I'm taking over for one of my colleagues on getting the CredSSP vulnerability patched across the board. Server 2016 and Windows 10 build 1067 require KB4103723 to resolve, but in patch management it is not listed. I searched and was given "There are no patches that satisfy the current filter."
KB4103730 for Server 2012 is not to be found.
KB4103725 is superseded by KB4284815 but KB4284815 is not to be found in Patch Management.
Looking to understand why this is. Even if superseded, it should still be listed.
email@example.com - I've tried to locate these patches and had mixed results.
I found no trace at all of KB4103723, but do have KB4103730 and KB4284815 in the list.
IE hasn't be working for a long time, since it won't load the complete list of patches. But Chrome has been consistent in loading the complete list of something like 15,000 to 20,000 patches.
What I do know about the complete list of patches, it only shows the patches a patch scan has actually determined a machine might need. So. there seems to be some reason why KB4103723 isn't found anywhere, but I have no idea why. You could just download the patch from the Microsoft catalogue, put it on your Kaseya server and create a procedure to download and install. That seems the best way to do it....
i had to manually download it and install it
If you are not running regular patch scans then superseded patches may not be listed - as pointed out the patch management database only lists patches that endpoints have determined are required *based on a scan against Microsoft's update servers*. Microsoft's update servers only offer the latest applicable updates, as you'd expect.
For Windows 10 / Server 2016 the updates are cumulative so assuming a recent patch scan you should be looking to approve the most recent KBs listed here - support.microsoft.com/.../windows-10-update-kb4462928 - you can see along the right hand side there are links for each Windows 10 version under which is the full history of patches for that version.
Here's the update for Server 2012 that has replaced all previous updates - support.microsoft.com/.../windows-server-2012-update-kb4462929. If in doubt search the update catalog e.g. www.catalog.update.microsoft.com/Search.aspx - click onto the name of the update you are after, then click the 'package details' tab to see if it has been superseded. Below you can see it has been replaced by the next month, and if you click that by the next month, and so on all the way up til the current 2018-10 patch.
Hope this helps!