Yesterday, Microsoft released their updated version of MS14-066 (KB2992611). In their release notes they recommend …
Customers running Windows Server 2008 R2 or Windows Server 2012 who installed the 2992611 update prior to the November 18 reoffering should reapply the update. See Microsoft Knowledge Base Article 2992611 for more information.
But when I look in my Console this morning, the updated MS14-066 Fixlets don’t seem to indicate that the 2008R2x64 servers I already patched, need to have the patch re-installed. I’m on Site Version 2127 for “Patches for Windows (English)” so I should have the most current Fixlets.
My mistake, must have misread the documentation. I was expecting the original MS14-066 (KB2992611) to have been superseded by the updated patch from Microsoft.
Sorry to bring up an old thread but has anyone else had an issue where they have applied the fixlet for the new version of the patch successfully and the old version starts showing up as relevant?
As I understand it, all the new patch did was just add a few cipher suites to the original patch. They should be exactly the same otherwise. If you’re seeing it relevant, try running it against a test machine and see if it still ping pongs between the two fixlets.