Control Compliance Suite (CCS 11 ) Patch Assessment Content Update (PACU) 2013-19 udpate documentation and udpate.

Patch Assessment Content Updates for Windows

PACU 2013-17 contains checks for updates released by Microsoft in July 2013 on
raw-data content.

Updates for Raw-data Content

■ MS13-052
Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code
Execution (2861561)

■ MS13-053
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code
Execution (2850851)

■ MS13-054
Vulnerability in GDI+ Could Allow Remote Code Execution (2848295)

■ MS13-055
Vulnerability in Windows Print Spooler Components Could Allow Elevation
of Privilege (2839894)

■ MS13-056
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution
(2845187)

■ MS13-057
Vulnerability in Windows Media Format Runtime Could Allow Remote Code
Execution (2847883)

■ MS13-058
Vulnerability in Windows Defender Could Allow Elevation of Privilege
(2847927)

Updates for Raw-data Content

■ HP-UX 11.00 - 11.31 PA-RISC
■ HP-UX 11.22 - 11.31 for Itanium-based systems
■ Red Hat Enterprise Linux
■ SUSE Linux
■ IBM AIX
■ Sun Solaris

PACU 2013-17 updates the operating system and application patches for UNIX

operating systems for raw-data content.

There are a total of 580 updated patches and 4932 new patch bulletins in 4 dat

(template) files.

Patch Assessment Content Updates for Windows in 2013-18
PACU 2013-18 contains checks for updates released by Microsoft in July 2013 on
message based content.

Updates for Message Based Content
■ MS13-052
Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code
Execution (2861561)
■ MS13-053
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code
Execution (2850851)
■ MS13-054
Vulnerability in GDI+ Could Allow Remote Code Execution (2848295)
■ MS13-055
Vulnerability in Windows Print Spooler Components Could Allow Elevation of
Privilege (2839894)
■ MS13-056
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution
(2845187)
■ MS13-057
Vulnerability in Windows Media Format Runtime Could Allow Remote Code
Execution (2847883)

Patch Assessment Content Updates for UNIX in 2013-18
PACU 2013-18 updates the operating system and application patches for UNIX
operating systems for messages based content.
Updates for Message Based Content in Patch Policy

■ Solaris
■ OEL
■ HPUX Parisc
■ HPUX IA64
■ RHEL
■ SUSE

 Comprehensive standard for Windows and UNIX on Message Based
Content in 2013-18

PACU 2013-18 contains the comprehensive standard for the patch policy.

File Name    Standard Version  OS Patch Policy Version
ESM_OSPatches_Comprehensive.xml 1.1.29    2013.07.02
 

Contents of the PACU
PACU contains the following files:

Table 1-2 Contents of the PACU

Name Description
SEForMSPatches_Comprehensive.xml  -- > Raw-data content standard forWindows
SEForMSPatches_Less.xml                     -- > Raw-data content standard forWindows
LinuxRecommendedPatches.dat              -- > Raw-data content updates for Linux platforms

HP-UXRecommendedPatches.dat           -- > Raw-data content updates for HP-UX platforms
AIXRecommendedPatches.dat                 -- > Raw-data content updates for AIX platforms
SunOSRecommendedPatches.dat           -- > Raw-data content updates for Sun OS platforms
ESM_OSPatches_Comprehensive.xml    -- > Message based content updates for Windows and UNIX
bvMSSecure.xml                                          -- > Raw-data content file for Windows datacollection
hfnetchk6b.xml                                              -- > Raw-data content file for Windows data collection
BestPractice_OS_Patch_Updates.exe     -- > Patch Policy updates on Message Based Content for Windows and UNIX.