Trust MBSA results?

Discussion in 'Windows Update' started by Juggling Steve, Jun 7, 2004.

  1. Windows XP hom
    MBSA (with online access) reports critical update missing MS03-045 (824141), but MS03-045 bulletin does not say Windows XP (home) needs it and does not offer download link for Windows XP (home). + Does "This patch does not replace MS02-071on Windows XP" mean that windows XP does not need MS03-045 or just that MS02-071 should not be omitted
    MS03-027 (821557) also reported missing even tho installed apparently ok (no error messages + confirmed inst'd + listed in remove/install programs list). Should I retry after deleting shell32.dll (will windows will let me?
    How does MBSA compare with windows automatic update for checking which updates I need

    THanks to to anyoe who can help
    Juggling Steve, Jun 7, 2004
    1. Advertisements

  2. Read more closely. It is explicitly mentioned with the file manifest
    and definitely implied elsewhere. How do you interpret
    "Windows XP (all versions)"?

    The latter. Look at the list of modules included in the XP version of the
    patch and compare with the list of modules in the W2K version.

    Try using the MBSA client command line to check what it means exactly,
    or check manually that the version of the modules that you have match
    or exceed those of the security bulletin's file manifest.

    D:\Program Files\Microsoft Baseline Security Analyzer>mbsacli /hf -v -z

    That may tell you what it thinks about the situation by looking at the versions
    of the modules involved (not just the registry values.) Actually you could
    do both by running it again without the -z switch.

    <TITLE>303215 - Microsoft Network Security Hotfix Checker (Hfnetchk.exe) Tool Is Available</TITLE>
    Try removing the patch, then applying it again, this time making sure
    that any interfering applications (such as an anti-virus scanner) are
    disabled. Since a reboot is required to activate the update it may
    not be sufficient to just stop the interfering application, e.g. if it is reactivated
    during the boot before the updated modules are copied into the System32
    directory. Alternatively it may be sufficient to reboot in safe mode and
    prevent the non-standard drivers from starting that way (assuming safe mode
    still permits the updates to occur).

    My impression is that registry values are the most significant indicator used
    by both tools and more detailed scans involving the module versions can be
    done by Windows Update and the MBSA client (as above).

    Good luck

    Robert Aldwinckle
    Robert Aldwinckle, Jun 8, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.