Any references to Community Connect� 3 in this document apply equally to RM Smart-Tools 3.

Microsoft� has released significant Security Updates for Windows�. HFXCC3244 contains these updates in a format easily applied to Community Connect 3 networks.
Note: We recommend that you apply this Security Update without delay.
Before installing any Software Update, please refer to TEC90813 and DWN59018 in the Other Useful Articles section below. These articles detail RM's recommendations regarding Software Update installation and support.

At the time of writing this article there are no known issues related to HFXCC3244.

• HFXCC3244 should be installed on Community Connect 3 networks with Service Release 5 (SR5) or above.
• This Security Update should be installed on to all Community Connect 3 servers.

Note: All servers and workstations will need to be restarted in order to install this Security Update completely. You should therefore plan to install the Security Update out-of-hours to minimise disruption to your network.

HFXCC3244 contains the following Microsoft security updates:

1. MS09-050 Vulnerabilities in SMBv2 Could Allow Remote Code Execution (975517).
2. MS09-051 Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682).
3. MS09-053 Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution (975254).
4. MS09-054 Cumulative Security Update for Internet Explorer (974455).
5. MS09-055 Cumulative Security Update of ActiveX Kill Bits (973525).
6. MS09-056 Vulnerabilities in Windows CryptoAPI Could Allow Spoofing (974571).
7. MS09-057 Vulnerability in Indexing Service Could Allow Remote Code Execution (969059).
8. MS09-058 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486).
9. MS09-059 Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467).
10. MS09-060 Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution (973965).
11. MS09-061 Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (974378).
12. MS09-062 Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488). 

More information on the issues resolved by these updates is available from Microsoft's website (http://www.microsoft.com).

Note: HFXCC3244 may not contain all the security updates released by Microsoft in October 2009. Please read the More Information section below for further details.

Note: The updates provided in HFXCC3244 supersede some previously-released Microsoft security updates; as such, the following Community Connect 3 workstation packages will be removed from networks (if they are present) during this Security Update's installation:

• XP SP2 and SP3 IE6 Security Update KB972260
• XP SP2 and SP3 IE7 Security Update KB972260
• XP SP2 and SP3 IE8 Security Update KB972260
• Windows XP SP2 and SP3 Security Update KB973346
• Windows XP Security Update KB920685
• Windows XP SP2 and SP3 Security Update KB956841
• Microsoft .NET 2.0 XP Security Update KB931212
• Microsoft Office XP SP3 Security Update KB949031
• Microsoft Office XP SP3 Security Update KB954593
• Microsoft Visio 2002 Security Update KB954593 
• Microsoft Office 2003 SP3 Security Update KB949031
• Office 2003 SP2 and SP3 Security Update KB954593
• MS Office 2007 and SP1 Security Update KB954593

If you are running a Community Connect 3 network, you should apply this Security Update without delay.
HFXCC3244 should be applied to all Community Connect 3 servers including all domain controllers and all Member Servers (such as DAMMS and MIS servers).  It does not need to be applied to Community Connect 3 workstations directly but all servers and workstations will need to be restarted for the updates to be applied fully.

Please note: HFXCC3244 should not be directly applied to RM Client Connect Terminal Servers. For information on how to apply the server updates to these servers see the 'Installing on Terminal Servers' section below.
Important: All your Community Connect 3 servers will need to be restarted in order to install this Security Update completely. You should therefore plan to install the Security Update out-of-hours to minimise disruption to your network.

1. Click the HFXCC3244.exe file link below to download the Security Update.
2. Choose to Save the file, browse to the temporary location you wish to save it to (for example D:\temp) and click Save.
3. When it has downloaded, follow the installation instructions below to install the Security Update.

Important: During the installation of HFXCC3244, the Station Manager HealthCheck and the allocation of new Microsoft� Security Update packages must be done manually. Please ensure that you fully complete all steps in the installation instructions. If you previously started to install the Security Update but cancelled the operation, follow the installation instructions in the 'Installing after cancelling a previous install' section below.

