Patch Management Group

 View Only
  • 1.  KB4011284 not being detected as installed.

    Posted Jan 24, 2018 11:25 AM

    The detection rule for lync2013-kb4011284-fullfile-x86-glb.exe does not appear to work properly.  We are seeing that patch showing up in the agent as uninstalled when it is installed.  The original run appears to work properly but the patch is not properly detected and so it tries to run again each patch cycle.  It fails because the patch is already installed.

    We have tried re-downloading the source and recreating the patch in the belief that it may have been updated after the initial posting.  No change in detection behavior was noticed.

     



  • 2.  RE: KB4011284 not being detected as installed.

    Posted Feb 01, 2018 08:24 AM

    If you have active maintenance in place with Symantec then open a call with them. When they help you resolve the issue, post back here and close off the query.

    Thanks!



  • 3.  RE: KB4011284 not being detected as installed.

    Posted Feb 09, 2018 02:52 AM

    Hi. Came here to look for similar issues.

    We see similar behaviour with several other updates: KB4072698, KB4078130

    Is something wrong with the assesment scan?



  • 4.  RE: KB4011284 not being detected as installed.

    Posted Feb 23, 2018 03:15 PM

    Mikkel,

    I believe what you are running into is different from what is originally reported for this thread.

    Please see the following KB article regarding this exactly: http://www.symantec.com/docs/TECH249167

    And this article for additional information: http://www.symantec.com/docs/INFO4782

    The two KBs you mention (KB4072698, KB4078130) are mutually exclusive and which one you want to implement in your environment will be determined by your businesses planned response to the Specter and MeltDown threat.

    One (KB4072698) Set the flag mentioned, and the other (KB4078130) un sets the flag.  When both are included in the Patch policy they "fight" over the setting.

    • On one run the flag is determined to be unset so KB4072698 triggers and sets it.
    • On the next run the flag is determined to be set and KB4078130 triggers and un sets it.
    • On the next run we are back in the first condition and this loop continues.

    The solution is to determine which state you wish for your computers to be in (flag set or unset) based on your businesses decisions on how to deal with the threat, and leave that policy enabled, and disable the other.

     

     



  • 5.  RE: KB4011284 not being detected as installed.

    Posted Apr 06, 2018 10:46 AM

    Thanks Michael. Had not spotted that.