Cisco IP Telephony Operating System, SQL Server, Security Updates |
Last updated 19-Sep-2008
NOTE: Before you install the file on the server, review the file-specific readme document to verify that the file is compatible with your version of software. Readme documents also provide special notes pertaining to each file. Obtain the readme documents and files by clicking the Cryptographic Software download page.
Use the readme document and this document in conjunction with the document, Installing the Operating System on the Cisco IP Telephony Applications Server, which provides procedures and detailed information for installing/upgrading the operating system and applying support patches. To obtain the installation document, click http://www.cisco.com/en/US/products/hw/voiceapp/ps378/prod_installation_guides_list.html.. You can obtain version-specific operating system release notes by clicking the URL.
Purpose of the Document
This document provides information for tracking Cisco-supported operating system, SQL Server, and security files that are available for web download.
Contents
This document contains the following sections. Click the hyperlink to go directly to the section.
· Supported Applications and Servers
This section provides a list of Cisco IP telephony applications and servers that use this document.
This section provides several lists:
Recently released individual Critical hotfixes
Latest available OS Service Release
Individual updates that are provided prior to inclusion in an OS Service Release.
This section provides Cisco recommendations for applying updates on supported servers.
· Latest Updates for the Operating System and SQL Server
This section provides a list of the latest operating system, SQL Server, and security updates that are compatible with supported Cisco IP telephony applications.
This section provides information about how to receive email notifications when new updates post to Cisco.com.
This section provides a list of operating system and BIOS files that Cisco removed from the web and replaced with an updated version. Review this section if you are looking for a specific file that is mentioned in the Cisco IP telephony application documentation.
Supported Applications and Servers
These updates support all versions of the following applications:
· Cisco Unified CallManager
· Cisco Conference Connection
· Cisco Personal Assistant
· Cisco IP Interactive Voice Response, and Cisco IP Call Center Express
· Cisco Emergency Responder
· Cisco Customer Voice Portal
· Cisco MeetingPlace
Note: This document does not support Cisco Unity or servers where Cisco Unity is installed.
These updates support all Cisco Media Convergence Servers (MCS), and Cisco-approved, customer-provided Compaq/HPQ and IBM servers.
Below is a list of the security bulletins that were released by Microsoft on 09-September-2008. Although rated by Microsoft, Cisco may adjust the rating to reflect the impact to the supported applications and servers (see Supported Applications and Servers).
|
Bulletin |
Article |
Microsoft Rating |
Cisco Rating |
Bulletin title |
File Name |
Disposition |
|
MS08-052 |
954593 |
Critical
|
Important – Requires internet usage from MCS Server |
Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593) |
win-K9-MS08-052-Windows2000.exe win-K9-MS08-052-Windows2003.exe
win-OS-Upgrade-K9.2000-4-5b-sr15.exe win-OS-Upgrade-K9.2000-4-6-sr2.exe win-OS-Upgrade-K9.2003-1-2a-sr15.exe win-OS-Upgrade-K9.2003-1-3b-sr2.exe |
Available
|
|
MS08-053 |
954156 |
Critical |
N/A – Requires Media Encoder component that isn’t installed.
|
Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution (954156) |
win-OS-Upgrade-K9.2000-4-5b-sr15.exe win-OS-Upgrade-K9.2000-4-6-sr2.exe win-OS-Upgrade-K9.2003-1-2a-sr15.exe win-OS-Upgrade-K9.2003-1-3b-sr2.exe |
Available
|
|
MS08-054 |
954154 |
Critical |
N/A – Requires WMP11 which isn’t installed on MCS Platform. |
Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154) |
N/A |
N/A |
|
MS08-055 |
950974 |
Critical |
N/A – MS Office |
Vulnerabilities in Event System Could Allow Remote Code Execution (950974) |
N/A |
N/A |
Table 1: Microsoft Hotfix Disposition
Below is a list of the latest available OS upgrade. These versions require users to be at a minimum OS level 2000.2.7, 2000.4.1, 2000.4.1b or higher to apply.
