Security Update confusion

Good Day,

I am planning on upgrading our Exchange Server 2003 SP1 in a few weeks and I
wanted to get everything ready. So I downloaded SP2 and read the paper work
that went with it.

On the paper work it said that I need to install a hot fix for Windows
Server 2003 SP1 (898060 MS05-019) After reading about this update it also
said the following

Security update information
Note Security update 913446 (security bulletin MS06-007) supersedes this
update (898060).
For more information, click the following article number to view the article
in the Microsoft Knowledge Base:
913446 (http://support.microsoft.com/kb/913446/) Vulnerability in TCP/IP
could allow denial of service

Security update 913446 also supersedes security update 893066 (security
bulletin MS05-019). For more information, click the following article number
to view the article in the Microsoft Knowledge Base:
893066 (http://support.microsoft.com/kb/893066/) MS05-019: Vulnerabilities
in TCP/IP could allow remote code execution and denial of service

Customers who are deploying security update 913446 do not have to deploy
security updates 898060 or 893066. Security update 893066 has been updated
to correct this issue. For more information, visit the following Microsoft
Web site:
http://www.microsoft.com/technet/sec.../ms05-019.mspx
(http://www.microsoft.com/technet/sec.../ms05-019.mspx)
Note This security update is not applicable to Windows Server 2003 with
Service Pack 1.

So now I am confused as it sounds to me that 913446 fixes all the issues and
I do not need to apply the hotfix at all.

Can somebody please clarify this and let me know what I need to do.

Thanks
Adam Raff

Winter approaching down under.
MS06-007 replaced MS05-019.
Your paper work for SP2 is probably outdated.
It's late Spring in Massachusetts - almost summer.

"Adam Raff" <> wrote in message news:...
> Good Day,
>
> I am planning on upgrading our Exchange Server 2003 SP1 in a few weeks and I
> wanted to get everything ready. So I downloaded SP2 and read the paper work
> that went with it.
>
> On the paper work it said that I need to install a hot fix for Windows
> Server 2003 SP1 (898060 MS05-019) After reading about this update it also
> said the following
>
> Security update information
> Note Security update 913446 (security bulletin MS06-007) supersedes this
> update (898060).
> For more information, click the following article number to view the article
> in the Microsoft Knowledge Base:
> 913446 (http://support.microsoft.com/kb/913446/) Vulnerability in TCP/IP
> could allow denial of service
>
> Security update 913446 also supersedes security update 893066 (security
> bulletin MS05-019). For more information, click the following article number
> to view the article in the Microsoft Knowledge Base:
> 893066 (http://support.microsoft.com/kb/893066/) MS05-019: Vulnerabilities
> in TCP/IP could allow remote code execution and denial of service
>
> Customers who are deploying security update 913446 do not have to deploy
> security updates 898060 or 893066. Security update 893066 has been updated
> to correct this issue. For more information, visit the following Microsoft
> Web site:
> http://www.microsoft.com/technet/sec.../ms05-019.mspx
> (http://www.microsoft.com/technet/sec.../ms05-019.mspx)
> Note This security update is not applicable to Windows Server 2003 with
> Service Pack 1.
>
> So now I am confused as it sounds to me that 913446 fixes all the issues and
> I do not need to apply the hotfix at all.
>
> Can somebody please clarify this and let me know what I need to do.
>
> Thanks
> Adam Raff
>
>

Good Day,

After looking over the information a little more this is what I found out

898060 was superseded by 893066 and it states that in the article explaining
what it overwrites. After checking my server, I see that 893066 was
installed on 05/14/05

After checking the documentation on 913446 I did not see anything about it
superseding 898060 and 893066. I have it installed on 02/14/06

My next concern would be if I installed SP1 for Windows 2003, after 893066
would that overwrite that info.

Any ideas?

