Relevance issue change after windows update

lbell005 · February 26, 2018, 4:49pm

I have an issue with one of the .Net patches released in January.
(MS18-JAN: Security Monthly Quality Rollup - Monthly Rollup - Windows Server 2012 R2 - .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1 - KB4055001 (x64))

This shows as being needed on 130+ servers per a Vulnerability scan.

It does NOT show as relevant on MOST of the servers.

If I run a Windows update directly on the endpoint, that endpoint then becomes relevant.

Need to get these to show as relevant and running windows update on 130+ end points and missing some is not an option.

Any idea what might be getting changes - just by scanning for update?

Thanks, Linda

IanDM · April 20, 2018, 6:29pm

We found a similar situation here.

The fixlet is not relevant, Nessus scans indicate the patch is missing, manual installation succeeds and a clean Nessus scan is obtained.

Did the OP solve the issue somehow or open a TS for a false negative?
I assume not as there was no updated fixlet from what I can see.

~~
Update: Slightly different case here, as the relevance seems OK on Server 2012, its our Server 2008 hosts where this is occurring.