Video Screencast Help

MSXML4 Security updates MS08-069 vs MS13-002

Created: 27 Feb 2014 • Updated: 24 Mar 2014 | 3 comments
This issue has been solved. See solution.

I had a previous post about KB954430 within MS08-069 getting disabled in Patch Management 7.5.  This appears to be because Microsoft deems it to be replaced by KB2721691 in MS12-043, and then THAT replaced by KB2758694.

Now, my problem is... Altiris disables the old KB954430 within MS08-069, when both MBSA and Windows Update itself both report they want to install it.

mbsa1.jpg

KB2758694 within MS13-002 is enabled in Patch Management, but it's not appearing to be applicable anywhere.

With KB2758694 being not applicable, and the old KB954430 being disabled, MSXML 4 is left with security holes.

If Microsoft itself is not attempting to install later versions of MSXML 4 via Windows Update, I am assuming some Patch Management logic is lacking here.

I've spent enough time trying to understand the supersedence, and it appears that while KB2758694 supersedes KB954430 and KB2721691 on paper, it doesn't look like applicibility rules are truly correct.

Any help would be appreciated.

Operating Systems:

Comments 3 CommentsJump to latest comment

SK's picture

If Microsoft are still targeting the system with that patch, then you will need to contact support so that they can then work with Shavlik in order to get the rules corrected to match Microsoft.

Connect Etiquette: "Mark as Solution" those posts which resolve your problem, and give a thumbs up to useful comments, articles and downloads.

aaron_y's picture

I was advised by Support to submit an enhancement request (idea) on Connect to suggest that KB954430 in MS08-069 remain enabled, based on Windows Update and MBSA scan.

Roman Vassiljev's picture

Hi Aaron_y,

I believe this enchancement request has been implemented in Patch Data 7.1.516 according to http://www.symantec.com/connect/ideas/please-keep-...

Thank you,

Roman

SOLUTION