Non existent security update patches (KB3069392,KB3069114 ,KB3072633)

hi ,

I couldn’t find below patches on “patches for windows site” for win7 machines. this patche are security updates.

why bigfix don’t have this patches for windows 7 machines ?

KB3072633 ( only 2003 and win8 patches available on bigfix) you can find this patches on microsoft site.
https://www.microsoft.com/en-us/download/details.aspx?id=47927

KB3069392 (only 2003 patches available on bigfix) you can find this patches on microsoft site.
https://www.microsoft.com/en-us/download/details.aspx?id=47803

KB3069114 (only windows8 patches available on bigfix) you can find this patches on microsoft site.
https://www.microsoft.com/en-us/download/details.aspx?id=48779

These are all old patches from 2015, and have likely been superseded by newer patches. Once a patch has been superseded for a year, then it is removed from the Patches for Windows site. To find the current patches that cover these KBs, you will have to identify the chain of patches that supersedes these, or just patch to current levels.

there is no trace about supersedes on microsoft site for this patches. So i could’nt find it on bigfix.
you can search KB3069392 patch on bigfix . And you will find only 2003 patches availeble. (not superseded)

When in doubt, it’s helpful to check the Microsoft Update Catalog at http://www.catalog.update.microsoft.com/Search.aspx

Enter the KB in the search button, and hit the “Package Details” tab in the result.

None of these KBs showed a result for Win7 - but the Vista version shows KB3072633 has been replace by:
Security Update for Windows Vista (KB3126593)
Security Update for Windows Vista (KB3146706)
Security Update for Windows Vista (KB4014793)

The Vista version of KB3063932 shows superseded by
Security Update for Windows Vista (KB3124001)
Security Update for Windows Vista (KB3156013)
Security Update for Windows Vista (KB3164035)

The Win8.1 version of KB3069114 shows superseded by
Security Update for Windows 8.1 (KB2971850)
Security Update for Windows 8.1 (KB2974286) without KB2919355
Security Update for Windows 8.1 (KB3046002)

Given the age of these updates, they are likely included in either Win7 Service Pack 1, or in Win7 Convenience Rollup Package. If in doubt, check the KB articles for each and look at the file versions.
https://support.microsoft.com/en-us/help/3072633/ms15-075-vulnerabilities-in-ole-could-allow-elevation-of-privilege-jul
For all supported x86-based versions of Windows 7

File name File version File size Date Time Platform Service branch
Ole32.dll 6.1.7601.18915 1,414,656 04-Jul-2015 17:48 x86 X86
Ole32.dll 6.1.7601.23118 1,414,656 04-Jul-2015 17:48 x86 X86
For all supported x64-based versions of Windows 7 and Windows Server 2008 R2

File name File version File size Date Time Platform Service branch
Ole32.dll 6.1.7601.18915 2,087,424 04-Jul-2015 18:07 x64 AMD64
Ole32.dll 6.1.7601.23118 2,086,912 04-Jul-2015 18:14 x64 AMD64
Ole32.dll 6.1.7601.18915 1,414,656 04-Jul-2015 17:48 x86 X86
Ole32.dll 6.1.7601.23118 1,414,656 04-Jul-2015 17:48 x86 X86

So, the likelihood is that supported operating systems had this update superseded by other patches or the service packs, but Win2003 was not superseded because Microsoft stopped releasing updates for 2003 (and Win2003 remains vulnerable to whatever else was fixed in the packages that superseded these).

Jason is exactly right. KB3069392 for Win7 64-bit was superseded by KB3124001 according to the following bulletin:
https://technet.microsoft.com/en-us/library/security/ms16-005.aspx

And so on, and so on.

Sure wish that MS had updated the Catalog entry for KB3069392 with that information. That’s where I would have expected to find it. What prompted you to check MS16-005, did you find superseding patch info somewhere else, or did you just start checking each bulletin?

Don’t worry…when I close my eyes, I don’t see KB numbers and supersedence chains floating around my head. I just found an existing bulletin to check the format of how it reports supersedence, and then searched on “3069392 updates replaced”