ClearCube I8800 Technical Document

Page 1
ClearCube Public Technical Document
Document Code: TB0096JS
Top ic: Component(s) Affected: Date:
Updated Date:
TB0096.fm — Summary of I8800 I/Port Security Updates
Summary of I8800 I/Port Security Updates I8800 I/Ports, Windows XPe August 23, 2005
November 10, 2005
OVERVIEW / ENVIRONMENT
Several new I/Port update files have been developed to improve security on the I8800 I/Port. These updates comprise the latest Microsoft Security Updates for Windows XPe that apply to ClearCube I8800 I/ Port devices. Each update can be referenced by its MS update number (e.g., MS05-014) on the Microsoft website at http://www.microsoft.com/technet/security/default.mspx
This Technical Bulletin lists those updates and provides general instructions for their installation. Users can download these updates from the ClearCube support website at http://support.clearcube.com/ Technical Bulletins listed for each update provide more detailed information about the Security Updates as applicable to I/Ports. This Technical Bulletin is updated as new Security Updates are released.
The mapping between Microsoft security updates, ClearCube Technical Bulletins, and the update files pro­vided with those Technical Bulletins is as follows:
MS Security Update Tech Bulletin Update Filename
MS04-011 TB0097JS
MS04-011_XPe_CCT.zip
MS04-022 TB0098JS MS04-022_XPe_CCT.zip
.
. The
MS04-024 TB0099JS MS04-024_XPe_CCT.zip
MS04-028 TB0100JS MS04-028_XPe_CCT.zip
MS04-032 TB0101JS MS04-032_XPe_CCT.zip
MS04-034/038 combo TB0102JS MS04-034_038_combo_XPe_CCT.zip
MS04-037 TB0103JS MS04-037_XPe_CCT.zip
MS04-044 TB0104JS MS04-044_XPe_CCT.zip
MS05-001/002 combo TB0105JS MS05-001_002_combo_XPe_CCT.zip
MS05-007/008 combo TB0106JS MS05-007_008_combo_XPe_CCT.zip
MS05-011/012/013/015 combo TB0107JS MS05-011_012_013_015_combo_XPe_CCT.zip
MS05-014 TB0108JS MS05-014_XPe_CCT.zip
MS05-016 TB0127JS MS05-016_XPe_CCT.zip
MS05-018/019 combo TB0128JS MS05-018_019_combo_XPe_CCT.zip
MS05-020 TB0129JS MS05-020_XPe_CCT.zip
MS05-025 TB0154JS MS05-025_XPe_CCT.zip
MS05-026/027/028 combo TB0155JS MS05-026_027_028_combo_XPe_CCT.zip
ClearCube Technology 8834 Capital of Texas Hwy N Suite 140 Austin, Texas 78759 voice 512 652 3500 www.clearcube.com
TB0096 rev 11/10/2005
Page 2
ClearCube Public Technical Document
Document Code: TB0096JS
MS Security Update Tech Bulletin Update Filename
MS05-036/037 combo TB0156JS MS05-036_037_combo_XPe_CCT.zip
MS05-038 TB0157JS MS05-038_XPe_CCT.zip
MS05-039/040/041/042/043 combo TB0158JS MS05-039__043_combo_XPe_CCT.zip
MS05-044/045/047/050 combo TB0168JS MS05-045_047_048_050_combo_XPe_CCT.zip
MS05-049 TB0169JS MS05-049_XPe_CCT.zip
MS05-051 TB0170JS MS05-051_XPe_CCT.zip
MS05-052 TB0171JS MS05-052_XPe_CCT.zip
Note: These updates apply to the I8800 I/Port only. For a summary of Microsoft security updates for Eon e100 I/Ports, please see Technical Bulletin TB0159, Summary of Eon e100 XPe Security Updates.
For summaries of other I/Port updates, please see Technical Bulletin TB0161, Cumulative List of Updates for Eon e100 and Technical Bulletin TB0162, Cumulative List of Updates for I8800 I/Ports.
Attention: These updates require the use of the Microsoft xcopy.exe command file. If you are updating an I/Port with the 1715 image, you may have to take additional steps. Please see Note 1 at the end of this document for steps to determine which I/Port image you are updating, and if you need to take any extra steps to install your updates.
DETAILED DESCRIPTION
This information is gathered from the following sources:
Microsoft Corporation — Microsoft develops and distributes security updates for its software prod­ucts. Updates listed in this Technical Bulletin are prepared from those updates specifically for ClearCube I8800 I/Ports running Windows XP Embedded and Windows applications.
Common Vulnerabilities and Exposures (CVE) — CVE is a list of standardized names for vulnera­bilities and other information about security exposures. The CVE Web site is hosted by the MITRE Corporation (http://www.cve.mitre.org/about/), and funded by the U.S. Department of Homeland Security ( ities and security exposures.
United States Computer Emergency Readiness Team (US-CERT) — US-CERT is part of the Department of Homeland Security. The CERT Coordination Center (CERT/CC) has become a major reporting center for incidents and vulnerabilities since its inception in 1988. The US-CERT Vulnerability Notes Database contains descriptions of vulnerabilities, their impacts, and solutions. The Vulnerability Notes Database is fully indexed and CVE compliant.
Microsoft describes its ratings for security updates as follows:
Critical — A vulnerability whose exploitation could allow the propagation of an Internet worm without user action.