|
File Name |
Description |
Status |
|
win-OS-Upgrade-K9.2000-4-6.exe |
OS Upgrade 2000.4.6 |
Available |
|
win-OS-Upgrade-K9.2003-1-3b.exe |
OS Upgrade 2003.1.3b |
Available |
Table 2: Latest Available OS Upgrade
Below is a list of the Service Releases that contain all the Microsoft Security Bulletins through Sep 2008 based on the Microsoft Security Bulletin Summary published 09-Sep-2008
|
File Name |
Description |
Status |
|
win-OS-Upgrade-K9.2000-4-5b-sr15.exe |
Service Release 15 for MCS platforms using OS 2000.4.5a/2000.4.5b |
Available |
|
win-OS-Upgrade-K9.2003-1-2a-sr15.exe |
Service Release 15 for MCS platforms using OS 2003.1.2a |
Available |
|
win-OS-Upgrade-K9.2000-4-6-sr2.exe |
Service Release 2 for MCS platforms using OS 2000.4.6 |
Available |
|
win-OS-Upgrade-K9.2003-1-3b-sr2.exe |
Service Release 2 for MCS platforms using OS 2003.1.3a/2003.1.3b |
Available |
Table 3: Latest Service Release
Internet or Email vulnerabilities: Critical Microsoft security bulletins for Internet Explorer, Outlook Express, Windows Media Player, and DirectX are generally not considered critical for the Cisco IP Telephony applications supported by this OS Upgrade process. Servers are typically only vulnerable for these Microsoft components when used to surf the Internet to an attacker’s web site or used to receive a specially crafted email. Cisco IP Telephony servers should never be used to surf the web or be configured to receive email. Although not recommended from Cisco IP Telephony servers, using the server to go to Cisco.com and download software updates should be safe from this type of vulnerability.
Order for Applying Updates
Cisco recommends that you apply software updates as they become available on the Cisco voice products software and cryptographic websites.
If you apply all software updates at the same time, Cisco recommends that you apply them in the following order:
· Operating System upgrades
· Operating System Service Release
· SQL Server Service Pack
For more information, refer to the readme document.
· SQL Server Hotfixes
For more information, refer to the readme document.
· Cisco IP telephony application upgrade
· Cisco IP telephony application Service Release
Caution: Always apply the updates to the publisher database server first and verify that the publisher database server behaves as expected. After you apply the updates to the publisher database server, you can apply the updates to the subscriber servers. Always perform the installation updates serially. Applying software updates may cause call-processing interruptions. Install these updates during a maintenance window to minimize call-processing interruptions. If you want to do so, you can apply the operating system upgrade/support patch and the SQL Server support patch/hotfixes during a single maintenance window on the publisher database server first and then every subscriber server in the cluster. During another single maintenance window, you can install the application upgrade and support patch on the publisher database server first and then every subscriber server in the cluster.
Latest Updates for the Operating System and SQL Server
To ensure your servers run the most current operating system and SQL Server versions, verify that all of the following files are installed on every supported server in the cluster.
Operating System Updates 2000.2.7 Support Ended 19-Oct-2005
|
Bulletin |
Knowledge Base Article |
Description |
Reboot Required? |
Install Time |
