Security...

Microsoft Security Bulletin Update

April 2005

We have completed testing the Microsoft patches below and found no issues. We recommend that you apply these patches immediately to the RALS equipment.

1.       MS05-016  Vulnerability in Windows Shell That Could Allow Remote Code Execution (893086) - Important

2.       MS05-017  Vulnerability in Message Queuing Could Allow Code Execution (892944) - Important

3.       MS05-018  Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service (890859) - Important

4.       MS05-019  Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066) - Critical

5.       MS05-020  Cumulative Security Update for Internet Explorer (890923) - Critical

In response to these security updates released by Microsoft for the Critical updates MAS has conducted compatibility testing of these 5 security patches with multiple versions of RALS systems.

• RALS-Plus version 1.2.1 SP1- complete
• RALS-Plus version 1.2 SP1 - complete
• RALS-Plus version 1.1 SP1 - complete
• RALS-Lite version 1.0 -- complete
• RALS-Web version 1.1 -- complete

MS Patches NOT Critical to RALS Functionality If MAS determines that the vulnerability as described in a Microsoft bulletin should not adversely affect the RALS functionality when the system is used as intended, the security patch will be tested and included in the next routine product version release.  Should the user apply the patches, MAS cannot guarantee or warrant its operation or impact on the RALS system.  In this situation there will be no routine customer notification. 

MS Patches Critical to RALS Functionality If it is determined that the security vulnerability as described in a Microsoft bulletin is critical to the RALS functionality, MAS will notify customers via a broadcast email from SecurityUpdates@rals.com and by notice on the MAS website http://www.rals.com .