[19805] in bugtraq
Microsoft KB# to Advisory name mapping
daemon@ATHENA.MIT.EDU (Desmond Irvine)
Fri Mar 23 08:10:46 2001
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <3ABA4FD2.F25B64F7@sheridanc.on.ca>
Date: Thu, 22 Mar 2001 14:17:38 -0500
Reply-To: Desmond Irvine <desmond.irvine@SHERIDANC.ON.CA>
From: Desmond Irvine <desmond.irvine@SHERIDANC.ON.CA>
To: BUGTRAQ@SECURITYFOCUS.COM
Does anyone know where I could find a table that would map the Microsoft
KB#'s that the hotfixes are associated with to the Advisory name
(MS##-###)? I know XATO has a page something like what I want, but it
doesn't seem to be complete or up to date:
http://www.xato.net/advisories/beta/win2k.htm
When looking at an NT server to determine what hotfixes have been
applied you can run "hotfix -l" to get a dialog box with the KB#'s in it
(Q147222, Q238606, etc.) You can also scan the registry in
\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix
to get a similar listing some of which will have comments and fix
description keys that may or may not be useful in identifying the
advisories they are associated with. What I ideally want to get is
something like:
MS00-086 - web server file request parsing vulnerabilty - Q277873
...
On a machine with unknown patches applied it can be a real pain to go
from the KB#'s to the MS Advisories.
Thanks, Desmond.
