Definitions for each main Software Update status in IT Management Suite

book

Article ID: 178981

calendar_today

Updated On:

Products

Patch Management Solution for Windows

Issue/Introduction

 

Resolution

The following is a review of the three main Software Update statuses returned to the Symantec Management Platform (SMP) Server from the Client's Windows System Assessment Scan (WSAS) results:

  • Applicable
    • This is from a reporting standpoint; derived from the fact the Software being patched is installed, the Software Update being reviewed has not been Superseded by the Vendor (e.g. Microsoft), and the targeted file/DLL is present on the Client as detailed by the Vendor providing the Software Update in question.
    • This status exists with the above parameters until the Software Update has been Superseded. Once the Software Update has been Superseded; Patch Management Solution will no longer target the update as Applicable for it is replaced by a newer Software Update from the vendor as outlined in TECH127440.
      • Note: With recent release of PMImport v7.2.x; the targeting for Superseded Updates appears to be working, yet they will not be listed in the canned Compliance Reports, but those reports may be updated to display Superseded Update Compliance via HOWTO84835, but this deployment is not Unsupported, for the reporting is set to target for the latest released Software Updates provided by the vendor. If there are problems deploying Superseded Updates; Support Team will direct to the supported method of deploying the newer updates which replaced them.
         
  • Installed:
    • Derived from the fact the Software Update is installed, the Software being patched is installed, and the targeted file/DLL is at or higher than the expected version to patch the vulnerability as detailed by the vendor providing the executable. 
       
  • Vulnerable / Missing:
    • Derived from the fact the Software Update is not installed, the Software being patched is installed, and the targeted file/DLL being below the expected version to patch the vulnerability as detailed by the vendor providing the executable. 
    • The STPatchAssessment.xml file details which file is targeted and is accompanied by the 'File version is less than expected' status to show the targeted file/DLL needs to be at a higher version for the Installed / Effectively Installed status to be in effect 
       
  • Effectively Installed:
    • Derived from the fact the single Software Update is not installed, the Software being patched is installed, yet the targeted file/DLL to be updated does not exist, or the targeted file/DLL is at or above the expected version to patch the vulnerability as detailed by the vendor providing the executable. 
    • This is most commonly the case when a major Software Update (e.g. Cumulative Rollup) or Service Pack is installed; which covers the vulnerability in the targeted file/DLL and sets this status to show no vulnerability with effectively installed.
    • Note: The single Software Update will not be listed in Add/Remove Programs as it is not technically installed, and it may even install if executed manually, but it is unnecessary as the file/DLL is updated and that is where the vulnerability lies, so Patch Reports will show Installed=TRUE to avoid duplicating the patch of the vulnerability as it is needed.

These status are detailed in the following locations:

  • Client-side:
    • STPatchAssessment.xml file found by default in the following directory: C:\Program Files\Altiris\Altiris Agent\Agents\SoftwareManagement\Software Delivery\{6D417916-467C-46A7-A870-6D86D9345B61}\cache
       
  • Symantec Management Platform - Server-side
    • Console > Reports > All Reports > Software > Patch Management > Compliance:
      • Windows Compliance by Update
      • Windows Compliance by Bulletin
      • Windows Compliance by Computer
      • Note: The status Effectively Installed will appear in the Compliance Reports as Installed, for the reasons detailed above meet the criteria for Installed per the Vendor's details so it would be listed as such
         
    • Console > Manage > Computers; highlight the Computer Name > right-click > Resource Manager:
      • Open View > Inventory > Data Classes > Software Management > Patch Management: Applicable Windows Software Update & Installed Windows Software Update