On Sep 13, 2007, at 12:35 AM, Lad, Amit wrote:

> Every month when Microsoft patches are released, I copy last  
> month’s session from NesssuWX, then add the new plugins to scan for  
> the new month.  So we get a cumulative picture of missing patches.   
> So on Friday, we have a list of servers in the results that were  
> showing as missing certain patches.  So in total we had about a 85  
> passing rate, and 15 failure last month, from a total of about 500  
> servers.  Failures are mostly due to Microsoft Office patches.
>
>
>
> So today when I created the new session that includes September’s  
> patches, I ran the session and in the results I no longer see any  
> of the vulnerabilities reported on Friday, but I do see, (which is  
> good) exploits for the September patches – which need to remediated.
>
>
<ads>
With the new client you could create just one session by selecting  
the MS bulletins family and you would not have to manually update it  
each month.
</ads>

>                 I started to wonder what happened to the other  
> patches from last month that were showing as vulnerable  
> (unpatched).  And I do see some systems here and there which are  
> reporting patches missing, but major ones like Service Pack 4 for  
> Windows 2000 Server, so I know the other plugins are working and  
> being scanned for.
>
>

Maybe your systems have been patched ? A bit more information about  
the missing patches you are thinking of could be useful (in private  
if you want).

> So my question is… Has something changed in which the dependencies  
> for patches work?
No.
>   And if it has been “corrected” have I been misreporting all this  
> time.  Because sometimes we get comments from our other IT  
> colleagues, that we are reporting as vulnerable, but when they go  
> to Windows Update site – no patches need to be applied.
>
>
We fixed our QA test for MS patches so there should no longer be any  
difference between Nessus and windows update, except if the tested  
product is not covered by Windows update (Office, Virtual Server,  
Visual Studio, ...).
The difference between the Nessus report and Windows Update can also  
be due to the fact your system has not been rebooted after the update.



Nicolas
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus

Reply via email to