ms12-043, 054, 057, 060

(imported topic written by Nitin_Gupta91)

All these patches are seen with some false postives on machines we tried to patch.

Kindly check and help us with an update.

Thanks

(imported comment written by TerryWeiChao)

Hello,

Could you highlight the fixlet IDs? And it would be great if you can contact our support guy, we can gather more information and do further investigations/debuggings.

Thanks!

(imported comment written by Nitin_Gupta91)

The ID’s that are showing some false positives are mentioned below :-

MS12-043: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution - XML Core Services 5.0 - Office 2007 SP2/SP3 / Word Viewer / Office Compatibility Pack SP2/SP3 / Expression Web (V2.0)

MS12-054: Vulnerabilities in Windows Networking Components Could Allow Remote Code Execution - Windows XP SP3 - KB2705219

MS12-054: Vulnerabilities in Windows Networking Components Could Allow Remote Code Execution - Windows XP SP3 - KB2712808

MS12-054: Vulnerabilities in Windows Networking Components Could Allow Remote Code Execution - Windows 7 Gold/SP1 (x64) - KB2712808

MS12-054: Vulnerabilities in Windows Networking Components Could Allow Remote Code Execution - Windows 7 Gold/SP1 (x64) - KB2705219

MS12-057: Vulnerability in Microsoft Office Could Allow Remote Code Execution - Microsoft Office 2007 SP2 / SP3 (KB2596615)

MS12-057: Vulnerability in Microsoft Office Could Allow Remote Code Execution - Microsoft Office 2007 SP2 / SP3 (KB2596754)

MS12-060: Vulnerability in Windows Common Controls Could Allow Remote Code Execution - Office 2007 SP2 / Office 2007 SP3 / SQL Server 2008 SP2 / SQL Server 2008 SP3 / SQL Server 2008 R2

All the above are showing as false positives.

Kindly check and confirm.

Thanks.

(imported comment written by TerryWeiChao)

Greetings!

After reviewing the fixlets in site, it is very hard to tell why these fixlets are reported as false positive on the target machine. I guess maybe there are some differences between our test environment and your production environment. Hence, it would be great if you can contact our support, then we can gather more information from your target machines and try to identify the root cause.

When contacting our support, you may also provide some information for our reference:

  1. action logs when deploy the fixlets

  2. you may also try to find the machine and manually install the patch, attach the screen shot to show what pops up

Thank you!