(imported topic written by CSL2012)
We are showing relevance for MS13-010: IE9 which we have not deployed. We currently have IE8 configured with IE8 on Windows 2008 R2 servers but the relevance for new patches do not show applicability. Also, I do not see applicability for MS13-014 & MS13-018 on Windows 2008 R2 servers.
Chi
(imported comment written by SystemAdmin)
I agree. I am having major issues this morning with the MS13-010 patches for 2K8R2. I do not have IE9 deployed in my environment and I am showing MS13-010 applicable for the IE9 patch.
After taking a look at the relevance for fixlet 1301059, I see the following as written incorrectly: "(version of it < “)”. There doesn’t seem to be a bottom version to limit the applicability.
Along the same lines…I do not see the IE8 patch as applicable for my 2K8R2 machines. Looking specifically at fixlet 1301045. Are you sure the following relevance is correct? “(version of it >= “8.0.7601.18000” AND version of it < “8.0.7601.18038”)” The version of VGX.dll on my 2K8R2 machines is 8.0.7601.17984. Are you sure that 8.0.7601.18000 is the correct bottom version for this fixlet?
IBM, this is urgent. Please comment back ASAP!
I will take a look at the other bulletins Chi mentioned above.
(imported comment written by SystemAdmin)
My reply above stripped out the version I copied over for fixlet 1301059. The relevance is looking for any version less than 9.0.8112.16464. This is incorrect, there should be a greater than clause as well, so it will not pick up on IE8 deployments.
(imported comment written by SystemAdmin)
I agree with Chi on MS13-014 & MS13-018 as well, I am not having any relevant 2K8R2 machines. In addition, MS13-009 for 2K8R2 is not showing applicable on IE8. Specifically fixlet 1300945. Seems to be having the same issues as 1301045.
(imported comment written by SystemAdmin)
I am also seeing this same issue with the Windows 7 (32 and 64 bit) where it tries to install the patch for IE9 instead of the one for IE8.
(imported comment written by TerryWeiChao)
Reviewing the fixlets regarding Win7/2008R2 IE8 and IE9.
(imported comment written by SystemAdmin)
Appears that MS13-*** fixets for 2K8R2 on IE8 are looking for >= 8.0.7601.18000 when it should be looking for >= 8.0.7601.17000.
Specifically for the IE9 MS13-010 patch, there is no >= clause to keep versioning of the files withing IE9…therefore picking up on IE8 installs.
(imported comment written by TerryWeiChao)
The following fixlet messages are reviewed and will be re-published.
MS13-009: Cumulative Security Update for Internet Explorer - IE 8 - Windows 7 Gold/SP1 (ID: 1300941)
MS13-009: Cumulative Security Update for Internet Explorer - IE 8 - Windows 7 Gold/SP1 (x64) (ID: 1300943)
MS13-009: Cumulative Security Update for Internet Explorer - IE 8 - Windows Server 2008 R2 Gold/SP1 (x64) (ID: 1300945)
MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 8 - Windows 7 Gold/SP1 (ID: 1301041)
MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 8 - Windows 7 Gold/SP1 (x64) (ID: 1301043)
MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 8 - Windows Server 2008 R2 Gold/SP1 (x64) (ID: 1301045)
MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 9 - Windows Vista SP2 (ID: 1301047)
MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 9 - Windows Vista SP2 (x64) (ID: 1301049)
MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 9 - Windows Server 2008 SP2 (ID: 1301051)
MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 9 - Windows Server 2008 SP2 (x64) (ID: 1301053)
MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 9 - Windows 7 Gold/SP1 (ID: 1301055)
MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 9 - Windows 7 Gold/SP1 (x64) (ID: 1301057)
MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 9 - Windows Server 2008 R2 Gold/SP1 (x64) (ID: 1301059)
Let me know if you see any other fixlets reporting the same issue.
Thanks!
(imported comment written by SystemAdmin)
Are you guys still reviewing MS13-014 & MS13-018?
(imported comment written by SystemAdmin)
After further review on my behalf it looks like MS13-014 is correct. But I still see issues with the relevance in MS13-018. The issues in MS13-018 is the same that was in MS13-009 and MS13-010 with not going low enough in the old versions of files.
(imported comment written by SystemAdmin)
We are still having issues with MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 9 - Windows 7 Gold/SP1 (x64)
The patch is showing relevant for many machines but those we have tested so far the job fails.
When running the patch manually the following message is displayed: The update is not applicable to your computer
When are the new fixlets going to be released?
Thanks,
Scott
(imported comment written by TerryWeiChao)
The following fixlets are reviewed and will be re-published.
