A 2003 server died and a backup was restored onto new, different hardware. A repair install was then necessary, which backlevels many patches. The backup which we restored was from before the release of MS12-A10/Q2794220, MicrosoftFixit50971.msi. A vCenter scan says this fixit is needed, even though MS13-008/Q2799329 has been installed. Doesn't this week's OOB IE patch fix the vulnerability that the fixit bypasses? Shouldn't the fixit (and 2794220u "unfixit") be considered superseded by the IE patch? I can exclude the fixit from my scans, but I'd rather not have to do this indefinitely.
↧