MS04-011 and HFNETCHK
Posted on 2004-04-15
Hello. We've patched our machines for the newest round of holes using Shavlik and SUS. If we scan using Shavlik, everything looks good. However we also do an automated daily scan using the command line HFNETCHK. Today's report shows our Windows 2000 machines as not patched (we have 10 still in use, all 10 are unpatched according to HFNETCHK). Now it might be an error with the command line version, or it might be something else. I know I am paranoid since Blaster when we had 3 machines scan as patched even with the Blaster scanner, but the command line showed them unpatched and all three had blaster issues (they didn't catch blaster but they blue screened when attacked by it).
So has anyone else had this issue with MS04-11? I know I just uninstalled it from a W2K server and reinstalled (with appropriate reboots) and it still shows as unpatched. The system logs say that the patch was successfully installed. Shavlik and Windows Update believe it to be successfully patched. It's just a question if the command line is dumber or smarter than the rest.
Btw, one is a multi-processor server, a couple are single servers and a couple are low-end old workstations. It's just strange to me the PRO version is returning a safe result while the command line is saying unpatched.