(imported topic written by VIANXW91)
I have a Windows Server 2008 Enterprise SP2 (64-Bit) running as a BES which is running the BigFix client and Windows Automatic Update (AU) configured to an internal WSUS server.
Windows Update is showing the following security updates as needed because Microsoft Office 2003 Web Components is installed. Web Components is required as part of the BigFix installation.
MS09-062: Security Update for the 2007 Office system: October 13, 2009
MS08-052: Security Update for GDI+ for the 2007 Office system:
Update for the 2007 Microsoft Office System (KB967642)
The problem is that BigFix does not show these security updates as relevant to the server.
It would appear that, since actual Microsoft Office is not installed on the server then the BigFix analysis “Microsoft Office Configuration Information†is not showing as available to activate so therefore BigFix is not applying any Microsoft Office relevance logic. In short, BigFix isn’t offering these updates for install.
Since Web Components is installed and considered a part of Microsoft Office, shouldn’t BigFix be verifying relevance to applicable Office security updates. Otherwise without Windows Update an administrator would never know the server is vulnerable to the exploit called out in the security updates. If Microsoft shows the updates as applicable, shouldn’t BigFix?