We just did vulnerability assessment test. In the vulnerability assessment finding report, some Windows servers need to implement security patches (MS15-034). The problem is we want to install that windows security patches via BigFix but when check on BigFix console for fixlet MS15-034, BigFix shows 0 relevance/applicable to that servers which must implement security patches.
so the question is why in the vulnerability assessment report it said that some Windows servers need to implement security patches (MS15-034) but in BigFix there’s no applicable computers(OS Windows Server) for patches (MS15-034) ?
May I have the fixlet ID you are looking at or the OS name which must implement the security patches?
Some of the fixlets are superseded already and hence they won’t show as relevant any more.
Thanks for your response.
fixlet ID : 1503401
OS name : Windows Server 2012 R2
yes, I check the fixlet it says : This patch has been superseded by KB3205401.
then I search for fixlet KB3205401 (fixlet ID : 320540103) but still zero applicable computers which corresponding with VA report.
In this case, I think you need to contact IBM support and open a PMR for the support to debug.
May I ask what tool you use for VA scan? Are you able to run MBSA or Windows Update scan for the same server to see if Microsoft tools report the same missings?