I have deployed the MS10-046: Vulnerability in Windows Shell Could Allow Remote Code Execution to several servers and it looks like it completed fine. It is marked as pending restart and it disappears from the relevant fixlet list. After applying the Restart Needed - Triggered by a BES Action the action is marked as fixed, but it reappears in the relevant fixlet list for that same system…this happens to every system I applied this patch too…
Patch applied to Windows Server 2008 R2 Gold (x64) and Windows Server 2003 SP2 with the same results. About 15 systems test all with the same results noted above.
I’m having issues getting this fixlet to become applicable on our Windows 7 32-bit machines. I’ve tracked down the problem to this applicability relevance, which returns false on our machines:
(exists file
"shell32.dll" whose ((((exists value
"FileVersion" whose (it contains
"ldr") of version blocks of it)) AND (version of it >=
"6.1.7600.20000") AND version of it <
") OR ((exists value "FileVersion
" whose (not (it contains "_qfe
" OR it contains "_ldr
")) of version blocks of it) AND version of it < "6.1.7600.16644
")) of it) of ((folder (pathname of (system folder) & "\
")))
I’m pretty sure it’s returning false because we’ve deployed KB980628 (http://support.microsoft.com/kb/980628), which updates Shell32.dll to 6.1.7600.20667.