Control Compliance Suite (CCS 11 ) Patch Assessment Content Update (PACU) 2013-19 udpate documentation and udpate.
Patch Assessment Content Updates for Windows
PACU 2013-17 contains checks for updates released by Microsoft in July 2013 on
raw-data content.
Updates for Raw-data Content
■ MS13-052
Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code
Execution (2861561)
■ MS13-053
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code
Execution (2850851)
■ MS13-054
Vulnerability in GDI+ Could Allow Remote Code Execution (2848295)
■ MS13-055
Vulnerability in Windows Print Spooler Components Could Allow Elevation
of Privilege (2839894)
■ MS13-056
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution
(2845187)
■ MS13-057
Vulnerability in Windows Media Format Runtime Could Allow Remote Code
Execution (2847883)
■ MS13-058
Vulnerability in Windows Defender Could Allow Elevation of Privilege
(2847927)
Updates for Raw-data Content
■ HP-UX 11.00 - 11.31 PA-RISC
■ HP-UX 11.22 - 11.31 for Itanium-based systems
■ Red Hat Enterprise Linux
■ SUSE Linux
■ IBM AIX
■ Sun Solaris
PACU 2013-17 updates the operating system and application patches for UNIX
operating systems for raw-data content.
There are a total of 580 updated patches and 4932 new patch bulletins in 4 dat
(template) files.
Patch Assessment Content Updates for Windows in 2013-18
PACU 2013-18 contains checks for updates released by Microsoft in July 2013 on
message based content.
Updates for Message Based Content
■ MS13-052
Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code
Execution (2861561)
■ MS13-053
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code
Execution (2850851)
■ MS13-054
Vulnerability in GDI+ Could Allow Remote Code Execution (2848295)
■ MS13-055
Vulnerability in Windows Print Spooler Components Could Allow Elevation of
Privilege (2839894)
■ MS13-056
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution
(2845187)
■ MS13-057
Vulnerability in Windows Media Format Runtime Could Allow Remote Code
Execution (2847883)
Patch Assessment Content Updates for UNIX in 2013-18
PACU 2013-18 updates the operating system and application patches for UNIX
operating systems for messages based content.
Updates for Message Based Content in Patch Policy
■ Solaris
■ OEL
■ HPUX Parisc
■ HPUX IA64
■ RHEL
■ SUSE
Comprehensive standard for Windows and UNIX on Message Based
Content in 2013-18
PACU 2013-18 contains the comprehensive standard for the patch policy.
File Name Standard Version OS Patch Policy Version
ESM_OSPatches_Comprehensive.xml 1.1.29 2013.07.02
Contents of the PACU
PACU contains the following files:
Table 1-2 Contents of the PACU
Name Description
SEForMSPatches_Comprehensive.xml -- > Raw-data content standard forWindows
SEForMSPatches_Less.xml -- > Raw-data content standard forWindows
LinuxRecommendedPatches.dat -- > Raw-data content updates for Linux platforms
HP-UXRecommendedPatches.dat -- > Raw-data content updates for HP-UX platforms
AIXRecommendedPatches.dat -- > Raw-data content updates for AIX platforms
SunOSRecommendedPatches.dat -- > Raw-data content updates for Sun OS platforms
ESM_OSPatches_Comprehensive.xml -- > Message based content updates for Windows and UNIX
bvMSSecure.xml -- > Raw-data content file for Windows datacollection
hfnetchk6b.xml -- > Raw-data content file for Windows data collection
BestPractice_OS_Patch_Updates.exe -- > Patch Policy updates on Message Based Content for Windows and UNIX.