Clearcase application impact with April 2014 MS patch

Question

Do you know of any impact on the ClearCase application for the below mentioned Microsoft patches?

My environment is Win 2003 Enterprise SP2

• Security Bulletin Risk Description KB Number
• MS14-017 Critical Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution KB2949660
• MS14-018 Critical Cumulative Security Update for Internet Explorer KB2950467
• MS14-019 Important Vulnerability in Windows File Handling Component Could Allow Remote Code Execution KB2922229
• MS14-020 Important Vulnerability in Microsoft Publisher Could Allow Remote Code Execution KB2950145

Answer 1

It depends on the nature of the ClearCase running on your server:

• simple Base ClearCase client
• ClearCase Vob server
• CCRC server

Unless you see a warning from IBM, you can proceed with the installation, and double-check with IBM (communicating at least the full version of your ClearCase setup: cleartool -verall)

You can see some general advises in this thread:

• VOB servers are specialized. Normally patches and service packs provide no benefits or improvements.
• Does your IT department test patches and service packs before installing them enterprise wide? Blindly trusting any windows upgrade/sp has been empirically shown to be a Bad Idea(tm).
• Get management involved. Yes patches and sp's are important, but so is having a working VOB server. If folks understand the risks to the company, they'll be more keen to work out a compromise. (Don't fall for the "we'll give you control of the server and you'll be in charge of patching it.")