MS10-015 FAQ

Version 1

    Why did Microsoft make changes to the vulnerability?

     

    On March 2, 2010. Microsoft released a new revision of  patch MS10-015 that is available for download on Windows Update. This revision is due to a change in the package installation logic that prevents the installation of the security update if certain abnormal conditions exist on a system.  These abnormal conditions on a system could be the result of an infection with a computer virus that modifies some operating system files, which renders the infected computer incompatible with the MS10-015 update.

     

    What changes were made?

     

    This was a change to the package installation logic.  The updated version of this patch is distributed through Windows Update only;  there were no changes to the security update binaries.  The version of MS10-015 that is available on the Microsoft Download Center have not changed and do not contain this new package installation.

     

    What is KB980966 for?

     

    KB980966 has the same detection logic that is used in the updated version of MS10-015 that is available on the Windows Update site.  The detection logic in this patch determines if the computer is compatible with MS10-015 or not.

     

    How is LANDesk addressing this issue?

     

    LANDesk has listed KB980966 as a dependency of MS10-015.  The client machine will process KB980966 first to determine that the client is compatible with MS10-015 before LANDesk will attempt to install MS10-015.

     

    Where can I find more information on MS10-015?

     

    http://www.microsoft.com/technet/security/Bulletin/MS10-015.mspx