eEye Digital Security

Reposting this here as I do not think troubleshooting is the correct forum:

Ok, so this is the first time I've had an issue like this. I scanned a few servers this morning with updated Audits and I came up with a few vulnerabilities. Well I decided to do a windows update on all of the boxes and now I've got Cumulative IE secuirty updates popping all over my reports. The IE updates and ActiveX killbits appeared "old" but when I looked for more information the site said it was updated as of 10/13/2009....

I'm going to rollback all of the updates I performed but has anyone else encountered something along the same lines? MS Update screwy?

Thanks

Today is Patch Tuesday from Microsoft. 10/13/2009.

Hence patches may affect regex's in certain audits, depending on what changes are made from today's MS updates.

As a result, we will be releasing new audits for those patches, plus updating existing audits. Updates will come to address those.

 Thank you for the information. It appears I jumped the gun, as I verified after I posted this that the updates were certainly from today. I was however unware of the regex "issue"... How do I provide reasoning for the false positive in this situation without rolling back the updates?

If you're using Retina, you'll have to look at the Tested and Found values. Those are in the Audit Confirmation Details section of a Vulnerabilities Report.

You can correlate the Found Values with the patch vendor advisories for the affected versions to prove otherwise. I'm sure your auditor will understand.