thanks
Adam Raff


"Michael Jennings" <> wrote in message
news:...
> Winter approaching down under.
> MS06-007 replaced MS05-019.
> Your paper work for SP2 is probably outdated.
> It's late Spring in Massachusetts - almost summer.
>
> "Adam Raff" <> wrote in message
> news:...
>> Good Day,
>>
>> I am planning on upgrading our Exchange Server 2003 SP1 in a few weeks
>> and I
>> wanted to get everything ready. So I downloaded SP2 and read the paper
>> work
>> that went with it.
>>
>> On the paper work it said that I need to install a hot fix for Windows
>> Server 2003 SP1 (898060 MS05-019) After reading about this update it
>> also
>> said the following
>>
>> Security update information
>> Note Security update 913446 (security bulletin MS06-007) supersedes this
>> update (898060).
>> For more information, click the following article number to view the
>> article
>> in the Microsoft Knowledge Base:
>> 913446 (http://support.microsoft.com/kb/913446/) Vulnerability in TCP/IP
>> could allow denial of service
>>
>> Security update 913446 also supersedes security update 893066 (security
>> bulletin MS05-019). For more information, click the following article
>> number
>> to view the article in the Microsoft Knowledge Base:
>> 893066 (http://support.microsoft.com/kb/893066/) MS05-019:
>> Vulnerabilities
>> in TCP/IP could allow remote code execution and denial of service
>>
>> Customers who are deploying security update 913446 do not have to deploy
>> security updates 898060 or 893066. Security update 893066 has been
>> updated
>> to correct this issue. For more information, visit the following
>> Microsoft
>> Web site:
>> http://www.microsoft.com/technet/sec.../ms05-019.mspx
>> (http://www.microsoft.com/technet/sec.../ms05-019.mspx)
>> Note This security update is not applicable to Windows Server 2003 with
>> Service Pack 1.
>>
>> So now I am confused as it sounds to me that 913446 fixes all the issues
>> and
>> I do not need to apply the hotfix at all.
>>
>> Can somebody please clarify this and let me know what I need to do.
>>
>> Thanks
>> Adam Raff
>>
>>
>
>

My mistake after looking over 913446 it does replace 893066 but it says "Not
applicable for Windows Server 2003 SP1"


"Adam Raff" <> wrote in message
news:Oqh9Cq$...
> Good Day,
>
> After looking over the information a little more this is what I found out
>
> 898060 was superseded by 893066 and it states that in the article
> explaining what it overwrites. After checking my server, I see that
> 893066 was installed on 05/14/05
>
> After checking the documentation on 913446 I did not see anything about it
> superseding 898060 and 893066. I have it installed on 02/14/06
>
> My next concern would be if I installed SP1 for Windows 2003, after 893066
> would that overwrite that info.
>
> Any ideas?
>
> thanks
> Adam Raff
>
>
> "Michael Jennings" <> wrote in message
> news:...
>> Winter approaching down under.
>> MS06-007 replaced MS05-019.
>> Your paper work for SP2 is probably outdated.
>> It's late Spring in Massachusetts - almost summer.
>>
>> "Adam Raff" <> wrote in message
>> news:...
>>> Good Day,
>>>
>>> I am planning on upgrading our Exchange Server 2003 SP1 in a few weeks
>>> and I
>>> wanted to get everything ready. So I downloaded SP2 and read the paper
>>> work
>>> that went with it.
>>>
>>> On the paper work it said that I need to install a hot fix for Windows
>>> Server 2003 SP1 (898060 MS05-019) After reading about this update it
>>> also
>>> said the following
>>>
>>> Security update information
>>> Note Security update 913446 (security bulletin MS06-007) supersedes this
>>> update (898060).
>>> For more information, click the following article number to view the
>>> article
>>> in the Microsoft Knowledge Base:
>>> 913446 (http://support.microsoft.com/kb/913446/) Vulnerability in TCP/IP
>>> could allow denial of service
>>>
>>> Security update 913446 also supersedes security update 893066 (security
>>> bulletin MS05-019). For more information, click the following article
>>> number
>>> to view the article in the Microsoft Knowledge Base:
>>> 893066 (http://support.microsoft.com/kb/893066/) MS05-019:
>>> Vulnerabilities
>>> in TCP/IP could allow remote code execution and denial of service
>>>
>>> Customers who are deploying security update 913446 do not have to deploy
>>> security updates 898060 or 893066. Security update 893066 has been
>>> updated
>>> to correct this issue. For more information, visit the following
>>> Microsoft
>>> Web site:
>>> http://www.microsoft.com/technet/sec.../ms05-019.mspx
>>> (http://www.microsoft.com/technet/sec.../ms05-019.mspx)
>>> Note This security update is not applicable to Windows Server 2003 with
>>> Service Pack 1.
>>>
>>> So now I am confused as it sounds to me that 913446 fixes all the issues
>>> and
>>> I do not need to apply the hotfix at all.
>>>
>>> Can somebody please clarify this and let me know what I need to do.
>>>
>>> Thanks
>>> Adam Raff
>>>
>>>
>>
>>
>
>