• 0 رای - 0 میانگین
  • 1
  • 2
  • 3
  • 4
  • 5
Which Microsoft Patches ("Security Updates" and "Critical Updates") have been tested
#1
Instructions
Microsoft regularly rectifies security gaps in its products and makes these fixes available to its customers in the form of official patches. This usually happens every second Tuesday in the month, on so-called "Patch Tuesday". Microsoft divides up the updates into numerous different classifications
(http://support.microsoft.com/kb/824684/EN-US/
and
http://support.microsoft.com/kb/824684/de).
However, you only have to install "Security Updates" and "Critical Updates" to ensure that SIMATIC WinCC operation is secure and stable. For this reason, a WinCC test configuration has been set up in order to test the compatibility of the WinCC software with the above-mentioned patch classifications ("Security Updates" and "Critical Updates"). This system always features the very latest of the released versions of WinCC and Microsoft products released for operating these versions of WinCC. Keeping pace with the updates published by Microsoft, compatibility tests with the latest released versions of WinCC are performed on the test system.
The attached table in xls format provides precise information about the Microsoft "Security Updates" and "Critical Updates"which are tested for compatibility. As far as possible, this is updated within two weeks after publication of the latest updates of the classification designated.
If reflects the Microsoft products installed in the WinCC- test configuration. Therefore, a discrepancy between this list and the products installed in the project cannot be excluded. If a system requires more updates than contained in the published list, these updates are requested according to the additional installed products / software components. In this case, it is up to the user to install these updates. We recommend installing all the available updates of both the named classifications to ensure that the system is protected. However, we cannot say anything about the compatibility of such updates that we have not tested. Therefore, we recommend installing all the updates in separate project-specific test environment prior to rolling out the updates in the productive environment.
[عکس: disk_35.gif]Security_Patches.xls( 383 KB )
In rare cases an update might have a negative effect on our software in our tests. This is noted in the "Comment" field in the list above. Furthermore, we inform you as fast as possible by newsletter of any indications and the resulting remedies.
Recommended procedure for patch management with the Microsoft Windows Server Update Service (WSUS)
These instructions assume that you have a WSUS installed for your WinCC system. How to proceed with the WSUS is described in Entry ID: 38621083.

No. Procedure
1 WSUS configuration:
In the "Products and Classifications" dialog you select the "Products" tab and then all the Microsoft products relevant for the system.
[عکس: 18752994_Sec-patchces_01_e.gif]
Fig. 01


2 WSUS configuration:
In the "Products and Classifications" dialog you select the "Classifications" tab and then "Security Updates" and "Critical Updates".
[عکس: 18752994_Sec-patchces_02_e.gif]
Fig. 02


3 WSUS configuration:
Create the project-specific groups for distribution of the updates in the system.
4 Download the "Security_Patches.xls" Excel table above onto your computer.
5 Open the table and set the filter to "Failed" in the "Test Result" column.
6 Check the "Comments" column to see whether these updates have been replaced.
7 WSUS administration:
Select all the available updates in the "Critical Updates" and "Security Updates" categories and then deselect the non-released patches as in the list above. Release the patches for installation in the groups created.
8 Log in on the clients connected to the WSUS using an administrative account (the clients were configured to receive the updates from the WSUS).
9 Execute the updates offered.
Table 01
You can find more precise information about Industrial Security in connection with WinCC software in the WiNCC Security Concept in Entry ID: 60119725.
For more detailed explanations about Microsoft Updates and the WSUS visit the following Microsoft sites.


•Microsoft Security Bulletins German
http://www.microsoft.com/germany/technet...fault.mspx
•Microsoft Security Bulletins English

http://www.microsoft.com/technet/Security/default.mspx
•Microsoft WSUS

http://www.microsoft


Notes

•To find out which Microsoft Patches are installed on the PC, refer to Entry ID: 48844294.
•These guidelines apply only for version WinCC V6.0 SP4 and higher.

Warning
The procedure described above does not apply for new Microsoft Service Packs which still require an explicit release for use. If the patches require a higher version of the Microsoft software, then refer to the "WinCC InstallNotes" file or Entry ID: 21927773to check whether these higher versions of the software or Service Packs are released for SIMATIC WinCC.
Additional Keywords
Windows Update Service, Security Patch
پاسخ


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


کاربران در حال بازدید این موضوع:
1 مهمان


کلیه حقوق این وب سایت محفوظ و متعلق به قشم ولتاژ می باشد. طراحی و اجرا توسط