Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
234
Views
5
Helpful
1
Replies

Newest Internet Explorer Vulnerability (ms03-040)

jaywydra
Level 1
Level 1

‎10-13-2003 08:36 AM - edited ‎03-13-2019 02:02 AM

Does anyone know if Cisco plans to address the newest Internet Explorer vulnerability with regard to the CCM servers? Are they going to have their own version of the patch or suggest to load the Microsoft version?

This is the link to the vulerability:

http://www.microsoft.com/security/security_bulletins/ms03-040.asp

Labels:
0 Helpful
1 Reply 1

jasyoung
Level 7
Level 7

‎10-13-2003 08:50 AM

Cisco recommends you stay with Cisco-supported patches and service releases in order to make sure your installation continues to be supported by TAC.

The release notes for OS service release 2.5sr2:

http://ftp.cisco.com/cisco/crypto/3DES/voice/cmva/win-OS-Upgrade-K9.2000-2-5sr2-Readme.htm

To quote, "The OS Service Releases started posting once a month on 9/1/2003. These monthly Service Releases will be created only if a new applicable security hotfix is available 5 business days before the 1st of the month. Cisco will continue to test and release hotfixes that meet our criteria for Critical hotfixes in 1 business day."

MS03-040 isn't all that critical considering that you shouldn't be using your CCM servers for general web browsing, much less browsing potentially hostile web sites. You should probably expect to see the fix rolled into OS service release 2.5sr3 to be released on or about November 1st.

Customers Also Viewed These Support Documents