[SECURITY-L] HFNetChk 3.3 now available

Daniela Regina Barbetti daniela em ccuec.unicamp.br
Ter Jan 22 16:01:04 -02 2002 

----- Forwarded message from Nelson Murilo <nelson em pangeia.com.br> -----

From: Nelson Murilo <nelson em pangeia.com.br>
Subject: [S] HFNetChk 3.3 now available
To: seguranca em pangeia.com.br
Date: Fri, 18 Jan 2002 12:00:23 -0200




HFNetChk version 3.3 is now available. You may obtain the program via
the download link on Knowledge Base Article Q303215, or directly via the
Microsoft Download Center page:
http://www.microsoft.com/downloads/release.asp?releaseid=31154. 

Overview
HFNetChk is a command line tool used to assess a computer or group of
computers for their current security hotfix status.  HFNetChk can be
launched from an NT4 or greater system, and can report on hotfix status
for Windows NT 4.0, Windows 2000, Windows XP, IIS 4, IIS 5, IIS 5.1,
Internet Explorer 5.01 and later, SQL Server 7.0 and SQL Server 2000.  

Support 
A public newsgroup has been created to support HFNetChk. Please visit
microsoft.public.security.hfnetchk on the news.microsoft.com news
server. 

UPDATES AND FIXES IN HFNETCHK 3.3 
The following issues have been addressed in the 3.3 release: 

New Switches:
 (-u) and (-p) to specify username and password for scanning remote
systems. 
 (-f) to write the results to a specified output file. (Note: this will
overwrite, not append, data to the specified output file.) 
 (-fh) to specify the name of a file containing NetBIOS machine names to
scan. One machine name per line, 256 max per file. 
 (fip) to specify the name of a file containing IP addresses to scan.
One IP address per line, 256 max per file. 

Functional Updates:
 - It is now possible to scan the local machine when the Server Service
has been disabled (or has not been installed.) 
 - A warning message will be presented if the installed product is not
running the latest available Service Pack. 
 - IP addresses may be used when executing a scan from a Windows NT 4
system. (Note: remote system IP addresses must resolve to machine names
in order for this feature to work from NT4 systems.) 
 - Code has been added that will automatically check to see whether the
downloaded mssecure.cab file has been signed by Microsoft. If the
downloaded file (mssecure.cab) has been properly signed by Microsoft,
HFNetChk will automatically expand the file and will not prompt the user
to accept the signed package. 
 - This version will correctly identify .NET server machines and IIS 6.0
machines. (Patches have not been released for these platforms, nor has
the XML file been updated with information on these platforms, but the
proper product names will now appear in the output.) 
 - If the tool is unable to access the mssecure.cab file from the
Microsoft server, it will next try to download the expanded mssecure.xml
file from http://www.microsoft.com/technet/security/search/mssecure.xml.
If this also fails, HFNetChk will then search the local system for
versions of the CAB and XML files. 

Output:
 - To enhance performance, tab output (-o tab) is required when scanning
more than 255 hosts. 
 - Both MachineName and IPaddress are displayed in wrap and tab output.
Format is: MachineName (IPAddress) In instances where either value
cannot be resolved from the other, the known value will be displayed in
both locations. 

Enhancements:
 - Fixed bug where domain controllers were identified as workstations
instead of servers. As a result, not all available hotfixes would be
displayed when scanning domain controllers. 
 - Results include status on all installed products, even when a given
product is up to date on patches. 
 - Text alignment has been enhanced for wrap and tab output. 
 - Enhanced error reporting when access is denied to a machine or there
is an error in reading the remote system's registry. 
 - Improved -d domain scanning. 
 - Improved support when scanning workgroups (using -d). 
 - Improved memory management when performing large scans. 
 - Improved recognition for SQL Server 2000 Service Packs. 

Additional features, such as scanning for Exchange Server or Microsoft
Office patches, are being considered for a future release of HFNetChk
and are not included in this release.


----- End forwarded message -----

Mais detalhes sobre a lista de discussão SECURITY-L