Note: Any references to Community Connect� 3 (CC3) in this article apply equally to RM Smart-Tools 3.

Microsoft� has released significant Security Updates for Windows�. HFXCC3305 contains these updates in a format easily applied to CC3 networks.

We recommend that you apply this Security Update without delay. Before installing any software update, please refer to TEC90813 and DWN59018 in the Other Useful Articles section below. These articles detail our recommendation regarding software update installation and support.

At the time of writing this article, there were no known issues related to HFXCC3305.

• HFXCC3305 should be installed on CC3 networks with Service Release 5 (SR5) or above.
• This Security Update should be installed on to all CC3 servers.

Note: All servers and workstations will need to be restarted in order to install this Security Update completely. Therefore, you should plan to install the Security Update out of working hours to minimise the disruption to your network.

HFXCC3305 contains the following Microsoft Security Updates:

• MS13-080 - Cumulative Security Update for Windows Internet Explorer� (2879017)
• MS13-081 - Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2870008)
• MS13-082 - Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2878890)
• MS13-083 - Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2864058)
• MS13-085 - Vulnerabilities in Microsoft Excel� Could Allow Remote Code Execution (2885080)
• MS13-086 - Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2885084)

More information on the issues resolved by these updates are available from the Microsoft website: http://www.microsoft.com/

Notes:

• HFXCC3305 may not contain all the Security Updates released by Microsoft in October 2013. Please read the More Information section below for further details.
• The updates provided in HFXCC3305 supersede the previously released Microsoft Security Updates. As such, the following CC3 workstation packages will be removed from the network (if present) during this Security Update's installation:
  • Microsoft Windows XP SP3 IE6 Security Update 2870699
  • Microsoft Windows XP SP3 IE7 Security Update 2870699
  • Microsoft Windows XP SP3 IE8 Security Update 2870699
  • Microsoft Windows XP SP3 Security Update KB2753842
  • Microsoft Windows XP SP3 Security Update 2876315
  • Microsoft Windows XP SP3 .Net 2.0 SP2 Security Update 2836440
  • Microsoft Windows XP SP3 .NET 3.5 SP1 Security Update 2638420
  • Microsoft Windows XP SP3 .Net 4.0 Security Update 2836440
  • Microsoft Windows XP SP3 .NET 4.0 Security Update 2638420
  • Microsoft Windows XP SP3 .NET 4.0 Security Update KB2832407
  • Microsoft Excel 2007 SP3 Security Update 2858300
  • Microsoft Office 2007 System Security Update KB2553089
  • Microsoft Office 2007 System Security Update KB2553090
  • Microsoft Excel 2010 SP1_SP2 Security Update 2858300
  • Microsoft Office 2010 (32-bit) Security Update KB2553091
  • Microsoft Office 2010 (32-bit) Security Update KB2553096
  • Microsoft Office 2007 SP3 Security Update 2858300
  • Microsoft Word 2003 SP3 Security Update 2845537
  • Microsoft Word 2007 SP3 Security Update 2845537
  • Microsoft Office 2007 SP3 Security Update KB2760823

If you are running a CC3 network, you should apply this Security Update without delay.

HFXCC3305 should be applied to all CC3 servers including all domain controllers and all Member servers (such as DAMMS and MIS servers or servers running Microsoft Exchange). It does not need to be applied to CC3 workstations directly, but all the servers and workstations will need to be restarted for the Microsoft Security Updates to be applied fully.
Note: HFXCC3305 should not be directly applied to the RM Client Connect Terminal servers.

For information on how to apply the server updates to these servers, refer to the 'Installing on Terminal servers' section below.

Important: All your CC3 servers will need to be restarted in order to install this Security Update completely. Therefore, you should plan to install the Security Update out of working hours to minimise the disruption to your network.

1. Click the HFXCC3305.exe file link below to download the Security Update.
2. Choose Save Target As to save the file, browse to the temporary location you wish to save it to (for example D:\temp) and click Save.
3. When it has downloaded, follow the instructions in the Installation Instructions section below to install the Security Update.

Important: During the installation of HFXCC3305, the Station Manager HealthCheck and the allocation of new Microsoft Security Update packages must be done manually. Please ensure that you fully complete all the steps in the Installation Instructions section below. If you have previously started to install the Security Update but cancelled the operation, follow the installation instructions in the 'Installing after cancelling a previous install' section below.

