Re: Microsoft KB# to Advisory name mapping

["Michael C. Bazarewsky" <BazarewskyM () SOFTWARE-ANSWERS COM>]

All,

The Microsoft Hot-Fix Checker:

http://www.microsoft.com/Downloads/Release.asp?ReleaseID=24168

uses the file:

http://www.microsoft.com/technet/security/search/bulletins.xml

to tell it the mappings between Knowledge Base numbers, names, and advisory
numbers.  I suspect that making a modified version of the Hot-Fix Checker
(which will report the current installed fixes (and not just the ones that
are missing) for all products (and not just IIS 5.0) would not be difficult.


-- Mike Bazarewsky

-----Original Message-----
From: Desmond Irvine [mailto:desmond.irvine () SHERIDANC ON CA]
Sent: Thursday, March 22, 2001 2:18 PM
To: BUGTRAQ () SECURITYFOCUS COM
Subject: Microsoft KB# to Advisory name mapping


Does anyone know where I could find a table that would map the Microsoft
KB#'s that the hotfixes are associated with to the Advisory name (MS##-###)?
I know XATO has a page something like what I want, but it doesn't seem to be
complete or up to date:

   http://www.xato.net/advisories/beta/win2k.htm

When looking at an NT server to determine what hotfixes have been applied
you can run "hotfix -l" to get a dialog box with the KB#'s in it (Q147222,
Q238606, etc.)  You can also scan the registry in
\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix to
get a similar listing some of which will have comments and fix description
keys that may or may not be useful in identifying the advisories they are
associated with.  What I ideally want to get is something like:

MS00-086 - web server file request parsing vulnerabilty - Q277873 ...

On a machine with unknown patches applied it can be a real pain to go from
the KB#'s to the MS Advisories.

Thanks, Desmond.