(imported comment written by SystemAdmin)
Keep in mind that MBSA isn’t always 100% accurate, just like how BigFix isn’t always 100% accurate. With that said, here are the answers to your questions:
Masso
I’m currently in the process of migrating our XP x86/Office/Server 2003 x86 patches from WSUS into BigFix, but am having trouble finding the updates below. These have all been identified as required in a Microsoft Baseline Security Analyzer scan. Could I get confirmation of a fixlet ID or if these are in fact missing?
MS10-041 (KB979909) - XP
MS10-070 (KB2416473) - XP
MS09-062 (KB972580) - Office 2003
MS07-039 (KB926122) - Server 2003
For the first three bulletins, we had incorrect meta-data, so that is why you can’t find them. I have made the changes and the changes will be up eventually. But for now, here’s the Fixlet IDs that are relevant to the KB# but not necessarily to your machine:
MS10-041
: 1004103, 1004139
MS10-070
: 1007013, 1007016
MS09-062
: 906277, 906279
As for
MS07-039
, that Fixlet has now been replaced by either MS08-035 or MS10-068 or MS11-005, depending on which architecture and service pack of Win2003 you have, as well as whether you’re using Active Directory (AD) or Active Directory Application Mode (ADAM). Where did I get this information? Well, Microsoft informs what bulletin got replaced by what, and if you follow the chain, it’ll go something like this: 07-039 -> 08-003 -> 08-035 -> (partial) 09-018 -> 09-006 -> 10-068 -> (partial) 11-005. So for Win2003, depending on your system, it can either be MS08-035 or MS10-068 or MS11-005.
Masso
Also, the following patches are evaluating to false (mostly from the file version check) despite showing as required in MBSA. I’m not sure if this means they aren’t required?
MS11-023 (KB2509488) - Office 07
MS11-045 (KB2541012) - Office 07
MS10-070 (KB2416447) - XP
MS11-045 (KB2541025) - Office 03
MS10-045 (KB980373) - Office 03
Again, MSBA isn’t always correct. If you have newer versions of a patch, BigFix will ignore the older one, but MBSA might not. If you feel like it is an error on our part, please let us know. You can contact support at http://support.bigfix.com/contact.html
Masso
Finally, MS11-043 (KB2536276) isn’t downloading due to a re-release a couple of days ago (http://support.microsoft.com/kb/2536276). I assume this will be updated soon?
Yes, we are aware of this. An update to the Fixlet should be available now.