The following will help with understanding differences between the reports:
- It is best practice to utilize the Compliance by Bulletin, Update and Computer reports when targeting for vulnerable Software Updates. These reports were designed for this specific reason; however, the Software Bulletin Details report was designed for a raw overall view of the Updates in the environment without any filtering and that includes the Superseded targeting.
- Patch Management will check for everything vulnerable documented by the vendor for the update to be applicable.
- Note: Patch Management will only roll out the Security Update(s) for the executable will run and perform as designed by the vendor.
- Deployment for Software Updates is managed mainly on the Console > Actions > Software Patch Remediation Center:
- View TECH198736 if there are any problems confirming the presence of a Software Update
- Other reasons that 3rd party tools will find different vulnerabilities:
- Windows Updates will check for OS vulnerabilities. So the updates for Exchange, SQL, etc are not checked by this tool.
- WSUS, Shavlik, and others also perform different checks and may find vulnerabilities that differ from Altiris.
- Specifically: MBSA, for part of the checks made are from the MSI Tables for confirmation - The MSI Table may not be refreshed when Altiris installs the update. Therefore, the update shows compliant for Altiris but not for MBSA. Manual installation will resolve this if needed.
Advisory: One tool may view a Software Bulletin as vulnerable, but another tool showing it is installed. This could be due to a different vulnerable Software Update within the Bulletin and the tool could be limited to only displaying the Bulletins without being granular to display Updates. Be sure to research the details pertaining to the vulnerable update.
- An easy method to check this; manually install the Software Update on a test machine and view the results. Then contact the vendor of that tool which appears to be inaccurate for review of the Rule targeting. If there is a question of Patch Management Solution targeting; review HOWTO95427.