Re: hfnetchk reporting

Date: 07/29/02

To: "Ingersoll, Jared" <>
Date: Mon, 29 Jul 2002 16:54:04 -0400

Yes. I made some noise about this in April to no avail. Check the file list
in the patch against the actual files on your system and you will most
likely find that HFNetchk is correct in it's reporting and at least one
file you have on the system is actually older than what the patch installs.
You may also want to run hfnetchk with -v -z -b. This will give you a
verbose response and count only on the actual file signatures, not the
registry entries for what is supposed to have been patched.

 You can access my write-up from April on our web site under security
services. MS has never came back with any explanation.

Here's the nasty no good procedure I have been using for new machines:
   Service packing and applying the latest hotfix rollup
   After that, Windows Update has been doing an admirable job in the last
   month of finishing the patching
   Scan with hfnetcheck or MBSA after WU for anything missing and add it
   Finally do a scan to verify that you have them all. If you do, don't
   relax, there will be a new one tomorrow :-)

Good luck!
Strictly Business

                    Jared" To:
                    < cc:
                    m> Subject: hfnetchk reporting
                    02:28 PM


Several systems folks here have run into the issue of hfnetchk reporting
"Patch NOT Found" after applying the appropriate patches and rebooting.
seem to be consistent of both NT and 2000 (though I haven't replicated this
issue myself). Anyone run into this issue with hfnetchk.exe?

here's one particular patch on an NT 4.0 sp6a server:

Patch NOT Found MS02-006 Q314147