Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Endpoint Management Community Blog

Patch Reporting Discrepancies - Am I Patched or Not?

Created: 10 Nov 2008 • Updated: 10 Nov 2008
BRING's picture
0 0 Votes
Login to vote

Standard Reports - You should be able to trust them, especially when they have to do with how complete your patching is in your environment. Normally you can check the reports (Like the "Microsoft Compliance and Vulnerability by Computer" report), and then go set up the correct tasks, and remediate the machines.

If you are like most administrators, you will know what bulletins and tasks you have enabled for distribution. So when you see them show up as vulnerable in the report it becomes very easy to be frustrated (and it could get you in trouble too!). The next thing to do is to be absolutely sure that your reports are accurate. You do this by spot-checking or auditing a few of the individual machines that are reported as vulnerable.

But what do you do when you find that the reports you trusted were wrong? The machines actually were ALREADY patched!

In a couple of cases, it has been noted that the installation of the Altiris Agent was corrupted on these machines. Complete removal and reinstallation of the agent took the machine right off of the vulnerable list.

In cases where the Altiris Agent has been upgraded a few times thru the various R1 to infinity updates, corruption has been seen, and while not common, can occur.

So, if you come across this again, and the number of affected computers appears to be small, the removal of the Agent and reinstallation might be the quickest ticket to complete compliance!