AU/MU/MBSA detection error with .Net Framework 2.0 SP2, KB976569 and KB974417 (MS09-061)

I have not received a reply from the Microsoft secure email alias yet (only
45 hours), so I thought I would retry my question here for a faster
response:

I deployed .Net Framework 2.0 SP2 (NetFx20SP2_x86.exe signed 2008-07-29)
along with the update KB976569 "Description of the .NET Framework 2.0 SP2
forward compatibility update for Windows XP and for Windows Server 2003"
last week on a couple of test Windows XP SP3 systems. As expected, the GDR
binaries were installed, version 2.0.50727.3607 for the three files
mscordacwks.dll, mscorlib.dll, mscorwks.dll. These three files are newer
than the same 3 GDR binaries included in MS09-061 2.0.50727.3603, so there
is no reason to install both updates, especially applying the older KB974417
after KB976569 is installed. I realize that the update.exe logic will
prevent the newer 3 KB976569 *.dll's from being overwritten, however there
is no need to apply these binaries if the detection logic is fixed.
Please verify this behavior and make the following changes:
1. Update the detection logic for Automatic Updates/Microsoft Update/Windows
Update/MBSA so these products detect KB976569 as including / supersedes
KB974417 (MS09-061).
2. Do not offer and automatically install via Automatic Updates (AU/WU/MU)
the .Net Framework 3.0 SP2, 3.5 SP1 to systems that just have .Net Framework
2.0 + KB976569 installed!
3. Update articles KB976569 and possibly KB974417 with the information that
both patches do not need to be applied
4. Lastly please indicate if this bug/behavior should also be reported thru
additional channels such as Microsoft Connect , TechNet/MSDN Managed forums,
or other groups at Microsoft for a quick and speedy resolution.

References:
http://support.microsoft.com/kb/976569 "Description of the .NET Framework
2.0 SP2 forward compatibility update for Windows XP and for Windows Server
2003" Article ID: 976569 - Last Review: February 24, 2010 - Revision: 2.0
http://support.microsoft.com/default.aspx?kbid=974417 "MS09-061:
Description of the security update for the Microsoft .NET Framework 2.0
Service Pack 2 and the Microsoft .NET Framework 3.5 Service Pack 1: October
13, 2009" Article ID: 974417 - Last Review: December 23, 2009 - Revision:
2.0
http://support.microsoft.com/kb/894199 "Description of Software Update
Services and Windows Server Update Services changes in content for 2010"
Article ID: 894199 - Last Review: February 23, 2010 - Revision: 241.0
http://www.microsoft.com/technet/sec.../ms09-061.mspx "Microsoft
Security Bulletin MS09-061 - Critical Vulnerabilities in the Microsoft .NET
Common Language Runtime Could Allow Remote Code Execution (974378)"
Published: October 13, 2009 | Updated: November 04, 2009 Version 1.2

The managed support service of the newsgroup microsoft.public.security is
now available instead on Windows Server security forum:
http://social.technet.microsoft.com/...curity/threads.
Would you please repost the question in the forum with the Windows Live ID
used to access your Subscription benefits? Our engineers will assist you in
the new platform.

In the future, please post your security-related questions directly to the
forums. If you have any questions or concerns, please feel free to contact

It is now Monday 2010-03-08 18:13 and I my question remains unanswered
via all of these methods:
microsoft.public.security /
microsoft.public.security.baseline_analyzer posted 2010-03-03 17:26 UTC
Windows Server forum posted 2010-03-04 18:07 UTC, post now seems to
be missing!
direct email to tngfb@microsoft.com sent 2010-03-05 16:57 UTC
direct email to secure@microsoft.com sent 2010-03-01 18:03 UTC

[garulf]

I had a similar problem, my machine kept try to install KB974417 but it never registered.

My fix was to uninstall KB976569 the add 974417 then reapply 976569.

Maybe they have to be done in the correct order