Where is the source release date for the MS17-APR updates pulled from?
While most of the KBs that were made available with the Patches for Windows, version 2732 site update are listed with a release date of April 11th from Microsoft’s website, the fixlets in IBM have dates ranging from March 22nd to April 10th.
Some examples: KB3178703: IBM release 2017/03/22, MS release 2017/04/11 KB2589382: IBM release 2017/03/22, MS release 2017/04/11 KB4014661: IBM release 2017/04/07, MS release 2017/04/11
At first I thought the source release dates might be taken from the Microsoft Update Catalog, but for all three of the below the “Last Updated” column is listed as 2017/04/07, so that doesn’t match either. KB3178703 KB2589382 KB4014661
As we use Source Release Date to determine when a computer is non-compliant for recent patches, having this kind of discrepancy between when the update was published/made available could be a challenge. Any information you could shed on this would be good.
These “old” dates on the fixlets though certainly do mess things up as we calculate compliance on all our endpoints based on x number of days from the release date in the fixlet so we will be seeing a high number of machines become non-compliant approx 2 weeks too early and the non-compliance will restrict access to our enterprise resources for those systems.
Thanks for the report! This is a known issue that there are different publish dates for Microsoft patches, and BigFix has a hard time telling which one to mark on the Fixlets. However, for Security Updates released on Update Tuesday, I believe the convention is to use the Tuesday’s date as the Source Release Date, regardless of other sources.
However, since this time Microsoft has switched how Security Updates are made available to the public, we switched too to our new facility, which I believe did not observe the convention. We will update the content to fix this soon.
Update: Fixlets updated and published to Patches for Windows, version 2733. @SLB, @mwolff, @wmehardt