Any references to Community Connect 3™ in this document apply equally to RM Smart-Tools 3.

Microsoft^� has released significant security updates for Windows^�.  HFXCC3165 contains these updates in a format easily applied to Community Connect 3 networks.

We recommend that you apply this Security Update without delay. Important: This Security Update can be installed on to Community Connect 3 networks with HFXCC3110B or equivalent, ie RM AppAgent version 1.37.3.0 or greater.

Before installing any software update, please refer to TEC90813 and DWN59018 in the Other Useful Articles section below. These articles detail RM's recommendations regarding software update installation and support.

At the time of writing there are no known issues related to HFXCC3165.

• HFXCC3165 should be installed on Community Connect 3 networks with Service Release 4 (SR4) or above, and HFXCC3110B or equivalent.
• HFXCC3164 should be installed on the network prior to installing HFXCC3165.
• This Security Update should be installed on to all Community Connect 3 servers.

Note: All servers and workstations will need to be restarted in order to install this security update completely. You should therefore plan to install the security update out of hours to minimise disruption to your network.

HFXCC3165 contains the following Microsoft� security updates:

1. ** MS06-033: Vulnerability in ASP.NET Could Allow Information Disclosure (917283).
2. MS06-034: Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution (917537).
3. MS06-035: Vulnerability in Server Service Could Allow Remote Code Execution (917159).
4. MS06-036: Vulnerability in DHCP Client Service Could Allow Remote Code Execution (914388).

Note: ** MS06-033: Vulnerability in ASP.NET, is only required to be applied to workstations with .NET Framework 2.0 and Windows� Installer 3.1 installed.

More information on the issues resolved by these updates is available from the Microsoft� Web site: http://www.microsoft.com/).

Note: HFXCC3165 does not contain all the security updates released by Microsoft� in July 2006. Please read the More Information section below for further details.

The updates provided in HFXCC3165 supersedes a previously-released Microsoft� security update; as such, the following Community Connect 3 workstation package will be removed from networks (if it is present) during this security update's installation:

• Windows XP Security Update KB896422
• * Windows XP Security Update KB913446
• * Windows XP Security Update KB893066
• * Windows XP Security Update KB885250
• * Windows XP Security Update KB913446
• * Windows Media Player 10 Security Update KB911565
• * Windows Script Engine Hotfix 814078 (client)
• * Windows XP SP1 Security Update KB912812
• * Windows XP SP2 Security Update KB912812

Note: * These updates were superseded by HFXCC3164 (if they are present).

If you are running a Community Connect 3 network, you should apply this security update without delay.

HFXCC3165 should be applied to all Community Connect 3 servers including all domain controllers and all member servers (such as DAMMS and MIS servers, or servers running Microsoft� Exchange). It does not need to be applied to Community Connect 3 workstations directly but all servers and workstations will need to be restarted for the Microsoft� security updates to be applied fully.

1. Click the HFXCC3165.exe file link below to download the security update.
2. Choose to Save the file, browse to the temporary location you wish to save it to (for example D:\temp) and click Save.
3. When it has downloaded, follow the installation instructions below to install the security update.

Important: During the installation of HFXCC3165, the Station Manager HealthCheck and the allocation of new Microsoft� security update packages must be done manually. Please ensure that you complete all steps in Installation Instructions fully.

If you previously started to install the security update but cancelled the operation, follow the installation instructions in the 'Installing after cancelling a previous install' section below.

1. Download HFXCC3165.
2. Log on to your Forest Root domain controller as Administrator (not as a system administrator) and copy the security update to a temporary location (for example D:\temp).
3. Run the security update by double-clicking the self-extracting executable file (HFXCC3165.exe). The security update will extract files automatically and run the RM Installation Assistant to begin the installation.
4. When prompted, click Continue.
5. The installation will proceed automatically. When prompted that the RM Installation Assistant has finished, click Finish. Note: After installation at a server, the server will need to be restarted for the Microsoft� security updates to be applied fully. Ensure the server has restarted successfully before continuing.
6. Repeat steps two to five at all your other Community Connect 3 domain controllers.
7. Repeat steps two to five at any Member servers (eg DAMMS or MIS servers) on the network.
8. When all Community Connect 3 domain controllers have had HFXCC3165 applied, log on to the Forest Root domain controller server in each site as the Administrator user (not as a system adminstrator). Run Windows� Explorer� and browse to D:\RMNetwork\RMManage\Station Manager. Double-click the file Healthcheck.exe, and select OK to start the Health Check, and OK again when it has completed.
9. HFXCC3165 provides new workstation packages but does not automatically allocate them. You should allocate these new packages to all your workstations at your earliest convenience. Note: If you choose to allocate the packages at a later time, you must still complete all of steps one to eight above now, including running the Station Manager Health Check.

The new security packages are listed as available packages as follows in the RM Management Console:

System Packages

• Windows XP Security Update KB914388
• Windows XP Security Update KB917159
• Windows XP Security Update KB917537

Application Packages

• ** Windows XP Security Update KB917283

Note: ** Only allocate Windows XP Security Update KB917283 to workstations that have .NET Framework 2.0 and Windows� Installer 3.1 installed.

10. Once you have allocated the packages to workstations, restart the workstations for the Microsoft� security update to be installed.

1. Browse to D:\RMNetwork\RMManage\RM Hotfixes\HFXCC3165_extracted and double-click the file RM Installation Assistant.exe. Note: If this folder or its contents does not exist, re-run the HFXCC3165.exe file downloaded from the RM Support Web site as in step one of the Installation Instructions section above.
2. Follow the procedures from step four in the Installation Instructions section above.

Some of the components of HFXCC3165 are included in RM Service Release 6 for Community Connect 3.

HFXCC3165 is not included in Service Release 4 or 5. It will not need to be re-applied if originally installed before Service Release 5 is installed.

See the Description section for full list. HFXCC3165 contains new relevant workstation and server Microsoft^� security updates. 

HFXCC3165 does not contain the following security bulletins released by Microsoft� in July 2006:

1. MS06-037: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (917285). RM is investigating the issues relating to this security update and will provide Office updates in a future security update or service pack if required. However, an attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
2. MS06-038: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (917284). RM is investigating the issues relating to this security update and will provide Office updates in a future security update or service pack if required. However, an attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
3. MS06-039: Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (915384). RM is investigating the issues relating to this security update and will provide Office updates in a future security update or service pack if required. However, an attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.