3 Replies Latest reply on Mar 13, 2015 8:28 AM by cwinning

    After MS released FREAK (MS15-031) patches, we suddenly see patches missing for BEAST (MS12-006)




      we are using BladeLogic for Windows Patching, which under the hood uses the Shavlik engine.

      After we updated the Patch-Metadata XML's (hf7b, pd5) in BladeLogic yesterday, we see some weird behaviour regarding FREAK and BEAST patches.


      We have not deployed MS15-031 to any server yet, but doing a Patch-Analysis with the latest XML's reveals that "suddenly" all server ( > 80%) are missing patches of the Bulletin MS12-006.


      This is interesting, as MS12-006 also seems to address a SSL vulnerability (BEAST).


      Has anybody seen a similiar behaviour, or can explain, why this happens.

      I am asking here as non of the Shavlik XML updates in the past have mentioned, that there is an update in the detection logic for MS12-006. So we are really wondering why this pops up now all of a sudden.

      Again, we are just Analysing for Patches yet, not deploying.