Content Modification: Patches for Windows published 2020-04-03

anjumyaseen · April 3, 2020, 8:21pm

Content in the Patches for Windows site has been modified

Modified:

[Major] MS15-013: Vulnerability in Microsoft Office Could Allow Security Feature Bypass - Office 2013 Gold - KB2910941 (ID: 1501301)
[Major] MS15-013: Vulnerability in Microsoft Office Could Allow Security Feature Bypass - Office 2013 Gold/SP1 - KB2910941 (x64) (ID: 1501307)
[Major] MS15-081: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Office 2013 SP1 - KB3039798 (x64) (ID: 1508139)
[Major] MS15-081: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Office 2013 SP1 - KB3054816 (x64) (ID: 1508119)

Reason for Update:
Update download hash values.

Actions to Take:
None

Published site version:
Patches for Windows, version 3516

Additional links:

Application Engineering Team
HCL BigFix

trn · April 7, 2020, 8:15am

If the hash values have changed does this not imply that the source file for the download has also changed - i.e. this is not just a change to the fixlet but is a change to the underlying patch?

bma · April 8, 2020, 7:41pm

The packaged executable (exe) is different yes, but the underlying patch (msp file) is the same.

You can validate this by searching the patch KB in the MS catalog. For Office patches, the catalog has them in .cab format.

If you extract the contents of the .cab and the .exe, you’ll find that the internal files are exactly the same.

system · May 3, 2020, 8:29pm

This topic was automatically closed after 30 days. New replies are no longer allowed.