I seem to be getting results from internal scans that show any old vulnerability that appears patched. This derived from CVE-2009-3555 which is quite old. Servers examined show that the MS update has been applied. Is this a false positive?
This QID was updated in our Module Loader engine in Dec 2014. This is a non-auth finding as it is about remote services.
Info : Microsoft Security Advisory 977377
Our signature does perform a handshake with host application and does run a check for Cipher block chaining padding and other tests to confirm this. Chances of this being a false positive are low but support should get it confirmed via engineering.
If you are sure, the right patches were applied then please open a support case and update this thread when it's resolved.
Also for verification of the fix:
Retrieving data ...