Microsoft released new Security Bulletins MS06-052~MS06-054 and re-released MS06-040 and MS06-042 earlier today at 10:40 am. Out of the new and re-released bulletins, three were rated “Critical”.
BigFix released content for all new security bulletins by 5 pm, with the exception of the Network Install (9x/ME) and Administrative Install content for MS06-054. By 8 pm, full content coverage was published, including all re-released updates.
In total, 36 new Fixlet messages were published which covered 13 new Microsoft security patches.
The Fixlet title for re-released and original versions of Microsoft security patches are actually the same. When a revised update is released, we generally supersede the original one (Add a FALSE to the relevance), and create a new set of Fixlet messages for the revised update. Read the Fixlet description carefully to figure out what version of the update is being deployed.
For MS06-040, only the updates for Windows Server 2003 and Windows XP/2003 x64 were re-released.
first of all: Thanks for the answer. But another question occurs to me. I compared both relevance statements of the MS06-040 for W2k3 and the re-released patch. The are exactly the same. So how does BigFix decides if a computer needs the re-released patch. At the moment the re-released MS06-040 is not relevant for any computer, but we are pretty sure that it is needed because we didn´t installed it yet.
So again: Both fixlets check for the netapi32.dll. I guess if you have installed the original patch BigFix won´t know that the re-released patch is relevant.
That’s correct. Microsoft only recommends installing the re-release if you have not patched yet, or are experiencing problems with the first patch. Therefore, if you have applied the original patch, the re-release will not be relevant.
If you do have a system where you want to apply the new patch over the old patch, you can use the Patch Rollback Wizard to remove the old version and then install the new version with the Fixlet.