We are currently in the process of upgrading a bunch of servers to .NET 4.5.2 from older versions, 4.5 and 4.5.1. We are not using Software Updates to introduce the patch, but a staged application.
Nothing is wrong with the install of .NET, but an issue is popping up after the install and a client server gets it's post .NET updates. So far, every server is reporting all patches seen by SCCM as good and installed. The problem comes in that when Windows Update is run (and by extension, a NESSUS vulnerability scan is run) that a patch from 2015-05 is missing. In the case of Windows OS 2008/2008 R2, this missing patch is KB3035490. (There's also one for 2012, but I'll limit this question to just one OS.) I've done all my investigating of the patch. It is not showing in SCCM. It is marked as superseded from the Microsoft Catalog site. The patch that supersedes it is KB3135996. This patch was released 2016-05 and revised 2016-07. KB3135996 is available in SCCM, but servers are not seeing it as necessary post .NET 4.5.2. install. What I've tried so far: - To simply install KB3035490 from Windows Update. Installs fine, the patch is remediated and vulnerability scan comes back clean. - Downloaded KB3035490 from Microsoft Catalog directly and install it. Again, no issues, patch is remediated and vulnerability scan comes back clean. - Downloaded KB3135996 (the patch that supersedes the above) and install it. This also installs just fine and remediates the patch (disappears from WU) and the vulnerability scan is clean. One thing I noticed on both the page for KB3135996 as well as on the installer when I run it directly is that it was revised (text on web page as well as the V2 notation on the installer) on 7/12 but that any "changes" were only for LDR. Not sure if that's my issue or not? I guess I'm at a loss for where to go from here. Anyone have any bright ideas or possible guidance? Thanks, Erik
