5 Replies Latest reply on Jan 25, 2017 5:00 AM by cwinning

    3rd party software patching

    kaanfu Rookie

      We have automated our windows patching and now we need to expand patching to 3rd party softwares. There is no need to upgrade existing or distribute new softwares, we only need to patch existing softwares.

      We use agents to patch our windows machines. Is it enough that i disable software distribution in the patch scan template?

        • 1. Re: 3rd party software patching
          cwinning CommunityTeam

          Hello,

           

          Yes, that will be sufficient.  Only patches will be offered products currently installed on these machines when Software Distribution is not enabled.  Please be aware that updates to newer versions of 3rd party products a can be offered through normal patching if the product installed is no longer installed.

           

          Thank you,

          Charles

          • 2. Re: 3rd party software patching
            kaanfu Rookie

            Hello Charles,

             

            Do you mean that newer versions will be upgraded, if somebody happens to uninstall 3rd party software that was previously found on last patch scan?

            • 3. Re: 3rd party software patching
              cwinning CommunityTeam

              Hello,

               

              No new software will be installed if Software Distribution is disabled in the Scan Template. I would suggest scanning shortly before deploying the missing patches avoid confusion.  Don't scan then use this results to deploy days or weeks later.  It's bad practice since the environment on the client machine could change.

               

              Thanks,

              Charles

              • 4. Re: 3rd party software patching
                kaanfu Rookie

                If a server happens to have old software that requires to use old java, old chrome and so on.. do we have to exclude java and chrome from patch scan template? If i understood correctly, 3rd party software patching in some cases means software upgrage. Right?

                • 5. Re: 3rd party software patching
                  cwinning CommunityTeam

                  Hello,

                   

                  Yes, a custom Scan Template with Patch Group to exclude specific patches would be need to ensure you don't upgrade applications that should not be updated.  I would suggest testing scan and deployments before rolling the deployments out to production machines.  This will allow you to see what was detected missing and test deployments to verify if there are going to be any issues.  You would identify 'updates' you don't want installed and add it to the Patch Group you are using to exclude patches in.

                   

                  How To:  Include or Exclude Specific Patches in Scan Results

                   

                  Thanks,

                  Charles