Re: Baseline Security Tool

From: Stephan Betz [MSFT] (sbetz_at_online.microsoft.com)
Date: 05/17/03 

Date: Fri, 16 May 2003 17:39:52 -0700

Jim et al

The error message you see regarding a newer version of a DLL occurs when a
non-security related hotfix updates a DLL that is included in a security
update and is released AFTER the security update. MBSA checks the actual
file hash and version of all DLLs, hence it encounters a different version
than it was looking for (MBSA only looks for the files that are included in
a security hotfix, not all hotfixes). This is why you see the message that
you describe. This is nothing you should be concerned about, newer versions
include the security hotfix.
As for the updates that cannot be confirmed (these are called note
messages). If you know that you have installed the updates you can ignore
those messages. This occurs for example when a hotfix includes only one file
but in different versions (for example one for multiproc and one for
singleproc machines). In this example MBSA does not detect whether you have
a Multi- or Singleproc machine and it would always warn you that you are
missing the hotfix (you have the single proc patch installed, it flags the
multiproc file as missing, etc.). These messages show up in MBSA to let you
know that there is a hotfix out there that affects your machine and you
should apply it. Once you have it applied you can ignore this message. 

-- 
Regards,
Stephan Betz
Program Manager - Windows Security
This posting is provided "AS IS" with no warranties, and confers no rights.
"Jim Carlock" <anonymous@localhost> wrote in message
news:OMwEMcAHDHA.3692@tk2msftngp13.phx.gbl...
> I've got the same issues occuring:
>
> More specifically:
>
> File C:\WINNT\system32\hhctrl.ocx has a file version [5.2.3735.1] that is
> greater than what is expected [5.2.3669.0].
>
> And then there's the blue asterisks:
>
> Security updates that the tool cannot confirm as installed on the scanned
> computer are marked with a blue asterisk
>
> MS01-022
> MS02-008
> MS02-053
> MS02-064
> MS02-065
> MS03-008
>
> Also, the following problems are occuring trying to open Compiled Help
Meta
> files, .CHM...
>
> You are using an old version of Internet Explorer.
> Help may not display correctly.
> Please upgrade to the most recent version.
>
> Any help from Microsoft would be great.
>
> -- 
> Jim Carlock
> http://www.microcosmotalk.com
> Post your messages to the newsgroup for all to witness!
>
>
>

Relevant Pages

  • Re: Question...thank you
    ... They hold the uninstall information for each hotfix. ... Rick Rogers aka "Nutcase" MS-MVP - Windows ... Are these the updates for Windows XP that I ...
    (microsoft.public.windowsxp.newusers)
  • Re: Do I NEED ALL .net framework versions?
    ... hotfix and the latest security update in my PC right? ... Ideally, Automatic Updates will offer and install them without problems now; alternately, you can download and manually install the appropriate MS07-040 updates via the Download Center. ...
    (microsoft.public.windowsupdate)
  • Re: Baseline Security Tool
    ... > non-security related hotfix updates a DLL that is included in a security ... > update and is released AFTER the security update. ... > a security hotfix, not all hotfixes). ...
    (microsoft.public.win2000.security)
  • Re: BDS 2006
    ... I'm well aware of the differences between the updates and hotfixes. ... The hotfix 2 is described at http://info.borland.com/06/bds/bds2006_reg_updates_down.html The readme for that hotfix is copied below: ... This hotfix provides CaliberRM Integration to support CaliberRM 2005R2 SDK. ...
    (borland.public.delphi.non-technical)
  • Re: QFECHECK says KB953838 needs to be reinstalled
    ... Open Add/Remove Programs | make sure the Show Updates box is checked | Scroll down and tell us if the following is listed and the install date: ... MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002 ... This hotfix should be reinstalled. ... One for IE7 and the ...
    (microsoft.public.windowsupdate)