Content Release: Patches for Windows - June 2020 Security Updates

mperretta_gosecure · June 10, 2020, 12:47pm

We are seeing the same issue as @henrysvensson as reported.

ChrisP · June 10, 2020, 12:57pm

So we’ll get an update to this on Friday at 6pm?

mperretta_gosecure · June 10, 2020, 12:59pm

It seems the issue is specific for Standard server?

Relevance #7
Show collapsed relevance
exists value "EditionID"
whose
(
it as string as lowercase contains "enterprise"
or
it as string as lowercase contains “education”
)
of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion” of native registry
Show indented relevance
exists value “EditionID” whose (it as string as lowercase contains “enterprise” or it as string as lowercase contains “education”) of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion” of native registry

I will try to modify to include standard or remove this specific relevance check to see if this will make it pass.

kef2012 · June 10, 2020, 1:01pm

yep, we’re definitely seeing an issue as well with the server 2016 cumulative update.

mperretta_gosecure · June 10, 2020, 1:19pm

Also seeing issues with relevance #9, stating the OS should NOT start with Win20

ChrisP · June 10, 2020, 1:23pm

Does anyone know if the process is to open a ticket with support or will they automagically update this?

kef2012 · June 10, 2020, 1:28pm

my leadership team would complain if i didn’t open a ticket and this was ongoing, so i just did it.

i recall seeing a workstation patch a year or two ago that had a similar issue but i kept quiet then and it was fixed in a day or two.

mperretta_gosecure · June 10, 2020, 1:37pm

After copying the original fixlet, modifying relevance #7 to also include “standard” and switching relevance #9 to
it starts with “Win20” vs It does not start with “Win20”, we have a working fixlet in the meantime of a re-release of the patching site.

trn · June 10, 2020, 2:20pm

Modification times of the fixlets is all in the future (or at least it is for me)

Sample:

	(
		id of it , name of it , modification time of it , now
	)
	of bes fixlets 
	whose
	(
		name of site of it = "Enterprise Security" 
	and
		category of it = "Security Update" 
	and
		id of it = 456256205
	)

456256205 MS20-JUN: Servicing Stack Update for Windows 10 Version 1809 - Windows 10 Version 1809 - KB4562562 Wed, 10 Jun 2020 15:22:32 +0100 Wed, 10 Jun 2020 15:17:43 +0100

Not critical, but I’ve had to investigate why some reports I’ve written are suddenly broken, although they might start working (with incorrect results) shortly.

dgendera · June 10, 2020, 2:55pm

Will there also be patches released for Windows 10 Build 2004 (May 2020 release).
Microsoft has released following patches Windows 10 v2004: 4557957

I’ve checked the console and I’ve received all June patches but not for Windows 10 2004 build.

Thx

ChrisP · June 10, 2020, 2:56pm

Relevance 7: exists value "EditionID" whose (it as string as lowercase contains "enterprise" or it as string as lowercase contains "education" or it as string as lowercase contains "standard") of key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion" of native registry

Relevance 9: (it starts with "Win" AND it starts with "Win20") of name of operating system AND (exists value "CurrentMajorVersionNumber" of it AND value "CurrentMajorVersionNumber" of it as integer = 10) of key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion" of native registry

Is this accurate @mperretta_gosecure?

BearPaw · June 10, 2020, 3:22pm

Really no need to keep Relevance statement 9. Relevance statement 4 is the same, only correct.

fermt · June 10, 2020, 4:02pm

There is a new release of the Patches for Windows site:

bma · June 10, 2020, 4:46pm

Hi dgendera,
BigFix Patch has not started support for Windows 10 version 2004 yet.
If I had to guess, support will likely start in July.

trn · June 10, 2020, 5:56pm

Forgot to mention earlier - source release date is missing for the Win10 1607LTSB cumulative update.

jas.itpro · June 16, 2020, 5:04pm

It seems relevance for below fixlet is showing relevant on all Win2016 ()1607) server’s but its failing to install and when I manually downloaded the patch it giver error that patch is not applicable on my system. Did any one faced the same issue…suddenly this patch is showing relevant on some 1100 Win2016 (1607) in our environment. It seems to be a false positive as relevance in this fixlet is evaluating to true for each and every server…

[MAJOR] MS20-JUN: Security Update for Adobe Flash Player - Windows Server 2016 - Adobe Flash Player - KB4561600 (x64) (ID:456160012)

anon55269986 · June 16, 2020, 5:06pm

Having the same issue.

Chris

fermt · June 17, 2020, 1:05pm

I am having the same issue.
The Fixlet to install “MS20-JUN: Security Update for Adobe Flash Player - Windows Server 2016 - Adobe Flash Player - KB4561600 (x64)” seems to have relevance issues.

CC @bma @anjumyaseen

bma · June 18, 2020, 6:21pm

@fermt

Looks like there was another release here for the fixlet you mentioned:

Are you still having issues with it at this point?

system · July 10, 2020, 9:12am

This topic was automatically closed after 30 days. New replies are no longer allowed.