1. Download HFXCC3305.exe.
2. Log on to your first CC3 domain controller as a system administrator and copy the Security Update to a temporary location (for example, D:\temp).
3. Run the Security Update by double-clicking the self extracting executable file (HFXCC3305.exe). The Security Update will extract the files automatically and run the RM Installation Assistant to begin the installation.
4. When prompted, click Continue.
5. The installation will proceed automatically. When prompted that the RM Installation Assistant has finished, click Finish.
6. Once HFXCC3305 has been installed successfully, users should run the Update Package List manually.
7. Repeat steps 2-6 at all your other CC3 domain controllers.
8. Repeat steps 2-6 at any Member servers (e.g. DAMMS or MIS servers) on the network.
   Note: After installation at a server, the server will need to be rebooted for the Microsoft Security Updates to be applied fully. It is recommended that you ensure each domain controller has rebooted successfully before applying the software update to the next server.
9. When all CC3 domain controllers have had HFXCC3305 applied, log on to the first CC3 domain controller server in each site as the system administrator. Run Windows Explorer and browse to D:\RMNetwork\RMManage\Station Manager. Double-click the file HealthCheck.exe, select OK to start the HealthCheck and OK again when it has completed.
10. HFXCC3305 provides new workstation packages but does not automatically allocate them. You should allocate these new packages to all your workstations at your earliest convenience.

Note: If you choose to allocate the packages at a later time, you must still complete all of the steps 1-9 above now, including running the Station Manager HealthCheck. The new Security Update packages are listed as available packages in the RM Management Console (RMMC) as follows:

System packages:

• Vista Security Updates - October 2013
• Vista SP2 .NET 3.5 SP1 Security Update 2861697
• Vista SP2 .NET 4.0 Security Update 2858302 V2
• Vista SP2 .NET 4.0 Security Update 2861188
• Vista SP2 .NET 4.5 Security Update 2861193
• Vista SP2 .NET 4.5 Security Update 2861208
• XP SP3 .Net 2.0 SP2 Security Update KB2863239
• XP SP3 .NET 3.0 SP2 Security Update KB2861189
• XP SP3 .NET 3.5 SP1 Security Update KB2861697
• XP SP3 .NET 4.0 Security Update KB2858302
• XP SP3 .NET 4.0 Security Update KB2861188
• XP SP3 IE6 Security Update 2879017
• XP SP3 IE7 Security Update 2879017
• XP SP3 IE8 Security Update 2879017
• XP SP3 Security Update 2847311
• XP SP3 Security Update 2862330
• XP SP3 Security Update 2862335
• XP SP3 Security Update 2868038
• XP SP3 Security Update 2883150
• XP SP3 Security Update 2884256

Application packages:

• MS Excel 2007 SP3 Security Update KB2827324
• MS Excel 2010 SP1_SP2 Security Update KB2826033
• MS Office 2007 SP3 Security Update KB2760585
• MS Office 2007 SP3 Security Update KB2760591
• MS Office 2007 SP3 Security Update KB2827326
• MS Office 2007 SP3 Security Update KB2827329
• MS Office 2010 SP1_SP2 Security Update KB2826023
• MS Office 2010 SP1_SP2 Security Update KB2826035
• MS Word 2007 SP3 Security Update KB2827330
• MS Word 2003 SP3 Security Update KB2826020

Note: If you do not see the above packages in the RMMC, please run an Update Package List. To do this, please refer to TEC731836 in the Other Useful Articles section below.

Once you have allocated the packages to the workstations, restart the workstations at your convenience for the updates to be installed.

1. Browse to D:\RMNetwork\RMManage\RM Hotfixes\HFXCC3305_extracted and double-click the file RM Installation Assistant.exe.
   Note: If this folder or its contents does not exist, rerun the HFXCC3305.exe file downloaded from the RM Support website as in step one of the Installation Instructions section above.
2. Follow the procedure from step four in the Installation Instructions section above.

Note: If you have a Terminal server on your network, please follow the instructions below:

1. Install the RM Security Updates on to your CC3 domain controllers as described above.
2. Log on to the Terminal server and browse to the following folder on one of your domain controllers: \\<DC_Server_Name>\RMManage\RM Hotfixes\HFXCC3305_extracted\Utilities\Server Updates\v1.128.0.0\.
3. Double-click the Server_Updates.vbs file to install the Microsoft Security Updates.

