That means those updates didn't apply properly. What MBSA, and the HFNetChk tools it's a limited version of, do is actually check if the files updated by the patch are at the proper versions. Sometimes MS patches don't apply right, so even though you've downloaded and installed it, and Windows Update, which just checks if the registry says the patch is installed, says it's installed, it's not actually installed. It's unfortunate that MS patches often don't actually patch.. -----Original Message----- From: James Williams [mailto:jwilliamsat_private] Sent: Tuesday, September 24, 2002 4:52 PM To: Incidents; zeno Subject: Re: new IIS worm? (rcp lsass.exe) The only tool that I know of that almost does all of that is the MS Baseline Security Analyzer. It's a gui tool that scans your system and tells you what potential holes you have and tells you what patches you are missing. I have had some problems with it as far as the patches go because it will tell me that I'm missing updates that I know that I've already downloaded and installed. James Williams Network Systems Technician West Texas A&M University http://www.wtamu.edu ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Sep 25 2002 - 11:12:43 PDT