Patch Management Solution

Scenario:

Selected a Software Update Bulletin (e.g. MS-01) for Windows 7. Client have a total of 1200 managed Windows 7 clients but the applicable number returns less than 1200. Given I have gathered an update assessment scan for on all Windows 7.

How can we know if that Software Update Bulletin (e.g. MS-01) for Windows 7 have/needs a prerequisite (i.e. update on another Software Update Bulletin) so a managed Windows 7 client can be added on applicable count data? Do we have a report on Altiris for that or a research for MS-01 must be done to know the prerequisites?

Thank you very much!!!

Any update guys?

At this time, this would be impossible to accomplish with Symantec Patch Management. Symantec Patch Management uses a third-party for patch data, which includes rules for prerequisites, installed, applicable, etc. Symantec does not have direct access to this information. Therefore, they have nothing that could provide this information. And engaging the third-party requires much manual effort. HTH

Thank you!!! Appreciate your response.

 I have also read something on this on their A4 model guide:

After identifying the new updates that have been released since your prior rollout, the next step in the Assessment Phase is to understand the nature of the issues being addressed by those updates.  This can only be done by reviewing the vendor security bulletins, security advisories and KB articles associated with the updates.

Since there is no unified mechanism for reviewing details about any particular update (each process is vender specific) we have included a URL to show an example of what one would look like:

http://www.oracle.com/technetwork/java/javase/7u17-relnotes-1915289.html

It is a best practice to research all potential updates before they are deployed to the population. This is not always feasible in every situation but it can eliminate a large number of problems up front.