Any references to Community Connect 3™ in this document apply equally to RM Smart-Tools 3.

Microsoft� have released significant security updates for Microsoft� Windows�. HFXCC3130 contains these updates in a format easily applied to Community Connect 3 networks.

We recommend that you apply this Security Update without delay.

Important:  Service Release 4 (SR4) must already be installed on the network before installing this Security Update. HFXCC3110B must also be installed before installing HFXCC3130.

Before installing any software update, please refer to TEC90813 and DWN59018 in the Other Useful Articles section below. These articles detail RM's recommendations regarding software update installation and support.

• HFXCC3130 should be installed on Community Connect 3 networks with Service Release 4 (SR4) or above.
• HFXCC3130 also requires HFXCC3110B to have been installed on the network.
• This Security Update should be installed on to all Community Connect 3 servers.

Note:  All servers will need to be restarted in order to install this Security Update completely. You should therefore plan to install the Security Update out-of-hours to minimise disruption to your network.

HFXCC3130 contains the following Microsoft� security updates:

1.      MS05-036: Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214);

2.      MS05-038: Cumulative Security Update for Internet Explorer (896727);

3.      MS05-039: Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588);

4.      MS05-040: Vulnerability in Telephony Service Could Allow Remote Code Execution (893756);

5.      MS05-041: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591);

6.      MS05-042: Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587);

7.      MS05-043: Vulnerability in Print Spooler Service Could Allow Remote Code Execution (896423).

More information on the issues resolved by these updates is available from Microsoft's� Web site: (http://www.microsoft.com)

Note: MS05-037, Vulnerability in JView Profiler Could Allow Remote Code Execution (903235), is not provided in HFXCC3130 because it is superseded by MS05-038.

If you are running a Community Connect 3 network, you should apply this Security Update without delay.

Service Release 4 (SR4) and HFXCC3110B must already be installed on the network before installing this Security Update. 

HFXCC3130 should be applied to all Community Connect 3 servers including all domain controllers and all Member Servers (such as DAMMS and MIS servers).  It does not need to be applied to Community Connect 3 workstations directly but all servers and workstations will need to be restarted for the Microsoft� security updates to be applied fully.

1.      Click the HFXCC3130.exe file link to download the Security Update.

2.      Choose to Save the file, browse to the temporary location you wish to save it to (for example D:\temp) and click Save.

3.      When it has downloaded, follow the installation instructions below to install the Security Update.

Important: During the installation of HFXCC3130, the Station Manager HealthCheck and the allocation of new Microsoft� security update packages must be done manually. Please ensure that you fully complete all steps in the Installation Instructions.

If you previously started to install the security update but cancelled the operation, follow the installation instructions in the 'Installing after cancelling a previous install' section below.

1.      Download HFXCC3130.

2.      Log on to your first Community Connect 3 domain controller as Administrator (not SystemAdmin) and copy the Security Update to a temporary location (for example D:\temp).

3.      Run the Security Update by double-clicking the self-extracting executable file (HFXCC3130.exe).  The Security Update will extract files automatically and run the RM Installation Assistant to begin the installation.

4.      When prompted, click Continue.

5.      The installation will proceed automatically.  When prompted that the RM Installation Assistant has finished, click Finish.

Note: After installation at a server, the server will need to be rebooted for the Microsoft� security updates to be applied fully.

6.      Repeat Steps 2-5 at all your other Community Connect 3 domain controllers.

7.      Also repeat steps 2-5 at any member servers (eg DAMMS or MIS servers) on the network.

Note: After installation at a server, the server will need to be rebooted for the Microsoft� security updates to be applied fully.

8.      When all Community Connect 3 domain controllers have had HFXCC3130 applied, log in to the first Community Connect 3 domain controller server in each site as the administrator user (not SystemAdmin). Run Windows Explorer and browse to D:\RMNetwork\RMManage\Station Manager. Double-click on the file Healthcheck.exe, and select OK to start the Healthcheck, and OK again when it has completed.

9.      HFXCC3130 provides new workstation packages but does not automatically allocate them. You should allocate these new packages as applicable to ALL your workstations at your earliest convenience. Note: If you choose to allocate the packages at a later time, you must still complete all of steps 1 to 8 above now, including running the Station Manager health check.

The new security packages are listed as RM system packages as follows:

�        IE6 SP1 Cumulative Security Update KB896727;

�        IE6 SP2 Cumulative Security Update KB896727;

�        Windows XP Security Update KB896423;

�        Windows XP Security Update KB899587;

�        Windows XP Security Update KB899588;

�        Windows XP Security Update KB899591;

�        Windows XP Security Update KB901214.

Note: The two Internet Explorer 6 packages are Microsoft� Windows� XP service pack-level dependent. Any packages that are NOT required by a given workstation will be listed as NOT_INSTALLED (OS VERSION) in that workstation's station INI file.

10.  Once you have allocated the packages to workstations, restart the workstations for the Microsoft� security updates to be installed.

1.      Browse to D:\RMNetwork\RMManage\RM Hotfixes\HFXCC3130_extracted and double-click the file RM Installation Assistant.exe. (If this folder or its contents does not exist, re-run the HFXCC3130.exe file downloaded from the RM Support Web site).

2.      Follow the procedures in 'How to install the Security Update' from step 4 above.

Some of the components of HFXCC3130 are included in RM Service Release 6 for Community Connect 3.

The Security Update can be installed on to networks running Community Connect 3 with Service Release 4 or above and HFXCC3110B installed.

HFXCC3130 is not included in CC3 SR4 or CC3 XPSP2. It will not need to be re-applied after installing the CC3 XPSP2 Update Pack.

See the Description section for full list.  HFXCC3130 contains seven new workstation packages and a component to update servers with the relevant Microsoft security updates. Five of the workstation packages are applicable to workstations running either Microsoft� Windows� XP SP1 or XP SP2. The other two, however, are Microsoft� Windows� XP service pack level-specific.