False Positive

[MatsBEkman]

https://file.io/8uY2uI
Regards
Mats

[bitsadmin]

Thanks Mats. Can you check the link? It shows a 404 for me.

[bitsadmin]

Hi Mats, please also check out the Eliminating false positives page on the Wiki. In case that does not drastically reduce the number of false positives, share the link with your outputs.

[MatsBEkman]

file.io don't work for me I attach file here
wesupdate_2019-03-07.zip

[MatsBEkman]

Also try this
https://file.io/NzjORR
I think I found out the problem
When I test it goes away 1 Download only

[MatsBEkman]

Running again with 0.94
https://file.io/S8zUVY
Eliminated the problem by investigating the different KBs and running with
wes.py systeminfo.txt -p KB4487044 KB4483452 KB4477029 KB4480979
I don't know if this is the correct procedure but it seems to me that Your source is not reliable when it comes to substitutions

[bitsadmin]

Hi Mats, thanks for your checks!

I also did some investigation and added your case as an example to the Wiki: https://github.com/bitsadmin/wesng/wiki/Eliminating-false-positives#example-2-mats

The main problem indeed is that the official source (MSRC, see the Developers page at the wiki for more info), is frequently missing information about supersedence. In my experience the Microsoft Update Catalog usually contains the correct information, so a manual check needs to be performed on the output of wes.

As far as I know the Microsoft Update Catalog does not provide an API to obtain all information about supersedence which could be used to complement (or even replace) MSRC.

Just curious, does your system allow the installation of KB4483452 if you manually download it from the Microsoft Update Catalog? Url: https://www.catalog.update.microsoft.com/Search.aspx?q=KB4483452

[MatsBEkman]

Im offline now but I can try later in the weekend or monday Thanx for good work I agree supersedence data is missing I went thru mine manually and on some it was written and on some missing and You had to assume that the later update of the same issue contained the previous one as the update did not indicate that the previous one was necessary Regards Mats fre 8 mars 2019 kl. 18:03 skrev Arris Huijgen <[email protected]>:

Hi Mats, thanks for your checks! I also did some investigation and added your case as an example to the Wiki: https://github.com/bitsadmin/wesng/wiki/Eliminating-false-positives#example-2-mats The main problem indeed is that the official source (MSRC, see the Developers page <https://github.com/bitsadmin/wesng/wiki/Developers> at the wiki for more info), is frequently missing information about supersedence. In my experience the Microsoft Update Catalog <https://www.catalog.update.microsoft.com/> usually contains the correct information, so a manual check needs to be performed on the output of wes. As far as I know the Microsoft Update Catalog does not provide an API to obtain all information about supersedence which could be used to complement (or even replace) MSRC. Just curious, does your system allow the installation of KB4483452 if you manually download it from the Microsoft Update Catalog? Url: https://www.catalog.update.microsoft.com/Search.aspx?q=KB4483452 — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#19 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AuFw-8jgpyjw55ElKTvALlrAjwBZfTabks5vUpfZgaJpZM4bjsqQ> .

-- Med Vänlig Hälsning Mats Regards Mats

[MatsBEkman]

https://support.microsoft.com/sv-se/help/4486553/march-1-2019-kb4486553 I think this is the latest and replaced all previous in this matter I am not sure but I guess this is the readon You want me to try installing manually Until tried I disagree a little of the analyse in the example Regards Mats fre 8 mars 2019 kl. 23:53 skrev Mats Ekman <[email protected]>:

Im offline now but I can try later in the weekend or monday Thanx for good work I agree supersedence data is missing I went thru mine manually and on some it was written and on some missing and You had to assume that the later update of the same issue contained the previous one as the update did not indicate that the previous one was necessary Regards Mats fre 8 mars 2019 kl. 18:03 skrev Arris Huijgen ***@***.***>: > Hi Mats, thanks for your checks! > > I also did some investigation and added your case as an example to the > Wiki: > https://github.com/bitsadmin/wesng/wiki/Eliminating-false-positives#example-2-mats > > The main problem indeed is that the official source (MSRC, see the Developers > page <https://github.com/bitsadmin/wesng/wiki/Developers> at the wiki > for more info), is frequently missing information about supersedence. In my > experience the Microsoft Update Catalog > <https://www.catalog.update.microsoft.com/> usually contains the correct > information, so a manual check needs to be performed on the output of wes. > > As far as I know the Microsoft Update Catalog does not provide an API to > obtain all information about supersedence which could be used to complement > (or even replace) MSRC. > > Just curious, does your system allow the installation of KB4483452 if you > manually download it from the Microsoft Update Catalog? Url: > https://www.catalog.update.microsoft.com/Search.aspx?q=KB4483452 > > — > You are receiving this because you authored the thread. > Reply to this email directly, view it on GitHub > <#19 (comment)>, > or mute the thread > <https://github.com/notifications/unsubscribe-auth/AuFw-8jgpyjw55ElKTvALlrAjwBZfTabks5vUpfZgaJpZM4bjsqQ> > . > -- Med Vänlig Hälsning Mats Regards Mats

-- Med Vänlig Hälsning Mats Regards Mats

[bitsadmin]

I agree, I am also not exactly sure about this remaining patch. The Windows Update tool on your machine is the definite answer: in case Windows Update does not list any remaining updates, your system must be fine and the data in the Windows Update Catalog website is incomplete.

[MatsBEkman]

Windows Update did not list any remaining updates on friday(same on thursday) This is why I posted on the site Maybe it has to do with my build is so new? Look file I posted with build number Regards Mats sön 10 mars 2019 kl. 18:27 skrev Arris Huijgen <[email protected]>:

I agree, I am also not exactly sure about this remaining patch. The Windows Update tool on your machine is the definite answer: in case Windows Update does not list any remaining updates, your system must be fine and the data in the Windows Update Catalog website is incomplete. — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#19 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AuFw-6p3JcA06UprA9RlZwCzyO8P1QASks5vVUBpgaJpZM4bjsqQ> .

-- Med Vänlig Hälsning Mats Regards Mats

[bitsadmin]

I guess the update is indeed too recent or so. Don't think we can do much about these issues if the latest data is still incomplete. Thanks for your input! Let's close this issue for now, and if you run into other unexpected behavior, feel free to open an new issue!

[MatsBEkman]

Agree unless API to Microsoft working or get old data there is nothing todo I will still use it for checking servers as intended because I dont patch the OS myself it is outsourced. What I did now was more of a QA It was an article about wes in IDG.SE this is were I found You Regards Mats mån 11 mars 2019 kl. 01:12 skrev Arris Huijgen <[email protected]>:

I guess the update is indeed too recent or so. Don't think we can do much about these issues if the latest data is still incomplete. Thanks for your input! Let's close this issue for now, and if you run into other unexpected behavior, feel free to open an new issue! — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#19 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AuFw-9cyzYiWO1oS9_YxqCjbyOs4aci-ks5vVZ9ugaJpZM4bjsqQ> .

-- Med Vänlig Hälsning Mats Regards Mats

[bitsadmin]

Ah interesting usage of the tool, hadn't thought of that usecase yet :)

If you want to perform this evaluation on a server park, it should be possible to collect the information from many servers using the Get-ComputerInfo PowerShell command (once implemented) and then use wes.py to evaluate if they are missing any patching. You can output the results to csv to generate nice statistics based on that.

[MatsBEkman]

I will try that for sure Thanx Regards Mats mån 11 mars 2019 kl. 20:43 skrev Arris Huijgen <[email protected]>:

Ah interesting usage of the tool, hadn't thought of that usecase yet :) If you want to perform this evaluation on a server park, it should be possible to collect the information from many servers using the Get-ComputerInfo PowerShell command (once implemented) and then use wes.py to evaluate if they are missing any patching. You can output the results to csv to generate nice statistics based on that. — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#19 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AuFw-0BTgJB-Vl5shIKZYA8lnvxSxVwBks5vVrHhgaJpZM4bjsqQ> .

-- Med Vänlig Hälsning Mats Regards Mats