Microsoft removes access to hotfix downloads

I’m not sure how much of the default BigFix content may be affected by this. If any, it would likely be any of the fixlets with “MANUAL_BES_CACHING_REQUIRED” in the actionscript download URLs.

I’m spot-checking the ones I care about. The TLS 1.2 update for SQL Server 2008 and SQL Server 2008 R2 linked from are NOT available. I’m glad I have those permanently precached on my server.

You may want to check that you have permanent copies saved off for any hotfixes you have previously downloaded and cached on your deployment. Downloads are cached under the BES Server\wwwrootbes\bfmirror\downloads\sha1 directory and are named for the sha1 values listed in the fixlets’ download links.


Isn’t this simply because Microsoft has included the hotfix in a more recent update that should be installed instead? The linked article states that hotfixes “were temporary in nature, usually, as Microsoft integrated the patches into updates that it released at a later point in time…”. Microsoft isn’t asking you to upgrade to the latest version of a product to get these fixes, but to “upgrade to the latest update available for your product”.

I don’t see what the problem is…

As far as I know, there weren’t any later rollups for some of these products (in particular TLS 1.2 support for SQL Server 2008 R2). In that context, “update to the latest version” meant migrate to SQL 2016.

Looks like a cash grab to me.

Well, considering that SQL Server 2008 R2 goes out of Extended Support in July 2019, I hope you’re already planning to make the jump to a newer version as it is. Also, to be fair, adding TLS 1.2 is an enhancement rather than a security fix…SQL Server 2008 R2 left Mainstream Support (which is where enhancements come from) back in 2014.

Regardless, I’ll give you that it is odd that they removed access to files for products still under support, even if only for eight more months.