Super-seeded Bulletins

This issue has been solved. See solution.
yabru's picture
yabru
August 18th, 2009

Hi,

Hope someone can explain this to me....

Just had a look at a report under Patch Management;

View - Solutions - Patch Management - Reports - Agent Task Execution - Software Update Distribution Summary

Basically it listed the Bulletin MS09-019 as Vulnerable to almost 200 computers and NOT Executed by 200 computers.

When i looked at the Software Updates Tab on the local client, i noticed this Bulletin was Superseeded.

I had no idea by which one though, so thanks to a google search i noticed it was superseeded by MS09-034.

So the question is....is the best practise to now go and disable MS09-019 bulletin?
Shouldnt this happen automaitcally when the "Revise Software Update Task" runs?

Steve

Filed under: , , , , , ,
0 votes
jharings's picture
jharings
13 weeks 6 days ago

Revise software update task

only replaces an existing bulletin when an update to that specific bulletin has been updated (usually a major version) by Microsoft. For example you may look at a patch .exe that is being distributed, and it will have a V2 in it's name like Windows_XP_KB999999_V2.exe. That means the software update has been revised, and the revise software update task takes care of the 'heavy lifting' for you.

With v6, the only way to keep up to date on superseeded bulletins is to pay attention to the release notes and notifications, and do just as you have mentioned. Disable the old one, and create the new one. In v7 of Patch Management, this step can be automated.

Jim Harings
Technical Solutions Consultant
Xcend Group
http://xcendgroup.com

0 votes
KSchroeder's picture
KSchroeder
13 weeks 6 days ago

There is a report for Supersedence

Solution

Actually there is a built-in report you can run to view superseded Bulletins; when we first saw that with Patch 6.1 (?) we were sold on Altiris (coming from an environment where we used SUS, and tried to manually track supersedence, and that was before MS really did a good job of indicating that)!  I don't have access to my NS at the moment, but I think it is in the Patch bulletin reports (or you can pick it from the Drop-down list on Manage Software Updates tool).  I go through occasionally and run the report for "Fully Superseded" (err, however it is labeled) and then Disable any bulletins which are superseded.

Thanks,
Kyle
Symantec Trusted Advisor
If your question has been resolved, please be sure to click "Mark as Solution"! Thank you.

0 votes
SOLUTION
dfrancis's picture
dfrancis
11 weeks 1 day ago

Superseded Bulletins = Giant Chore

We've always struggled with this issue, as we have nearly 100 package servers in our environment and disk space is a premium on some of the older servers.

At least quarterly, I run the superseded bulletins report on all fully superseded bulletins then compare it to the list of bulletins we have staged / created a software update task for.  Based on comparisons between the two, I disable any software update task / bulletin that has been superseded by a newer bulletin we already have staged.

My only suggestion is to start with the most recent bulletins and work your way backwards.  Some bulletins like the cumulative Internet Explorer Security Update ones will only be superseded by the next newest bulletin.  If you start from the earliest bulletin and work your way forward you'll only pull your hair out!

0 votes