Continued from the above

Addition

EDITS

The problem is that practically no one is aware of the above.In my opinion, with MSXML 4.0 SP2 present, MSXML 4.0 SP3 should be offered through Windows/Microsoft Update, after which KB2758694 (was KB2721691) can be offered through Windows/Microsoft Update.The fact that MSXML 4.0 SP3 is not offered through Windows/Microsoft Update - with the result that security update KB2758694 (was KB2721691) is not offered - is very serious and worrying.14 July 2012, I reported this issue to Microsoft Netherlands.You can find the text of that report in this forum thread,, see the 26-07-2012, 10:23 post by Spiff:in which Spiff's 26-07-2012, 10:23 post: https://www.security.nl/posting/37160#posting324083 Unfortunately, I never received any reply from Microsoft to my 14 July 2012 report.Nevertheless, I hoped that Microsoft had taken the appropriate action.5 June 2013, I read this article,based on this Secunia report,which seems to show that the MSXML update issue is still not resolved.Thereon I contacted Microsoft again, to notify concerning this matter.Contacting Microsoft Netherlands it appeared that now the only option to report this issue was through Microsoft Community, Microsoft Netherlands referred me to that portal.That was why at 5 June 2013 I reported the issue through Microsoft Community.That report and the following correspondence,, you find here:26 June 2013 feedback from Microsoft was posted,including the following:(see page 2 of that Microsoft Community thread,the 26 June 2013 reply by forumbeheerder (= forum administrator) M. Linssen.)3 July 2013, I contacted Microsoft Security Response Center (MSRC).8 July 2013, Microsoft Security Response Center replied,andand 9 July 2013andThe fact that it's very serious and worrying that for Windows systems on which MSXML 4.0 SP2 is present, MSXML 4.0 SP3 is not offered through Windows/Microsoft Update, and as a result of that security update KB2758694 (was KB2721691) is not offered,and the fact that this problem won't resolve itself,and the fact that hardly anyone is aware of this issue,and the fact that because of that many users don't get MSXML 4.0 SP3 and security update KB2758694 (was KB2721691),and the fact that because of that many users have a Windows system on which there's a MSXML vulnerability that remains unpatched,Microsoft chooses to ignore all of this.The only thing left for me to do, is to offer this information in this way.Also read Sander Berkouwer's blog post: