I have a question about the relevance of the following fixlet 1102539
MS11-025: Vulnerability in Microsoft Foundation Class (MFC) Library could allow Remote Code Execution - Microsoft Visual C++ Redistributable Package SP1 (x64)
Our servers have the non SP1 version of this software - version 10.0.30319 installed and as a result Relevance 5 fails as it checks for a version greater than or equal to 10.0.40219.
However as the SP1 version is newer than the existing one - should this fixlet not install the new SP1 version? Or is it designed to only apply if SP1 is already installed.
As an experiment I copied the fixlet and changed the >= to <= in Relevance 5 and the resulting fixlet became relevant on 48 servers when the existing fixlet was relevant on none.
Can you advise me whether this fixlet is working as it is supposed to - I also looked at fixlet 1102519 MS11-025: Vulnerability in Microsoft Foundation Class (MFC) Library Could Allow Remote Code Execution - Microsoft Visual C++ 2010 Redistributable Package Gold (x64) which shows as remediated on the 48 servers and it checks for a version of >= 10.0.30319, so this may be as designed, but we are being advised that if we have version 10.0.30319 on a server, it is vulnerable and we need to install version 10.0.40219.