WSUS not Synchronizing MS11-025

-

a vulnerability scan revealed several windows 7 machines on network needed security update ms11-025 (visual c++ redistributable). in case are:

1. wsus setup synchronize windows updates

2. none of these machines running visual studio (ie vc++ redistributable installed)

3. wsus not show patches security update ms11-025 unless visual studio 2008 synchronized. http://social.technet.microsoft.com/forums/en-us/a1086629-e9c4-4d1d-92b8-e4a236b0c0b8/bulletin-ms11025-updates-2538243-2538242-not-listed-in-wsus?forum=winserverwsus

    unfortunately if visual studio 2008 selected synchronization ms11-025 security update wsus imports not 1 applicable windows 7 only install of visual c++.

why happening? solution , if update not appear in wsus after synchronization possible manually import , select applicable machines install?

but vc++ redistributable can exist without visual studio.
yes, can; has absolutely nothing how udpate package(s) synchronized wsus server.
your list of patches states redist found in visual studio.
no. says must have appropriate visual studio product category selected synchronization in order updates.
i had server 2008 r2 os needed update according nessus , manually confirmed nessus correct. patch/update http://www.microsoft.com/en-us/download/details.aspx?id=26368. meant standalone vc++ redistributable without installation of visual studio.
great! in order microsoft visual c++ 2008 service pack 1 security update, you must synchronizing visual studio product category provides security update. product category (as noted above, in both original post, reply) visual studio 2008.

this update not synchronize in wsus. had apply manually. in fact believe update not detected windows update agent because had apply manually machines updating directly mircrosoft.

wuagent can "detect" updates have been synchronized wsus server. if have not synchronized update, wuagent can't tell squat need, or lack thereof, update (until go microsoft update) -- @ point wuagent has access product categories , update classifications , you've synced (or not) wsus server totally irrelevant.
without nessus not have known component out of date.
great testimony why independent security vulnerability scanner should used: because cannot possibly know missing updates if updates aren't on wsus server in first place.

lawrence garvin, m.s., mcsa, mcitp:ea, mcdba
solarwinds head geek
microsoft mvp - software packaging, deployment & servicing (2005-2014)
mvp profile: http://mvp.microsoft.com/en-us/mvp/lawrence%20r%20garvin-32101
http://www.solarwinds.com/gotmicrosoft
the views expressed on post mine , not reflect views of solarwinds.



Windows Server  >  WSUS



Comments

Post a Comment

Popular posts from this blog

DCOM received error "2147746132" from...

-
hi everybody, i have dc (my windows essentials 2012 server) , windows 2012 server in network.  the windows server 2012 inside domain. on server, got "non stopping" error says in event logs : ===> dcom received error "2147746132" fromd computer xxxx(my dc computer) while server trying activation : {6df8cb71-153b-4c66-8fc4-e59301b8011b} it never stops, got 11000+ new events :s i found : http://support.microsoft.com/kb/971153/fr i'm not sure should ? does got idea ? matthieu. hi, please try solution mentioned in below link: http://www.eventid.net/display-eventid-10006-source-dcom-eventno-272-phase-1.htm regards, cicely Windows Server  >  Windows Server 2012 General ...
Read more

ADFS 3.0 Event ID 4625 | An Error occurred During Logon | Status: 0xC000035B

-
we're getting these random errors on our adfs security logs, how can track down generating them? an account failed log on. subject: security id: null sid account name: - account domain: - logon id: 0x0 logon type: 3 account logon failed: security id: null sid account name: account domain: failure information: failure reason: an error occured during logon. status: 0xc000035b sub status: 0x0 process information: caller process id: 0x0 caller process name: - network information: workstation name: - source network address: - source port: - detailed authentication information: logon process: kerberos authentication package: kerberos transited services: - package name (ntlm only): - key length: 0 event generated when logon request fails. generated on computer access attempted. subject fields indicate account on local system requested logon. commonly service such server service, or local process such ...
Read more

DFSR RPC replication errors 5014 1726 with large files over VPN

-
i have similar issue ryan in reply http://social.technet.microsoft.com/forums/en-gb/winserverfiles/thread/6d49fd71-2236-4fcb-9763-bf1c03459ee8 cited below. start additional thread here because other 1 related windows server 2003 (r2) , i'm (as ryan) on windows 2008 r2 x64. here first of post ryan: i've got same problem on 2008 r2 dfsr server.  the spoke server has 2x intel 1 gigb on-board nics in active/standby teamed configuration. the hub server (running on vmware using 10gbit vmnet3 nic driver) logs dfsr event 5014 every 2-15mins (usually around 5mins). the spoke server not log event. replication running slowly. initial sync/replication. had re-configure replication folder because of lost dfsr database on spoke server.  could teamed nic on spoke causing error on host? a note: last time did initial sync on folder processed @ 30k files , hour. time it's doing few hundred and hour. another note: hub server has several replication groups , conne...
Read more