How did you resolve this? I have the same issue..
Actually i didn.t, the client didn.t care about that missing patch, now he cares about it so investigation in progress :
MS15-097 contains more KB, first we are detecting MS15-097 Q3087039+Q3087135 and after install and reboot (plus several hours) MS15-097 Q3086255 .
My only concern is why we are NOT getting MS15-097 Q3086255 detected as missing imediatelly after restart and scan; Shavlik is seeing it as missing only after some time.
Help Shavlik ??!!
Here are the scenarios that may cause this, this is the best we can do without logs capturing the issue.
- First, MS15-097 may show up more than once depending on what is installed on the target machine. There are versions of the patch that pertain to the OS, Office and Lync 2013.
- At least one version of the MS15-097 requires perquisite patches to be installed before detecting/installing it.
- It's possible first scan and deployment installed the OS version of MS15-097, it also installed 1 or more prerequisites for MS15-097.
- The subsequent showed the MS15-097 (MS Lync 2013 version) as missing because the prerequisites
This is from the MS bulletin page:
Are there any prerequisites for any of the updates offered in this bulletin for affected editions of Microsoft Lync 2013 (Skype for Business)?
Yes. Customers running affected editions of Microsoft Lync 2013 (Skype for Business) must first install the 2965218 update for Office 2013 released in April, 2015, and then the 3039779 security update released in May, 2015. For more information about these two prerequisite updates, see:
All of this information is from the MS bulletin page: https://technet.microsoft.com/en-us/library/security/ms15-097.aspx
More possible causes:
- The 2nd scanned used newer content data which included newer patches or revised patches.
- I do know that MS15-097 was revised at least once to correct a detection issue where it wasn't showing missing.
I could give you a more concrete answer with logs that showed the first scan and then another set that showed the 2nd scan. Although I believe this will be impossible at this point unless you have machines that show the initial patches patches missing.