QID 90673 was discovered on one host, after this MS11-004 was installed, however scanner still discovers this vulnerability.
How can we cope with it?
Thanx in advance.
(Unless there is nothing wrong with your hotfix installation).
Try rebooting the host followed by an authenticated scan (Not for PCI module).
You should log a False Positive Review submission if reboot does not work.
If you also have Qualys VM with you, try running a scan with just this QID against that host to see if the findings are any different. This might help the support team.
On Windows Server 2008, if ftpsvc.dll exists in the %SystemRoot%\system32\inetsrv directory, then the system contains a version of FTP Service affected by this vulnerability (Microsoft FTP Service 7.0 or Microsoft FTP Service 7.5). If the system contains ftpsvc2.dll in this directory, that indicates the presence of Microsoft FTP Service 6.0 on the system, which is not affected by this vulnerability.
Do you see both or just one?
Thank you Deb,
Unfortunately there is only one file: ftpsvc.dll, allthough update is installed. Are there any suggestions?
I would suggested opening an official request with Qualys Support so they can work with you per your specific situation.
Retrieving data ...