Vulnerability scanner saying that I need KB5036618 but already have KB5037036 installed.

RobM 71 Reputation points
2024-06-12T02:02:52.9333333+00:00

I'm using Microsoft Defender Vulnerability Management to manage a number of computers (all are Windows 10 64-bit Release 22H2 Build 19045.4529). It flags a number of missing .Net Framework 4.8.1 security KB's as missing on only one computer, even though they're all up to date. An example that it says is missing is KB5036618, but when trying to install this manually, it rejects it due to not being applicable to that computer. Upon further research, KB5037036 is installed, and they both seem to be addressing the same vulnerability (CVE-2024-21409).

My questions is, what is the difference between these two patches and why would the vulnerability scanner keep flagging it as missing only on one computer which appears to be identical to the other computers?

I've tried all of the steps to repair a corrupt Windows Update cache and the rest of it, but this has been occurring on this particular computer for months. It lists 8 different .Net Framework KB's as being missing as far back as December '22, despite being up to date.

Any ideas?

Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
11,784 questions
Microsoft Intune Updates
Microsoft Intune Updates
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Updates: Broadly released fixes addressing specific issue(s) or related bug(s). Updates may also include new or modified features (i.e. changing default behavior).
105 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Wesley Li 10,400 Reputation points
    2024-06-12T15:50:16.3133333+00:00

    Hello

    The issue you're encountering with the vulnerability scanner flagging KB5036618 as missing, despite KB5037036 being installed, seems to be related to the specific updates addressing the same vulnerability (CVE-2024-21409). According to the information available, KB5037036 is a cumulative update for .NET Framework 3.5, 4.8, and 4.8.1 for Windows 10 Version 22H2 released on April 9, 2024, which includes security and cumulative reliability improvements. On the other hand, KB5036618 is also a cumulative update for .NET Framework 3.5 and 4.8.1 for Windows 10 Versions 21H2 and 22H2, released on the same date, addressing the same vulnerability among other issues.

    It's possible that the vulnerability scanner is not recognizing the newer update (KB5037036) as covering the same vulnerability as the older one (KB5036618), which could be due to a number of reasons such as differences in how the updates are applied, registered, or recognized by the system.

    To resolve this, you might want to check the official Microsoft support articles for both updates to understand the differences and see the prerequisites for each.

    Additionally, ensure that the affected computer is indeed identical to the others in terms of system configuration, installed updates, and system behavior. Sometimes, even minor differences can cause such issues. If all else fails, you might need to consider manual intervention or a more in-depth system analysis to find the root cause.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.