[[Forwarded to WSUS newsgroup via crosspost]]
MowGreen wrote:
> Thanks for providing more details, Vic. Knowing that the system is
> updating via WSUS as opposed to MU explains things ... somewhat.
> Let's see if I have the patch sequence correct here ...
> KB957784 is installed first, then the attempt to install KB969615
> results in the "no products affected by this package are installed on
> this system", is that correct ?
>
> All Office 2K3's are at SP3, correct ?
>
> KB969615 updates Pptview.exe to V. 11.0.8305.0
> KB955784 updates Pptview.exe to V. 11.0.8307.0
>
> Going by the File version levels it appears the proper patch sequence is
> to apply KB969615 first, then apply KB955784.
> Apparently, since KB955784 was applied first, when you attempt to
> install KB969615 it's detecting the higher file version and you
> subsequently receive the " no products affected " message.
> MU is detecting the higher file version, too.
>
> BUT, you state that Pptview.exe is at a lower file version than either
> of the updates would leave it, correct ?
>
> Please post the Versions of Pptview.exe and Pp7x32.dll from at least one
> of the systems where KB955784 is installed, Vic.
>
> Did you experience difficulties installing KB956500, which is similar to
> KB969615 as it updates the same files as KB956500 does ?
>
>
> MowGreen
> ===============
> *-343-* FDNY
> Never Forgotten
> ===============
>
>
>
> komapuk wrote:
>
>> MowGreen,
>> We use a WSUS server to do all updates on our systems. All of the MS
>> office patches are approved and have been installed across the network.
>> The
>> system in question is going to be used as a baseline for future images.
>> When we found that it had this vulnerability, we went to Microsoft
>> updates
>> (which is what I said originially) and checked. Microsoft said no
>> additional updates were needed. We then scanned the system again and we
>> still have the same vulnerability show up. So we then downloaded the
>> actual update (KB969615 which updates the powerpoint viewer 2003). When
>> the update ran it informed us "There are no products affected by this
>> package installed on the system.". The system in question also has the
>> latest update for powerpoint on it (KB957784) MS09-17. Once again if
>> powerpoint viewer 2003 is part of the full powerpoint installation, why
>> does the Microsoft updater not recognize that the program is on the
>> system
>> and update it. Also I ran the scan across other systems on our network
>> and they show the
>> same vulnerability, and when I investigate the file is there and it does
>> launch the powerpoint viewer. Since the version is the older version,
>> that
>> means it is vulnerable to the exploit available against it.
>>
>> Robear,
>> Installing ppv, rebooting and then properly uninstalling the ppv and
>> then rebooting again, is not really a great solution across an enterprise
>> with over 1000 systems. Especially when the viewer seems to be part of
>> the
>> normal installation of powerpoint. Though I appreciate the feedback.
>> Vic
>>
>>
>>
>>
>> "MowGreen" wrote:
>>
>>
>>> komapuk wrote:
>>>
>>>
>>>> Okay, here is the issue. This is similar to other issues listed in this
>>>> site but you need to have new post each time someone has the same
>>>> issue. I
>>>> have windows xp systems (some with service pack 2 and the rest with
>>>> sp 3), with MS Office 2003 (ms office is up to date with patching). We
>>>> have the full
>>>> installation of powerpoint on all of the systems. When I do
>>>> vulnerability
>>>> scans
>>>> using Patchlink as my security scanner it shows the powerpoint
>>>> viewer 2003 as a security risk. Now my systems do not have powerpoint
>>>> viewer 2003 installed. However, patchlink also provides the location of
>>>> the the file it shows to be vulnerable. This is "File version for file
>>>> C:\Program Files\Microsoft Office\Office11\pptview.exe (11.0.8164.0) is
>>>> less than 11.0.8305.0
>>>> (date=2007/04/19)".
>>>> Now when I got to this location I find the file in question. When I
>>>> double click on the file it launches powerpoint viewer 2003. (Which is
>>>> not
>>>> installed and not available for removal from the add/remove programs
>>>> location) So the vulnerability scanner is correct microsoft powerpoint
>>>> viewer is on the system and so is vulnerable. My question is if the
>>>> files
>>>> which allow the viewer to be run on a system (whether it is installed
>>>> or
>>>> not), why does the microsoft update not allow the system to be patched.
>>>
>>>
>>>> why does the microsoft update not allow the system to be patched.
>>>
>>> 1) How did you come to the above conclusion ?
>>>
>>> 2) Please explain how you came to conclude that
>>>
>>>> ms office is up to date with patching
>>>
>>>
>>> IF the systems are not opted in to Microsoft Update, then no Office
>>> updates will be offered. As opposed to Windows Update which ONLY updates
>>> the Operating System and it's components.
>>> Are you trying to say that the update can not be installed via Microsoft
>>> Update ?
>>>
>>>
>>> Have the systems been scanned on the Office Update page ?
>>> http://office.microsoft.com/en-us/do...incatalog.aspx
>>>
>>> The PowerPoint viewer is a component of PowerPoint, so it can not be
>>> removed unless you uninstall PowerPoint. It can not be uninstalled by
>>> itself from Add/Remove Programs.
>>>
>>> http://www.microsoft.com/technet/sec.../MS09-017.mspx
>>>
>>>
>>>> The Office component discussed in this article is part of the Office
>>>> Suite that I have installed on my system; however, I did not choose to
>>>> install this specific component.
>>>> Will I be offered this update?
>>>
>>>>
>>>
>>>> Yes, if the version of the Office Suite installed on your system
>>>> shipped
>>>> with the component discussed in this bulletin, the system will be
>>>> offered updates for it whether the component is installed or not. The
>>>> detection logic used to scan for affected systems is designed to check
>>>> for updates for all components that shipped with the particular Office
>>>> Suite and offer the updates to a system. Users who choose not to apply
>>>> an update for a component that is not installed,
>>>> but is included in the version of the Office Suite, will not increase
>>>> the security risk of that system. However, users who do choose to
>>>> install the update will not have a negative impact on the
>>>> security or performance of a system. For more information on this
>>>> issue,
>>>> please see Microsoft Knowledge Base Article 830335.
>>>
>>>
>>> MS09-017: Description of the security update for PowerPoint 2003: May
>>> 12, 2009
>>> http://support.microsoft.com/kb/957784
>>>
>>>
>>> MowGreen
>>> ===============
>>> *-343-* FDNY
>>> Never Forgotten
>>> ===============
Similar Threads
Linear Mode
