(imported topic written by searchlight)
Hi Folks –
The relevance for fixlet 1403011, “MS14-030: Vulnerability in Remote Desktop Could Allow Tampering - Windows 7 SP1 - KB2965788 (x64)” needs to be adjusted. After applying the fixlet, the relevance never evaluates to false, which causes the fixlet to fail even though the patch does apply successfully.
On Win7 x64 SP1, after the patch has been applied either by hand or by fixlet, the registry shows the following:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-r…s-regkeys-component_31bf3856ad364e35_none_180b5d515c919817]
@=“7.1”
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-r…s-regkeys-component_31bf3856ad364e35_none_180b5d515c919817\6.1]
“6.1.7601.17514”=hex:01
@=“6.1.7601.18186”
“6.1.7601.17779”=hex:01
“6.1.7601.17830”=hex:01
“6.1.7601.18186”=hex:01
“6.1.7601.18465”=hex:01
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-r…s-regkeys-component_31bf3856ad364e35_none_180b5d515c919817\7.1]
“7.1.7601.16398”=hex:01
@=“7.1.7601.18465”
“7.1.7601.18465”=hex:01
The existing relevance is looking for the default value in the 6.1 subkey to be “6.1.7601.18465”, but the patch is leaving the default value unchanged at “6.1.7601.18186”. However, the “6.1.7601.18465” does appear as an individual value within the subkey. I guess we need to check the individual value rather than the default value.
Strangely, the patch did modify the 7.1 subkey properly so that the “7.1.7601.18465” value is properly assigned as the default, but the 6.1 subkey is not properly modified.