@BaiYunfei The patch for the Microsoft zero day vulnerability (CVE17-0199) has been bundled into the Office 365 Click to Run version (see below).
MS Office 2013: 15.0.4919.1002
MS Office 2016: 16.0.7870.2038
https://technet.microsoft.com/en-us/mt465751 (choose Current Channel/2017/April – look at Version 1702)
HOWEVER the Fixlet (specific for Office 2013 in this example) is showing as RELEVANT to computers that have the updated version of Office installed -
MS17-APR: Security update for Office 2013 - Office 2013 SP1 - KB3178710
Does your framework for defining relevance for MS Office specific patches include logic for whether the fix has been included in the latest MS Office Click to Run versions ?
I appreciate this is all new technology for us all to get our heads around, however in terms of reporting BigFix appears to be out of sync with Microsoft.
There may well be other instances where Fixlets may need to be updated due to the same scenario.
Please confirm and/or fix.