Baseline Sec. Adv. problem

L

Len Dolby

QUESTION/PROBLEM - I've been trying for a year or so to correct, on and
off -
1/ MS02-055 - I have no idea where "later" file "hhctrl.ocx" came from. What
should I do to correct ? The link to MS02-055 downloads, attempts to
install, and
fails, with similar message as "reason" box above

2/ Clicking the "links" MS02-008 et al start up the "MSUpdate" site check,
which eventually reports "No updates available"

Catch22, therefore - Baseline Security adviser tells me I have a
problem, Update site says not.
What can I do to get Baseline to report "no prob" ?

pasted report from MS Baseline Security Adviser - aligned for ease of
reading
QUOTE -
5 security updates are out of date or could not be confirmed.
Result Details

Windows Security Updates
Security updates that are out of date are marked with a yellow X

1/ MS02-055 Unchecked Buffer in Windows Help Facility Could Enable
Code Execution (Q323255)
Reason - File C:\WINDOWS\system32\hhctrl.ocx has a file
version [5.2.3735.0] that is greater than what is expected
[5.2.3669.0].

2/ Security updates that the tool cannot confirm as installed on the
scanned computer are marked with a blue asterisk
Score Security Update Description Reason
a/ MS02-008 XMLHTTP Control Can Allow Access to Local Files Please
refer to Q306460 for a detailed explanation.
b/ MS03-008 Flaw in Windows Script Engine could allow code execution
(814078) Please refer to Q306460 for a detailed explanation.
c/ MS03-030 Unchecked Buffer in DirectX Could Enable System
Compromise (819696) Please refer to Q306460 for a detailed
explanation.
d/ MS03-051 Buffer Overrun in Microsoft FrontPage Server Extensions
Could Allow Code Execution (813360) Please refer to Q306460 for a
detailed
explanation.

UNQUOTE

Sincerely, LEN
 
W

Will Denny

Hi

Some in the following News Group may be able to help with the Baseline Security Analyzer:

news://msnews.microsoft.com/microsoft.public.security.baseline_analyzer

--

Will Denny
MS-MVP Windows - Shell/User


| QUESTION/PROBLEM - I've been trying for a year or so to correct, on and
| off -
| 1/ MS02-055 - I have no idea where "later" file "hhctrl.ocx" came from. What
| should I do to correct ? The link to MS02-055 downloads, attempts to
| install, and
| fails, with similar message as "reason" box above
|
| 2/ Clicking the "links" MS02-008 et al start up the "MSUpdate" site check,
| which eventually reports "No updates available"
|
| Catch22, therefore - Baseline Security adviser tells me I have a
| problem, Update site says not.
| What can I do to get Baseline to report "no prob" ?
|
| pasted report from MS Baseline Security Adviser - aligned for ease of
| reading
| QUOTE -
| 5 security updates are out of date or could not be confirmed.
| Result Details
|
| Windows Security Updates
| Security updates that are out of date are marked with a yellow X
|
| 1/ MS02-055 Unchecked Buffer in Windows Help Facility Could Enable
| Code Execution (Q323255)
| Reason - File C:\WINDOWS\system32\hhctrl.ocx has a file
| version [5.2.3735.0] that is greater than what is expected
| [5.2.3669.0].
|
| 2/ Security updates that the tool cannot confirm as installed on the
| scanned computer are marked with a blue asterisk
| Score Security Update Description Reason
| a/ MS02-008 XMLHTTP Control Can Allow Access to Local Files Please
| refer to Q306460 for a detailed explanation.
| b/ MS03-008 Flaw in Windows Script Engine could allow code execution
| (814078) Please refer to Q306460 for a detailed explanation.
| c/ MS03-030 Unchecked Buffer in DirectX Could Enable System
| Compromise (819696) Please refer to Q306460 for a detailed
| explanation.
| d/ MS03-051 Buffer Overrun in Microsoft FrontPage Server Extensions
| Could Allow Code Execution (813360) Please refer to Q306460 for a
| detailed
| explanation.
|
| UNQUOTE
|
| Sincerely, LEN
|
|
 
L

Len Dolby

Thanks. In the process of doing this, it also set up a new "News Server"
(msnews.microsoft.com) which is a useful bonus !
Len
Hi

