MS17-10 Patch Issue? WannaCry Fix

Who else is facing the issue with these patches, it says remediated but while validating it manually the patch is not available on the machine.

I’ve also opened a PMR and Dev. team is already on it.

@BaiYunfei

@techadmin

We can only do a deeper analysis when we receive the registry exports from the PMR, however here’s some quick steps I can suggest:

  • Perform a MBSA scan - does the MBSA report say any KB from MS17-010 is missing? (Missing means there will be a row in the MBSA report that is marked with [Missing]. If a KB is not present in the report, it’s not missing.)
  • On Win7 and above, if you cannot find any KB from MS17-010 installed, try looking for any Monthly Rollup patches of / later than March 2017. Any of these Monthly Rollup patches would have patched the device for MS17-010.
1 Like

Might also recommend trying the Analysis from @BaiYunfei

1 Like

With regards to Windows 7 only, we are seeing about 140 endpoints that report True for the relevance below…only they don’t show relevant for any of the MS17-Monthly Rollup Fixlets (which looking at their relevance, do not contain a check for an older version of srv.sys. I’ve tried manually installing the patch with mixed results (hit or miss).

exists files "srv.sys" whose (version of it < "6.1.7601.23689") of folders "drivers" of (system folder; native system folder)