Hi,
we use BladeLogic for our Windows Server Patch Deployment and we are currently facing at least 2 issues with the detection logic from Shavlik:
These issues are:
1. MS15-082 showing up as missing but getting not applicable error
The Patch that is reported as missing has the following Details:
Windows6.1-2008-R2-SP1-KB3075222-x64.msu-MS15-082-en-Windows Server 2008 R2 Enterprise (x64)-SP1 Q3075222 Important MS15-082 Windows Server 2008 R2 Enterprise (x64) Missing Vulnerabilities in RDP Could Allow Remote Code Execution (3080348) This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker first places...[Truncated] File version is less than expected. [C:\Windows\system32\AACLIENT.DLL 6.1.7601.18918 < 6.2.9200.21545]
However, when we try to deploy it, Windows reports "The Patch is not applicable"
2. MS15-029 showing up as missing but getting already installed
There is a V2 Version of KB3035126 which Shavlik reports as beeing installed. However the "original" Version Shows up as missing, but it can't be deployed as Windows says: "Patch is already installed"
The missing patch Details are:
Windows6.1-2008-R2-SP1-KB3035126-x64.msu-MS15-029-en-WINDOWS SERVER 2008 R2 STANDARD (X64)-SP1 Q3035126 Important MS15-029 Windows Server 2008 R2 Standard (x64) Missing Vulnerability in Windows Photo Decoder Component Could Allow Information Disclosure (3035126) This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure if a user browses to...[Truncated] File version is less than expected. [C:\Windows\system32\WMPHOTO.DLL 6.1.7601.18742 < 6.2.9200.21371]
I know i would have to open a case with BMC, but i thought i post it here as well.
Maybe you guys are already aware of this and a fixed XML is already in the making.
Regards
Steffen