Notes |
|
N/A |
N/A |
OS version 2000.2.7, or win-OS-upgrade-K9.2000-2-7.exe |
Yes, 3 times |
About 30 min. |
Support Ended 19-Oct-2005 |
|
N/A |
N/A |
win-OS-Upgrade-K9.2000-2-7sr8.exe |
Yes |
About 10 min. |
Requires OS 2000.2.7 |
|
N/A |
N/A |
win-OS-upgrade-K9.2000-4-6.exe |
Yes, 3 times |
About 30 Min. |
See 2000.4.6 table |
Operating System Updates 2000.4.1 Support ended 15-Nov-2005
|
Bulletin |
Knowledge Base Article |
Description |
Reboot Required? |
Install Time |
Notes |
|
N/A |
N/A |
OS version 2000.4.1 |
Yes, 2 times |
About 30 min. |
Support ended 15-Nov-2005 |
|
N/A |
N/A |
win-OS-Upgrade-K9.2000-4-1sr5.exe |
Yes |
About 10 min. |
Requires OS 2000.4.1 |
|
N/A |
N/A |
win-OS-upgrade-K9.2000-4-6.exe |
Yes, 3 times |
About 30 Min. |
See 2000.4.6 table |
Operating System Updates 2000.4.2 Support Ended 20-Mar-2007
|
Bulletin |
Knowledge Base Article |
Description |
Reboot Required? |
Install Time |
Notes |
|
N/A |
N/A |
win-OS-upgrade-K9.2000-4-2.exe |
Yes, 3 times |
About 30 min. |
Requires 2000.2.7 or 2000.4.1 |
|
N/A |
N/A |
win-OS-Upgrade-K9.2000-4-2sr16.exe OS Upgrade Service Release 16 |
Yes |
About 10 min. |
Requires OS 2000.4.2 |
|
N/A |
N/A |
win-OS-upgrade-K9.2000-4-6.exe |
Yes, 2 times |
About 30 Min. |
See 2000.4.6 table |
Operating System Updates 2000.4.3/2000.4.3a Support Ended 20-Mar-2007
|
Bulletin |
Knowledge Base Article |
Description |
Reboot Required? |
Install Time |
Notes |
|
N/A |
N/A |
OS version 2000.4.3 |
Yes, 2 times |
About 30 min. |
|
|
N/A |
N/A |
win-OS-upgrade-K9.2000-4-3a.exe |
Yes. Up to 3 times. |
About 30 min. |
Requires 2000.2.7, 2000.4.1, or 2000.4.2 |
|
N/A |
N/A |
win-OS-Upgrade-K9.2000-4-3a-sr9.exe OS Upgrade Service Release 9 |
Yes |
About 10 min. |
Requires OS 2000.4.3 or 2000.4.3a |
|
N/A |
N/A |
win-OS-upgrade-K9.2000-4-6.exe |
Yes, 2 times |
About 30 Min. |
See 2000.4.6 table |
Operating System Updates 2000.4.4/2000.4.4a Support ended 20-Nov-2007
|
Bulletin |
Knowledge Base Article |
Description |
Reboot Required? |
Install Time |
Notes |
|
N/A |
N/A |
OS version 2000.4.4 |
Yes, 2 times |
About 30 min. |
|
|
N/A |
N/A |
win-OS-upgrade-K9.2000-4-4a.exe |
Yes. Up to 3 times. |
About 30 min. |
Requires 2000.2.7, 2000.4.1 2000.4.2 or 2000.4.3a |
|
N/A |
N/A |
win-OS-Upgrade-K9.2000-4-4a-sr12.exe OS Upgrade Service Release 12 |
Yes |
About 10 min. |
Requires OS 2000.4.4 or 2000.4.4a |
|
N/A |
N/A |
win-OS-upgrade-K9.2000-4-6.exe |
Yes, 2 times |
About 30 Min. |
See 2000.4.6 table |
Operating System Updates 2000.4.5a Support ends 17-Mar-2009
|
Bulletin |
Knowledge Base Article |
Description |
Reboot Required? |
Install Time |
Notes |
|
N/A |
N/A |
OS version 2000.4.5a |
Yes, 2 times |
About 30 min. |
|
|
N/A |
N/A |
win-OS-upgrade-K9.2000-4-5a.exe |
Yes. Up to 3 times. |
About 30 min. |
Requires 2000.2.7, 2000.4.1 2000.4.2 2000.4.3a 2000.4.4 or 2000.4.4a |
|
N/A |
N/A |
win-OS-Upgrade-K9.2000-4-5b-sr15.exe OS Upgrade Service Release 15 |
Yes |
About 10 min. |
Requires OS 2000.4.5a or 2000.4.5b |
|
N/A |
N/A |
win-OS-upgrade-K9.2000-4-6.exe |
Yes, 2 times |
About 30 Min. |
See 2000.4.6 table |
Operating System Updates 2000.4.6
|
Bulletin |
Knowledge Base Article |
Description |
Reboot Required? |
Install Time |
Notes |
|
N/A |
N/A |
OS version 2000.4.6 |
Yes, 2 times |
About 30 min. |
|
|
N/A |
N/A |
win-OS-upgrade-K9.2000-4-6.exe |
Yes. Up to 3 times. |
About 30 min. |
Requires 2000.2.7, 2000.4.1 2000.4.2 2000.4.3a 2000.4.4 2000.4.4a, or 2000.4.5a |
|
N/A |
N/A |
