Solved

Workstations rejecting patches/service packs

Posted on 2004-08-26
3
199 Views
Last Modified: 2013-12-04

I have some older PCs that don't seem to be accepting patches

I've attempted deploying the patches manually, but after a scan with Microsoft’s Baseline Security Analyzer, they still show as vulnerable.

In some instances, a PC won't accept except SP4 (over its current sp3 install)

in other SP4 machines, they are selective: where one won't accept any post sp4 patches and other another will reject every other patch.

I'm applying the patches in order and they even show up in the Add/Remove Program Wiz as being installed, but scans show they are vulnerable.  Are these readings bogus?

The PCs having the problem are all in the range of PII and Celeron processors with 400-500 mhz, 256mb ram and 5gig hard drives, with plenty of space.

This is my last attempt before I reload the machines with integrated SP4, so any advice help is appreciated.
0
Comment
Question by:Marketing_Insists
  • 2
3 Comments
 

Author Comment

by:Marketing_Insists
ID: 11904379
Sorry, this is regarding Windows 2000 and post sp4 hotfixes
0
 
LVL 2

Accepted Solution

by:
mellowmarquis earned 250 total points
ID: 11909088
Are the machines coming up with error messages when you try to install the patches, or does it seem to go through OK?

A few thoughts:

1. Are you logged in as the local Administrator with sufficient rights to all system directories when you a)install the patches and b)scan for patches

2. Are you installing locally or across the network? A dumb question maybe, but I like to cover all angles. Local is obviously preferable.

3. There are several tools to scan a PC to check which of these patches are installed and sometimes these scans can be less than honest, even with MBSA. You may want to try Shavlik HfnetchkPro:

http://www.shavlik.com/pHFNetChkPro.aspx 

and/or GFI LANguard N.S.S (eval)

http://www.gfi.com/lannetscan/?adclickid=1472336

and see if they come up with the same results.

4. If you have internet access, go to the MS download site and let it scan your machine that way. I find that is usually the most reliable way to check.

Hope this helps :)





0
 

Author Comment

by:Marketing_Insists
ID: 11928007

4.

Visisting windows update did the trick.

I'm so used to deploying patches remotly or personally with the pre-downloaded packages, the old stand-by slipped my mind.

Thanks!
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question