MS09-029 re-released 8/11/09

(imported topic written by SystemAdmin)

Hey guys…

I see two variations for each MS09-029 fixlet that was re-released on 8/11/09.

“MS09-029: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution - Windows XP SP2/SP3 (v2, re-released 8/11/09)”

and

“MS09-029: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution - Windows XP SP2/SP3 (v2, re-released 8/11/09) - REVISED PATCH”

The only difference between them is where it’s checking to see if the kb961371 key exists. One fixlet is using “not exists”, and the other one is using “exists”. Did you guys create 2 fixlets just as a visual indication of who we patched the 1st time? Seems like we should only have 1 fixlet and just skip checking for the kb961371 registry key completely.

Paul

“Regular Fixlet” has…

not exists key “hklm\software\microsoft\updates\windows xp\sp4\kb961371” of registry

“Revised Patch fixlet” has…

exists key “hklm\software\microsoft\updates\windows xp\sp4\kb961371” of registry

(imported comment written by Shlomi91)

Hi,

can anyone from BES answer this? i have the same issue…

(imported comment written by jeremylam)

Paul Haines

The only difference between them is where it’s checking to see if the kb961371 key exists. One fixlet is using “not exists”, and the other one is using “exists”. Did you guys create 2 fixlets just as a visual indication of who we patched the 1st time?

That’s exactly it. The REVISED PATCH will become relevant when the original patch has been installed, whereas the “regular patch” is relevant if neither patch has been installed. Both new fixlets install the re-released patch, as Microsoft has removed the original patches from distribution.

Unlike some re-released patches, Microsoft indicates that the MS09-029 re-release should be installed on top of the original one to avoid known issues with the print spooler.