(imported topic written by CSL2012)
Fixlet ID: 1300613 for KB2785220 Win2K8R2 is not showing applicability. Our WSUS server is showing applicable. Based upon Bulletin/Patch Info (http://support.microsoft.com/kb/2785220, http://technet.microsoft.com/en-us/security/bulletin/ms13-006), the Ncrypt.dll version: found 6.1.7601.17856 (vulnerable) should be at 6.1.7601.18007 (non-vulnerable). Can someone review this. Thanks.
Chi
(imported comment written by SystemAdmin)
Looks like IBM is looking in all the Windows 7 and 2008R2 MS13-006 fixlets for >= 6.1.7601.18000 and >= 6.1.7601.22000.
I believe they should be checking for >= 6.1.7601.17000 and >= 6.1.7601.21000.
I hope they get this fixed soon, we need to deploy tomorrow night.
(imported comment written by TerryWeiChao)
We are reviewing Security Bulletin MS13-006, will get this out soon.
Thanks!
(imported comment written by TerryWeiChao)
Content in the Patches for Windows (English) has been modified:
Modified Fixlet Message:
MS13-006: Vulnerability in Microsoft Windows Could Allow Security Feature Bypass - Windows 7 Gold/SP1 (ID: 1300609)
MS13-006: Vulnerability in Microsoft Windows Could Allow Security Feature Bypass - Windows 7 Gold/SP1 (x64) (ID: 1300611)
MS13-006: Vulnerability in Microsoft Windows Could Allow Security Feature Bypass - Windows Server 2008 R2 Gold/SP1 (x64) (ID: 1300613)
MS13-006: Vulnerability in Microsoft Windows Could Allow Security Feature Bypass - Windows 8 Gold (ID: 1300615)
MS13-006: Vulnerability in Microsoft Windows Could Allow Security Feature Bypass - Windows 8 Gold (x64) (ID: 1300617)
MS13-006: Vulnerability in Microsoft Windows Could Allow Security Feature Bypass - Windows Server 2012 Gold (x64) (ID: 1300619)
Reason for Update:
Fixlet Messages MS13-006 were updated because of relevance false negative.
Actions to Take:
None
Published site version:
Patches for Windows (English), version 1704
Additional links:
None
Application Engineering Team
Tivoli Endpoint Manager