False positive - FIxlet 405711901

I believe there is a a false positive for fixlet 405711901, MS18-JAN: Cumulative Update 7 for SQL Server 2016 SP1 - SQL Server 2016 SP1 - KB4057119 / KB4058561 (x64). We are seeing the majority of SQL 2016 RTM installation reporting relevant for the fixlet but the SQL version is 13.0.1601.5, which is not the SP1 version and cannot install KB4057119. The issue would appear to be the detection is expecting any version that is 13 but lower than 13.0.4466.4. That would certainly make all pre-SP1 versions appear as relevant.

1 Like

Seconded.

This article from Microsoft details version numbers for SQL Server, and this shows that SP1 starts with version 13.0.4x while RTM versions are versions 13.0.2x.

Since the relevance used for this fixlet is version = 13 AND version < 13.0.4466.4, this causes all RTM versions to be relevant as well as per the above. I believe the logic for KB4057119 should include an additional check for version > 13.0.4001.0 so as to only be relevant for SP1 RTW.

1 Like

Thanks for raising this issue. It is indeed a case of false positive and we have updated our content to correct the relevance.
Updated content is now available;
Published site version: Patches for Windows, version 2927.

2 Likes

seems conditions were copied from fixlet for SQL 2017 where no any SP.

Thank you @SameerK. We are seeing a good reduction in the number of endpoints reporting relevant now the detection has been updated.

Thank you for your prompt resolution.

Sameer

Thanks! Much appreciated. The updated content definitely works, as we’ve seen a sharp drop-off in relevant machines since the site was updated.

Looks like the download URL/SHA combo for this fixlet is no longer valid?

File:
SQLServer2016-KB4057119-x64.exe

Status:
Failed

Details:
[+] Download error: “Unexpected HTTP response: 404 Not Found”
Download requested on server:
URL: https://download.microsoft.com/download/D/3/3/D33543E3-770F-4053-AE0F-A883696668FF/SQLServer2016-KB4057119-x64.exe
Hash: (sha1)c6f298b1e0d79c208f59590354823ebefffdae60

When I try to manually download, I get:
SQLServer2016-KB4057119-x64.exe couldn’t be downloaded

@SameerK - can you please assist?

I have an internal defect opened for this but in the meantime it looks like this URL will do the trick if you want to manually cache the file on your root server or create copy of the out-of-box fixlet and then update the URL.
For both scenarios you should change the downloaded filename to match the what is in the fixlet (SQLServer2016-KB4057119-x64.exe) vs. the weird filename they have here. File hashes and file size should be the same as what is already in the fixlet.
http://download.windowsupdate.com/d/msdownload/update/software/updt/2018/01/sqlserver2016-kb4057119-x64_c6f298b1e0d79c208f59590354823ebefffdae60.exe

Great, thanks @dmccalla!

The updated version was released this morning but I have not had a chance to test it. IBM BigFix Patch: Content Modification: Patches for Windows published 2018-05-16

2 Likes