Guest

Cisco Unified Intelligent Contact Management Enterprise

Field Notice: FN - 61693 - Cisco Enterprise and Hosted Contact Center Products Notice for Microsoft July Security Update


Revised September 2, 2004

July 14, 2004


Products Affected

Product

CTIOS - 4.6.2, 4.7, 5.0, and 5.1, all service releases

Cisco Internet Service Node - Versions 1.0, 2.0, and 2.1

ICM Enterprise - 4.6.2, 5.0, and 6.0, all service releases

ICM Hosted - 4.6.2 and 5.0, all service releases

IPCC Enterprise - 4.6.2, 5.0, and 6.0, all service releases

IPCC Hosted - 4.6.2 and 5.0, all service releases

 

Problem Description

On July 13, 2004. Microsoft released the following security updates:

Note: If not otherwise specified, the security bulletin applies to all Service Packs for noted operating systems or applications.

MS04-024 Important

Vulnerability in Windows Shell Could Allow Remote Code Execution (839645)

Affected Software:

  • Windows 2000 Server, Windows 2000 Advanced Server, Service Pack 2, Service Pack 3, Service Pack 4

  • Windows NT Server 4.0, Standard and Enterprise Editions, Service Pack 6a

  • Windows NT Server 4.0, Terminal Server Edition, Service Pack 6

  • Windows 2000 Professional

  • Windows XP Home Edition, Windows XP Professional, Windows XP Service Pack 1

  • Windows 98, Windows Me

MS04-023 Critical

Vulnerability in HTML Help Could Allow Code Execution (840315)

Affected Software:

  • Internet Explorer 6 SP1

  • Windows 2000 Server, Windows 2000 Advanced Server, Service Pack 2, Service Pack 3, Service Pack 4

  • Windows 2000 Professional

  • Windows XP Home and Professional

  • Windows 98, Windows Me

MS04-022 Critical

Vulnerability in Task Scheduler Could Allow Code Execution (841873)

Do not apply this patch on ICM systems without following the special instructions identified below.

Affected Software:

  • Internet Explorer 6 SP1

  • Windows 2000 Server, Windows 2000 Advanced Server, Service Pack 2, Service Pack 3, Service Pack 4

  • Windows 2000 Professional

  • Windows XP Home and Professional

MS04-021 Important

Security Update for IIS 4.0 (841373)

Affected Software:

  • Windows NT Server 4.0, Standard and Enterprise Editions, Service Pack 6a

  • Windows NT Server 4.0, Terminal Server Edition, Service Pack 6

  • Internet Information Server 4.0

MS04-020 Important

Vulnerability in POSIX Could Allow Code Execution (841872)

Affected Software:

  • Windows 2000 Server, Windows 2000 Advanced Server, Service Pack 2, Service Pack 3, Service Pack 4

  • Windows NT Server 4.0, Standard and Enterprise Editions, Service Pack 6a

  • Windows NT Server 4.0, Terminal Server Edition, Service Pack 6

MS04-019 Important

Vulnerability in Utility Manager Could Allow Code Execution (842526)

Affected Software:

  • Windows 2000 Server, Windows 2000 Advanced Server, Service Pack 2, Service Pack 3, Service Pack 4

MS04-018 Important

Cumulative Security Update for Outlook Express (823353)

Affected Software:

  • Windows Outlook Express 5.5, Outlook Express 6.0

  • Internet Explorer 6 Gold, Internet Explorer 6 SP1

For additional information on Microsoft security updates, see the Microsoft Security Page.

Background

Cisco evaluates Microsoft security notices and updates for potential impact to Cisco Contact Center products. The qualification process results in one of four categorical ratings being applied to a given update: Impacting, Not Impacting, Deferred, or Not Applicable.

The four ratings are defined in the Cisco Customer Contact Software Policy for use of Third-Party Software and Security Updates document.

For the security updates listed in the Problem Description section of this bulletin, Cisco has assigned the updates to the following categories:

Impacting

MS04-024 Vulnerability in Windows Shell Could Allow Remote Code Execution

MS04-023 Vulnerability in HTML Help Could Allow Code Execution

MS04-022 Vulnerability in Task Scheduler Could Allow Code Execution

Do not apply this patch on ICM systems without following the special instructions identified below.

MS04-021 Security Update for IIS 4.0

Applicable only to systems running Windows NT 4.0.

Not Applicable

MS04-018 Cumulative Security Update for Outlook Express (823353)

MS04-020 Vulnerability in POSIX Could Allow Code Execution (841872)

MS04-019 Vulnerability in Utility Manager Could Allow Code Execution

Customers should follow Cisco security guidelines for ICM, IPCC and disable the Utility Manager Service and remove the POSIX subsystem. Cisco security guides are available for the following:

Visit the Microsoft web site to download security patches. Keep in mind that you should download the appropriate fixes based on the version of the Microsoft operating system deployed in your environment and service pack level. Customers should follow Microsoft's guidelines regarding when and how they should apply these updates. Refer to the Microsoft Security page for full details of the potential exposure from the caveat.

Problem Symptoms

Cisco testing has discovered that Microsoft patch MS04-022 can conflict with ICM setup. Cisco has created a workaround for Contact Center customers who have elected to install Microsoft patch MS04-022. Cisco further recommends that Contact Center customers should use the Cisco workaround instead of the Microsoft provided workaround for this patch. See the Workaround/Solution section for details. It is important to point out that Cisco Contact Center Support has not had any cases pertaining to this threat recorded from our customer base as of July 21, 2004.

Workaround/Solution

Cisco has assessed, and where deemed appropriate, validated the Microsoft security patches addressed in this bulletin. Cisco recommends that Contact Center customers separately assess all security patches released by Microsoft and install those deemed appropriate for their environments. Cisco will continue to provide a service of separately assessing and where necessary, validating higher severity security patches that may be relevant to the Contact Center Enterprise software products.

Cisco has identified a problem for Contact Center customers who apply MS04-022 patch. The following information provides specific detail on symptoms, conditions, and workaround.

Symptom:

ICM Setup encounters an error condition and prompts the user with the following error message: Setup encountered error while removing AT jobs. Customers should exit ICM setup when they encounter this message and should follow the recommended workaround described below before running setup again.

Condition:

Customer will observe this error when setup is run after patch MS04-022 is applied.

Workaround:

Contact Center customers should manually remove all scheduled jobs prior to running setup to avoid this problem.

DDTS

To follow the bug ID link below and see detailed bug information, you must be a registered user and you must be logged in.

On July 21, 2004, Cisco logged CSCsa27709 and CSCsa28134 cases for these issues.

DDTS

Description

CSCsa27709 (registered customers only)

Setup fails due to failure of deleting schueduled ICM tasks

CSCsa28134 (registered customers only)

The July 2004 MS patches impact ICM setup

 

For More Information

If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:

Receive Email Notification For New Field Notices

Product Alert Tool - Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.