AnsweredAssumed Answered

MS Office Remote Code Execution QIDs

Question asked by nathan.j.slinn on Jan 5, 2017
Latest reply on Mar 7, 2017 by Robert Malmrose

We currently have 100's of QIDs on our reports showing various outstanding MS Office patches that resolve RCE exploits. In trying to resolve these, we've gone through the following steps:-

 

  1. When we look at the corresponding KB/BIDs (as defined in the resolution advice) in SCCM we're not seeing them as required on these servers.
  2. When we run a manual MS update check on these servers, the patches Qualys is advising do not show as required.
  3. If we manually download and try to install one of the required KBs, the patch MSI won't install and says it's not required.
  4. If we force the patch to install via command line triggers, the patch doesn't update the dll file Qualys says is out of date.

 

Is anyone else seeing this? If so how are you patching these issues?

Outcomes