1. Download HFXCC3244.exe.
2. Log on to your first Community Connect 3 domain controller as a System Administrator and copy the Security Update to a temporary location (for example D:\temp).
3. Run the Security Update by double-clicking the self-extracting executable file (HFXCC3244.exe). The Security Update will extract files automatically and run the RM Installation Assistant to begin the installation.
4. When prompted, click Continue.
5. The installation will proceed automatically. When prompted that the RM Installation Assistant has finished, click Finish.
6. Repeat steps 2-5 at all your other Community Connect 3 domain controllers.
7. Repeat steps 2-5 at any Member Servers (eg DAMMS or MIS servers) on the network.

Note: After installation at a server, the server will need to be rebooted for the Microsoft� Security Updates to be applied fully. It is recommended that you ensure each domain controller has rebooted successfully before applying the Software Update to the next server.

8. When all Community Connect 3 domain controllers have had HFXCC3244 applied, log on to the first Community Connect 3 domain controller server in each site as the System Administrator. Run Microsoft� Windows� Explorer and browse to D:\RMNetwork\RMManage\Station Manager. Double-click on the file Healthcheck.exe, and select OK to start the health check and OK again when it has completed.
9. HFXCC3244 provides new workstation packages but does not automatically allocate them. You should allocate these new packages to all your workstations at your earliest convenience.

Note: If you choose to allocate the packages at a later time, you must still complete all of steps 1 to 8 above now, including running the Station Manager HealthCheck.

The new Security Packages are listed as available packages as follows in the RM Management Console (RMMC):

 System packages:

• XP SP2 and SP3 .NET1.1SP1 Security Update KB974378
• XP SP2 and SP3 .NET2.0SP1 Security Update KB974378
• XP SP2 and SP3 .NET2.0SP2 Security Update KB974378
• XP SP2 and SP3 IE6 Security Update KB974455
• XP SP2 and SP3 IE7 Security Update KB974455
• XP SP2 and SP3 IE8 Security Update KB974455
• XP SP2 and SP3 Security Update KB957488
• XP SP2 and SP3 Security Update KB969059
• XP SP2 and SP3 Security Update KB971486
• XP SP2 and SP3 Security Update KB973525
• XP SP2 and SP3 Security Update KB974571
• XP SP2 and SP3 Security Update KB975254
• XP SP2 and SP3 Security Update KB975467
• XP SP2 and SP3 Security Update KB975682
• XP SP2 and SP3 Media Security Update KB975682
• XP SP2 Security Update KB975682
• XP SP3 Security Update KB975682
• Vista Security Updates - October 2009
• Vista .NET1.1SP1 Security Update KB974378

Application: 

• Office XP SP3 Security Update KB957488
• Visio 2002 SP2 Security Update KB957488
• Office 2003 SP3 Security Update KB957488
• Office 2007 SP1 and SP2 Security Update KB957488
• Office Outlook 2002 SP3 Security Update KB973965
• Office Outlook 2003 SP3 Security Update KB973965
• Office Outlook 2007 SP1 Security Update KB973965
• Office Outlook 2007 SP2 Security Update KB973965
• Visio Viewer 2007 SP1 Security Update KB973965
• Visio Viewer 2007 SP2 Security Update KB973965

Note: If you do not see the above packages in the RMMC, please do an Update Package List. To do this please refer TEC731836 in Other Useful Articles section below.

Once you have allocated the packages to workstations, restart the workstations at your convenience for the updates to be installed.

1. Browse to D:\RMNetwork\RMManage\RM Hotfixes\HFXCC3244_extracted and double-click the file RM Installation Assistant.exe.

Note: If this folder or its contents do not exist, re-run the HFXCC3244.exe file downloaded from the RM Support Web site as in step 1 of the installation instructions section above.

2. Follow the procedures from step 4 in the installation instructions section above.

Note: If you have a Terminal Server on your network please follow the instructions below:

1. Install the RM Security Updates on to your Community Connect 3 domain controllers as described above.
2. Log on to the Terminal Server and browse to the following folder on one of your domain controllers: \\<DC_Server_Name>\RMManage\RM Hotfixes\HFXCC3244_extracted\Utilities\Server Updates\v1.64.0.1\
3. Double-click the Server_Updates.vbs file to install the Microsoft� Security Updates.

Note: The Server_Updates.vbs script will run silently on a Terminal Server. However, you can check for completion using the following process:

1. Log on to the Terminal Server as Systemadmin.
2. From the Start menu, select Run and type eventvwr then press return.
3. Double-click the system event log from the right-hand pane.
4. In the list of events you should see a number of events with the Source 'NTServicePack' and event ID 4377 which will correspond with the date and time the ServerUpdates.vbs was run. (The number of entries will vary with each update as only updates relevant to the Terminal Server and any other updates relevant to applications installed on these servers, will be installed).

The components of HFXCC3244 will be included in a future Community Connect 3 Service Release or Microsoft� Service Pack validated by RM.

The Security Update can be installed on to networks running Community Connect 3 with Service Release 5 or above.

HFXCC3244 is not included in Service Release 5 or 6. It will need to be re-applied if originally installed before Service Release 6 is installed.

Note: The application Software Updates will need to be re-applied if the related Microsoft� application is installed or re-installed after the Software Updates were applied.

See the Description section for a full list. HFXCC3244 contains new relevant workstation and server Microsoft� Security Updates. 

Software pre-requisites.

Please find below details of the software pre-requisites:

System Packages:

• XP SP2 and SP3 .NET1.1SP1 Security Update KB974378 (System requirements: Windows XP Service Pack 2/ Service Pack 3, .Net Framework 1.1 Service Pack 1)
• XP SP2 and SP3 .NET2.0SP1 Security Update KB974378 (System requirements: Windows XP Service Pack 2/ Service Pack 3, .Net Framework 2.0 Service Pack 1)
• XP SP2 and SP3 .NET2.0SP2 Security Update KB974378 (System requirements: Windows XP Service Pack 2/ Service Pack 3, .Net Framework 2.0 Service Pack 2)
• XP SP2 and SP3 IE6 Security Update KB974455 (System requirements: Windows XP Service Pack 2/ Service Pack 3, Internet Explorer 6)
• XP SP2 and SP3 IE7 Security Update KB974455 (System requirements: Windows XP Service Pack 2/ Service Pack 3, Internet Explorer 7)
• XP SP2 and SP3 IE8 Security Update KB974455 (System requirements: Windows XP Service Pack 2/ Service Pack 3, Internet Explorer 8)
• XP SP2 and SP3 Security Update KB957488 (System requirements: Windows XP Service Pack 2/ Service Pack 3)
• XP SP2 and SP3 Security Update KB969059 (System requirements: Windows XP Service Pack 2/ Service Pack 3)
• XP SP2 and SP3 Security Update KB971486 (System requirements: Windows XP Service Pack 2/ Service Pack 3)
• XP SP2 and SP3 Security Update KB973525 (System requirements: Windows XP Service Pack 2/ Service Pack 3)
• XP SP2 and SP3 Security Update KB974571 (System requirements: Windows XP Service Pack 2/ Service Pack 3)
• XP SP2 and SP3 Security Update KB975254 (System requirements: Windows XP Service Pack 2/ Service Pack 3)
• XP SP2 and SP3 Security Update KB975467 (System requirements: Windows XP Service Pack 2/ Service Pack 3)
• XP SP2 and SP3 Security Update KB975682 (System requirements: Windows XP Service Pack 2/ Service Pack 3)
• XP SP2 and SP3 Media Security Update KB975682 (System requirements: Windows XP Service Pack 2/ Service Pack 3, Media Player 9 Series, Codecs Installation Package for Windows Media Player)
• XP SP2 Security Update KB975682 (System requirements: Windows XP Service Pack 2)
• XP SP3 Security Update KB975682 (System requirements: Windows XP Service Pack 3)
• Vista .NET1.1SP1 Security Update KB974378 (System requirements: Vista/Vista SP1/Vista SP2, .Net Framework 1.1 Service Pack 1)
• Vista Security Updates - October 2009 (System requirements: Vista/Vista SP1/Vista SP2)

