Update Inventory Tool
- Enterprise Scan Tool (EST)
- Software Update Services (SUS)
- Windows Server Update Services (WSUS)
Currently, the guidance in this article does not apply to 64-bit Itanium-based operating systems or to 64-bit x64-based operating systems. Microsoft is looking to add this information in future releases of this guide.
MORE INFORMATION
Detection and deployment
Environments that detect and deploy security updates by using Windows Update, Microsoft Update, and Office Update
All security updates that were released on March 14, 2006 are available through the following Web sites.
Microsoft Windows Update Web siteProducts that are supported by this Web site:
- Microsoft Windows Server 2003
- Microsoft Windows XP
- Microsoft Windows 2000
Microsoft Update Web siteProducts that are supported by this Web site:
- Microsoft Windows Server 2003
- Microsoft Windows XP
- Microsoft Windows 2000
- Microsoft Office
- Microsoft Exchange
- Microsoft Internet Security and Acceleration Server 2004
- Microsoft SQL Server
Office Update Web siteProducts that are supported by this Web site:
- Microsoft Office 2003
- Microsoft Office XP
- Microsoft Office 2000
Mactopia Web siteProducts that are supported by this Web site:
- Microsoft Office 2004 for Mac
- Microsoft Office v. X for Mac
- Microsoft Office 2001 for Mac
Note Not every update is available on every one of these Web sites.
Environments that detect security updates by using MBSA 2.0 or MBSA 1.2.1
If you use Microsoft Baseline Security Analyzer (MBSA) 2.0 or MBSA 1.2.1 to detect security updates, you can detect most of the security updates that were released on March 14, 2006.
Note MBSA 1.2.1 contains an integrated version of Office Detection Tool (ODT). The ODT part of MBSA 1.2.1 is limited to local scans only.
- MBSA 2.0 does not detect or deploy security update 905413 for the following products:
- Office 2000 and associated Multilingual User Interfaces (MUIs)
- Works Suite 2003, Works Suite 2002, Works Suite 2001, and Works Suite 2000
-
Office v. X for Mac and Office 2004 for Mac are not supported by MBSA 2.0 or MBSA 1.2.1.
Environments that detect and that deploy security updates by using Software Update Services or Windows Server Update Services
If you use Software Update Services (SUS) or Windows Server Update Services (WSUS) to detect and to deploy security updates, you can detect most of the security updates that were released on March 14, 2006.
- SUS does not support security update 905413. SUS was not designed to support the updating of any Office products.
- WSUS does not detect or deploy security update 905413 for the following products:
- Any version of Works Suite
- Office 2000
Environments that detect and that deploy security updates by using SUIT for SMS 2.0 or ITMU for SMS 2003
If you use Inventory Tool for Microsoft Updates (ITMU) for SMS 2003 or Security Update Inventory Tool (SUIT) for SMS 2.0 to detect and to deploy security updates, you can detect and deploy all security updates that were released on March 14, 2006.
Some security updates may be fully detected by using SUIT for SMS 2.0 only if you use the latest cumulative Extended Security Update Inventory Tool. To obtain this tool, visit the following Microsoft Web site:
Summary of detection and deployment guidance
The following table summarizes the detection and deployment guidance for each new security update.
|
| 914798 | MS06-011 | DACL | Not applicable. | Detects and deploys. | Detects and deploys. | Detection only. | Detection only. | Detects and deploys. | Detects and deploys. | Not applicable. | Detects and deploys. | Detects and deploys. |
| 905413 | MS06-012 | Office | Detects and deploys. | Not applicable. | Partially detects and deploys. | Detection only. Local ODT scan only. | Detection only is partially supported. | Not applicable. | Partially detects and deploys. | Not applicable. | Detects and deploys. | Detects and deploys. |
Note For more information about partial detection or deployment for a certain tool, see the applicable section earlier in this article.
Re-released security updates
There are no security updates that are being re-released this month.
Frequently asked questions
Q1: What is Microsoft doing to provide guidance about how to deploy these updates?A1: Microsoft encourages system administrators to join the monthly technical webcast to learn more about security updates. The webcast for this security update airs on March 15, 2006 at 11:00 A.M. (Pacific Time). To register, visit the following Microsoft Web site:
Q2: Is EST also cumulative like the Extended Security Update Inventory Tool is for SMS?A2: No, Enterprise Scan Tool (EST) is not cumulative. There are no plans to make EST cumulative.
Q3: Can I use MBSA to determine whether these updates are required?A3: Yes, you can use MBSA 2.0 and MBSA 1.2.1 to fully detect the need for the following security updates that were released on March 14, 2006, except where noted:
|
| 914798 | MS06-011 | DACL | Not applicable |
| 905413 | MS06-012 | Office | See the "Environments that detect security updates by using MBSA 2.0 or MBSA 1.2.1" section earlier in this article for more information. |
For more information about the programs that MBSA currently does not detect, click the following article numbers to view the articles in the Microsoft Knowledge Base:
306460
Microsoft Baseline Security Analyzer 1.2.1 (MBSA) returns note messages for some updates
895660
Microsoft Baseline Security Analyzer 2.0 is available
No security updates released on March 14, 2006 require EST for detection.
Q5: Can I use SMS to determine whether the updates are required?A5: Yes. SMS helps detect and deploy these security updates. SMS 2003 and SMS 2.0 together with SUIT use MBSA 1.2.1 technology for detection. Therefore, SMS 2003 and SMS 2.0 together with SUIT have similar limitations as does MBSA 1.2.1. For more information about SMS, visit the following Microsoft Web site:
SUIT together with the Extended Security Update Inventory Tool are required for detection of all the security updates on Microsoft Windows and on other affected Microsoft products.
For more information about the limitations of SUIT, click the following article number to view the article in the Microsoft Knowledge Base:
306460 Microsoft Baseline Security Analyzer (MBSA) returns note messages for some updates
Alternatively, you can use ITMU for SMS 2003 to detect and deploy these security updates. ITMU uses technology from Microsoft Updates. For more information, visit the following Microsoft Web site: