Video Screencast Help

Patch Compliance issue

Created: 30 Apr 2013 • Updated: 09 May 2013 | 1 comment
This issue has been solved. See solution.

Hello there,

Many of our company production servers do not have full compliance in patches from 2011 - current.

Would you please advise to:

1/ How to create a report to identify of what patches applicable, but are missing, not installed from 2011 - current.

2/ How to download all patches applicable to Windows Servers (2003, 2008) from 2011 - current

Thank you very much for your prompt support,

Charlie Tran

Operating Systems:

Comments 1 CommentJump to latest comment

Joshua Rasmussen's picture

Hello Charlie,

1. Out-of-box reports display this data. The Patch Compliance Reports show the vulnerabilities for the Bulletins, Computers and Updates in the environment.

  • Console > Reports > All Reports > Software > Patch Management > Compliance; view the Compliance by Computer Report
  • Change the Release Date From; input the date range that you would like to view, and refresh the report
  • Change the Operating System drop down; input the specific Windows Server OS needed to report on
  • Right-click > View Not Installed Computers by Bulletin; view the clients that need the Bulletin

2. Note the updates that are vulnerable to the OS Types from step one

  • Go to the Console > Actions > Software > Patch Remediation Center
  • Highlight the noted Bulletins; right-click > Distribute Packages.
  • Configure the Software Update Policy to run as needed, but keep in mind that best practice is to control the Software Update Cycle schedule on the Default Software Update Plug-in Policy.
  • This process is detailed further on KM: HOWTO56242 for PM 7.1 SP1+

Keep in mind that some clients may need to be troubleshot for updates failing to install as they may be experiencing anomalies (needing a reboot etc). Some of these topics are detailed on KM: HOWTO79448 and more specifically on TECH41678.

Hope this helps,