win-OS-Upgrade-K9.2000-4-6-sr2.exe OS Upgrade Service Release 2 |
Yes |
About 10 min. |
Requires OS 2000.4.6 or |
Operating System Updates 2003.1.1 Support ended 20-Nov-2007
|
Bulletin |
Knowledge Base Article |
Description |
Reboot Required? |
Install Time |
Notes |
|
N/A |
N/A |
OS version 2003.1.1 |
Yes, 2 times |
About 30 min. |
|
|
N/A |
N/A |
win-OS-Upgrade-K9.2003-1-1-sr10.exe OS Upgrade Service Release 10 |
Yes |
About 10 min. |
Requires OS 2003.1.1 |
|
N/A |
N/A |
OS version 2003.1.2a |
Yes, 2 times |
About 30 min. |
See 2003.1.2a table |
Operating System Updates 2003.1.2/2003.1.2a Support ends 17-Mar-2009
|
Bulletin |
Knowledge Base Article |
Description |
Reboot Required? |
Install Time |
Notes |
|
N/A |
N/A |
OS version 2003.1.2a |
Yes, 2 times |
About 30 min. |
|
|
N/A |
N/A |
win-OS-Upgrade-K9.2003-1-2a |
Yes. Up to 3 times. |
About 30 min. |
Requires OS 2003.1.1 |
|
N/A |
N/A |
win-OS-Upgrade-K9.2003-1-2a-sr15.exe OS Upgrade Service Release 15 |
Yes |
About 10 min. |
Requires OS 2003.1.2 or 2003.1.2a |
|
N/A |
N/A |
OS version 2003.1.3b |
Yes, up to 3 times |
About 30 min. |
See 2003.1.3a/b table |
Operating System Updates 2003.1.3a/2003.1.3b
|
Bulletin |
Knowledge Base Article |
Description |
Reboot Required? |
Install Time |
Notes |
|
N/A |
N/A |
OS version 2003.1.3a |
Yes, 2 times |
About 30 min. |
|
|
N/A |
N/A |
win-OS-Upgrade-K9.2003-1-3b |
Yes. Up to 3 times. |
About 30 min. |
Requires OS 2003.1.1 or 2003.1.2a
|
|
N/A |
N/A |
win-OS-Upgrade-K9.2003-1-3b-sr2.exe OS Upgrade Service Release 2 |
Yes |
About 10 min. |
Requires OS 2003.1.3a or 2003.1.3b |
SQL Server 7.0 Updates (for Cisco CallManager 3.0, 3.1, 3.2 only)
|
Bulletin |
Knowledge Base Article |
Description |
Reboot Required? |
Install Time |
Notes |
|
N/A |
N/A |
SQL7-ServicePack4.1-0-2.exe SQL 7.0 Service Pack 4 |
Yes |
About 10 min. |
N/A |
|
MS03-031 |
KB815495 |
SQL7-MS03-031.exe |
Yes |
About 10 min. |
N/A |
SQL Server 2000 Updates (for Cisco CallManager 3.3 or greater)
|
Bulletin |
Knowledge Base Article |
Description |
Reboot Required? |
Install Time |
Notes |
|
N/A |
N/A |
SQL 2000 Service Pack 4 |
Yes |
About 20 min. |
It can only be installed on Cisco CallManager 3.3(5), 4.0(2a), and 4.1(x). See SQL2K SP4 readme file for more details. |
|
MS03-031 |
KB815495 |
SQL2K-MS03-031.exe |
Yes |
About 10 min. |
N/A |
Cisco Notification Tools
Cisco CallManager Notification Tool: Cisco has replaced the current Cisco CallManager notification tool with a new, more robust notification tool that is based on your Cisco.com profiles. This new tool delivers email notifications for individual Cisco voice products that you select. Follow the steps below to sign up for the Cisco Voice Technology Group Subscription Tool:
· Login with your Cisco.com account information at this link: http://www.cisco.com/pcgi-bin/Software/Newsbuilder/Builder/VOICE.cgi
· Select "CallManager Cryptographic Software including OS updates" to receive notification when new operating system updates are posted.
· Select any other products updates that you wish to receive.
· Click update at the bottom of the page.
· Confirm your selections.
You may see this message at the bottom of the page: "Your Profile Currently Indicates that you do not wish to receive email from Cisco. "
To be able to receive information updates, you must update your email preferences. Click on the link to update your email preferences (located in the Other Information section). Click submit when you are done.