Important — A vulnerability whose exploitation could result in compromise of the confidentiality, integ­rity, or availability of users data, or of the integrity or availability of processing resources.
Moderate — Exploitability is mitigated to a significant degree by factors such as default configuration, auditing, or difficulty of exploitation.
Low — A vulnerability whose exploitation is extremely difficult, or whose impact is minimal. (source: http://www.microsoft.com/technet/security/bulletin/rating.mspx)
http://www.dhs.gov/). CVE aims to standardize the names for all publicly known vulnerabil-
ClearCube Technology 8834 Capital of Texas Hwy N Suite 140 Austin, Texas 78759 voice 512 652 3500 www.clearcube.com
Page 3
ClearCube Public Technical Document
Document Code: TB0096JS
RESOLUTION
To lessen the exposure to the listed vulnerabilities, system administrators need to install the I/Port updates that ClearCube has provided. Each update is provided in a zipped file containing the Technical Bulletin describing the update, and these files:
The local installer, in a folder named Stand Alone.
A batch file named Update.bat
A folder named IPORT-CLIENT
The Grid Center remote installer, in a folder named GCUpdate.
A batch file named
A zipped folder named IPORT-CLIENT.zip
The local installer is run by physically carrying the files to the I/Port on a Mass Storage Device such as a key drive, and then executing the should select all the updates they intend to install, load them all onto a Mass Storage Device, and install the entire set of updates at each I/Port in turn.
The Grid Center remote installer is run from the Grid Center Console, in the Update View, and can be applied to multiple I/Ports or I/Port groups simultaneously. If installing updates using Grid Center, system administrators should select all the updates they intend to install, then “push” the updates one at a time to all the I/Ports that need to be updated.
updateGC.bat
Update.bat
batch file. If installing updates locally, system administrators
INSTALLING UPDATES LOCALLY
To install an update locally, do the following:
1. Load the update file onto a Mass Storage Device (MSD) such as a key drive.
2. At the I/Port, log in as administrator. Press and hold the Shift key and select Logoff from the Start
menu. Keep the Shift key depressed until the Administrator Login dialog box is displayed. The factory default Administrator account is
administrator and the default password is clearcube. These can be
changed in the User Accounts control panel.
3. Insert the USB storage device into an available USB port.
4. Browse to the folder on the storage device that contains the update file.
5. Double-click the
Update.bat
file. The update installs automatically and reboots the I/Port.
Note: Do not press any keys during the update. Allow it to run undisturbed.
INSTALLING UPDATES REMOTELY USING GRID CENTER
To install an update remotely with Grid Center, do the following:
1. Load the update files onto a volume accessible by the Grid Center Console.
2. Start Grid Center (if it is not already running).
3. From the Update View, select an individual I/Port or an I/Port Group to update.
4. In the I/Port Update View dialog box, enter the path and name of the
browse for this).
5. Enter the path and name of the
updateGC.bat
file (you can browse for this).
6. Press the Update button.
IPORT-CLIENT.zip file (you can
ClearCube Technology 8834 Capital of Texas Hwy N Suite 140 Austin, Texas 78759 voice 512 652 3500 www.clearcube.com
Page 4
ClearCube Public Technical Document
Document Code: TB0096JS
7. A dialog box confirming the successful update is displayed when the update is complete. If any I/Ports
did not update successfully, a dialog box containing the names of these I/Port is displayed. Write these names down and deploy the update to these I/Ports individually.
8. If an I/Port cannot be successfully updated via Grid Center, attempt to update the I/Port locally (using
the first procedure) before contacting ClearCube technical support.
Note: Grid Center 4.0 requires TCP ports 3389, 6500, and 9000 to be open for these files to be transferred correctly. Grid Center 4.1 requires TCP ports 137 and 9000, and UDP port 4001 to be open for these files to be transferred correctly.
For more information, please contact ClearCube technical support.
support@clearcube.com support.clearcube.com
Email address for ClearCube Technical Support
ClearCube Support Website (866) 652-3400 Direct line in the US +1 (512) 652-3400 Direct line from outside the US
NOTE 1:
These updates require the use of the Microsoft xcopy.exe command file. If you are updating an I/Port with the 1715 image, you may have to take additional steps.
To determine which version of the I8800 I/Port image you are using, click the Start button and then click the About button. The image number is displayed next to the version label.
Example:
9235.1715.256
If you have I/Ports with an image version higher than 1715, you are not affected by this issue.
Installing the Grid Center Client on an I/Port installs the
xcopy.exe command file on your I/Port. If you are
using an I/Port with the 1715 image and have the CCT Grid Center Client installed, then you are not affected by this issue.
If you do NOT have the Grid Center Client installed on your I/Port and you ARE using the 1715 image, then you need to install the
To install the
1. Locate the located in the
xcopy.exe command file on your I/Port, do the following:
xcopy.exe command file on any Microsoft Windows XP system. This command file is
\Windows\System32 directory.
xcopy.exe command file.
2. Copy this command file to a USB Mass Storage Device (MSD) such as a USB Floppy or USB memory stick.
3. Log into your I/Port as Administrator.
4. Copy the
xcopy.exe command to the C:\Windows\System32 directory.
5. Click Start, then click Logoff.
You can now apply the updates to the I/Port.
ClearCube Technology 8834 Capital of Texas Hwy N Suite 140 Austin, Texas 78759 voice 512 652 3500 www.clearcube.com
Loading...