Security threats arising out of unpatched Internet Explorer or third-party programs like Java or Adobe Flash are common. When patches become available to address vulnerabilities, they should be rolled out quickly.
Microsoft Patch Tuesday can have many critical updates, and it’s imperative for system administrators to have the right software to help diagnose and fix Windows Update Agent configuration problems. Using Patch Manager, you can:
The Microsoft update packages are automatically synchronized to the Patch Manager server. Notifications are available on the Patch Manager console and via email. Patch Manager helps you extend and leverage your existing Microsoft WSUS server, which allows you to quickly publish Microsoft, third-party, and custom packages in your environment. It’s easy to build custom update packages using the Package Wizard for deployment to multiple systems.
A comprehensive view of patch status and application vulnerabilities are provided through Patch Manager’s customizable reports. These can report over 500 fields of data using over 100 report definitions. Reports can be sorted, filtered, and grouped by application type, patch status, and WSUS target group. If you have custom packages (or software like Java with complex install scenarios) created for your environment that require a specific pre- and post-installation environment, you can automate these patches using built-in PackageBoot technology. Patch Manager in your WSUS environment helps you prevent security vulnerabilities by facilitating successful patching, which significantly reduces your patch workload.
WSUS is an excellent tool, but it lacks the ability to effectively schedule patches and report on patch status and inventory.
Despite using SCCM, when it comes to patch management and software distribution of non-Microsoft updates, things can get complicated.
The time between the discovery of an operating system or application vulnerability and the emergence of an exploit is decreasing.