|
|
Hi,
To come back again on the problem with the KB831167 update:
The problem is:
This update is indicated by WSUS 3.0 to be needed by many of our Win 2000
SP4 clients with IE6 SP1, but after an install that seems to go OK, it is
immediately offered again as needed update.
When I tried to install it manually on one of the Win 2000 SP4 clients, a
pop-up told that I needed IE6 SP1 on the system to apply this update. But of
course IE 6 SP1 *is* installed on these clients.
So I did have a detailed look in WSUS 3.0, and checked the exact superseding
indications:
1) KB831167 is needed by many W2k SP4 clients with IE6 SP1, but cannot be
installed. It is superseded by KB867801
2) KB867801 is valid for Win2k and WinXP, but is expired and automatically
declined. It cannot be approved anymore, and is superseded by KB834707
3) KB834707 is only valid for WinXP, and not indicated as needed by any
Win2k client
When I go to the knowledgebase article KB834707 itself on the MS website, it
is stated that the update is valid for Win2k as well.
A patch can be downloaded that is valid for both Win2k and WinXP.
I did install this patch on one of the Win2k clients, and it installed OK.
But after that, WSUS still wants to install KB831167 on this client.
So it appears that there is something wrong in WSUS 3.0 with not offering
the KB834707 update for Win2k
Any other ideas?
Regards,
Ed
|
|
A follow-up on this:
It appeared that there indeed *is* a Win2k version of the KB834707 update on
WSUS 3.0
However, this update is indicated as expired and is automatically declined,
similar to the 867801 update.
This update is superseded by another (KB889293), which in turn is superseded
by yet another (KB867282), and so on.
After a range of 14 successive superseding updates it currently stops at
cumulative update KB931768.
And this KB931768 update *is* already installed on these Win2k clients, but
they still need KB831167 according to WSUS 3.0.
So it still is a mess with this update...
There must be something wrong with the superseding settings of this update
in WSUS 3.0 (and may be on Windows Update as well?).
Ed
"Ed" <no.spam[ at ]nospam.com> wrote in message
news:eyc%23xH6lHHA.1340[ at ]TK2MSFTNGP04.phx.gbl...
[Quoted Text] > Hi,
>
> To come back again on the problem with the KB831167 update:
>
> The problem is:
> This update is indicated by WSUS 3.0 to be needed by many of our Win 2000
> SP4 clients with IE6 SP1, but after an install that seems to go OK, it is
> immediately offered again as needed update.
> When I tried to install it manually on one of the Win 2000 SP4 clients, a
> pop-up told that I needed IE6 SP1 on the system to apply this update. But
> of course IE 6 SP1 *is* installed on these clients.
>
> So I did have a detailed look in WSUS 3.0, and checked the exact
> superseding indications:
> 1) KB831167 is needed by many W2k SP4 clients with IE6 SP1, but cannot be
> installed. It is superseded by KB867801
> 2) KB867801 is valid for Win2k and WinXP, but is expired and automatically
> declined. It cannot be approved anymore, and is superseded by KB834707
> 3) KB834707 is only valid for WinXP, and not indicated as needed by any
> Win2k client
>
> When I go to the knowledgebase article KB834707 itself on the MS website,
> it is stated that the update is valid for Win2k as well.
> A patch can be downloaded that is valid for both Win2k and WinXP.
> I did install this patch on one of the Win2k clients, and it installed OK.
> But after that, WSUS still wants to install KB831167 on this client.
> So it appears that there is something wrong in WSUS 3.0 with not offering
> the KB834707 update for Win2k
>
> Any other ideas?
>
> Regards,
>
> Ed
>
|
|
"Ed" <no.spam[ at ]nospam.com> wrote in message
news:egDiID7lHHA.3656[ at ]TK2MSFTNGP06.phx.gbl...
[Quoted Text] >> So I did have a detailed look in WSUS 3.0, and checked the exact
>> superseding indications:
>> 1) KB831167 is needed by many W2k SP4 clients with IE6 SP1, but cannot be
>> installed. It is superseded by KB867801
>> 2) KB867801 is valid for Win2k and WinXP, but is expired and
>> automatically declined. It cannot be approved anymore, and is superseded
>> by KB834707
>> 3) KB834707 is only valid for WinXP, and not indicated as needed by any
>> Win2k client
The key here is not just the operating system, but also the version of =IE=
installed on that operating system.
KB834707 was superceded for all versions of IE by KB867282 (MS05-014) -
which was a 2005 Cumulative Update. Ergo, KB834707 is not valid for *any*
installation of IE on any OS platform!
This is a history of IE updates that I posted in October, 2006. Note that
KB912812 was current as of Oct 2006; there have been several updates
released even since then. You should only approve for installation the
*latest* Cumulative Update applicable based on the version of IE installed
on the workstation(s).
=====================================================
Digging back into a previous post from a while back, I have this history of
updates to IE:
MS04-004 was released via WSUS as KB832894, which was superceded by KB867801
(MS04-025).
KB867801 was superceded by KB834707 (MS04-038).
KB834707 was superceded by KB867282 (MS05-014).
KB867282 was superceded by KB890923 (MS05-020).
KB890923 was superceded by KB883939 (MS05-025).
KB883939 was superceded by KB896727 (MS05-038).
KB896727 was superceded by KB896688 (MS05-052).
KB896688 was superceded by KB905915 (MS05-054).
KB905915 was superceded by KB912812 (MS06-013).
KB912812 was superceded by KB916281 (MS06-021) and is the current
Cumulative Security Update for Internet Explorer [ed. As of October, 2006].
[And] ...even if you're married to IEv5.5, the latest update for IEv5.5
would be
KB905915, the December 2005 Cumulativce Security Update for IE5.5
[ed. which is six revisions past KB834707!]
=====================================================
--
Lawrence Garvin, M.S., MCTS, MCP
Independent WSUS Evangelist
MVP-Software Distribution (2005-2007)
https://mvp.support.microsoft.com/profile=30E00990-8F1D-4774-BD62-D095EB07B36E
Everything you need for WSUS is at
http://technet2.microsoft.com/windowsserver/en/technologies/featured/wsus/default.mspx
And, almost everything else is at
http://wsusinfo.onsitechsolutions.com
.....
|
|
"Lawrence Garvin (MVP)" <onsitech[ at ]community.nospam> wrote in message
news:u$GA14zmHHA.588[ at ]TK2MSFTNGP06.phx.gbl...
[Quoted Text] > "Ed" <no.spam[ at ]nospam.com> wrote in message
> news:egDiID7lHHA.3656[ at ]TK2MSFTNGP06.phx.gbl...
>
>>> So I did have a detailed look in WSUS 3.0, and checked the exact
>>> superseding indications:
>>> 1) KB831167 is needed by many W2k SP4 clients with IE6 SP1, but cannot
>>> be installed. It is superseded by KB867801
>>> 2) KB867801 is valid for Win2k and WinXP, but is expired and
>>> automatically declined. It cannot be approved anymore, and is superseded
>>> by KB834707
>>> 3) KB834707 is only valid for WinXP, and not indicated as needed by any
>>> Win2k client
>
> The key here is not just the operating system, but also the version of
> =IE= installed on that operating system.
>
> KB834707 was superceded for all versions of IE by KB867282 (MS05-014) -
> which was a 2005 Cumulative Update. Ergo, KB834707 is not valid for *any*
> installation of IE on any OS platform!
>
> This is a history of IE updates that I posted in October, 2006. Note that
> KB912812 was current as of Oct 2006; there have been several updates
> released even since then. You should only approve for installation the
> *latest* Cumulative Update applicable based on the version of IE installed
> on the workstation(s).
>
> =====================================================
> Digging back into a previous post from a while back, I have this history
> of
> updates to IE:
> MS04-004 was released via WSUS as KB832894, which was superceded by
> KB867801
> (MS04-025).
> KB867801 was superceded by KB834707 (MS04-038).
> KB834707 was superceded by KB867282 (MS05-014).
> KB867282 was superceded by KB890923 (MS05-020).
> KB890923 was superceded by KB883939 (MS05-025).
> KB883939 was superceded by KB896727 (MS05-038).
> KB896727 was superceded by KB896688 (MS05-052).
> KB896688 was superceded by KB905915 (MS05-054).
> KB905915 was superceded by KB912812 (MS06-013).
> KB912812 was superceded by KB916281 (MS06-021) and is the current
> Cumulative Security Update for Internet Explorer [ed. As of October,
> 2006].
>
> [And] ...even if you're married to IEv5.5, the latest update for IEv5.5
> would be
> KB905915, the December 2005 Cumulativce Security Update for IE5.5
> [ed. which is six revisions past KB834707!]
>
Hi Lawrence,
Thanks for this addition.
I was aware of the IE version dependence.
However, the problem was with the KB831167 update for IE6 SP1 specifically:
this was still marked as needed by WSUS 3.0 although it was already very old
(from 2004), and superseded by that large range of other updates.
But the good news is that Microsoft solved this on May 18, by updating WSUS
3.0: the KB831167 update is now marked as expired, is automatically
declined, and cannot be approved anymore.
So it indeed seems that it was a mistake in the superseding settings of
WSUS, but the problem is solved now.
Regards,
Ed
|
|
"Ed" <no.spam[ at ]nospam.com> wrote in message
news:Ozpa887mHHA.3512[ at ]TK2MSFTNGP06.phx.gbl...
[Quoted Text] > Thanks for this addition.
> I was aware of the IE version dependence.
> However, the problem was with the KB831167 update for IE6 SP1
> specifically: this was still marked as needed by WSUS 3.0 although it was
> already very old (from 2004), and superseded by that large range of other
> updates.
The other part of this, Ed, is understanding how to interpret what the WUA
reports to WSUS where superceded updates are concerned.
When a chain of updates are available for detection, the WUA will report
*ALL* available updates as "Needed". The WUA will then detect/download the
*latest* available update that is approved for installation. Once this
update is installed (and the system restarted, if necessary), the WUA will
then rescind the reporting of the superceded updates as needed, report the
currently installed update as Installed, and when subsequent superceding
updates are approved, it will detect and report all of them as needed.
Thus, the general recommendation, particularly with respect to IE/OE
Cumulative Updates, is to Decline all superceded updates, and only approve
for installation the *latest* available Cumulative Update.
Note: This behavior is not unique to the IE/OE updates, but will happen on
any sequence of updates involving a supercession chain. It's just a lot more
prevalent with the IE/OE updates, because they've been released almost
monthly for the past two years.
> But the good news is that Microsoft solved this on May 18, by updating
> WSUS 3.0: the KB831167 update is now marked as expired, is automatically
> declined, and cannot be approved anymore.
Good! :-)
--
Lawrence Garvin, M.S., MCTS, MCP
Independent WSUS Evangelist
MVP-Software Distribution (2005-2007)
https://mvp.support.microsoft.com/profile=30E00990-8F1D-4774-BD62-D095EB07B36E
Everything you need for WSUS is at
http://technet2.microsoft.com/windowsserver/en/technologies/featured/wsus/default.mspx
And, almost everything else is at
http://wsusinfo.onsitechsolutions.com
.....
|
|
"Lawrence Garvin (MVP)" <onsitech[ at ]community.nospam> wrote in message
news:us6iCT$mHHA.2296[ at ]TK2MSFTNGP03.phx.gbl...
[Quoted Text] > "Ed" <no.spam[ at ]nospam.com> wrote in message
> news:Ozpa887mHHA.3512[ at ]TK2MSFTNGP06.phx.gbl...
>
>> Thanks for this addition.
>> I was aware of the IE version dependence.
>> However, the problem was with the KB831167 update for IE6 SP1
>> specifically: this was still marked as needed by WSUS 3.0 although it was
>> already very old (from 2004), and superseded by that large range of other
>> updates.
>
> The other part of this, Ed, is understanding how to interpret what the WUA
> reports to WSUS where superceded updates are concerned.
>
> When a chain of updates are available for detection, the WUA will report
> *ALL* available updates as "Needed". The WUA will then detect/download the
> *latest* available update that is approved for installation. Once this
> update is installed (and the system restarted, if necessary), the WUA will
> then rescind the reporting of the superceded updates as needed, report the
> currently installed update as Installed, and when subsequent superceding
> updates are approved, it will detect and report all of them as needed.
Yes, I was aware of that.
However, in this case WSUS 3.0 insisted in installing this old update
although it was not applicable and even impossible to install, as stated in
my initial post.
Regards,
Ed
|
|
"Ed" <no.spam[ at ]nospam.com> wrote in message
news:O3phLhInHHA.2452[ at ]TK2MSFTNGP04.phx.gbl...
[Quoted Text] >> When a chain of updates are available for detection, the WUA will report
>> *ALL* available updates as "Needed". The WUA will then detect/download
>> the *latest* available update that is approved for installation. Once
>> this update is installed (and the system restarted, if necessary), the
>> WUA will then rescind the reporting of the superceded updates as needed,
>> report the currently installed update as Installed, and when subsequent
>> superceding updates are approved, it will detect and report all of them
>> as needed.
>
> Yes, I was aware of that.
> However, in this case WSUS 3.0 insisted in installing this old update
> although it was not applicable and even impossible to install, as stated
> in my initial post.
Ahhh.. I misunderstood that it was actually downloading and attempting the
installation.
Yes.. definitely a detection defect.
--
Lawrence Garvin, M.S., MCTS, MCP
Independent WSUS Evangelist
MVP-Software Distribution (2005-2007)
https://mvp.support.microsoft.com/profile=30E00990-8F1D-4774-BD62-D095EB07B36E
Everything you need for WSUS is at
http://technet2.microsoft.com/windowsserver/en/technologies/featured/wsus/default.mspx
And, almost everything else is at
http://wsusinfo.onsitechsolutions.com
.....
|
|
|