Hello,
I am trying to deploy the latest MS Fix it-Tool (51026). Unfortunately after I installed it at the test-client-group, it is proposed again and again. I already had the same problem with another Fix it some time ago.
Does anyone know that behaviour and maybe has an idea to fix it? The Fix its come as normal msi-packages. It seems that the examination, if the update is already installed, does not work.
Thanks in advance.
Best regards,
docwaremf
Comments: I'm seeing this behavior as well, but only for some systems. The systems with this behavior generally fall into one of two categories: successful installations that then no longer show the hotfix as installable after detecting updates again, and failed installations that, according to the hotfix documentation, should have installed correctly. When I try to install the patch manually on systems where the patch fails, I'm getting the error “This Microsoft Fix it does not apply to your operating system or application version”, even though the update clearly applies as per the hotfix article. In fact, some systems that use the exact same image are getting this error while others install fine. Are you properly detecting the hotfix installation? The hotfix is packaged as an MSI, but does not install as MSIs normally do. Here's an excerpt from a conversation I'm having about this hotfix on the patchmanagement.org mailing list: > I’m currently detecting installation as the presence of the following keys: > > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{19b2ec23-d405-490d-be4b-385387efd0a1}.sdb > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3a9498f9-243d-424b-893a-8da0b0cfad53}.sdb > > If anyone has a better detection strategy, please let me know. [...] > When you install the MSI, it shows up in add/remove programs as CVE-2014-6352. [...] > That’s correct, and the Uninstall registry keys I listed are the keys associated with the CVE-2014-6352 entries on the Add/Remove programs list, at least as far as I’ve seen in my environment. I just don’t know if that covers all cases or if there are edge cases that I’m missing. > > I tried looking in the MSI file, but the MSI DB points to a binary installation detection mechanism, so that’s right out. (I don’t want to have to do any binary diving to look into this). > > The strings “19b2ec23-d405-490d-be4b-385387efd0a1” and “3a9498f9-243d-424b-893a-8da0b0cfad53” aren’t anywhere in the MSI DB. The product code listed in the MSI DB is {175A4173-EBD8-4FE9-907D-6CACC856D928}. “CVE-2014-6352” is found in the Component table and in the FeatureComponents table. The Component table lists “{4C231858-2B39-11D3-8E0D-00C04F6837D0}” as a ComponentId, but it’s not in the same row as any of the rows containing “CVE-2014-6352”, and doesn’t show up anywhere in the registry of a computer with the hotfix installed. > > The string “CVE-2014-6352” is found within the following registry keys on my systems after the Fixit is installed: > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{19b2ec23-d405-490d-be4b-385387efd0a1}.sdb > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3a9498f9-243d-424b-893a-8da0b0cfad53}.sdb > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\InstalledSDB\{19b2ec23-d405-490d-be4b-385387efd0a1} > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\InstalledSDB\{3a9498f9-243d-424b-893a-8da0b0cfad53} > > The strings “4C231858-2B39-11D3-8E0D-00C04F6837D0” and “175A4173-EBD8-4FE9-907D-6CACC856D928” are not present anywhere in the systems with the Fixit installed. > > The following files are also found on my systems with the hotfix installed (I found the files by looking at the data contained by the listed registry keys): > C:\Windows\AppPatch\Custom\Custom64\{19b2ec23-d405-490d-be4b-385387efd0a1}.sdb > C:\Windows\AppPatch\Custom\{3a9498f9-243d-424b-893a-8da0b0cfad53}.sdb > > It’s just odd that this is an MSI wrapped around a compatibility tool database install. More in that here: http://technet.microsoft.com/en-us/library/cc749169(v=ws.10).aspx > > (The fact that they’re managing this through the compatibility tool makes me think that this is a blocking patch rather than a fixing patch.)
I am trying to deploy the latest MS Fix it-Tool (51026). Unfortunately after I installed it at the test-client-group, it is proposed again and again. I already had the same problem with another Fix it some time ago.
Does anyone know that behaviour and maybe has an idea to fix it? The Fix its come as normal msi-packages. It seems that the examination, if the update is already installed, does not work.
Thanks in advance.
Best regards,
docwaremf
Comments: I'm seeing this behavior as well, but only for some systems. The systems with this behavior generally fall into one of two categories: successful installations that then no longer show the hotfix as installable after detecting updates again, and failed installations that, according to the hotfix documentation, should have installed correctly. When I try to install the patch manually on systems where the patch fails, I'm getting the error “This Microsoft Fix it does not apply to your operating system or application version”, even though the update clearly applies as per the hotfix article. In fact, some systems that use the exact same image are getting this error while others install fine. Are you properly detecting the hotfix installation? The hotfix is packaged as an MSI, but does not install as MSIs normally do. Here's an excerpt from a conversation I'm having about this hotfix on the patchmanagement.org mailing list: > I’m currently detecting installation as the presence of the following keys: > > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{19b2ec23-d405-490d-be4b-385387efd0a1}.sdb > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3a9498f9-243d-424b-893a-8da0b0cfad53}.sdb > > If anyone has a better detection strategy, please let me know. [...] > When you install the MSI, it shows up in add/remove programs as CVE-2014-6352. [...] > That’s correct, and the Uninstall registry keys I listed are the keys associated with the CVE-2014-6352 entries on the Add/Remove programs list, at least as far as I’ve seen in my environment. I just don’t know if that covers all cases or if there are edge cases that I’m missing. > > I tried looking in the MSI file, but the MSI DB points to a binary installation detection mechanism, so that’s right out. (I don’t want to have to do any binary diving to look into this). > > The strings “19b2ec23-d405-490d-be4b-385387efd0a1” and “3a9498f9-243d-424b-893a-8da0b0cfad53” aren’t anywhere in the MSI DB. The product code listed in the MSI DB is {175A4173-EBD8-4FE9-907D-6CACC856D928}. “CVE-2014-6352” is found in the Component table and in the FeatureComponents table. The Component table lists “{4C231858-2B39-11D3-8E0D-00C04F6837D0}” as a ComponentId, but it’s not in the same row as any of the rows containing “CVE-2014-6352”, and doesn’t show up anywhere in the registry of a computer with the hotfix installed. > > The string “CVE-2014-6352” is found within the following registry keys on my systems after the Fixit is installed: > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{19b2ec23-d405-490d-be4b-385387efd0a1}.sdb > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3a9498f9-243d-424b-893a-8da0b0cfad53}.sdb > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\InstalledSDB\{19b2ec23-d405-490d-be4b-385387efd0a1} > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\InstalledSDB\{3a9498f9-243d-424b-893a-8da0b0cfad53} > > The strings “4C231858-2B39-11D3-8E0D-00C04F6837D0” and “175A4173-EBD8-4FE9-907D-6CACC856D928” are not present anywhere in the systems with the Fixit installed. > > The following files are also found on my systems with the hotfix installed (I found the files by looking at the data contained by the listed registry keys): > C:\Windows\AppPatch\Custom\Custom64\{19b2ec23-d405-490d-be4b-385387efd0a1}.sdb > C:\Windows\AppPatch\Custom\{3a9498f9-243d-424b-893a-8da0b0cfad53}.sdb > > It’s just odd that this is an MSI wrapped around a compatibility tool database install. More in that here: http://technet.microsoft.com/en-us/library/cc749169(v=ws.10).aspx > > (The fact that they’re managing this through the compatibility tool makes me think that this is a blocking patch rather than a fixing patch.)