Recommended Posts

Hi there. By the way, thanks for this software. I'm prepping to restore 8 workstations to their factory settings. I stumbled across APXP looking for a way to simplify the updating process.

I ran a test on my own system and did a full default install with APXP just to get an idea of how the interface worked and how long to expect it to take. My machine was pretty up to date already, but APXP found quite a few items that were not. Interestingly it determined that I had NOT installed quite a few updates that I know I already had. The Windows Update website was showing me clean. Regardless I went ahead and followed APXP's recommendations figuring it wouldn't hurt to reinstall some of these items.

For the most part there haven't been many problems. I ran into a weird MSIM thing where it got into a reinstall loop for some reason, but I was able to correct it by uninstalling and reinstalling. Also ODBC failed during APXP's first pass, but seemed to install fine on a minimal follow up pass. But a visit to WIN Update showed that an update now needed to be installed "Security Update for Microsoft Data Access Components (KB832483)".

The main problem that I want to address here though are the results of a Microsoft Baseline Security Analysis test I just ran. Can anyone explain these results if I just used APXP to bring this machine up to date? Microsoft Baseline Security Analyzer suggests that I manually update each one of these individually. Kinda defeats the purpose of APXP. Could these have been left over from previous updates, thus skipped by APXP? Are the updates provided by APXP out of date? Are these non-standard updates and thus not "caught" by WIN Update website? Thanks for any help!

Here are the results of the scan:

14 security updates are out of date or could not be confirmed.

Result Details

Windows Security Updates

Security updates that are out of date are marked with a yellow X

Score Security Update Description Reason

MS02-050 Certificate Validation Flaw Could Enable Identity Spoofing (Q329115) File version is greater than expected. [C:\WINDOWS\system32\crypt32.dll, 5.131.2600.1152 > 5.131.2600.1123]

MS02-071 Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation (328310) File version is greater than expected. [C:\WINDOWS\system32\win32k.sys, 5.1.2600.1335 > 5.1.2600.1134]

MS02-072 Unchecked Buffer in Windows Shell Could Enable System Compromise (Q329390) File version is greater than expected. [C:\WINDOWS\system32\shmedia.dll, 6.0.2800.1157 > 6.0.2800.1125]

MS03-005 Unchecked Buffer in Windows Redirector Could Allow Privilege Elevation (810577) File version is greater than expected. [C:\WINDOWS\system32\drivers\mrxsmb.sys, 5.1.2600.1239 > 5.1.2600.1143]

MS03-013 Buffer Overrun in Windows Kernel Message Handling could Lead to Elevated Privileges (811493) File version is greater than expected. [C:\WINDOWS\system32\ntkrnlpa.exe, 5.1.2600.1240 > 5.1.2600.1150] File version is greater than expected. [C:\WINDOWS\system32\ntoskrnl.exe, 5.1.2600.1240 > 5.1.2600.1150]

MS03-027 Unchecked Buffer in Windows Shell Could Enable System Compromise (821557) File version is greater than expected. [C:\WINDOWS\system32\shell32.dll, 6.0.2800.1502 > 6.0.2800.1233]

MS03-034 Flaw in NetBIOS Could Lead to Information Disclosure (824105) File version is greater than expected. [C:\WINDOWS\system32\drivers\netbt.sys, 5.1.2600.1332 > 5.1.2600.1243]

MS03-043 Buffer Overrun in Messenger Service Could Allow Code Execution (828035) File version is greater than expected. [C:\WINDOWS\system32\wkssvc.dll, 5.1.2600.1335 > 5.1.2600.1309]

MS03-045 Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code Execution (824141) File version is greater than expected. [C:\WINDOWS\system32\win32k.sys, 5.1.2600.1335 > 5.1.2600.1275]

MS04-004 Cumulative Security Update for Internet Explorer (832894) File version is greater than expected. [C:\WINDOWS\system32\urlmon.dll, 6.0.2800.1408 > 6.0.2800.1400]

Security updates that the tool cannot confirm as installed on the scanned computer are marked with a blue asterisk

Score Security Update Description Reason

MS03-008 Flaw in Windows Script Engine could allow code execution (814078) Please refer to 306460 for a detailed explanation.

MS03-030 Unchecked Buffer in DirectX Could Enable System Compromise (819696) Please refer to 306460 for a detailed explanation.

MS03-051 Buffer Overrun in Microsoft FrontPage Server Extensions Could Allow Code Execution (813360) Please refer to 306460 for a detailed explanation.

MS04-016 Vulnerability in DirectPlay Could Allow Denial of Service (839643) Please refer to 306460 for a detailed explanation.

Link to comment
https://www.neowin.net/forum/topic/176165-microsoft-baseline-security-analyzer/
Share on other sites

The baseline security adviser looks at the date of certain files. It makes sure they are set to the date for the files that they release to Windows Update. The APXP has many more updates rather then just the updates on WU, so the baseline security adviser checks files, looking for a date of 4/21/2004, and when it sees one of 5/23/2004 it thinks you are not secure, and wants you to install a older patch to replace the new file.