Note: The Server_Updates.vbs script will run silently on the Terminal server. However, you can check for the completion using the following process:

1. Log on to the Terminal server as a system administrator.
2. From the Start menu, select Run, type eventvwr and click Enter.
3. In the right-hand pane, double-click the System event log.
4. In the list of events, you should see a number of events with the Source NTServicePack and event ID 4377 which will correspond with the date and time the ServerUpdates.vbs was run. (The number of entries will vary with each update as only updates relevant to the Terminal server and any other updates relevant to the applications installed on these servers will be installed.)

The Security Update can be installed on to networks running CC3 with Service Release 5 or above.

HFXCC3305 is not included in Service Release 5 or 6. It will need to be reapplied if originally installed before Service Release 6 is installed.

Note: The application software updates will need to be reapplied if the related Microsoft application is installed or reinstalled after the software updates were applied.

See the Description section above for a full list. HFXCC3305 contains new relevant workstation and server Microsoft Security Updates.

Please find below the details of the software prerequisites:

• Microsoft Windows Vista Security Updates - October 2013 (System requirements: Windows Vista SP2)
• Microsoft Windows XP SP3 IE6 Security Update 2879017 (System requirements: Windows XP SP3, IE6)
• Microsoft Windows XP SP3 IE7 Security Update 2879017 (System requirements: Windows XP SP3, IE7)
• Microsoft Windows XP SP3 IE8 Security Update 2879017 (System requirements: Windows XP SP3, IE8)
• Microsoft Windows XP SP3 Security Update 2847311 (System requirements: Windows XP SP3)
• Microsoft Windows XP SP3 Security Update 2862330 (System requirements: Windows XP SP3)
• Microsoft Windows XP SP3 Security Update 2862335 (System requirements: Windows XP SP3)
• Microsoft Windows XP SP3 Security Update 2868038 (System requirements: Windows XP SP3)
• Microsoft Windows XP SP3 Security Update 2883150 (System requirements: Windows XP SP3)
• Microsoft Windows XP SP3 Security Update 2884256 (System requirements: Windows XP SP3)
• Microsoft Windows XP SP3 .Net 2.0 SP2 Security Update KB2863239 (System requirements: Windows XP SP3, .NET 2.0 SP2)
• Microsoft Windows XP SP3 .NET 3.0 SP2 Security Update KB2861189 (System requirements: Windows XP SP3, .NET 3.0 SP2)
• Microsoft Windows XP SP3 .NET 3.5 SP1 Security Update KB2861697 (System requirements: Windows XP SP3, .NET 3.5 SP1)
• Microsoft Windows XP SP3 .NET 4.0 Security Update KB2858302 (System requirements: Windows XP SP3, .NET 4.0)
• Microsoft Windows XP SP3 .NET 4.0 Security Update KB2861188 (System requirements: Windows XP SP3, .NET 4.0)
• Microsoft Excel 2007 SP3 Security Update KB2827324 (System requirements: Microsoft Office 2007 SP3)
• Microsoft Excel 2010 SP1_SP2 Security Update KB2826033 (System requirements: Microsoft Office 2010 SP1/SP2)
• Microsoft Office 2007 SP3 Security Update KB2760585 (System requirements: Microsoft Office 2007 SP3)
• Microsoft Office 2007 SP3 Security Update KB2760591 (System requirements: Microsoft Office 2007 SP3)
• Microsoft Office 2007 SP3 Security Update KB2827326 (System requirements: Microsoft Office 2007 SP3)
• Microsoft Office 2007 SP3 Security Update KB2827329 (System requirements: Microsoft Office 2007 SP3)
• Microsoft Office 2010 SP1_SP2 Security Update KB2826023 (System requirements: Microsoft Office 2010 SP1/SP2)
• Microsoft Office 2010 SP1_SP2 Security Update KB2826035 (System requirements: Microsoft Office 2010 SP1/SP2)
• Microsoft Word 2003 SP3 Security Update KB2826020 (System requirements: Microsoft Office 2007 SP3)
• Microsoft Word 2007 SP3 Security Update KB2827330 (System requirements: Microsoft Office 2007 SP3)

