Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

MS14-009 KB2901110 and KB2898855 not showing applicable to Windows 2003 Standard x64 SP2

Created: 18 Feb 2014 • Updated: 18 Feb 2014 | 3 comments

Anybody else noticing this issue? I'm not sure if it's specific to my environment or if there are issues with the STPatchAssessment for these two patches:

NDP40-KB2898855-v2-x64.exe

NDP40-KB2901110-v2-x64.exe

Windows 2003 Standard x64 SP2 servers in my environments are not showing this patch as applicable and they are being picked up as still vulnerable by our vuln detection system. I was able to manually apply the patches to one server as a test.

On my test server I was examining logs to try to dig deeper. The server is Windows 2003 Standard x64 SP2. It has .Net 2.0 and .NET 4.0 installed which are both applicable to MS14-009. The .net 2.0 patches installed as expected for MS14-009 but the .net 4.0 did not.

Attached is a portion of the STPatchAssessment.log file. It looks like it is running detection rules for the .net 2.0 portion of MS14-009 but it is "skipping" .net 4.0.

2014-02-18T05:05:28.4957707Z 0af4 V PatchTest.cpp:606 NOT testing 'MS14-009'.
2014-02-18T05:05:28.4957707Z 0af4 V PatchTest.cpp:606 NOT testing 'MS14-009'.
Operating Systems:

Comments 3 CommentsJump to latest comment

Roman Vassiljev's picture
Hi dwiplinger,
 
Could you please also check STPatchAssessement.xml from affected machine? This file is located at same folder as STPatchAssessment.log...
Search mentioned updates in this xml and probably the reason why these updates are detected as missing will be shown there.
 
If this does not help to resolve problem, I would suggest to create ticket to support regarding this issue.
 
Thank you,
Roman
 
dwiplinger's picture

Thanks for the response. Sorry for the delay. I checked the STPatchAssessment.xml today and found that I only see two instances of MS14-009 referenced and they are both in relation to the .net 2.0 "NDP20SP2" updates included in MS14-009. I'll create a support case unless anyone else has any ideas.

Thanks!

Doug

Roman Vassiljev's picture
Hi dwiplinger,
Sorry, I thought initially that mentioned updates were detected as missing, but it looks that they were not applicable at all in your case.
 
Could you please perform some additional checks?
First of all please verify that Import Patch Data for Windows task has really imported updates related to .NET Framework 4. To check it you need to navigate to Import Patch Data for Windows task page and check that .NET Framework 4 and .NET Framework 4(x64) are selected in the tree of vendors and software. If these products are not selected, select them and rerun import task.
 
If these products are selected then please also check STPatchAssessment.xml once again – Is there NET Framework 4 shown in the list of detected products? Probably Assessment scan has not detected that this software is installed on machine by some reason, .NET  4 updates will not be offered in such case
 
If .NET Framework 4 is missing in STPatchAssessment.xml, but you are sure that it is installed on affected machine, then create ticket to support.
 
Thank you,
Roman