When talking about mssecure.xml file used by HFNetChk, one of the
presenters mentions the following:
"Eric: Recently I've started not including the registry key information
in the XML file for various patches simply to force it to ignore doing
the registry key checks anyway, and to go straight on to do the file
checks, since we've found that those are much more reliable to begin
Earlier he mentioned how "in some cases folks have actually rolled their
own hotfixes, where they're writing all of the appropriate files for the
system, but aren't necessarily writing the registry keys to the system.
Or a system may have installed the service pack or another patch, which
has deleted or removed some of the registry keys."
Most of the OVAL queries check both registry keys and files which is not
a problem but I'm thinking maybe the file checks are sufficient. This is
because for some people, who manually replace files or use some
non-Microsoft management tool, the registry keys will never exist but
the file checks are a sure thing.
This is not really a big deal but it could possible save some typing for
those writing queries doing a lot of registry checks.