Stop patching being deployed to computer that don't ESU license
Is there a way to stop patches being deployed to Windows 10 computers that don't have ESU licenses? From memory there was a patch for Windows 7 and 2012 R2 or something we deployed that stopped these computers receiving these updates that they can't
Upgrading the Windows 10 to Windows 11 (This version is not applicable for this target)
Dear Team I deployed the patch id 111894 and 111895 under single package but it shows the remark message " This version is not applicable for this target." May you please navigate me how to rectify the same.
I can't see KB5070773 in the Patch Management tool
Hi, will the KB5070773 update be available in Patch Management soon? This update resolves issues with localhost and USB devices that were caused by the previous KB5066835 update.
Excluding singel computer from restart
Hi all, I have the requirement to exclude one Computer from the automated restart after updates. Normally we do the restarts on Sundays but this special occasion one PC has to run throughout the weekend. How can I do that? Thank you.
Windows 10 Extended Security Updates (ESU)
Once Windows 10 support ends, if we have machines enrolled into extended security updates from Microsoft for Windows 10 will those updates be in Endpoint Central Patch Management to deploy to these Windows 10 systems? Or will we have to manually update
Windows 11 25h2
hi MS just rollout the package for 25h2, will it be available soon ? https://support.microsoft.com/en-us/topic/kb5054156-feature-update-to-windows-11-version-25h2-by-using-an-enablement-package-4d307e2d-3028-4323-bb46-552cff491643
PATCH VULNERABILITY SEVERITY CRITERIA
Hello, Can you describe how the severity criteria is calculated ? Why some vulnerability have unrated value ? Thanks. Patrick
Disable autorestart after installed patch
Dear all, I'm pretty new to Manage Engine and getting into it. Right now we facing a problem, that the workstations are always restarting automatically. That's a huge problem, because the workstations needs to run and be rebooted manually. According to
Add preconfigured package VPN Client for Mac
I am trying to deploy GlobalProtect to MacOS for pre-logon. This means that the plist file has to be modified and deployed with the setup. I have tried removing GlobalProtect manually and adding the Plist before installing, but the plist file gets written.
Threats & Patches Dashboard
Hi, Is it possible to exlcude some endpoint from the threats & patches dashboard? We have a large number of devices that have the AC agent installed so we can do remote management of them however we do not patch them due to the nature of what they do
Deploy a patch that's not available in the store
Hi, Wondering how I would upload a patch to be deployed to my remote machines, when the patch itself is not available in the supported patches? It's a patch for Dell systems, I have the patch download from the Dell website and would like to upload it
WINDOWS AUTOPATCH
Hi Microsoft released Hotpach for Windows 11 enterprise OS is it something that can be integrated in Endpoint Central or its too integrated with Intune/Orchestration and cannot be managed by a 3rd party ? thx
KB5061768 support
When will the out of band patch for Windows 10 22h2 be supported? Would prefer this one over the one that bluescreens on bitlocker. KB5061768
Vulnerability CVE-2024-43590 identified but suggesting superseded patch. Microsoft Visual C++ 2015-2022 Redistributable - various versions.
Is anyone else experiencing this... Microsoft Visual C++ 2015-2022 Redistributable Current patch level - 14.44.35112.1 is not being identified as required. This affects ALL devices. Vulnerability report is suggesting installing superseded patch 14.40.33816.0
Network driver notification time waiting
Hello, I have a question about updating the network drivers, the notification before the starting deployment has time waiting for 5 minutes, and the question is, we can change this time frame or this cannot be changed? Regards, Marius
Using WSUS as the source of update files...
Hi all; My customer prefers to use WSUS in Internet side and Endpoint Central as the intranet side. Is it possible to sync updates from WSUS? Thanks
The system TPM version is not compatible with Windows 11. (50010
Hi, my systems don’t support TPM. I want to update them via ManageEngine, but I received the following error: "The system TPM version is not compatible with Windows 11. (50010)" Is there any way to bypass this issue?
Can I just have patches delivered to a server but not install them?
We have a group of servers that need to be patched manually because of the need to coordinate the restarts with other servers. Is there a way to automatically deliver the patches that have been approved to the server but not install them. So, they will
Upgrade to Windows 11 version 24H2 with Endpoint Central!
Hello everyone! As you all must be aware, Microsoft has recently rolled out the new 2024 update (version 24H2) for Windows 11. This is the major update for Windows 11, encompassing all the features and fixes from previous cumulative updates in Windows
Multiple versions of Cumulative Updates in same month
I have a Windows 2019 Server that reports this patch is installed: 2025-04 Cumulative Update for Windows Server 2019 (1809) for x64-based Systems (KB505519) But Manage Engine shows that following patch needs applied 2025-04 Cumulative Update for Windows
Notification to computer owner after patch installation
Hello I would like to automate the notification of the computer's (server) owner and a patch installation. The owner is available in the "Custom Computer Details". Is there any way to achieve this?
Patch Tuesday Updates: March 2025
Good day, everyone! Here's a list of the updates released in this month's Patch Tuesday. New OS Security Updates: 2025-03 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5053995) (ESU) (CVE-2025-24991) (CVE-2025-24985) (CVE-2025-24993)
Deployment of Windows 11 24H2 Bulletin ID MSWU-3640
Windows 11 Readiness Reporting available in build 11.4.2500.17 does not look at the EFI partition size or space available , why is this? Those two factors can cause failure to deploy MSWU-3640. When will we see a fix for this reporting and as part of
Download Failing - CHECKSUM_FAILED
PatchID; 809430 DSA-5863-1 libtasn1-6 security update(DSA-5863-1) problem downloading "Download blocked by firewall. Enable firewall configuration to allow download. " Log files state... "CHECKSUM_FAILED" Is there an issue with the source patch as other
Ubuntu Upgrade 22.04.5 LTS to Ubuntu 24.04.1 LTS
Hey guys, is it possible to automate an Ubuntu Upgrade from V22 to V24? Or is Endpoint Central only used to install small Ubuntu patches? Thanks for you help! Kind regards, Andy
BIOS Updates - APD
Hi, Is it possible to create an automated patch deployment policy for BIOS updates? When I create a new policy I get Microsoft patches, third party applications, drivers but nothing about BIOS. I'd like to automate the process as much as possible, probably
How to disable Automatic Software Updates for Mac devices
Good day, I wanted to deploy a configuration template to "Disable Mac Software Auto Update". Upon creating he template, I noticed a red exclamation mark over the configuration with the following text in the upper right corner "Deprecated Configurations"
dcpatchmgmt.log
is there a list of keywords within this log file that reflect the patch/install progress? Log Initialization Configuration Loading File Download Start File Download Completion Patch Dependency Check File Extraction Patch Installation Initiation, Patch
How to exclude certain devices from receiving updates.
Good day, We have a couple of Windows devices that needs to be excluded from patching as they run critical systems and will be manually updated at a later stage. How do I exclude these devices from receiving updates? I am new to using Test and Approve
Chrome 131.0.6775.108 requiring a manual upload?
Is there a reason patch management is now saying I need to manual upload the latest chrome update? see attached screen shot
Deployment Happening Outside the Scope Window Even Though the are inside the window
I have setup a pilot test group that has a deployment schedule setup. It seems even though they are inside the windows they are deploying outside the windows I I can provide a copy of the schedule and setting if requested for further assistance. But it
Vulnerabilities over time graph SQL
Is anyone able to supply us the SQL query which drives this. We would like to use the query to generate our own data from our SQL to showcase patching trends
Endpoint Central taking snapshots before patching
Good afternoon, we have recently installed Endpoint Central. 11.3.2406.5 I have heard it is possible to take VMware snapshots of servers before patching. but I cannot find any KB articles. Looking at it I am thinking it needs to be scripted. does anyone
Patch Deployment policy question - interval option
Hi! I'm configuring a new deployment policy for patch management. I want to allow the user to select up to 8 hours as an interval option. Currently, all I'm able to configure is 15 mins, 1 hour or 2 hours. How do I go about enabling the 8 hour optio
Skipping patch deployment
I have never seen this message before because we do not have user notification turned on in any of our deployment policies "Patch Installation was delayed as user skipped its deployment" How do I prevent this Thanks
Speed Up Patching
HI There, We currently use Desktop Manager to patch both user workstations and our servers. For workstations we have an automatic patch configuration, but for servers we do it manually as we have a very specific window to complete the patching. I've noticed that the jobs take a very long time to complete and frequently servers are in the yet to apply status when there is really no need for this. What I'd like is for all of the servers I select for a configuration to start applying patches at the
After updating to 11.3.2428.16, cannot patch systems (cannot select anything for targeting)
Pretty much the question. I installed the most recent update, and afterwards none of my patching is working. I cannot create new deployments, modify existing deployments, or select any target systems. The notification section is glitch as well.
Notify User's to reboot based on uptime?
Part of my job is to check uptime on our users and message them to reboot their systems if they have an uptime greater than 14 days. Is there a way I can get endpoint central to do this?
Patching EndpointCentral server
Hi, Wondering on if someone can direct me to the best practice on how to patch the endpoint central server itself? Do I add an agent the server or will it show up in SoM without an agent? Regards, Bryden
automated patch deployment for network drivers only
Hi, I'm currently looking for a way to filter automated patch deployment for network drivers only. I want to create a separate deployment and policy just for network drivers but I cant seem to find a way to do it. Is there a way to filter or configure
Next Page