Agent installation question
If you got to SoM > Computers. If you select any number of computers and attempt to Install Agent, will this attempt to install the agent from the Desktop Central server or the remote site server if that computer(s) belong to a remote site? We seem to be having a possible issue with patches not making it to the computers and it seems the agents are not functioning correctly on a couple machines. So I was wondering if attempting to reinstall the agent this way would point the computer back to the
Never received a response, issue still happen 3 months later
I posted this over 3 months ago and it's still marked as "Working On It." https://pitstop.manageengine.com/portal/community/topic/superseded-patches-still-listed-as-missing-after-desktop-central-upgrade We've been having difficulties with different aspects of this software recently. Now that those seemed to have been fixed, I need to get back to this. Right now, I have 30 patches that have been superseded going all the way back to April 2019 that are listed as missing patches. This is causing some
Microsoft Updates and Desktop Central Patch Scan
Hello everyone, I am struggling to understand why I have a bunch of systems that Desktop Central Indicates no patches needed but when you check for updates manually using Windows Check for Updates, a number of updates are required and getting installed. Has anyone experienced this issue and any suggestions or ideas would be greatly appreciated. V/R Junior
Patch reboot require value incorrect
Hi, Some patches I've seen (e.g. 2019-07 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB4505658) ) have the "Reboot required" value as "No" -- but this is incorrect, and after it's deployed it has a status of 'The requested operation is complete. Changes will not be applied until after the system is rebooted'. Is it possible for me to manually change the reboot required value for these patches, so that the reboot request prompt is shown to the user? Thanks!
Run script before patch is updated
We have recently installed some software requiring us to stop some services on a computer prior to updating Java. My question is is there a way to run a script before deploying a Java patch using Automated Patch Deployment? Thanks
Best way to deploy feature updates on systems with Windows 10 Enterprise E3 in CSP / no access to Ent ISO in VLSC ???
Hi, we got "Windows 10 Enterprise E3 in CSP" of the azure cloud of our parent company. Because "Windows 10 Enterprise E3 in CSP" is licensed by user we don't have access to the VLSC from Microsoft to get an Enterprise iso image. And I don't know if it is a good solution to use an ent iso on the workstation. Because if we don't use the use license anymore the system will switched back to pro version automatically. Since all our Windows 10 Pro workstations switched now automatically to the Windows
Linux Issues
I'm trying to gauge if other community members that use Desktop Central/Patch Manager Plus are experiencing issues with patching Linux systems? My experience of late is inconsistent scanning/reporting of required number of security patches and dependencies failing to download. (Note to support, I have cases logged, this is a question to the community).
The system cannot find the specified file
Hi, I sent security updates but I always have the same error in the machines: "The system cannot find the specified file". I don´t know if the issue is by the computer or something in the Desktop Central console. Any ideas what I have to do to fix this? Thank you for your help.
Windows 10 1903 Update
1903 is out and is showing as a patch in Desktop Central. Is it the same procedure as 1809? Upload ISO with specific filename and use configuration to push it out? I was never able to get it to work as a regular patch.
Automatic patching when system connects
We have users who VPN into our network/domain, is there a way to that DC can be configured to automatically scan and patch when it sees a system/user VPN'd in to the domain?
Windows Server 2016 updates reappeared from May and June
Got another patch resurfaced: 26587 MS19-MAY8 2019-05 Cumulative Update for .NET Framework 4.8 on Windows Server 2016 for x64 (KB4495610) And also these: 26864 MS19-JUN3 2019-06 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4503267) 107068 MSWU-3295 2019-06 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4503294) Which maybe related to this one, which did need installing according to Windows (but not DesktopCentral): 2019-06 Cumulative Update for Windows
What's the difference between deployment policy timing and automated task timing?
I don't fully understand the difference between an automated task and the deployment policy as for what the timings means in both. One can specify days and hours when the task or policy should trigger its activity. Let's say I want to schedule updates on Monday and Tuesday (Patch Tuesday occurred and next Monday these updates will be installed after having been approved) between 12h30 and 15h30, trigger a notification when they are going to be installed on the user's device and ask them for a reboot
Option to auto-close apps that require update AND/OR notify users to save work then quit apps that require updates
I think this shouldn't be too hard to do. Better than seeing "Patch update delayed since application is used by another process" errors https://www.manageengine.com/products/desktop-central/patch-update-delayed-since-application-is-used-by-another-process.html?dci&did=45-1224-2016-05-11-20-21-27-2695 it should be alot like the "Notification Message before Reboot*" but instead "Notification Message before closing vulnerable applications* This would apply for apps such as office 365. which require
Automaticly decline MS preview updates
Hello, is there a way to automaticly decline MS preview updates? Background is that I want to deploy optional updates as well but I don't want to deploy updates labled as "preview" to production machines.
Reapply patches after reimage.
If you deploy patches to a machine using an APD task and they install successfully and then that machine is reimaged and the base image is missing those patches, are the patches reinstalled by the APD Task?
custom report for specific patch
I was wonder how could I either make a custom report or query to show all computer with a specific patch id. I am deploying the windows 10 feature patch as part of my APD but currently the only way I can see what pc are missing the patch and what have it installed is going to patches and then applicable patches and search the patch ID if I want to refresh the data that means i would have to each time search the patch id. I was wondering if I could make some report that all i would have to do is
Two Critical patches from 2012 suddenly required
Following overnight Vulnerability DB sync, two 'Critical' patches from 2012 have been flagged as being required; 11538 and 12648. Genuine or a false report?
Old MS Patch
A couple of questions - 1. This morning I had the patch "Microsoft ASP.NET MVC Security Update MS14-059 (KB2993939)" from 2014 show up as needed on 80+ machines (Windows 7,10,2008R2, 2012R2, and 2016). I have not found any info about the patch being re-issued. It seems strange. Has anyone else had it show up? 2. I have a dozen or so MS patches that are superseded but are still showing up under Missing Patches. Is this normal? Thanks in advance for any replies.
No information on error: dc.db.agent.config.common.downloadxml failed
Is there any documentation on what this error means? I have a handful of machines with this stuck in a Retry in Progress loop. Google searches and searches here aren't returning anything.
Defer windows updates
Hi, I have seen the option to install updates 3 weeks after Patch Tuesday on our "Desktop Central" panel. Could we defer updates for an specific Custom Group or OU for a longer period of time? Windows 10 allows to activate "Semi-Annual Channel" in advanced settings, but we have disabled windows updates as Desktop Central is working fine I would like to wait some months before updating in few computers. It is a recomendation we have received from "Siemens PLM Software". Thanks.
Mozilla Firefox updates require reboot?
Do Mozilla Firefox updates really require a reboot of Windows? Is there a reason, because it seems excessive to me, already get reboots required for Window updates.
Very Slow deployment to Branch DS servers
When I was attempting to deploy a Application to my Branch PC's the replication was very slow and most of the time replication was not working at all. is there a fix for this besides setting bandwidth utilization to unlimited? right now I have bandwidth set to 4mbps.
67.0.3 and Firefox ESR 60.7.1
When will these version be available?
Desktop Central - Missing Patches - Office 2016 Deployment Tool
Hi all, I've got a support ticket with ManageEngine for issues with patches showing as missing on clients and failed downloads for Desktop Central (10.0.386). Most notably is the ever increasing number of "Office 2016 Deployment Tool" failed downloads increasing in number, 26511, 26527, 26557, 26740 and 26759 with a "Failed" Download Status and "Unable to execute command" remarks. Actually, checking today it's now 26740, 26742, 26759 and 26767 following the May Patch Tuesday of course. You have to
Patch Mgmt Error code documentation
I've googled and searched here but am unable to locate any good information as to what this error from Desktop Central means. The referenced assembly is not installed on your system. I have a handful of machines with this message on an update or two. When i check those machines, I do see the update sitting in the patches folder. I've checked the dcpatchmgmt.log and see the entry for it there, but it's not telling me what is missing or what's being looked for. Is there more information on this error
Patch Management with Dynamic custom groups filtering
Hello Folks, I am going to review the computers status that in patch management session, but i cannot filtering the targets by "Dynamic Groups", is there a way to add "Dynamic Groups" in filter option? Only static groups showing up.
Office 365 Patches Not Applicable
It looks like if you have SharePoint Designer 2013 installed, Office 365 updates will show as "Not Applicable". Noticed my computers stopped getting office patches since that was installed.
