'Re: We are investigating an issue with security update 2616676'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       patchmanagement
Subject:    Re: We are investigating an issue with security update 2616676
From:       Susan Bradley <sbradcpa () pacbell ! net>
Date:       2011-09-18 21:49:29
Message-ID: 4E766769.8000900 () pacbell ! net
[Download RAW message or body]

Confirmed here.

On 9/18/2011 2:12 PM, Julian Harper wrote:
> It looks like the XP and 2003 patches have been removed from WSUS. Anyone else \
> seeing this? 
> 
> 
> -----Original Message-----
> From: Doug Neal [mailto:dugn@microsoft.com]
> Sent: 16 September 2011 21:00
> To: Patch Management Mailing List
> Subject: RE: We are investigating an issue with security update 2616676
> 
> Darryl is 100% correct.  The root of the problem is that the second patch does not \
> include the first patches set of revocation items.  The supersedence complicates \
> matters, but isn't the root of the problem. 
> We'll have an update to this out very soon that will - like this update supersede.  \
> But unlike this insufficient update, will include the entire, cumulative revocation \
> list for both updates in a single package. 
> doug neal
> Microsoft Update (MU)
> 
> 
> -----Original Message-----
> From: Darryl Roberts [mailto:DarrylJR@itprofessionalservices.net]
> Sent: Friday, September 16, 2011 11:05 AM
> To: Patch Management Mailing List
> Subject: RE: We are investigating an issue with security update 2616676
> 
> Deployment to a couple of our test system showed that this is not just a detection \
> issue.  If KB2616676 has been installed, KB2607712 will not install; it reports \
> that the patch is not applicable and stops. 
> So it is not just a matter of telling your patch management system to not apply the \
> supersedence; you have to insure that the patches are installed in the proper \
> order.  In my case, that means two separate patch deployments and a verification \
> that KB2616676 got correctly installed before approving KB2607712. 
> -----Original Message-----
> From: Darryl Roberts
> Sent: Thursday, September 15, 2011 3:07 PM
> To: Patch Management Mailing List
> Subject: RE: We are investigating an issue with security update 2616676
> 
> Is this a detection issue or a patch installation issue?
> 
> If it is only a detection issue (I believe it is), it will depend on the patching \
> tool that you use, whether or not that tool has the same incorrect supersedence.  \
> (The patching tool that I use, unfortunately, implemented the supersedence as in \
> Microsoft Update and is only detecting that KB2616676 is missing even if KB2607712 \
> has not been installed; however, I can disable supersedence and install KB2607712.) \
> I would guess that WUSU and SCUP also implement the same supersedence as Microsoft \
> Update. 
> If it is a patch installation issue (that is KB2616676 will not install unless \
> KB2607712 is installed), a new patch will have to be released.  However, I believe \
> this is not the case. 
> Darryl J. Roberts
> IT Professional Services
> Ventura, CA, USA
> www.itprofessionalservices.net
> 
> -----Original Message-----
> From: Lawrence Garvin [mailto:lawrence.garvin@att.net]
> Sent: Thursday, September 15, 2011 1:29 PM
> To: Patch Management Mailing List
> Subject: RE: We are investigating an issue with security update 2616676
> 
> It most likely will not work because KB2607712 is superseded. Not really any \
> different than any other collection of superseded updates. 
> Until the metadata for KB2616676 is fixed, KB2607712 will need to be confirmed as \
> fully deployed before the clients are even allowed to see KB2616676. That is to \
> say, I wouldn't even put KB2616676 in a Deployment Package until you have 100% \
> compliance on KB2607712 (or the revision comes down the pipe). 
> 
> -----Original Message-----
> From: Murray, Mike [mailto:MMurray@csuchico.edu]
> Sent: Thursday, September 15, 2011 1:06 PM
> To: Patch Management Mailing List
> Subject: RE: We are investigating an issue with security update 2616676
> 
> Saw this question on another group. Could someone answer ASAP?
> 
> "I'm curious to know if deploying both 2607712 and 2616676 in the same Software \
> Update deployment to XP/2003 clients will actually work or if Software Updates will \
> choose to install only 2616676 as it is the newer update that replaces 2607712." 
> Mike
> 
> -----Original Message-----
> From: Murray, Mike
> Sent: Thursday, September 15, 2011 10:06 AM
> To: Patch Management Mailing List
> Subject: RE: We are investigating an issue with security update 2616676
> 
> We could still deploy the superseded update in SCCM along with this month's \
> updates, yes? 