 Windows Vista� Security Updates - October 2009 package includes:

• NDP1.1sp1-KB953297-X86.exe [MS09-061] (System requirements: Vista/Vista SP1/Vista SP2, .Net Framework1.1 Service Pack 1)
• Windows6.0-KB975517-x86.msu [MS09-050] (System requirements: Vista/Vista SP1/Vista SP2)
• Windows6.0-KB954155-x86.msu [MS09-051] (System requirements: Vista/Vista SP1/Vista SP2)
• Windows6.0-KB974455-x86.msu [MS09-054] (System requirements: Vista/Vista SP1/Vista SP2, Internet Explorer 7)
• IE8-Windows6.0-KB974455-x86.msu [MS09-054] (System requirements: Vista/Vista SP1/Vista SP2, Internet Explorer 8)
• Windows6.0-KB973525-x86.msu [MS09-055] (System requirements: Vista/Vista SP1/Vista SP2)
• Windows6.0-KB974468-x86.msu [MS09-061] (System requirements: Vista, .Net Framework 2.0)
• Windows6.0-KB974292-x86.msu [MS09-061]  (System requirements: Vista, .Net Framework 2.0 Service Pack 1)
• Windows6.0-KB974467-x86.msu [MS09-061] (System requirements: Vista, .Net Framework 2.0 Service Pack 2)
• Windows6.0-KB974291-x86.msu [MS09-061] (System requirements: Vista SP1, .Net Framework 2.0 Service Pack 1)
• Windows6.0-KB974469-x86.msu [MS09-061] (System requirements: Vista SP1, .Net Framework 2.0 Service Pack 2)
• Windows6.0-KB974470-x86.msu [MS09-061] (System requirements: Vista SP2, .Net Framework 2.0 Service Pack 2)
• Windows6.0-KB958869-x86.msu [MS09-062] (System requirements: Vista/Vista SP1)
• Windows6.0-KB974571-x86.msu [MS09-056] (System requirements: Vista/Vista SP1/Vista SP2)
• Windows6.0-KB971486-x86.msu [MS09-058] (System requirements: Vista/Vista SP1/Vista SP2)
• Windows6.0-KB975467-x86.msu [MS09-059] (System requirements: Vista/Vista SP1/Vista SP2) 

 Note: To uninstall an update (MSU) installed by Windows Vista Security Update (MSI),

1. From the Start menu choose Control Panel, and then click Security.
2. Under Windows Update, click 'View installed updates' and select from the list of updates.

 Application Packages:

• Office XP SP3 Security Update KB957488 (System requirements: MS Office XP Service Pack 3)
• Visio 2002 SP2 Security Update KB957488 (System requirements: MS Visio 2002 Service Pack 2)
• Office 2003 SP3 Security Update KB957488 (System requirements: MS Office 2003 Service Pack 3)
• Office 2007 SP1 and SP2 Security Update KB957488 (System requirements: MS Office 2007 Service Pack 1/Service Pack 2)
• Office Outlook 2002 SP3 Security Update KB973965 (System requirements: MS Outlook 2002 Service Pack 3)
• Office Outlook 2003 SP3 Security Update KB973965 (System requirements: MS Office 2003 Service Pack 3)
• Office Outlook 2007 SP1 Security Update KB973965 (System requirements: MS Office 2007 Service Pack 1)
• Office Outlook 2007 SP2 Security Update KB973965 (System requirements: MS Office 2007 Service Pack 2)
• Visio Viewer 2007 SP1 Security Update KB973965 (System requirements: MS Visio Viewer 2007 Service Pack 1)
• Visio Viewer 2007 SP2 Security Update KB973965 (System requirements: MS Visio Viewer 2007 Service Pack 2)

More information on October 2009 Microsoft� Security Updates could be found from the following Microsoft� Security Bulletin: http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx