Patch Tuesday Updates: June 2025
Good day, everyone! Here's a list of the updates released in this month's Patch Tuesday. New OS Security Updates: 2025-06 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5061072) (ESU) (CVE-2025-33073) 2025-06 Security Only
KB5060842 failing with "The system cannot find the file specified"
On all my clients Patch ID 41542 2025-06 Cumulative Update for Windows 11 Version 24H2 for x64-based Systems (KB5060842) fails with the error: "The system cannot find the file specified" The Setup event log says: Windows update could not be installed
Update Vulnerability DB Failure after applying v11_4_0_SP-2500_36
Over the weekend I applied patch ManageEngine_Endpoint_Central_11_4_0_SP-2500_36.ppm. The update claimed to complete successfully, but this morning I'm receiving an error when trying to update the vulnerabilities database. I searched for this issue in
Microsoft Defender patch failing
Patching of Microsoft defender keeps failing The latest update for Microsoft Defender (1.429.453.0) with error message "Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing
WINDOWS AUTOPATCH
Hi Microsoft released Hotpach for Windows 11 enterprise OS is it something that can be integrated in Endpoint Central or its too integrated with Intune/Orchestration and cannot be managed by a 3rd party ? thx
The summary tab
The summary tab is opening first when you click on a computer name. It used to be the patches tab that opened when you clicked on the computer name, and they switched after updating to Endpoint Central version 11.4.2516.08. How can I switch it back?
EndPoint Central DataBase Schema Patch MgMt
Hello everyone, could someone provide me with the updated schema of the Patch Mgmt Module? I have it as shown in the attached image, but it seems to me that it is not completely updated.
KB5061768 support
When will the out of band patch for Windows 10 22h2 be supported? Would prefer this one over the one that bluescreens on bitlocker. KB5061768
Vulnerability CVE-2024-43590 identified but suggesting superseded patch. Microsoft Visual C++ 2015-2022 Redistributable - various versions.
Is anyone else experiencing this... Microsoft Visual C++ 2015-2022 Redistributable Current patch level - 14.44.35112.1 is not being identified as required. This affects ALL devices. Vulnerability report is suggesting installing superseded patch 14.40.33816.0
Network driver notification time waiting
Hello, I have a question about updating the network drivers, the notification before the starting deployment has time waiting for 5 minutes, and the question is, we can change this time frame or this cannot be changed? Regards, Marius
Patch Tuesday Updates: May 2025
Good day, everyone! Here's a list of the updates released in this month's Patch Tuesday. New OS Security Updates: 2025-05 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5058429) (ESU) (CVE-2025-30397) (CVE-2025-32706) (CVE-2025-32701)
Using WSUS as the source of update files...
Hi all; My customer prefers to use WSUS in Internet side and Endpoint Central as the intranet side. Is it possible to sync updates from WSUS? Thanks
Unintentional Shutdowns after Patches
Hello, We keep receiving messages from users complaining that their laptops are being restarted or shut down unexpectedly after patches are applied. We have configured a policy for the affected patches: "no notification, no restart." Do we need to change
MySQL Connector 9.3 patch unsupported
Just FYI in case anyone else was looking, EPC is not supporting MySQL Connector 9.3 patch because of software requirements. Even though their 3rd party list still includes this.
The system TPM version is not compatible with Windows 11. (50010
Hi, my systems don’t support TPM. I want to update them via ManageEngine, but I received the following error: "The system TPM version is not compatible with Windows 11. (50010)" Is there any way to bypass this issue?
Can I just have patches delivered to a server but not install them?
We have a group of servers that need to be patched manually because of the need to coordinate the restarts with other servers. Is there a way to automatically deliver the patches that have been approved to the server but not install them. So, they will
Upgrade to Windows 11 version 24H2 with Endpoint Central!
Hello everyone! As you all must be aware, Microsoft has recently rolled out the new 2024 update (version 24H2) for Windows 11. This is the major update for Windows 11, encompassing all the features and fixes from previous cumulative updates in Windows
Multiple versions of Cumulative Updates in same month
I have a Windows 2019 Server that reports this patch is installed: 2025-04 Cumulative Update for Windows Server 2019 (1809) for x64-based Systems (KB505519) But Manage Engine shows that following patch needs applied 2025-04 Cumulative Update for Windows
Google fixes high severity and critical severity vulnerabilities in its Chrome 135.0.7049.95/.96 Stable Channel update
Chrome Stable Channel has been updated to 135.0.7049.95/.96 for Windows,Mac and 135.0.7049.95 for Linux. This update comes with 2 security fixes. The details of the vulnerability fixed are mentioned below: CVE-ID VULNERABILITY SEVERITY CVE-2025-3619 Heap-based
Patch Tuesday Updates: April 2025
Good day, everyone! Here's a list of the updates released in this month's Patch Tuesday. New OS Security Updates: 2025-04 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5055596) (CVE-2025-29824) (ESU) 2025-04 Security Only
Notification to computer owner after patch installation
Hello I would like to automate the notification of the computer's (server) owner and a patch installation. The owner is available in the "Custom Computer Details". Is there any way to achieve this?
Patch Tuesday Updates: March 2025
Good day, everyone! Here's a list of the updates released in this month's Patch Tuesday. New OS Security Updates: 2025-03 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5053995) (ESU) (CVE-2025-24991) (CVE-2025-24985) (CVE-2025-24993)
Google fixes several high severity vulnerabilities in its Chrome 134.0.6998.117/118 Stable Channel update
Chrome Stable Channel has been updated to 134.0.6998.117/118 for Windows and Mac (release in progress). This update comes with 1 security fix. The details of the vulnerability fixed are mentioned below: CVE-ID VULNERABILITY SEVERITY CVE-2025-2476 Use
Deployment of Windows 11 24H2 Bulletin ID MSWU-3640
Windows 11 Readiness Reporting available in build 11.4.2500.17 does not look at the EFI partition size or space available , why is this? Those two factors can cause failure to deploy MSWU-3640. When will we see a fix for this reporting and as part of
This version is not applicable for this target (Feature Update via Windows 11, version 23H2 Enablement Package (22H2 - 23H2) (x64)
Hi! I have some issues to run Feature Update via Windows 11, version 23H2 Enablement Package (22H2 - 23H2) (x64), we recevie "This version is not applicable for this target" on our Windows 11 22H2 machines. But when we download Windows11.0-kb5027397-x64.msu
Google Chrome updates
Every time I install a Google update on a server using Endpoint Central, it installs the new version of the Google updater Internal Service without uninstalling the old version. This causes the server to have multiple services that aren't running, which
Unapproved Patches Are being Deployed Automatically
Central Server : 11.4.2500.05 Behaviour first noticed this morning. Has anyone else noticed this behaviour?
Has something changed with the Desktop Central Agent Service regarding patch mgmt? Our SentinelOne EDR is triggered by some updates
Anyone have this sort of trouble? Some windows updates or others are triggering our SentinelOne EDR software. Sometimes the Threat files are any of these, listed with the "Detecting Engine": Threat Details Detecting Engine 5beceb.rbf ['On-Write Static
Edge, WebView2 and the Evergreen Distribution Model.
Is there a template available to disable the Evergreen Distribution mode? Edge and WebView2 are automatically downloading and installing on all systems and ignoring existing update blocking configurations.
Download Failing - CHECKSUM_FAILED
PatchID; 809430 DSA-5863-1 libtasn1-6 security update(DSA-5863-1) problem downloading "Download blocked by firewall. Enable firewall configuration to allow download. " Log files state... "CHECKSUM_FAILED" Is there an issue with the source patch as other
Ubuntu Upgrade 22.04.5 LTS to Ubuntu 24.04.1 LTS
Hey guys, is it possible to automate an Ubuntu Upgrade from V22 to V24? Or is Endpoint Central only used to install small Ubuntu patches? Thanks for you help! Kind regards, Andy
BIOS Updates - APD
Hi, Is it possible to create an automated patch deployment policy for BIOS updates? When I create a new policy I get Microsoft patches, third party applications, drivers but nothing about BIOS. I'd like to automate the process as much as possible, probably
How to disable Automatic Software Updates for Mac devices
Good day, I wanted to deploy a configuration template to "Disable Mac Software Auto Update". Upon creating he template, I noticed a red exclamation mark over the configuration with the following text in the upper right corner "Deprecated Configurations"
HP BIOS updates
Hello, Is it possible to apply HP BIOS updates with Endpoint Central? For example, the HP Elitebook 850 G5? Regards, John
dcpatchmgmt.log
is there a list of keywords within this log file that reflect the patch/install progress? Log Initialization Configuration Loading File Download Start File Download Completion Patch Dependency Check File Extraction Patch Installation Initiation, Patch
Patch Download status failed
Good Day, I have two updates that failed to download and require manual upload. Patch ID 109939, 111890 According to Read more (https://www.manageengine.com/patch-management/how-to/windows-1122h2-feature-pack-deployment.html?dci&did=junkValue) the ISO
How to exclude certain devices from receiving updates.
Good day, We have a couple of Windows devices that needs to be excluded from patching as they run critical systems and will be manually updated at a later stage. How do I exclude these devices from receiving updates? I am new to using Test and Approve
Chrome 131.0.6775.108 requiring a manual upload?
Is there a reason patch management is now saying I need to manual upload the latest chrome update? see attached screen shot
Deployment Happening Outside the Scope Window Even Though the are inside the window
I have setup a pilot test group that has a deployment schedule setup. It seems even though they are inside the windows they are deploying outside the windows I I can provide a copy of the schedule and setting if requested for further assistance. But it
How long does it take for a patch scan to complete?
I inherited Endpoint Central, and I'm going through patch mgmt. On Endpoint Central is on-premise and when i manually kick off a scan, about 1/2 the time it comes back as timed out. How long does it normally take for a patch scan to complete on your systems,
Next Page