(imported topic written by SLB)
Hi all,
Is there a detection flaw for fixlet 1204307, MS12-043 for XML 4.0?
The primary fixlet logic will report the patch as required for any version of MS XML 4.0 prior to the patched version yet the patch is only supported and required on XML 4.0 SP3 as per http://support.microsoft.com/kb/2721691. If I install XML 4.0 SP2 and scan using WU, no patches are required yet the fixlet reports as required as the 2 files are below the version contained in the patch. However, this is a false positive as only file versions higher than 4.30.0000.0 and below those contained in the patch are vulnerable.
Regs
Rob