There is rising concern regarding MS10-015 causing BSOD on machines.  According to Microsoft and other sources in the Security world the issue is linked to Malware already on the machine when the patch is applied.  Microsoft has pulled the patch from WU likely to reduce impact to home users who are more likely to have Malware on their machines that could cause this, but the patch is still available in WSUS, SUS, and SCCM.  The patch is still available to Shavlik Customers as well.

 Shavlik Recommendations:

• Adequate Patch Testing in place – Microsoft tests patches before release and Shavlik does additional testing in our environments to ensure detection logic is correct and there are no widespread issues encountered with patching the machine.  Lab testing can only do so much.  It is highly recommended to implement any level of testing in your environment as well.  This will ensure environment specific variables we cannot reproduce will not cause you issues.  Your testing could be a group of Virtual machines representing a cross section of machines in your environment or it could be IT and a select group of users and servers.

• If you are concerned about the patch, are aware of recent Malware outbreaks in your environment, and\or patch testing resulted in machines encountering the BSOD, you can setup a template to scan for all other Security Patches except MS10-015.

Steps to do this:

1. Go to Patch Groups on the Navigation Bar and create a new patch group.  Call it MS10-015 and click Add Patches
2. Scroll down to MS10-015 and check the box and click select then click Save
3. Create a New Scan Template.  Call it something like “Security Patches Except MS10-015”. This by default is setup to scan for all security patches
4. In the Patch section select the Skip Selected and next to Patch Groups click … to browse and select your new patch group.
5. Scan using this new template and you wills can for all security patches except MS10-015. 

• If customers are experiencing a BSOD as a result of pushing MS10-015 they can contact Microsoft directly for support using the country specific numbers provided at support.microsoft.com/security. In North America, customers can call 1-866-PCSAFETY for this support.

Shavlik is experiencing an issue related to importing of scan results at a small number of customer sites who have applied the recently available NetChk Protect v7.2 Update 1 patch (SKB15726).  To mitigate this issue, we have pulled the v7.2 update 1 patch from our web site and from our XML data. 

You can verify if you have in fact applied v7.2 update 1 by going to your console and looking in the “Help – About” and your version number will be “v7.2.0 Build 343”.  If you have already applied this v7.2 update 1 patch (first available on Thursday, Jan. 28th in the early evening U.S. central time zone) to your NetChk Protect environment please refer to the recommendation below:

If you are running v7.2.0 Update 1 (i.e. v7.2 Build 343) AND are NOT seeing scan results when performing a patch scan; then please refer to the following Shavlik forum article: http://forum.shavlik.com/viewtopic.php?f=26&t=15823

IMPORTANT: Shavlik will advise all customers when the revised v7.2 update 1 patch is officially posted again and available for download.