Some in the following News Group may be able to help with the Baseline
Security Analyzer:

news://msnews.microsoft.com/microsoft.public.security.baseline_analyzer

--

Will Denny
MS-MVP Windows - Shell/User


| QUESTION/PROBLEM - I've been trying for a year or so to correct, on and
| off -
| 1/ MS02-055 - I have no idea where "later" file "hhctrl.ocx" came from.
What
| should I do to correct ? The link to MS02-055 downloads, attempts to
| install, and
| fails, with similar message as "reason" box above
|
| 2/ Clicking the "links" MS02-008 et al start up the "MSUpdate" site check,
| which eventually reports "No updates available"
|
| Catch22, therefore - Baseline Security adviser tells me I have a
| problem, Update site says not.
| What can I do to get Baseline to report "no prob" ?
|
| pasted report from MS Baseline Security Adviser - aligned for ease of
| reading
| QUOTE -
| 5 security updates are out of date or could not be confirmed.
| Result Details
|
| Windows Security Updates
| Security updates that are out of date are marked with a yellow X
|
| 1/ MS02-055 Unchecked Buffer in Windows Help Facility Could Enable
| Code Execution (Q323255)
| Reason - File C:\WINDOWS\system32\hhctrl.ocx has a file
| version [5.2.3735.0] that is greater than what is expected
| [5.2.3669.0].
|
| 2/ Security updates that the tool cannot confirm as installed on the
| scanned computer are marked with a blue asterisk
| Score Security Update Description Reason
| a/ MS02-008 XMLHTTP Control Can Allow Access to Local Files Please
| refer to Q306460 for a detailed explanation.
| b/ MS03-008 Flaw in Windows Script Engine could allow code
execution
| (814078) Please refer to Q306460 for a detailed explanation.
| c/ MS03-030 Unchecked Buffer in DirectX Could Enable System
| Compromise (819696) Please refer to Q306460 for a detailed
| explanation.
| d/ MS03-051 Buffer Overrun in Microsoft FrontPage Server Extensions
| Could Allow Code Execution (813360) Please refer to Q306460 for
a
| detailed
| explanation.
|
| UNQUOTE
|
| Sincerely, LEN
|
|
 
W

Will Denny

You're welcome, Len.

--

Will Denny
MS-MVP Windows - Shell/User


| Thanks. In the process of doing this, it also set up a new "News Server"
| (msnews.microsoft.com) which is a useful bonus !
| Len
| | Hi
|
| Some in the following News Group may be able to help with the Baseline
| Security Analyzer:
|
| news://msnews.microsoft.com/microsoft.public.security.baseline_analyzer
|
| --
|
| Will Denny
| MS-MVP Windows - Shell/User
|
|
| | | QUESTION/PROBLEM - I've been trying for a year or so to correct, on and
| | off -
| | 1/ MS02-055 - I have no idea where "later" file "hhctrl.ocx" came from.
| What
| | should I do to correct ? The link to MS02-055 downloads, attempts to
| | install, and
| | fails, with similar message as "reason" box above
| |
| | 2/ Clicking the "links" MS02-008 et al start up the "MSUpdate" site check,
| | which eventually reports "No updates available"
| |
| | Catch22, therefore - Baseline Security adviser tells me I have a
| | problem, Update site says not.
| | What can I do to get Baseline to report "no prob" ?
| |
| | pasted report from MS Baseline Security Adviser - aligned for ease of
| | reading
| | QUOTE -
| | 5 security updates are out of date or could not be confirmed.
| | Result Details
| |
| | Windows Security Updates
| | Security updates that are out of date are marked with a yellow X
| |
| | 1/ MS02-055 Unchecked Buffer in Windows Help Facility Could Enable
| | Code Execution (Q323255)
| | Reason - File C:\WINDOWS\system32\hhctrl.ocx has a file
| | version [5.2.3735.0] that is greater than what is expected
| | [5.2.3669.0].
| |
| | 2/ Security updates that the tool cannot confirm as installed on the
| | scanned computer are marked with a blue asterisk
| | Score Security Update Description Reason
| | a/ MS02-008 XMLHTTP Control Can Allow Access to Local Files Please
| | refer to Q306460 for a detailed explanation.
| | b/ MS03-008 Flaw in Windows Script Engine could allow code
| execution
| | (814078) Please refer to Q306460 for a detailed explanation.
| | c/ MS03-030 Unchecked Buffer in DirectX Could Enable System
| | Compromise (819696) Please refer to Q306460 for a detailed
| | explanation.
| | d/ MS03-051 Buffer Overrun in Microsoft FrontPage Server Extensions
| | Could Allow Code Execution (813360) Please refer to Q306460 for
| a
| | detailed
| | explanation.
| |
| | UNQUOTE
| |
| | Sincerely, LEN
| |
| |
|
|
| ---
| Outgoing mail is certified Virus Free.
| Checked by AVG anti-virus system (http://www.grisoft.com).
| Version: 6.0.598 / Virus Database: 380 - Release Date: 28/02/2004
|
|
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

MBSA 1
Security covered with greater file versions? 1
windows security update 1
microsoft baseline security analyzer 3
Microsoft security baseline analyzer 2
microsoft baseline security analyzer 3
OT: Microsoft Security Bulletin Release - November 11, 2003 11
Microsoft Windows Security Bulletin Summary for November, 2003 20

Top