> -----Original Message-----
> From: Susan Bradley [mailto:sbradcpa@pacbell.net]
> Sent: Wednesday, September 14, 2011 6:30 PM
> To: Patch Management Mailing List
> Subject: We are investigating an issue with security update 2616676
> 
> 
> http://support.microsoft.com/kb/2616676
> 
> 
> Known issues
> 
> * We are investigating an issue with security update 2616676 for all
> Windows XP-based and Windows Server 2003-based systems.
> 
> The versions of security update 2616676 for Windows XP and for
> Windows Server 2003 contain only the latest six digital certificates
> that are cross-signed by GTE and Entrust. These versions of the
> update do not contain the digital certificates that were included in
> security update 2607712. Security update 2616676 incorrectly
> precedes security update 2607712. Therefore, if you install security
> update 2616676 and have not already installed security update
> 2607712, you will not be offered security update 2607712 from
> Windows Update. You must manually install security update 2607712.
> 
> 
> 
> ---
> When posting or replying to messages on this list, please send all emails in plain \
> text format.  HTML formatted messages will not be accepted. 
> PatchManagement.org is hosted by Shavlik Technologies
> 
> To unsubscribe send a blank email to
> leave-patchmanagement@patchmanagement.org
> If you are unable to unsubscribe via this email address, please email \
> owner-patchmanagement@patchmanagement.org 
> ---
> When posting or replying to messages on this list, please send all emails in plain \
> text format.  HTML formatted messages will not be accepted. 
> PatchManagement.org is hosted by Shavlik Technologies
> 
> To unsubscribe send a blank email to
> leave-patchmanagement@patchmanagement.org
> If you are unable to unsubscribe via this email address, please email \
> owner-patchmanagement@patchmanagement.org 
> 
> 
> ---
> When posting or replying to messages on this list, please send all emails in plain \
> text format.  HTML formatted messages will not be accepted. 
> PatchManagement.org is hosted by Shavlik Technologies
> 
> To unsubscribe send a blank email to
> leave-patchmanagement@patchmanagement.org
> If you are unable to unsubscribe via this email address, please email \
> owner-patchmanagement@patchmanagement.org 
> 
> 
> ---
> When posting or replying to messages on this list, please send all emails in plain \
> text format.  HTML formatted messages will not be accepted. 
> PatchManagement.org is hosted by Shavlik Technologies
> 
> To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org
> If you are unable to unsubscribe via this email address, please email \
> owner-patchmanagement@patchmanagement.org 
> 
> ---
> When posting or replying to messages on this list, please send all emails in plain \
> text format.  HTML formatted messages will not be accepted. 
> PatchManagement.org is hosted by Shavlik Technologies
> 
> To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org
> If you are unable to unsubscribe via this email address, please email \
> owner-patchmanagement@patchmanagement.org 
> ---
> When posting or replying to messages on this list, please send all emails in plain \
> text format.  HTML formatted messages will not be accepted. 
> PatchManagement.org is hosted by Shavlik Technologies
> 
> To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org
> If you are unable to unsubscribe via this email address, please email \
> owner-patchmanagement@patchmanagement.org 
> ---
> When posting or replying to messages on this list, please send all emails in plain \
> text format.  HTML formatted messages will not be accepted. 
> PatchManagement.org is hosted by Shavlik Technologies
> 
> To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org
> If you are unable to unsubscribe via this email address, please email \
> owner-patchmanagement@patchmanagement.org 
> 
> 
> 
> 
> ---
> When posting or replying to messages on this list, please send all
> emails in plain text format.  HTML formatted messages will not be accepted.
> 
> PatchManagement.org is hosted by Shavlik Technologies
> 
> To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org
> If you are unable to unsubscribe via this email address, please email
> owner-patchmanagement@patchmanagement.org
> 
> 



---
When posting or replying to messages on this list, please send all
emails in plain text format.  HTML formatted messages will not be accepted.

PatchManagement.org is hosted by Shavlik Technologies

To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org
If you are unable to unsubscribe via this email address, please email
owner-patchmanagement@patchmanagement.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic