The detection rule for lync2013-kb4011284-fullfile-x86-glb.exe does not appear to work properly. We are seeing that patch showing up in the agent as uninstalled when it is installed. The original run appears to work properly but the patch is not properly detected and so it tries to run again each patch cycle. It fails because the patch is already installed.
We have tried re-downloading the source and recreating the patch in the belief that it may have been updated after the initial posting. No change in detection behavior was noticed.
If you have active maintenance in place with Symantec then open a call with them. When they help you resolve the issue, post back here and close off the query.
Hi. Came here to look for similar issues.
We see similar behaviour with several other updates: KB4072698, KB4078130
Is something wrong with the assesment scan?
I believe what you are running into is different from what is originally reported for this thread.
Please see the following KB article regarding this exactly: http://www.symantec.com/docs/TECH249167
And this article for additional information: http://www.symantec.com/docs/INFO4782
The two KBs you mention (KB4072698, KB4078130) are mutually exclusive and which one you want to implement in your environment will be determined by your businesses planned response to the Specter and MeltDown threat.
One (KB4072698) Set the flag mentioned, and the other (KB4078130) un sets the flag. When both are included in the Patch policy they "fight" over the setting.
The solution is to determine which state you wish for your computers to be in (flag set or unset) based on your businesses decisions on how to deal with the threat, and leave that policy enabled, and disable the other.
Thanks Michael. Had not spotted that.