Client Management Suite

 View Only

  • 1.  Resource Information

    Posted Sep 28, 2009 07:38 AM
    Hi,

    I have a question regarding the information in the resourse tab.

    In the Summaries tab (Resource Summary) it looks like the installed patches show up right,
    but in the inventory tab (Software Management, Patch management, Microsoft, Applicable Microsoft Software Update)
    installed patches sometimes show up as not installed (False).

    I hope someone can point me in the right direction as to why this happens, and maybe offer a way to fix it.


  • 2.  RE: Resource Information

    Posted Sep 28, 2009 10:13 AM
    is generated by inventory solution scans (not Patch Management inventory), and I believe that scan is the AeX OS Quick Fix Engineering dataclass. Those updates could be installed, but wouldn't be considered to be applied by Patch Management, unless a reboot has occured.

    Have you rebooted?


  • 3.  RE: Resource Information

    Posted Sep 28, 2009 03:36 PM
    ...Inventory basically is looking at the Updates branch of the registry as Jim said via the AEx OS QFE data.  Patch will actually report whether the patch is truly installed (i.e patch was installed, but some mischevious user or malware program replaced the patched/fixed .dll version with an older, vulnerable version).  Inventory Solution is rather trusting, Patch Management says "Show me the details!". :-)


  • 4.  RE: Resource Information

    Posted Oct 06, 2009 08:05 AM
    Hello,

    Thanks for the answers.

    We have tried reboot, but it's still the same inconsistency.
    Logging in to the system and checking in control panel shows that the patches are installed.


  • 5.  RE: Resource Information

    Posted Oct 07, 2009 10:14 PM
    There are errors from time to time in the "IsInstalled" rules Patch Management uses to determine if a particular update is installed (this has especially been a problem with various patches for MS Visio and Project, where the MS patch will update certain files if they are there, but not install them if they weren't previously present.  The Altiris rule checks for all the files listed in the MS KB article for the patch; sometimes if the file isn't present at all, it will flag it as Not Installed or Vulnerable, even though if you manually run the patch it will report that it is not applicable or has already been installed).

    Is this just happening for a particular patch/set of patches (i.e. various patches for MS Office) or is it random?  You may need to check the schedules you have set for the Vulnerability scans...Also, have a look at the following KB articles which may be applicable:
    https://kb.altiris.com/article.asp?article=25170&p=1
    https://kb.altiris.com/article.asp?article=41405&p=1
    https://kb.altiris.com/article.asp?article=42107&p=1