Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Newest Internet Explorer Vulnerability (ms03-040)

Does anyone know if Cisco plans to address the newest Internet Explorer vulnerability with regard to the CCM servers? Are they going to have their own version of the patch or suggest to load the Microsoft version?

This is the link to the vulerability:

http://www.microsoft.com/security/security_bulletins/ms03-040.asp

1 REPLY
Gold

Re: Newest Internet Explorer Vulnerability (ms03-040)

Cisco recommends you stay with Cisco-supported patches and service releases in order to make sure your installation continues to be supported by TAC.

The release notes for OS service release 2.5sr2:

http://ftp.cisco.com/cisco/crypto/3DES/voice/cmva/win-OS-Upgrade-K9.2000-2-5sr2-Readme.htm

To quote, "The OS Service Releases started posting once a month on 9/1/2003. These monthly Service Releases will be created only if a new applicable security hotfix is available 5 business days before the 1st of the month. Cisco will continue to test and release hotfixes that meet our criteria for Critical hotfixes in 1 business day."

MS03-040 isn't all that critical considering that you shouldn't be using your CCM servers for general web browsing, much less browsing potentially hostile web sites. You should probably expect to see the fix rolled into OS service release 2.5sr3 to be released on or about November 1st.

81
Views
5
Helpful
1
Replies
CreatePlease to create content