Absent Member.
Absent Member.
2747 views

patch management does not update the numbers for not patched

After depoying updates successfully, the patch management number does not change for not patched. the quantity should show 1 less and show that it has been patched
Labels (2)
0 Likes
28 Replies
Knowledge Partner Knowledge Partner
Knowledge Partner

spond;2180942 wrote:
Kjhurni,

seems I may be guilty of not checking if behaviour has changed in
recent versions, it appears to be tunning DAU for me now, I need to
double-check, but I think it's good now

--

Shaun Pond


cool. So (since I have a dumb question):

How does one "know" if a DAU is running after? To be honest, the only way I "knew" it did it in the old version is that you could watch it fire up the dagent.exe and write to the log file and stuff.
0 Likes
Absent Member.
Absent Member.

Kjhurni,

ZCC > Device > relationships > Assigned bundles > "Discover
Applicable..." > status

--

Shaun Pond


0 Likes
Absent Member.
Absent Member.

Fishoil,

I have 11 vulnerabilities showing for that KB - what's the exact title
of the vulnerability you're looking for, please?

--

Shaun Pond


0 Likes
Absent Member.
Absent Member.

seems that majority of the vulnerabilities are patched the issue is using patch management to deploy the updates. I have to re-cache the windows updates (already cached) then push out. After I see that the updated have been deployed and installed the patch and not patched numbers do not change
0 Likes
Absent Member.
Absent Member.

Fishoil,

now I am confused - all I want is the exact title of one of the
vulnerabilities...

--

Shaun Pond


0 Likes
Absent Member.
Absent Member.

2552343 Update for Windows 7 for x64 (KB2552343)
0 Likes
Absent Member.
Absent Member.

Fishoil,

ah, this looks "interesting" - it looks for HKLM\SOFTWARE
\PatchLink.com\Discovery Agent\NativeScan\61BFE3EC-A1DC-4EAB-9481-
0D8FD7319AE8\767B417D-EEB3-4759-8FA2-D1418BE5E1B7,"isInstalled"="True"
It has a pre-requisite that checks to ensure that that key exists.
That key would be created during the analyze phase...

--

Shaun Pond


0 Likes
Absent Member.
Absent Member.

once its deployed to the device?
0 Likes
Absent Member.
Absent Member.

Fishoil,

analyze will look on the system, and create that reg key, to determine
if the bundle applies - usually the patches just check filenames,
versions etc., but in this case it looks like it's more complicated

--

Shaun Pond


0 Likes
Absent Member.
Absent Member.

spond;2184738 wrote:
Fishoil,

analyze will look on the system, and create that reg key, to determine
if the bundle applies - usually the patches just check filenames,
versions etc., but in this case it looks like it's more complicated

--

Shaun Pond


its not a particular update, patch management deploys the update succesfully but does not update the database to show the difference between patched and not patched.
0 Likes
Absent Member.
Absent Member.

Hi Fishoil

I've had very similar issues, have you checked that patch nightly subscription routine is finishing. You can see this under ZCC in the configuration page and then the patch management section. I found this wasn't completing in our ZONE and thus seeing the same issue as you. Also depending on what version of 11 your running if 11.0 have you applied the patch 2 patches to the patch server itself (yep patches for patch :)) as this solved our issue of the patch subscription not completing each night.

Hope that makes sense and is some help.
0 Likes
Absent Member.
Absent Member.

patch management has yet to find march updates KB2667402, KB2621440, KB2665364, KB2641653 but ZPM has found them
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.