Windows Vista Security Updates - October 2013 package includes:

• IE8-Windows6.0-KB2879017-x86.msu (System requirements: Windows Vista SP2, IE8)
• IE9-Windows6.0-KB2879017-x86.msu (System requirements: Windows Vista SP2, IE9)
• Windows6.0-KB2879017-x86.msu (System requirements: Windows Vista SP2, IE7)
• Windows6.0-KB2861190-x86.msu (System requirements: Windows Vista SP2)
• Windows6.0-KB2863253-x86.msu (System requirements: Windows Vista SP2)
• Windows6.0-KB2864058-x86.msu (System requirements: Windows Vista SP2)
• Windows6.0-KB2884256-x86.msu (System requirements: Windows Vista SP2)
• Windows6.0-KB2883150-x86.msu (System requirements: Windows Vista SP2)
• Windows6.0-KB2876284-x86.msu (System requirements: Windows Vista SP2)
• Windows6.0-KB2864058-x86.msu (System requirements: Windows Vista SP2)
• Windows6.0-KB2868038-x86.msu (System requirements: Windows Vista SP2)
• Windows6.0-KB2864202-x86.msu (System requirements: Windows Vista SP2)
• Windows6.0-KB2862335-x86.msu (System requirements: Windows Vista SP2)
• Windows6.0-KB2862330-x86.msu (System requirements: Windows Vista SP2)
• Windows6.0-KB2855844-x86.msu (System requirements: Windows Vista SP2)
• Windows6.0-KB2847311-x86.msu (System requirements: Windows Vista SP2)
• NDP35SP1-KB2861697-x86.exe (System requirements: Windows Vista SP2, .NET 3.5 SP1)
• NDP40-KB2858302-v2-x86.exe (System requirements: Windows Vista SP2, .NET 4.0)
• NDP40-KB2861188-x86.exe (System requirements: Windows Vista SP2, .NET 4.0)
• NDP45-KB2861193-x86.exe (System requirements: Windows Vista SP2, .NET 4.5)
• NDP45-KB2861208-x86.exe (System requirements: Windows Vista SP2, .NET 4.5)

Windows Server 2003 Security Updates include:

• IE7-WindowsServer2003-KB2879017-x86-ENU.exe (System requirements: Windows Server 2003, IE7)
• IE8-WindowsServer2003-KB2879017-x86-ENU.exe (System requirements: Windows Server 2003, IE8)
• WindowsServer2003-KB2879017-x86-ENU.exe (System requirements: Windows Server 2003, IE6)
• WindowsServer2003-KB2847311-x86-ENU.exe (System requirements: Windows Server 2003)
• WindowsServer2003-KB2862330-x86-ENU.exe (System requirements: Windows Server 2003)
• WindowsServer2003-KB2862335-x86-ENU.exe (System requirements: Windows Server 2003)
• WindowsServer2003-KB2864058-x86-ENU.exe (System requirements: Windows Server 2003)
• WindowsServer2003-KB2868038-x86-ENU.exe (System requirements: Windows Server 2003)
• WindowsServer2003-KB2883150-x86-ENU.exe (System requirements: Windows Server 2003)
• WindowsServer2003-KB2884256-x86-ENU.exe (System requirements: Windows Server 2003)
• NDP20SP2-KB2863239-x86.exe (System requirements: Windows Server 2003)
• NDP30SP2-KB2861189-x86.exe (System requirements: Windows Server 2003)
• NDP35SP1-KB2861697-x86.exe (System requirements: Windows Server 2003)
• NDP40-KB2858302-v2-x86.exe (System requirements: Windows Server 2003)
• NDP40-KB2861188-x86.exe (System requirements: Windows Server 2003)

Notes:
The following bulletins have not been included in the hotfix for the month of October 2013:

• MS13-084 - Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2885089)
• MS13-087 - Vulnerability in Silverlight Could Allow Information Disclosure (2890788)

To uninstall an update (MSU) installed by Windows Vista Security Update (MSI):

1. From the Start menu, click Control Panel, Security.
2. Under Windows Update, click 'View installed updates' and select from the list of updates.

More information on the Microsoft Security Updates for October 2013 are available in the following Microsoft Security Bulletin: http://technet.microsoft.com/en-us/security/bulletin/ms13-Oct.