LNSS falsely reporting 0 missing patches
|
Logged in as: Guest
|
|
Users viewing this topic:
none
|
|
Login  | |
|
RE: LNSS falsely reporting 0 missing patches - 4.Mar.2003 4:48:00 PM
|
|
|
xnih
Posts: 2465
Joined: 30.May2001
From: Idaho
Status: offline
|
Version 3.2 is due out tomorrow I believe, try it against this machine and see if it still claims things are missing. There have been a number of bug updates and changes made to it.
If you want early beta's of it you can download them from:
ftp://ftp.gfisoftware.com/lanscan
lanscan32_20030305.exe is the latest I believe (version number _ date it was posted)
Also, I'll send this onto one of the testers, see if he can recreate it, I don't have any NT 4 machines anymore.
eric
[ March 04, 2003, 10:59 PM: Message edited by: xnih ]
|
|
|
|
|
RE: LNSS falsely reporting 0 missing patches - 4.Mar.2003 9:32:00 PM
|
|
|
Tom
Posts: 11
Joined: 3.Mar.2003
Status: offline
|
Thank you, Eric. I appreciate the information.
I will look for 3.2; however, this is a critical issue for us and I'd like to know that this problem in particular was addressed in the new release.
The reseller from whom I purchased 3.1 was able to reproduce the problem on one of his NT 4 servers, so the failure is not specific to our location or environment.
Tom
quote:
Originally posted by xnih:
Version 3.2 is due out tomorrow I believe, try it against this machine and see if it still claims things are missing. There have been a number of bug updates and changes made to it.
If you want early beta's of it you can download them from:
ftp://ftp.gfisoftware.com/lanscan
lanscan32_20030305.exe is the latest I believe (version number _ date it was posted)
Also, I'll send this onto one of the testers, see if he can recreate it, I don't have any NT 4 machines anymore.
eric
|
|
|
|
|
RE: LNSS falsely reporting 0 missing patches - 5.Mar.2003 3:03:00 AM
|
|
|
xnih
Posts: 2465
Joined: 30.May2001
From: Idaho
Status: offline
|
quote:
The reseller from whom I purchased 3.1 was able to reproduce the problem on one of his NT 4 servers, so the failure is not specific to our location or environment.
Good to know that it can be reproduced. Passed it onto the main test late yesterday, hopefully he'll be able to reproduce it in his environment and pass what he finds onto the programmer.
As to whether it is fixed in 3.2 I can't say particularly, since i don't have NT4 I can't test it, but the way the mssecure.xml file is done is now different, don't know if that will help or not, but in the past it was downloaded from Microsoft, now GFI is modifing it themselves to clean it up and keep some issues from happening.
Will let you know more as I find out more.
eric
|
|
|
|
|
RE: LNSS falsely reporting 0 missing patches - 5.Mar.2003 9:58:00 AM
|
|
|
xnih
Posts: 2465
Joined: 30.May2001
From: Idaho
Status: offline
|
So far we have been unable to reproduce the problem, 2 different test setups so far.
Will attempt another one later today or tomorrow.
eric
|
|
|
|
|
RE: LNSS falsely reporting 0 missing patches - 6.Mar.2003 1:26:00 PM
|
|
|
xnih
Posts: 2465
Joined: 30.May2001
From: Idaho
Status: offline
|
I was not able to reproduce it in my environment either. I was just using NT4 Workstation, will try server also when I get a chance and verify that the other tester tried it on Server also.
eric
|
|
|
|
|
RE: LNSS falsely reporting 0 missing patches - 6.Mar.2003 5:10:00 PM
|
|
|
Tom
Posts: 11
Joined: 3.Mar.2003
Status: offline
|
Thanks. What specifically are you looking for in your ability to duplicate it there, beyond the results I've reported from this site and from the site of one of your resellers? Perhaps I can provide the information you're looking for.
|
|
|
|
|
RE: LNSS falsely reporting 0 missing patches - 6.Mar.2003 5:26:00 PM
|
|
|
aharbour
Posts: 2
Joined: 5.Mar.2003
From: Richmond, VA, USA
Status: offline
|
[QUOTE]Originally posted by Tom:
The reseller from whom I purchased 3.1 was able to reproduce the problem on one of his NT 4 servers, so the failure is not specific to our location or environment.
------------------------
Tom is correct that I was able to reproduce the issue on our internal WinNT 4.0 server. I will download the 3.2 release once it is available to see if the issue has been resolved.
Anthony
|
|
|
|
|
RE: LNSS falsely reporting 0 missing patches - 6.Mar.2003 6:22:00 PM
|
|
|
xnih
Posts: 2465
Joined: 30.May2001
From: Idaho
Status: offline
|
Note: I've gotten some updated info from someone else following this thread, so I removed any reference to Shavlik on this, the file hosted at MS is being updated entirely by them now, Shavlik was only involved in the initial creation of the file.
sorry for mixup.
eric
-----
quote:
Thanks. What specifically are you looking for in your ability to duplicate it there, beyond the results I've reported from this site and from the site of one of your resellers? Perhaps I can provide the information you're looking for.
Sorry, I think both of us spent our time trying to reproduce the issue of the 3 patches, add 1 reboot and rescan and have 0 missing patches. But as for patch 813951 and 811630 I can tell you why they are not currently detected is because they are not in the file mssecure.xml
I'm looking into that right now, it could be that MS decided that they were not that critical and did not add them themselves or you got me, it wasn't something we had any control over in 3.1
With version 3.1 GFI did not modify or have anything to do with the mssecure.cab file, it is controled and updated by MS. Starting with version 3.2 GFI will be modifing or generating their own file to work better with LNSS because of inconsistencies in certain things in that file.
With the current version of 3.2 neither of these patches are currently in there either. My guess is that is because they are not in the original mssecure.xml file.
Again, as to why they are not in the file, I have no idea, either MS has deemed they are not that important or something else (possbily trying to push users to Windows Update instead of their command line tool that uses this file), but they are not detected because they are not listed in the microsoft supplied file.
I'll pass it onto the person in charge of the mssecure.xml file that GFI now updates and see what they can do.
eric
[ March 07, 2003, 04:09 PM: Message edited by: xnih ]
|
|
|
|
|
RE: LNSS falsely reporting 0 missing patches - 7.Mar.2003 10:17:00 AM
|
|
|
xnih
Posts: 2465
Joined: 30.May2001
From: Idaho
Status: offline
|
Since modification of a post does not make it show up as new I thought I'd post a quick note here also, I was wrong in my assumption that Shavlik was still modifing the mssecure.xml file hosted by Microsoft, so the above post has been modified.
Still unsure why those patches are not listed in the mssecure.xml file from MS though. Looking into a way to fix that.
eric
|
|
|
|
|
RE: LNSS falsely reporting 0 missing patches - 7.Mar.2003 6:26:00 PM
|
|
|
aharbour
Posts: 2
Joined: 5.Mar.2003
From: Richmond, VA, USA
Status: offline
|
Eric,
This is something more of a new feature request, but it is related to the patch area, so I'm posting it here as a follow-up to your post regarding a seperate patch database of in LNSS.
It would be nice to see the same linking and descriptive information for the installed patches as the not installed and unable to detect sections. In my opinion, this is important for documentation purposes when performing a vulnerability scan and to get additional information on a particular patch.
Anthony
|
|
|
|
|
RE: LNSS falsely reporting 0 missing patches - 7.Mar.2003 7:07:00 PM
|
|
|
xnih
Posts: 2465
Joined: 30.May2001
From: Idaho
Status: offline
|
Tom,
in regards to the 0 when missing a service pack, you are correct, 0 actually refers to 0 missing hotfixes, not service packs, they are seperate issues, but I just sent that on on Wednesday, have not heard back on the plan there.
I'd prefer to see a seperate section for Service Packs, Missing Hotfixes, and Notes.
AnthonyH,
quote:
It would be nice to see the same linking and descriptive information for the installed patches as the not installed and unable to detect sections. In my opinion, this is important for documentation purposes when performing a vulnerability scan and to get additional information on a particular patch.
I'll pass it on.
Note though that you can look it up while within LNSS. Click on Patches > Find Bulletin
Both of you,
In regards to Patches 311630 and 813951, info from another user on this, through email, mentioned that the file mssecure.xml is for Security Hotfixes, even though at least one of these was a critical update (don't recall on the other), MS has not deemed them security fixes, but only updates and that is why they are not in the mssecure.xml file.
I don't know if GFI plans to look at adding these patches, or how that will be taken care of. I don't see any easy way to fix every issue with the way MS does things.
I'll send all this onto the development team, and remind them again about how it claims there are 0 missing patches, even if there is a missing SP, either getting it to increment the # if SP's are missing, or possibly adding another section for the number of missing SP's.
As for the other issue, in regards to MS not tagging them as Security fixes and not adding them to the mssecure.xml file we shall see.
eric
|
|
|
|
|
RE: LNSS falsely reporting 0 missing patches - 8.Mar.2003 10:48:00 AM
|
|
|
xnih
Posts: 2465
Joined: 30.May2001
From: Idaho
Status: offline
|
Office 2000 Gold must be patched with SR1 or SR1a before SP3 can be installed. Limitation provided by MS.
Already reported this to the development team earlier this week also. Seeing about getting it to make sure it mentions that SR1a needs installed also, before SP3.
You can find more on my personal way to patch it in this thread:
http://forums.languard.com/cgi-bin/ultimatebb.cgi?ubb=get_topic;f=1;t=000531
eric
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
|
Printable Version
LNSS falsely reporting 0 missing patches - 
