Client Management Suite

 View Only

  • 1.  WinXP with SP2 showing as 100% compatible

    Posted Feb 25, 2011 07:33 AM

    I've got a Windows XP machine that hasn't got SP3 installed (only on SP2) and its showing in compliance report as 100% Compliance - vulnerable = 0

    It this another bug ?



  • 2.  RE: WinXP with SP2 showing as 100% compatible

    Posted Feb 25, 2011 08:01 AM

    SP2 is no longer supported by the vendor, Microsoft, and I suspect that you would be pretty much forced to install SP3 if you ran windows update. So, if you did install SP3, then I also suspect a whole flood of vulnerabilites would show up.



  • 3.  RE: WinXP with SP2 showing as 100% compatible

    Posted Feb 25, 2011 08:06 AM

    I was aware it was not supported by MS, just suprised NS is showing it as 100%, only relaised this when someone brought their laptop in for something else. Is there any way to find out who doesn't have SP3 installed.



  • 4.  RE: WinXP with SP2 showing as 100% compatible

    Posted Feb 25, 2011 09:17 AM

    or a filter (apply it to all computers). A report would be useful, but with a filter you could use that to run a MSD or task to upgrade them.

    However, at the very least, I would agree that some sort of flag could be set like "Critical Alert", to help you classify severe at risk computers.



  • 5.  RE: WinXP with SP2 showing as 100% compatible

    Posted Feb 25, 2011 06:26 PM

    Service Pack support comes in SP1 for 7.1, and although it's a little odd to talk about the release coming after the next release as "soon," they did say summer 2011.  That would resolve the Service Pack issue since it would be included in compliance reports.

    Personally, I would consider this unintended behavior, but not a bug, because a system that cannot receive security updates because of a Service Pack deficiency is still vulnerable.  Although the check may disregard the system because of Service Pack 2 not being targeted by the release, it should still show as vulnerable in reports.

    Perhaps that's something to submit as an Idea if you feel strongly about it.



  • 6.  RE: WinXP with SP2 showing as 100% compatible

    Posted Feb 28, 2011 03:09 PM

    This is the way the Patch product currently works.  Compliance is based off of applicability and you cannot be applicable to updates that apply to a version of software you do not have installed.  Additionally, since Patch doesn't support Service Packs today, it has no way of knowing which updates it would be vulnerable to if the service pack was applied.  Once you apply SP3 then it will now be applicable to a whole slew of new updates and your compliance will change very quickly...:-)  Basically, it is a known limitation of the product...