If you have enabled email notification, you may exit now. If you have not enabled email notification, then you will need to repeat the steps above.
This new software notification tool requires a valid Cisco.com login. If you do not currently have a Cisco.com password, please register with Cisco.com at: http://tools.cisco.com/RPF/register/register.do
Cisco PSIRT Advisory Notification Tool: This email service provides automatic notification of all Cisco Security Advisories that are released by the Cisco Product Security Incident Response Team (PSIRT). Security Advisories, which describe security issues that directly impact Cisco products, provide a set of required actions to repair these products. To subscribe, click the following URL and perform the tasks as directed on the web page: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html - SecurityInfo
File Tracking
The Original File column in the File Tracking table lists files that Cisco has removed from Cisco.com. Cisco has replaced the outdated file in the Original File column with the file that displays in the New File column. Download the file from the New File column.
|
Original File
If you are looking for… |
New File
It has been replaced with… |
|
BIOS Updates |
|
|
7835-BIOS-08-24-00.exe 7835-BIOS-11-08-00.exe 7835-BIOS-04-02-01.exe win-OS-Upgrade.2000-2-3.exe win-OS-Upgrade.2000-2-4.exe win-OS-upgrade-K9.2000-2-6.exe win-OS-upgrade-K9.2000-2-7.exe win-OS-upgrade-K9.2000-4-2.exe win-OS-Upgrade-K9.2000-4-3a.exe win-OS-Upgrade-K9.2000-4-4.exe win-OS-Upgrade-K9.2000-4-5a.exe |
win-OS-Upgrade-K9.2000-4-6.exe |
|
7825-BIOS-04-11-01.exe win-OS-Upgrade.2000-2-3.exe win-OS-Upgrade.2000-2-4.exe win-OS-upgrade-K9.2000-2-6.exe win-OS-upgrade-K9.2000-2-7.exe win-OS-upgrade-K9.2000-4-2.exe win-OS-Upgrade-K9.2000-4-3a.exe win-OS-Upgrade-K9.2000-4-4.exe win-OS-Upgrade-K9.2000-4-5a.exe |
win-OS-Upgrade-K9.2000-4-6.exe |
|
7815-BIOS-ZRE122A.exe win-OS-upgrade-K9.2000-2-7.exe win-OS-upgrade-K9.2000-4-2.exe win-OS-Upgrade-K9.2000-4-3a.exe win-OS-Upgrade-K9.2000-4-4.exe win-OS-Upgrade-K9.2000-4-5a.exe |
win-OS-Upgrade-K9.2000-4-6.exe |
|
7815I-2.0-BIOS-1.49.exe win-OS-upgrade-K9.2000-2-7.exe win-OS-upgrade-K9.2000-4-2.exe win-OS-Upgrade-K9.2000-4-3a.exe win-OS-Upgrade-K9.2000-4-4.exe win-OS-Upgrade-K9.2000-4-5a.exe |
win-OS-Upgrade-K9.2000-4-6.exe |
|
IBMX345-BIOS-1.08.exe win-OS-upgrade-K9.2000-2-6.exe IBMX345-BIOS-1.17.exe win-OS-upgrade-K9.2000-2-7.exe win-OS-upgrade-K9.2000-4-2.exe win-OS-Upgrade-K9.2000-4-3a.exe win-OS-Upgrade-K9.2000-4-4.exe win-OS-Upgrade-K9.2000-4-5a.exe |
win-OS-Upgrade-K9.2000-4-6.exe |
|
Driver Updates
|
|
|
Compaq-NIC-5.29.exe win-OS-Upgrade.2000-2-3.exe win-OS-Upgrade.2000-2-4.exe win-OS-upgrade-K9.2000-2-6.exe win-OS-upgrade-K9.2000-2-7.exe win-OS-upgrade-K9.2000-4-2.exe win-OS-Upgrade-K9.2000-4-3a.exe win-OS-Upgrade-K9.2000-4-4.exe win-OS-Upgrade-K9.2000-4-5a.exe |
win-OS-Upgrade-K9.2000-4-6.exe |
|
HP-SATADriver-6.0.82.exe win-OS-upgrade-K9.2000-4-1sr5.exe win-OS-upgrade-K9.2000-4-2sr7a.exe | |