LANDesk Patch News Bulletin: Microsoft has Released KB2909569 to Provide Support for MDM Client 16-DEC-2013

Version 1

    LANDesk Security and Patch News



    • (December 16, 2013) Microsoft has released KB2909569 which is an update that fixes issues and adds support to MDM client in Windows RT 8.1 and Windows 8.1. This update contains the following improvements and fixes the following issues:

    Improvement 1

    The enrollment provisioning document supports intermediate certificates along with the device certificate and the root CA certificate. This update adds a management solution to provision a chain of more than two certificates onto the device.

    Improvement 2

    A new ResetUserPassword static method is added to the MDM_Client WMI class. This method is added to support a helpdesk-aided password reset scenario where the user of the device forgets the password. In this scenario, the administrator can push a known password to the device. The password must be sent to the user out of band of the management channel. When the user receives the known password and logs in to the device, they are forced to change the password.

    Improvement 3

    The MDM client supports an enrollment-on-behalf-of protocol, which allows a local administrator to enroll a standard user into management on the device.

    Issue 1

    The LockWorkstation static method in the MDM_Client Windows Management Instrumentation (WMI) class fails when it is called to lock a workstation.

    Issue 2

    The MDM client sends the first request to the management endpoint without providing the device client certificate. Then, the client looks for a specific error code, and reissues the request with the device client certificate included. However, certain server side Secure Sockets Layer (SSL) implementations cannot be configured to return the error code. Additionally, the client does not return the full certificate chain in the SSL handshake properly.

    After you install this update, a Transport Layer Security (TLS) mutual authentication session is properly negotiated.



    New Vulnerabilities

    • Vulnerability ID – 2909569_MSU


    Changed Vulnerabilities

    • Vulnerability ID – N/A


    New Patch Downloads

    • windows8.1-kb2909569-x86.msu
    • windows8.1-kb2909569-x64.msu


    Where to Send Feedback

    At LANDesk, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.


    Best regards,

    LANDesk Product Support


    Copyright © 2013 LANDesk Software.  All rights reserved. LANDesk is either a registered trademark or trademark of LANDesk Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.


    Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. LANDesk disclaims any liability with respect to this document and LANDesk has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit