4 Replies Latest reply on Oct 13, 2015 7:06 AM by cwinning

    Shavlik says 0 missing patches and after a while 1 missing patch

    alexwu Rookie

      Hello,


      Version:

      Shavlik Protect Standard 9.1.0

      Build: 4334

       

      I have a issue that i didn.t experienced before. For example i am making a scan, i have 3086255 MS15-097  detected as missing, after that i deploy the patches and after a new scan i have 0 missing patches.

      After a while (some hours), if i make a new scan i have MS15-097 detected again as missing.

      Checked event viewer and logs and is seems that the patch was not installed. Then why Shavlik says it is installed (based on the second scan) and on the third scan it appears as missing ?

       

      This is affecting not one patch consoles, there are different patch consoles on different clients.

        • 2. Re: Shavlik says 0 missing patches and after a while 1 missing patch
          Rookie

          Hi,

           

          How did you resolve this? I have the same issue..

           

          thanks

          • 3. Re: Shavlik says 0 missing patches and after a while 1 missing patch
            alexwu Rookie

            Actually i didn.t, the client didn.t care about that missing patch, now he cares about it so investigation in progress :


            MS15-097 contains more KB, first we are detecting MS15-097 Q3087039+Q3087135 and after install and reboot (plus several hours)  MS15-097 Q3086255 .

             

            My only concern is why we are NOT getting MS15-097 Q3086255 detected as missing imediatelly after restart and scan; Shavlik is seeing it as missing only after some time.


            Help Shavlik ??!!

            • 4. Re: Shavlik says 0 missing patches and after a while 1 missing patch
              cwinning CommunityTeam

              Hello,

               

              Here are the scenarios that may cause this, this is the best we can do without logs capturing the issue.

               

              • First, MS15-097 may show up more than once depending on what is installed on the target machine.  There are versions of the patch that pertain to the OS, Office and Lync 2013.
              • At least one version of the MS15-097 requires perquisite patches to be installed before detecting/installing it.
              • It's possible first scan and deployment installed the OS version of MS15-097, it also installed 1 or more prerequisites for MS15-097.
              • The subsequent showed the MS15-097 (MS Lync 2013 version) as missing because the prerequisites 

               

              This is from the MS bulletin page:

               

              Are there any prerequisites for any of the updates offered in this bulletin for affected editions of Microsoft Lync 2013 (Skype for Business)?
              Yes. Customers running affected editions of Microsoft Lync 2013 (Skype for Business) must first install the 2965218 update for Office 2013 released in April, 2015, and then the 3039779 security update released in May, 2015. For more information about these two prerequisite updates, see:

               

              All of this information is from the MS bulletin page:  https://technet.microsoft.com/en-us/library/security/ms15-097.aspx

               

              More possible causes:

               

              • The 2nd scanned used newer content data which included newer patches or revised patches.
              • I do know that MS15-097 was revised at least once to correct a detection issue where it wasn't showing missing.

               

              I could give you a more concrete answer with logs that showed the first scan and then another set that showed the 2nd scan. Although I believe this will be impossible at this point unless you have machines that show the initial patches patches missing.

               

              Thanks,

              Charles