Criteria for including patches in Microsoft patch templates for Symantec Enterprise Security Manager

Article:TECH137939  |  Created: 2010-08-18  |  Updated: 2011-09-20  |  Article URL
Article Type
Technical Solution



You want to know what criteria is used for including patches in Symantec ESM Windows patch templates.



ESM 6.5.3SP2, 9.x and 10 - SU24 and above.



Symantec generally includes Critical, Important and Moderate security related patches in the patch templates published in the patch policies. Symantec does not include patches rated "Low" by Microsoft.

Microsoft gives ratings to patches such as Critical, Important and Moderate.

From time to time there is not enough information available to technically check for the installation of a patch at the time of the publication of the patch - in that case this will be documented in the release notes of the patch policies. Patch policies can currently be found at the following location: The latest patch template can also be downloaded by means of LiveUpdate from within the ESM console.

Note: The Symantec ESM OS Patch policy updates the OS Patches (Patch) module templates and include all new security-related patches for the supported operating systems and applications.

The currently supported Windows operating systems are as follows:

  • Windows Vista Enterprise 32-bit
  • Windows Vista Enterprise 64-bit (x64)
  • Windows Server 2003 and 2008 64-bit (x64)
  • Windows Server 2003 and 2008
  • Windows Server 2003 and 2008 (Itanium)
  • Windows XP Professional 32-bit
  • Windows 7 on x86 and Opteron
  • Windows 2008 R2 on Itanium, Opteron, and Xeon

The currently supported applications are as follows:

  • Microsoft Internet Explorer (IE)
  • Microsoft .NET
  • Internet Information Services Web server (IIS)
  • Microsoft SQL Server
  • Microsoft Exchange Server
  • Microsoft Internet Security and Acceleration Server
  • Microsoft Outlook Express
  • Microsoft Visual Studio
  • Microsoft Windows Media Player
  • Microsoft Windows SharePoint Services

These patch policies are designed for the Symantec ESM agents running SU 24 (and later).

You can of course add in any patches you like to a custom template, please refer to the ESM checks and template reference for more information:

If you suspect an error with the published patch policies please contact your local technical support representative.


Article URL

Terms of use for this information are found in Legal Notices