Highly critical processor chip flaw "ZombieLoad" patched
A new class of processor chip vulnerabilities targeting the 'speculative execution' portion of Intel chips has been discovered by a group of researchers a few days back. These three vulnerabilities are named ZombieLoad, fallout, and RIDL (Rogue In-flight Data Load). These flaws are rated highly critical by the team of researchers who discovered them. ManageEngine Desktop Central now supports patches for the ZombieLoad vulnerability. Name of the Vulnerability: ZombieLoad Severity : Highly critical
Add build numbers to patch description for Windows 10 cumulative updates
Hi, As far as I can tell, every Windows 10 cumulative update raises the OS build number, e.g. KB4499177 [1] will take the OS to build 14393.2999 (with the .2999 being the build number updated by the patch). As the release of a cumulative update invalidates all the previous cumulative updates, I would find it extremely useful if the patch description for the updates contained the build number (.2999) - so that I could tell at a glance if the patch being listed was a genuine update, or an erroneous
Questions on Patch Terminology, and Distribution Servers
Hello, After reading about patch deployment with Desktop Central I have the following questions: Define "Refresh Cycle" - When Desktop central scans for patches? Define "Deployment"? - Patch downloaded and installed? Do Distribution Servers hold the actual windows updates to update machines in a remote office, so the updates are only downloaded from the internet once? If so, can I change where those updates are stored on the Distribution server? Is a test group only available when I have manual
OS Upgrades 1803 -> 1809 Attempt to Apply Twice
Good Morning, After application of an OS upgrade via the "Feature Upgrade" packages, any deployments including the feature update for that machine attempt to apply again. I am not sure what is causing this behavior, but it looks like with the OS upgrade, ManageEngine does not remember that the deployment was applied, and attempts again. I have an example of a configuration with this behavior. Thank you!
CVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability
Hello ME DC Team! Microsoft announced about critical issue in RDP: CVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708 But Patch DB in ME DE don't have this patchs yet - when you planned add it to Patch Management in DC ??
Having issues with automated patch mgmt -
Hey. So we're trying to automate patching servers When testing we noticed after a server is done installing updates it reboots but then it does not check for updates again, DC only seems to do one wave of updates. We then created 2 deployment times on the same day 9AM-12PM and 4PM-8PM This time after rebooting it did the updates again but only with our 2nd deployment time however after everything was done, I logged in again and the server still had more pending updates. Is there a way configure DC
How to change path/location where Distribution Servers download the patches and software when replicate from DC Server?
Is there a way to change the path or location where a Distribution Server stores the Patches and Softwares replicated files? If I'm not mistaken this is the original path: C:\Program Files (x86)\DesktopCentral_DistributionServer\replication. But I would like to know if there is way to modify to a different location and Agents still be able to reach for them when contacting the Distribution Server. Thanks in advance,
May 2019 Patch Tuesday updates from ManageEngine
Hello peeps, Good day. Quick update on the May 2019 Patch Tuesday updates. New Security Bulletins : 2019-05 Security Update for Adobe Flash Player for Windows (KB4497932) 2019-05 Security Only Quality Update for Windows Server 2008 (KB4499180) 2019-05 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 (KB4499175) 2019-05 Security Only Quality Update for Windows Server 2012 (KB4499158) 2019-05 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2 (KB4499165) 2019-05
Microsoft releases fix for the Wormable vulnerability (CVE-2019-0708)
Microsoft released this month's edition of Patch Tuesday with fix for a highly critical vulnerability. This vulnerability (CVE-2019-0708), dubbed "Wormable vulnerability", resides in "Remote Desktop Services" component and could be exploited remotely by sending specially crafted requests over RDP(Remote Desktop Protocol) to a targeted system. This vulnerability is present in Windows 7, Windows Server 2008 R2, Windows Server 2008 and in older versions like Windows XP and Windows 2003 as well.
Question about patch location and folders
I have noticed recently that machines that are missing patches don't seem to have a "patch" folder in the Desktop Central folder directory. IE: C:\Program Files (x86)\DesktopCentral_Agent\patches Those that do have the "patches" folder, don't seem to be showing on the Missing Patches report, Vulnerable or Highly Vulnerable report. Those that have the "patches" folder actually have patches downloaded into them. Those machines that don't have the folder, I can't seem to find downloaded patches on the
Superseded Updates still showing as Missing Updates
I have 65 updates that have been Superseded, going all the way back to August of 2018, that are showing up as Missing Updates. Of these 65, one of them was declined back in September of last year, but is still on the missing lists. The check boxes to select these updates is grayed out and when you mouse over it, it tells you it was Superseded. Problem is, these updates seems to still be showing and counting against the environment. Since taking over my current position in this new company, i've
Keepass 2.42 update download fails
Hi, the latest keepass update (2.42) is permanently marked as "download failed" and manually uploading the patch also fails with a useless "upload failed" message.
Java patch download failure "The request is forbidden.Http Status Code :: 403"
Hi, I am having a Java patch download failure, with the above error being logged in the "Action Log Viewer". There is a linked KB article that takes you here: https://www.manageengine.com.au/products/desktop-central/patch-download-failure-error-403.html?dci&did=45-1224-2018-01-22-12-50-41-8833 This article is about how you should have access to a list of common patch download sites set as accessible in whatever proxy you are using. However, when I go to the DC patch link: javascript:dcOpenWindow('patchinfopatchdetails.do?actionToCall=patchDetailsDO&patchDetails=true&PATCHID=307814'
Next Page