I knew that it seemed a little weird that you were posting a link from 2022 asking for an out of band patch to be released.
Just acknowledging receipt, checking with the patch team internally
2 Likes
Will the new OOB fixes properly supersede the original March content and will the original March content be renamed by the normal add (Superseded) to the end of the content names?
Waiting for KB5037425 to be published. Patch site version I presume will be 4345
Still waiting for KB5037425 and its in the MS catalog already.
https://www.catalog.update.microsoft.com/Search.aspx?q=KB5037425
I did see a note the team was working on it late last night but haven’t seen a publish request on it yet. Still in progress.
Can you respond to this?
Will the new OOB fixes properly supersede the original March content and will the original March content be renamed by the normal add (Superseded) to the end of the content names?
Patch site version I presume will be 4345?
1 Like
New OOBs
The MS catalog has data for each that says the OOB replaces the March regular content. Why does your content not reflect that?
Hi,
the reason why we did not supersed the original content is because we do not supersed a “Security Update” with a non-security update.
KB5035849 is marked as “Security Update” while KB5037425 is marked as “Updates”. same concept is also valid for the ther KBs that apply to Win 2016 and 2022.
1 Like
yes sorry, my initial response was incorect, I’ve edited it to explain the actual reason why we do not supersed. Please look at the previous answer
KB5037425 is a mirror of KB5035855 with the additional fix for domain controllers added to the content.
How can you say that KB5037425 does not replace in its entirety KB5035855?
Hi,
I’m not saying it does not replace.
I’m saying that we do not supersed a security update fixlet with a non-security update., as documented in the BigFix documentation page.
KB5037425 does NOT have CVEs data assigned to it, while KB5035855 has.
Generally we try not to second-guess the Microsoft classifications for Category & Severity. That said, the Relevance should handle the case (for example deploying KB5037425 should make KB5035855 become non-Relevant).
In BigFix, ‘Supersedence’ is mostly used as a platform efficiency, so the client does not have to continue evaluating older content. As this supersedence also makes it difficult to tell “how far out of date” a given client is, we’ve kicked around the idea of not superseding fixlets (either for a few months, or ending supersedence entirely)
So…I’m really interested in hearing how you’re using supersedence, and why this is important for your use…
1 Like
What we are used to is each month, you mark the previous months cumulative content for 2016/19/22 by adding “(Superseded)” to the end of the original name and then the relevance for the new month is updated to reflect all of this.
The same won’t be happening (for example for 2016) with KB5037425 and KB5035855?
Yes that’s correct as it stands now