I'm using the Nessus scanner to detect machines on campus that are vulnerable to last weeks ASN flaw in Windows. I tried last week, but the only plugin available then required registry access, which isn't very helpful on campus. There's a new plugin available now, however, that checks via an NTLM login. What we've discovered, is several machines that were updated via WindowsUpdate weren't really updated after all. Their registries think that the patch was installed, but the actual file wasn't replaced, so we're back to manually installing the patch on those machines.