WelcomeEnterpriseSmall BusinessHome & Home OfficePartnersAbout Symantec
14 July 2004
Symantec Enterprise Security Manager™ OS Patches (Patch) module

The OS Patches (Patch) module checks for the presence of operating system and application patches that strengthen system security. Patch information is stored in Patch templates.

Symantec updates Patch templates with the Symantec ESM policy installer. This ensures that updated Patch templates for supported operating systems and applications are available for policies that are delivered with Security Update releases. Installing this update adds or updates the OS Patches policy and associated template files on the Symantec ESM manager.

The rapid response policy includes updates to the OS Patches (Patch) module templates that detect new vendor-released patches dated on or before July 14, 2004 for Windows Server 2003, Windows XP Professional, Windows 2000 Server, Windows 2000 Professional, Windows NT 4 Server, Windows NT 4 Workstation, HP-UX, AIX, Solaris, Red Hat Linux, Red Hat Enterprise Linux, and SUSE Linux Standard Server 8. The following applications are also supported: Microsoft Internet Explorer (IE), Internet Information Services Web server (IIS), SQL Server, Microsoft Exchange Server, Microsoft Outlook, and Microsoft Outlook Express.

This policy is designed for Symantec ESM agents running SU 17 (and later) versions of the OS Patch module. Symantec ESM agents running SU 16 are acceptable but not recommended. Due to a modification in the method used to extract version information, SU 17 or greater is required for Windows NT.

This update also includes rapid response support for the detection of multiple vulnerabilities that were disclosed by Microsoft on July 13, 2004.

MS04-018, Cumulative Security Update for Outlook Express 
MS04-019, Vulnerability in Utility Manager Could Allow Code Execution
MS04-020, Vulnerability in POSIX Could Allow Code Execution
MS04-021, Security Update for IIS 4.0
MS04-022, Vulnerability in Task Scheduler Could Allow Code Execution
MS04-023, Vulnerability in HTML Help Could Allow Code Execution
MS04-024, Vulnerability in Windows Shell Could Allow Remote Code Execution


ESM 5.5 & 6.0 users: To automatically install, use the link below or use LiveUpdate.

Download OS Patch Policy: BestPractice_OS_Patch_Updates_200407.17.exe Obsoleted

Note: For more information regarding this update, download the OS Patch Policy Release Notes.


Last modified on: Tuesday, 27-Jul-04 22:11:36