Using Bigfix 9.2.9: We have a number of Microsoft Security Updates Baselines. I just noticed that components in the older baselines are not evaluating applicability correctly. For example: one component in the baseline shows 1 computer applicable, but the individual fixlet shows 1000 computers applicable. Also, all of the components are in sync.
I’m presuming the components of the baseline all come from the same site? Just a reminder that baselines only become relevant if the endpoint subscribes to all the sites the original fixlets came from.
I ended up working around the issue by creating a new baseline and copying all of the components from the old baseline. After copying all of the components into the new baseline, they started to evaluate correctly.
After looking at the problem again, it appears to be just one baseline that went hay wire. Although, it makes me skeptical now about other baselines.
All of the components are Microsoft patches from the site Patches for Windows.
If you have concerns and its still reproducible I’d suggest opening a PMR