Hey Timothy,
In my experiences you are one of the minority - most people want to
minimize user impact and just trust Microsoft if there is a discrepancy.
So if you like using our ruleset, then by all means don't change -
unfortunately that ruleset is not going to add in a check for this
hotfix until next month. I wish I could tell you otherwise, but thats
the situation right now.
Nate
Riegert, Timothy J. wrote:
> We've been using the Cisco checks and have noticed some instances where Windows Update reports no new updates to install, even though they are missing updates. Sometimes running a Windows Update fix script (re-registers .dlls, installs latest version of Windows Update client, etc.) fixes these computers and they'll be able to download the patches through Windows Update, but sometimes it doesn't help and they must manually install the updates. We are happy that the Cisco checks are helping to identify these discrepancies.
>
> Would I be accurate in stating the WSUS method assumes the Windows Update client is always working correctly?
>
>
> -----Original Message-----
> From: Cisco Clean Access Users and Administrators [mailto:[log in to unmask]] On Behalf Of Nathaniel Austin
> Sent: Monday, October 27, 2008 9:45 PM
> To: [log in to unmask]
> Subject: Re: Microsoft Patch
>
> Hey Mike,
>
> Word from the BU is that they will only update from Microsoft once a
> month, so this one will not go into the checks and rule set until next
> months Patch Tuesday release.
>
> So a preemptive apology to everyone out there who wants this now. I
> think there are some good custom checks that some of you have created to
> at least get it checked for in your environments in the meantime.
>
> I know this isn't really a consolation, but I think this again proves
> that the WSUS style requirement that checks against Microsoft's WU
> servers instead of our checks and rules is a much better option.
>
> Nate
>
> Mike Diggins wrote:
>
>> On Mon, 27 Oct 2008, Osborne, Bruce W. (NS) wrote:
>>
>>
>>> When I last checked this afternoon, Cisco still did not have their
>>> check published. What happened to the commitment to publish within 48
>>> hours of patch release??
>>>
>> I was wondering that myself. I checked a few times today to see if it
>> had been published. I normally only update my CCA servers once a
>> month, so as not to annoy my clients too much, but this one seems like
>> it needs special attention.
>>
>> -Mike
>>
|