Patch Management Solution

 View Only

  • 1.  ITMS 7.1 PM vs Windows/Microsoft Update?

    Posted Jan 17, 2013 04:31 PM

    I've been testing Patch Management Solution 7.1 on a set of VMs with their Windows Update (WU) set to receive updates "For Windows and other products from Microsoft Update" and have it just "Check for updates..." as a basis of comparison on what Windows detects as important updates and what Patch Remediation Center (PRC) offers me.  For the Microsoft updates in PRC, I tried just distributing those that had a Compliance less than 100% and Severity level anything but Unclassified.

    Now in WU on any given client, it's reporting that there are new (important) bulletins available.  At least for one KB, it was actually available under an MS12-Axx bulletin in the PRC which are listed as "Unclassified".  Should my patch management goal be to match whatever WU detects as important and deploy the same via PRC?  I'm a bit confused why WU deems a KB "important" whereas MS12-Axx lists it as "unclassified".  What's even more confusing is that I can't seem to find some KBs which WU lists in the PRC.

    So curious whether most of you are just deploying ALL Microsoft updates in the PRC or aren't concerned that WU will always say that new updates are available?  I'm wondering even if I blasted out everything MS from the PRC if WU will still show that additional updates are available?  Just trying to develop a methodology on what Microsoft updates I should be pushing out and didn't want to just distribute everything unless that's what many of you are doing.  At least for the MS12-Axx updates, they look like ones I'd consider deploying as well although not so sure about those MSWU ones.



  • 2.  RE: ITMS 7.1 PM vs Windows/Microsoft Update?

    Posted Feb 15, 2013 08:08 PM

    FYI: As far as my security guys are concerned in regard to their monthly network scans, machines are adequately patched so looks like even though Windows Update may report that there are important updates available, not necessary to distribute every single applicable Microsoft patch in the SMC.



  • 3.  RE: ITMS 7.1 PM vs Windows/Microsoft Update?

    Posted Mar 01, 2013 12:13 PM

    Clint have you seen any KB that you know have been pushed via Patch Solution but still show in Windows Update? 

    It’s been communicated to me that if certain updates are not installed with Windows Update they will not clear from Windows Update, even when the update have successfully been installed using Patch Solution.

    Rick



  • 4.  RE: ITMS 7.1 PM vs Windows/Microsoft Update?

    Posted Mar 01, 2013 02:28 PM

    Rick,

    No...I haven't come across this situation (at least for the random KBs I've been checking on).  I just don't like the fact that Windows Update classifies some KBs as Important and recommends they be installed whereas Patch Mgmt Solution may rate them as Unclassified under one of the MSWU bulletins.  To me, an unclassified severity implies that the updates are optional but WU seems to differ in this regard sometimes.

    Clint