MS13-019: Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation of Privilege - Windows 7 Gold/SP1 (ID: 1301901)
MS13-014: Vulnerability in NFS Server Could Allow Denial of Service - Windows Server 2008 R2 Gold/SP1 (x64) (ID: 1301401)
MS13-017: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege - Windows Server 2008 R2 Gold/SP1 (x64) (ID: 1301721)
MS13-018: Vulnerability in TCP/IP Could Allow Denial of Service - Windows 7 Gold/SP1 (ID: 1301809)
MS13-018: Vulnerability in TCP/IP Could Allow Denial of Service - Windows 7 Gold/SP1 (x64) (ID: 1301811)
MS13-019: Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation of Privilege - Windows 7 Gold/SP1 (x64) (ID: 1301903)
MS13-019: Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation of Privilege - Windows Server 2008 R2 Gold/SP1 (x64) (ID: 1301905)
MS13-018: Vulnerability in TCP/IP Could Allow Denial of Service - Windows Server 2008 R2 Gold/SP1 (x64) (ID: 1301813)
Thanks!
(imported comment written by SystemAdmin)
We are still having issues with MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 9 - Windows 7 Gold/SP1 (x64)
The patch is showing relevant for many machines but those we have tested so far the job fails.
When running the patch manually the following message is displayed: The update is not applicable to your computer
When are the new fixlets going to be released?
Thanks,
Scott
(imported comment written by SystemAdmin)
Looking through the relevance … the lower end value for “ieframe.dll” is currently: version of it >= “8.0.7601.22000”
That is too high to pick up the current version of that DLL that we have. I think that is the problem.
(imported comment written by SystemAdmin)
For MS13-009 … the "the lower end value for “ieframe.dll” is currently: version of it >= “8.0.7601.22000” " … is set too high. Currently most of our boxes are at 8.0.7601.17984 … as such the relevance does not see our machines as being valid targets.
For MS13-010 … the lower end value for “vgx.dll” is "version of it >= “8.0.7601.18000” " … but that is also set too high. The current version we are showing on most of our boxes is 8.0.7601.17984 … as such the relevance does not see our machines as being valid targets.
Is there an estimate for when we will see new fixlets released?
(imported comment written by SystemAdmin)
I just checked my baseline and I had to syncronize the jobs in question. After doing the Sync they seem to be deploying properly now.
(imported comment written by SystemAdmin)
I agree. There is an issue with the way the relevance for IE 8 on Windows 7 is functioning. It does not see enough machines in our environement as relevant for either MS13-009 or MS13-010. I have combed through the syntax of the relevance, but I am not seeing the issue. My next course of action is to dig through all of the file values to see if that is the issue.
Is there any time table for when these patches will be re-released?
(imported comment written by TerryWeiChao)
Content in the Patches for Windows (English) has been modified:
Modified Fixlet Messages:
MS13-019: Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation of Privilege - Windows 7 Gold/SP1 (ID: 1301901)
MS13-014: Vulnerability in NFS Server Could Allow Denial of Service - Windows Server 2008 R2 Gold/SP1 (x64) (ID: 1301401)
MS13-017: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege - Windows Server 2008 R2 Gold/SP1 (x64) (ID: 1301721)
MS13-018: Vulnerability in TCP/IP Could Allow Denial of Service - Windows 7 Gold/SP1 (ID: 1301809)
MS13-018: Vulnerability in TCP/IP Could Allow Denial of Service - Windows 7 Gold/SP1 (x64) (ID: 1301811)
MS13-019: Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation of Privilege - Windows 7 Gold/SP1 (x64) (ID: 1301903)
MS13-019: Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation of Privilege - Windows Server 2008 R2 Gold/SP1 (x64) (ID: 1301905)
MS13-018: Vulnerability in TCP/IP Could Allow Denial of Service - Windows Server 2008 R2 Gold/SP1 (x64) (ID: 1301813)
MS13-009: Cumulative Security Update for Internet Explorer - IE 8 - Windows 7 Gold/SP1 (ID: 1300941)
MS13-009: Cumulative Security Update for Internet Explorer - IE 8 - Windows 7 Gold/SP1 (x64) (ID: 1300943)
MS13-009: Cumulative Security Update for Internet Explorer - IE 8 - Windows Server 2008 R2 Gold/SP1 (x64) (ID: 1300945)
MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 8 - Windows 7 Gold/SP1 (ID: 1301041)
MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 8 - Windows 7 Gold/SP1 (x64) (ID: 1301043)
MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 8 - Windows Server 2008 R2 Gold/SP1 (x64) (ID: 1301045)
MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 9 - Windows Vista SP2 (ID: 1301047)
MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 9 - Windows Vista SP2 (x64) (ID: 1301049)
MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 9 - Windows Server 2008 SP2 (ID: 1301051)
MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 9 - Windows Server 2008 SP2 (x64) (ID: 1301053)
MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 9 - Windows 7 Gold/SP1 (ID: 1301055)
MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 9 - Windows 7 Gold/SP1 (x64) (ID: 1301057)
MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution - IE 9 - Windows Server 2008 R2 Gold/SP1 (x64) (ID: 1301059)
Reason for Update:
Fixlet Messages were updated because of error in file relevance.
Actions to Take:
None
Published site version:
Patches for Windows (English), version 1732
Additional links:
None
Application Engineering Team
Tivoli Endpoint Manager
(imported comment written by SystemAdmin)
Thanks for the quick turnaround Terry!