Topic
IC4NOTICE: developerWorks Community will be offline May 29-30, 2015 while we upgrade to the latest version of IBM Connections. For more information, read our upgrade FAQ.
4 replies Latest Post - ‏2014-06-24T05:32:03Z by BaiYunfei
searchlight
searchlight
9 Posts
ACCEPTED ANSWER

Pinned topic Relevance for MS14-030: KB2965788 (x64) needs to be adjusted

‏2014-06-17T13:46:30Z |

Hi Folks --

The relevance for fixlet 1403011, "MS14-030: Vulnerability in Remote Desktop Could Allow Tampering - Windows 7 SP1 - KB2965788 (x64)" needs to be adjusted.  After applying the fixlet, the relevance never evaluates to false, which causes the fixlet to fail even though the patch does apply successfully.

On Win7 x64 SP1, after the patch has been applied either by hand or by fixlet, the registry shows the following:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_none_180b5d515c919817]
@="7.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_none_180b5d515c919817\6.1]
"6.1.7601.17514"=hex:01
@="6.1.7601.18186"
"6.1.7601.17779"=hex:01
"6.1.7601.17830"=hex:01
"6.1.7601.18186"=hex:01
"6.1.7601.18465"=hex:01

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_none_180b5d515c919817\7.1]
"7.1.7601.16398"=hex:01
@="7.1.7601.18465"
"7.1.7601.18465"=hex:01

The existing relevance is looking for the default value in the 6.1 subkey to be "6.1.7601.18465", but the patch is leaving the default value unchanged at "6.1.7601.18186".  However, the "6.1.7601.18465" does appear as an individual value within the subkey.  I guess we need to check the individual value rather than the default value.

Strangely, the patch did modify the 7.1 subkey properly so that the "7.1.7601.18465" value is properly assigned as the default, but the 6.1 subkey is not properly modified.

  • BaiYunfei
    BaiYunfei
    77 Posts
    ACCEPTED ANSWER

    Re: Relevance for MS14-030: KB2965788 (x64) needs to be adjusted

    ‏2014-06-18T01:59:30Z  in response to searchlight

    Hi Searchlight,

    Thanks for reporting this issue, your analysis and the registry key export provided is very helpful. We are looking into the issue and will get back to you in this thread.

  • BaiYunfei
    BaiYunfei
    77 Posts
    ACCEPTED ANSWER

    Re: Relevance for MS14-030: KB2965788 (x64) needs to be adjusted

    ‏2014-06-21T03:52:32Z  in response to searchlight

    Hi Searchlight,

    Kindly try out the custom copy attached. Thanks!

    • nberger91
      nberger91
      30 Posts
      ACCEPTED ANSWER

      Re: Relevance for MS14-030: KB2965788 (x64) needs to be adjusted

      ‏2014-06-23T09:15:05Z  in response to BaiYunfei

      Hi, Tested successfully. Please propagate 32bit and 64bit Fixlets to production.

      • BaiYunfei
        BaiYunfei
        77 Posts
        ACCEPTED ANSWER

        Re: Relevance for MS14-030: KB2965788 (x64) needs to be adjusted

        ‏2014-06-24T05:32:03Z  in response to nberger91

        Hi Nick,

        Thanks for the prompt response and feedback. The fix has been published to site Patches for Windows (English), version 2020.