(imported topic written by SystemAdmin)
For MS13-023 - Vulnerability in Microsoft Visio Viewer 2010 the following relevance does not work:
((exists file “SEQCHK10.DLL” whose ((version of it < ")) of it) OR (exists file “VPREVIEW.EXE” whose ((version of it < “14.0.6116.5000”)) of it)) of (folder (value “Path” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\14.0\Common\InstallRoot” of registry as string))
This statement will not evaluate to true because these two files are already at the versions the statement is checking for. The file that ACTUALLY changes when the device gets patched is vviewer.dll. It goes to 14.0.6131.5002 when patched. On one of our devices it is 14.0.6119.5000 before the patch.
On Microsoft’s website … they list the file name as Vviewer.dll.x86 …