Forum Thread: wrong patch - actually for Publisher 2007

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Microsoft
And, this specific program:
Microsoft Excel 2007

This thread has been marked as locked.
docho wrong patch - actually for Publisher 2007
Member 27th Apr, 2011 23:22
Ranking: 0
Posts: 3
User Since: 27th Apr, 2011
System Score: N/A
Location: DE
Hi there,

first of all, I have to say that this tool is really great and has helped me a lot since I got to know it. But recently I had a problem:

Secunia PSI says that my Excel and PowerPoint 2007 are insecure because Microsoft KB 982124 ain't installed. But this Patch is for Publisher 2007!

Maybe someone can update the definitions or whatever has to be done, to correct this? Thank you!

gjjean RE: wrong patch - actually for Publisher 2007
Contributor 28th Apr, 2011 07:34
Score: 192
Posts: 197
User Since: 9th Apr 2010
System Score: N/A
Location: LB
@ docho

Alongside with PSI you can download Belarc Advisor and see the results.

http://www.belarc.com/free_download.html

Good luck


--
HP pavilion DV6
Win 7 64bit - SP1
IE10 + MSSE4.3.215
Was this reply relevant?
+1
-0
Maurice Joyce RE: wrong patch - actually for Publisher 2007
Handling Contributor 28th Apr, 2011 09:36
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
If my memory serves me right there are elements of Publisher within the Office 2007 Suite & the PSI is correctly reading that meta data.

Sadly I cannot test it for U because I run Office Publisher 2010.

1. Have U run a manual Windows Update scan? Does that offer this as a download?

2. If it is not offered have U tried a manual install from here:

http://www.microsoft.com/downloads/en/details.aspx...

3. If that refuses to update it have U checked your Office install files using MBSA which is the oracle of all things Microsoft hotfixes?

The download link is here:

http://technet.microsoft.com/en-us/security/cc1849...

Forget the IT Professional bit which tends to put people off using it. Save it to desktop>run a scan from there - does that indicate U have hotfixes missing?

--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+1
-0
gjjean RE: wrong patch - actually for Publisher 2007
Contributor 28th Apr, 2011 10:48
Score: 192
Posts: 197
User Since: 9th Apr 2010
System Score: N/A
Location: LB
@ docho

For more info about your situation, please visit this site.

http://support.microsoft.com/kb/830335/en-US

Report back if you have any doubt regarding this matter.


--
HP pavilion DV6
Win 7 64bit - SP1
IE10 + MSSE4.3.215
Was this reply relevant?
+0
-0
jleckardt RE: wrong patch - actually for Publisher 2007
Member 28th Apr, 2011 14:04
Score: 0
Posts: 1
User Since: 16th Dec 2010
System Score: N/A
Location: US
This is the same problem that I am having. Secunia needs to get it straight. They now have it flagged twice. It is not causing any problems except that they notify me that I have a 97% rating.
Was this reply relevant?
+0
-0
docho RE: wrong patch - actually for Publisher 2007
Member 29th Apr, 2011 03:04
Score: 0
Posts: 3
User Since: 27th Apr 2011
System Score: N/A
Location: DE
Thank you all!

I knew, that Microsoft offers all Office Updates for a Suite via Microsoft Update even if you have only one of the programs installed. But as my connection is very slow, I always take only those that really affect my installed programs.

So do I get this right, Secunia PSI doesn't have an own "update definition list" or something like that, but instead checks which updates Microsoft offers for the installed products?
Was this reply relevant?
+0
-0
Maurice Joyce RE: wrong patch - actually for Publisher 2007
Handling Contributor 29th Apr, 2011 08:37
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
If Microsoft offer U a hotfix for Office U require that to be installed otherwise U could be affected by the vulnerability it is designed to prevent.

--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+1
-0
docho RE: wrong patch - actually for Publisher 2007
Member 29th Apr, 2011 14:20
Score: 0
Posts: 3
User Since: 27th Apr 2011
System Score: N/A
Location: DE
Actually that's not correct, if the update is not declared as an "Office 2007 Update" but as an Update for only one program like Publisher. If you don't have this program installed, then there's no harm in excluding the update.

Here's a quote from a Microsoft FAQ:
The Microsoft Office component discussed in this article is part of the Microsoft Office Suite that I have installed on my system; however, I did not choose to install this specific component. Will I be offered this update?

Yes, if the component discussed in this bulletin was delivered with the version of the Microsoft Office Suite installed on your system, the system will be offered updates for it whether the component is installed or not. The detection logic used to scan for affected systems is designed to check for updates for all components that were delivered with the particular Microsoft Office Suite and to offer the updates to a system. Users who choose not to apply an update for a component that is not installed, but is delivered with their version of the Microsoft Office Suite, will not increase the security risk of that system. On the other hand, users who do choose to install the update will not have a negative impact on the security or performance of a system.
Was this reply relevant?
+0
-0
Maurice Joyce RE: wrong patch - actually for Publisher 2007
Handling Contributor 29th Apr, 2011 17:06
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
OK - Up to U.

--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+0
-0

This thread has been marked as locked.