Re: Why is MS04-011 (KB835732) not included in current MS05-05X updates?

I see your point about the newer patching format, which is actually
in ways a throw-back to how most vendors have traditionally done it.
I believe the hot patching was developed to address a few things,
including size on the wire issues (now that MS is keeping something
on order of half billion installed updated via Microsoft Update, etc..)

I would hope that as use of this evolves we may get a tool that will
assist in reviewing the on-machine manifest of applied patches and
resulting file revision levels.

XP SP2 was poor choice for ms04-011 example. Perhaps I should
have used the Update Rollup 1 for W2k.

--
Roger Abell
Microsoft MVP (Windows Server : Security)

"Andreas Eibach" <aeibach@xxxxxxxxxxxxx> wrote in message
news:dmoenf$su5$02$1@xxxxxxxxxxxxxxxxxxxx
>
> "Roger Abell [MVP]" <mvpNoSpam@xxxxxxx> schrieb:
>> Ms04-011 was issued for some OS+service-pack combinations
>> for which patches are not currently issued and so the ms04-011
>> patches as released may be of use to some people forced to be
>> at those versions.
>> But, as a general rule, if a system file is updated by a later patch
>> the base is taken as the latest version and so will include previously
>> released patches for the system file.
>
> Sure thing, but unfortunately, some of those more recent patches are
> "encoded" and it is hard to follow which system file(s) has/have been
> replaced this time.
> Just as a random example, 840987 has a load of _sfx_000?._p files
> inside, which make it a pain to follow what has been updated. It would
> have been better to keep up the "traditional" way of just including ALL
> updated system files in real, so that it is easier to follow what will
> be changed after the update is done.
> I can see no obvious reason for MS having changed to this technique of
> "encoding" the files.
>
>> For example, ms04-011 was
>> not issued for XP SP2 and is not needed on XP if at SP2.
> I know, but I'm on 2000 here. :)
>
> -Andreas
>
>


.