1 Reply Latest reply: Feb 27, 2014 8:17 AM by montrealpaul RSS

    How do I report superseded patches missing from Recommendations (and inconsistencies)

    montrealpaul

      Hi,

       

      This is a two-parter...

       

      First of all, I noted in this month's scan that there are two vulnerabilities reported which are superseded (long ago), but the Recommendation field does not say so, as it usually does:

      Vulnerability ID 6999, MS09-065, superseded by MS10-032

      Vulnerability ID 12973, MS12-034, superseded by MS12-074

       

      As well, sometimes the Recommendation refers to the patch by a URL ending with an '.aspx' extention, sometimes not; example:

      http://technet.microsoft.com/en-us/security/Bulletin/MS09-065

      http://technet.microsoft.com/en-us/security/bulletin/ms12-034.aspx

      Note, too, that one has MS in capitals, and the other not.

       

      Why does this matter? To process our large vulnerability CSV files, I use rather complex Excel sheets with, among other things, string manipulation formulae, and when these things change, it 'breaks' our reports.

       

       

      How can I report these things, so that they can be corrected? (please don't make me go through the whole painful ticket submission process!)

       

      Thank you!

       

      -Paul