I hope I didn't lose you in there.

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • NTLite 2025.06.10473 by Razvan Serea NTLite is a Windows configuration tool that allows you to modify your existing Windows install or an image yet to be deployed, remove Windows components, configure and integrate, speed up the Windows deployment process. Reduce Windows footprint on your RAM and storage drive memory. Remove components of your choice, guarded by compatibility safety mechanisms, which speed up finding that sweet spot. Windows Unattended feature support, providing many commonly used options on a single page for easy setup. Easily integrate a single or multiple drivers, update or language packages. Package integration features smart sorting, enabling you to seamlessly add packages for integration and the tool will apply them in the appropriate order, keeping hotfix compatibility in check. One of the important new features of NTLite (compared to its predecessors) is the ability to modify an already installed the operating system, by removing unnecessary components. Supports Windows 11, 10, 8.1 and 7, x86 and x64, live and image. Server editions of the same versions, excluding support for component removals and feature configuration. ARM64 image support in the alpha stage. Does not support Checked/Debug, Embedded, IoT editions, nor Vista or XP. NTLite 2025.06.10473 changelog: Upgrade UI: Text size now set as host, more readable on some systems Post-setup: Loading progress improvement for the 99% delay Components: ‘Snipping tool’ compatibility option UI-Translation: Thanks for Romanian (Coman) Fix Updates: Parallel WinRE integration getting stuck Updates: Download overwrite previous Defender updates Settings: Win10 News widget disabling Download: NTLite 64-bit | 21.5 MB (Free, paid upgrade available) Download: NTLite 32-bit | 19.3 MB Link: NTLite Home Page | NTLite Features | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • You will be on builds 26100.4349 (24H2) No, some machines are on 26100.4351 updated 12 hours after the official release
    • I’d be wanting to offload it fast too, wasted desk real estate.
    • AMD Ryzen 9600X 6-core AM5 CPU is just $185 and you get a free 512GB NVMe SSD too by Sayan Sen If you are on AMD's AM4 socket or older Intel and are looking to upgrade your processor, AMD has the Ryzen 9600X for just $185 (purchase link down below), plus you get a free NVMe SSD as well. The deal comes hot on the heels of Intel also offering the Core i5-14600K for as low as just $200, which includes a 240 mm AIO liquid cooler. Check that deal out in this article if you want to go Team Blue. The AMD Ryzen 9600X is based on the latest Zen 5 design and is the company's best chip to date. This desktop CPU has six cores and 12 threads; it competes with Intel's 12th Gen i7 for productivity performance, and is almost as good as the 14th Gen i7 for gaming. The SKU does not include a cooler and so you will need to buy one separately. The technical specifications of the Ryzen 5 9600X are given below: Architecture: Zen 5 Process Technology: TSMC 4nm FinFET manufacturing process Core Count: 6 cores Thread Count: 12 threads Base Clock Frequency: 3.9 GHz Max Boost Clock Frequency: 5.4 GHz Total Cache: 6 MB + 32 MB (L2 + L3) Thermal Design Power (TDP): 65W PCI Express Version: PCIe 5.0 28 lanes (usable: 24) Overclocking: Unlocked for overclocking TjMax: 95 C Platform Socket: AM5 Memory capacity support: max 192 GB DDR5 Memory Speed: 2x1R DDR5-5600, 2x2R DDR5-5600, 4x1R DDR5-3600, 4x2R DDR5-3600 Get it at the links below: AMD Ryzen 5 9600X (includes Radeon 2CU Integrated Graphics) - 100-100001405WOF: $184.99 (Shipped and Sold by Amazon US) | $189.99 (Shipped and Sold by Newegg US + free 512 GB NVMe SSD) This Amazon deal is US-specific and not available in other regions unless specified. If you don't like it or want to look at more options, check out the Amazon US deals page here. Get Prime (SNAP), Prime Video, Audible Plus or Kindle / Music Unlimited. Free for 30 days. As an Amazon Associate, we earn from qualifying purchases.
  • Recent Achievements

    • Week One Done
      elsafaacompany earned a badge
      Week One Done
    • Week One Done
      Yianis earned a badge
      Week One Done
    • Veteran
      Travesty went up a rank
      Veteran
    • One Month Later
      somar86 earned a badge
      One Month Later
    • Week One Done
      somar86 earned a badge
      Week One Done
  • Popular Contributors

    1. 1
      +primortal
      506
    2. 2
      ATLien_0
      260
    3. 3
      +Edouard
      186
    4. 4
      +FloatingFatMan
      177
    5. 5
      snowy owl
      132
  • Tell a friend

    Love Neowin? Tell a friend!