I'm just getting started pushing Windows security patches to (mostly) vm's in an ESXi cluster.
I have Shavlik Protect pointed to our vCenter so it can see all machines, and I have manually created machine groups and put the machines into them accordingly.
Our interest at this time is only Windows security patches (critical, etc). We pushed out patches to handful of servers last night successfully, but it keeps "adding" VMware Tools and it also threw in Java Runtime to the patch list for each server.
I need some help determining why it's doing this, as I have only a limited set of Microsoft products defined as what will be patched.
If there's an easy way to remedy this without defining special patch groups that would be great.
Running Shavlik Protect Standard 9.2.0 Build 5119
Thank you in advance to anyone who can assist as we move closer to pushing patches to production machines.
I'm going to assume you are filtering based on OS. If this is the case, there will be products that are associated with the OS like VMware Tools, Internet Explorer etc etc. Because of this, you will see other products included in the scans. The only way to be more specific on what is being scanned and deployed would be to use a Patch Group.